
CIA malware and hacking tools - randomname2
https://wikileaks.org/ciav7p1/
======
apo
_In what is surely one of the most astounding intelligence own goals in living
memory, the CIA structured its classification regime such that for the most
market valuable part of "Vault 7" — the CIA's weaponized malware (implants +
zero days), Listening Posts (LP), and Command and Control (C2) systems — the
agency has little legal recourse._

 _The CIA made these systems unclassified._

 _Why the CIA chose to make its cyberarsenal unclassified reveals how concepts
developed for military use do not easily crossover to the 'battlefield' of
cyber 'war'._

 _To attack its targets, the CIA usually requires that its implants
communicate with their control programs over the internet. If CIA implants,
Command & Control and Listening Post software were classified, then CIA
officers could be prosecuted or dismissed for violating rules that prohibit
placing classified information onto the Internet. Consequently the CIA has
secretly made most of its cyber spying/war code unclassified. The U.S.
government is not able to assert copyright either, due to restrictions in the
U.S. Constitution. This means that cyber 'arms' manufactures and computer
hackers can freely "pirate" these 'weapons' if they are obtained. The CIA has
primarily had to rely on obfuscation to protect its malware secrets._

One of the more interesting passages. The arsenal must not be classified to
protect those who deploy it from legal action. This cyberwarfare kit, which
can just as easily be used to destroy the US as one of its enemies, is public
domain software created and released at US taxpayer expense.

~~~
pjc50
> Command & Control and Listening Post software were classified, then CIA
> officers could be prosecuted or dismissed for violating rules that prohibit
> placing classified information onto the Internet. Consequently the CIA has
> secretly made most of its cyber spying/war code unclassified.

This is almost hilarious.

Not that being classified would make any difference: cyber-"weapons" have
something in common with biological weapons in that they're prone to leaking
and blowing upwind, but also once used it's possible for the enemy to
vaccinate against them.

~~~
pimlottc
Obviously there's a difference between cyber and conventional weapons, but
imagine if the same rationale were extended to physical munitions: "We can't
drop this bomb on the enemy, it contains classified technology"

~~~
pjc50
While the weapon too secret to use sounds very Dr Strangelove, there have been
slightly similar things with real weapons. The one I remember is when radar-
triggered proximity shells were invented at the end of WW2 they were only
issued for use on ships, so that undetonated shells would fall into the sea,
so couldn't be recovered and investigated by the enemy.

~~~
kbenson
Which makes perfect sense. Any weapon leaves some trace (even if only new
theory as to what is possible), so its use against a party that does not have
that technology but is capable of understanding the technology _at some level_
will always give information to the enemy.

Using a modern missile against an indigenous people will only impart that you
are capable of that type of attach.

Using a modern missile against WWII Germany would likely quickly result in
refinements to their V2 Rocket program, given enough remains to study.

Using a modern missile against Vietnam era USA would likely result in
advancements in miniaturization and computation, given enough remains (even if
they did not have the resources/facilities to capitalize on some aspects of
those for years, I think it's likely it would advance the fields by a least a
few years).

One of the biggest advantages the Allies had in WWII was that they had cracked
the "uncrackable" Axis encryption. Even though they were able to decipher
enemy messages, they often didn't act on that information because that would
tip their hand. The strategic value of reading the enemies messages is
enormous when the enemy doesn't know you can do it, and _much less so_ , and
_possibly even negative_ when they do know.

~~~
devoply
You don't just have to worry about the people you are attacking. Their allies
can also reverse-engineer the tech. Pakistan and China come to mind. Pakistan
has given China a lot of tech that it's recovered.

~~~
kbenson
True, but this is somewhat covered by considering everyone not us an enemy of
_some degree or another_ , which is natural in game theory.

~~~
devoply
Well you mentioned the Native Americans, they had allies here too. Each major
tribe was allied with a major power. So if you used it against them, even in
that case someone could get a hold of that tech and it could come to bite you
in the ass later. Interesting example is the fact that Native Americans in the
US were very soon all very well armed by their allies in terms of guns and
ammo, and they used the armaments given to them by their allies to attack each
other. Life in general is more than capable of cooperating when it is not
competing even with beings that have little to do with each other. This in the
end is called the Red Queen's race
[https://en.wikipedia.org/wiki/Red_Queen's_race](https://en.wikipedia.org/wiki/Red_Queen's_race)
[https://en.wikipedia.org/wiki/Red_Queen_hypothesis](https://en.wikipedia.org/wiki/Red_Queen_hypothesis).

------
dvcc
Based on the overview alone (of course I can't read the entire report that
fast!), this is exactly what I expect a spy agency would be doing -- if they
were not then I would be disappointed.

What exactly in the admittedly shortened list am I supposed to be upset about?
It makes no distinction between US citizens and overseas parties. If these
actions are being done domestically against US citizens, with no just cause
sure I will get upset, but that has yet to be seen.

As usual it seems Wikileaks publishes a sensationalist story around one of
their leaks, claiming dozens of zero-day releases where most were already
patched. Hell, they included the i0nic jailbreak as one of the 0-day exploits
([https://wikileaks.org/ciav7p1/cms/page_13205587.html](https://wikileaks.org/ciav7p1/cms/page_13205587.html)).

I'll let journalists parse through the full report before coming to any
conclusion as of yet. I just find it hard to get excited about any Wikileaks
release that has yet to be vetted.

~~~
tehwalrus
> If these actions are being done domestically against US citizens, with no
> just cause sure I will get upset, but that has yet to be seen.

May I just ask, why does this distinction matter? Why do you believe the world
_should_ be divided into "people who were issued bits of paper by _my_
overlords" and "people who weren't"?

I never understood this division in other people's heads. It leads to all
sorts of philosophical problems, like for example people believing that war is
ethical.

~~~
FullMtlAlcoholc
I believe that in my heart as well. However, we don't currently live in a
world with a federated global government. The recent election in the US
highlighted that people do divide the world into imaginary lines on maps and
it had a slogan: AMERICA FIRST. It's not just the political class that sees
these divisions, it's a majority of the citizens.

How would you spark a revolution in people's thinking?

~~~
tehwalrus
I have written about this in the past.

I believe I proposed something like a "no executive" world government, where
you had international laws, defined by treaties, and a commitment by some
treaty signatories to "arrest" any state actor which broke them. If this
coalition of "world police" (which are, of course, armies) were powerful
enough, I believe this could lead to less lawbreaking by governments (from the
USA to Zimbabwe). Note, the commitment is not to start wars/invade, but
specifically to _arrest_ e.g. presidents or generals. You can't do this
without an army, but the objective is considerably different from invading,
neutralising any opposing forces, and securing a place.

Of course, persuading people something like this is a good idea, your actual
question, is just about the hardest problem I've ever thought about solving. I
still don't really know where to begin, but I'm interested in teaching people
epistemology before other things, as a means to halt the "post truth" stuff
(which has been going on for years, not only recently!)

By the way, if anyone wants to work on these idea with me - I'm calling the
concept "World Peace, Inc" in my head - please get in touch with me (clues in
profile). I'd love for this to be my job rather than the hobby I don't have
time for.

~~~
sailfast
You know that what you're doing here is creating a world-dominating monopoly
on the use of force, and whomever ran that army would be the defacto leader of
the world, right?

We're organized as nation-states in the first place so we can protect
(generally) and pursue interests based on some sort of shared goal or value.
For the United States, it's the constitution (ostensibly), for others it's
different reasons. Federations of nation-states contributing to a global force
might work without totally corrupting, but not a single "no-executive" force.
Further, if everyone contributes forces then countries can opt-out and go
their own way... for their own interests. (See the UN)

Coming to an understanding between 10 people on what pizza to order is hard.
Coming to an understanding between 8 Billion on who should be able to arrest
them is extremely difficult.

~~~
tehwalrus
> whomever ran that army would be the defacto leader of the world

That is specifically why I _don 't_ permit an executive. This isn't one army,
it's an alliance of armies. They were (in my original proposal, not in the
comment above) controlled by a council of heads of government who had to take
(arrest) suggestions from the chief prosecutor of the international court, but
were forbidden to take other actions collectively.

In fact, I recall suggesting that such a group of allies would promise to use
force only to defend direct attack on their own borders, and to execute
arrests.

> We're organized as nation-states in the first place so we can protect
> (generally) and pursue interests based on some sort of shared goal or value.

I'm not sure I was ever offered a choice of whether or which nation to join,
nor given any arguments for it. The reason(s) for their formation are
certainly not rational - they are an emergent phenomenon!

> the UN

The UN is a _diplomatic_ mission, which aims to give nations who come into
conflict a neutral space in which to talk to one another like grown ups (or,
often, not like grown ups.) It is a fundamentally different goal to an
organisation which aims to use the traditional enforcement of rule of law to
coerce those with political power to act within at least _some_ behavioural
boundaries.

> Coming to an understanding between 8 Billion on who should be able to arrest
> them is extremely difficult.

Actually, again, this hypothetical force only has arrest power over
_international_ crimes - specifically, crimes which are committed _by people
wielding state power_. This includes members of governments, civil services,
uncivil services (police, army), and so on, but most definitely _not_
civilians.

(An interested edge case I considered was the idea of an impromptu Texan
militia who attempted to invade Mexico. I can't remember whether I decided
they had designated themselves a pseudo-state or not by doing it. The same
reasoning about whether jurisdiction should apply also works for most
terrorists, anyway.)

~~~
sailfast
Thank you for the rebuttal. These are definitely potential alternatives but I
think they all lead to the same place. When it comes down to stopping a
determined belligerent, you have to beat them on whatever the battlefield
happens to be.

The group of allies comments make sense, but that assumes a super-state group
of allies with shared values are willing to band together to share those
values (NATO is a prime example of this, but it's not ALL countries of the
world, just those nations that felt the need to counter Soviet / Russian
influence)

> _controlled by a council of heads of government who had to take (arrest)
> suggestions from the chief prosecutor of the international court, but were
> forbidden to take other actions collectively._

In order to effectively "arrest" activities of other countries outside of your
typical shame, embarrassment, sanctions or other incentives you need to be
able to pull together a force that is more powerful than that country.

In the case of 1-4 party hegemony this isn't really plausible, and that's the
current situation (in my opinion). At a minimum you'd get hegemonic blocs like
(totally random because they're not opposed but they're known blocs) BRIC vs.
NATO.

Once a single country (or cartel of countries) has enough of a deterrent or
military force, then they can (effectively) do whatever they would like,
including go against any collectively forbidden actions. I'm not saying this
is what _will_ happen if countries happen to think participating in a global
order is a good idea and are friendly, but that's not the historical
precedent. I'm not sure how to counter that, short of the current blocs or
potential other future arrangements.

> _I 'm not sure I was ever offered a choice of whether or which nation to
> join_

The reasons for a number of nation-state formations are very much rational.
That said, they are not necessarily permanent or as binding as people think.
The idea of being "French" is pretty powerful. If you live in Alsace, maybe
you waffle, but it's a unifying thing that has territory tied to it due to a
long history. Different for more recent Western assignments of borders, surely
and you see the results of that. Just because you're a citizen doesn't
necessarily mean you're part of the nation, but my guess is that you probably
come to identify somewhat with your country at some point?

~~~
tehwalrus
The problem of how to assemble the coalition in the first place remains
unsolved, indeed. You also need buy in from a major player in each bloc, as
you suggest. I believe my original idea was for it to start small (but
diverse), and grow over time with success.

My entire scheme is to strike down the convention that someone is only put on
international trial after they have lost a war and been captured (I would like
justice to be done without having a war first.) this may not be possible, but
is surely worth a try.

Re: citizenship, I strongly believe that these feelings of belonging are
learned, indeed are engineered in us in much the same way as a religion. My
objection is that, observing the emergent behaviour of a system where everyone
is under either of these spells, they lead to undesireable behaviours
(aggression, proselytising, belief that evil acts are justified, sometimes
even committing the evil acts willingly). Both of these systems were,
hypothetically, supposed to make people behave better, not worse!

------
abandonliberty
It's interesting to note that Julian Assange didn't demonstrate control of the
wikileaks private key during his Reddit AMA 1 month ago:
[https://www.reddit.com/r/IAmA/comments/5n58sm/i_am_julian_as...](https://www.reddit.com/r/IAmA/comments/5n58sm/i_am_julian_assange_founder_of_wikileaks_ask_me/dc8pgqr/)

Considering the political situation unfolding in the US and who this leak
weakens, there is some evidence that wikileaks is not in the hands of a
neutral party.

There is clear motive right now for undermining the CIA. This may not have
been an act of altruism like Snowden. While shockingly damaging to the
American arsenal, the CIA is by far the biggest loser.

This comment was immediately down voted on Reddit. Someone is seeking to
control the narrative.

~~~
ismay
He very clearly explained his motives for not doing so in the AMA, and he gave
an alternate POL by reading from the blockchain.

This whole narrative of Wikileaks not being neutral is a very weird story,
because they've never published anything that wasn't verified to be true.
Since that's something they can't be attacked on, it seems that the strategy
for discrediting Wikileaks has now become to accuse them of association with
the Russians. Assange touches on this in the AMA as well.

Beyond that, only speculation remains. So why even give a shit? As long as
what they're publishing is true, which it has always been so far. Let them
fight each other with the truth and the people will be better off. Nothing
you've said changes the validity of this article, in fact, it only distracts
from it. So I'd say you're doing us a disservice by distracting from the real
story here.

~~~
alpha_squared
For the purpose of devil's advocate in this, I think it's possible to state
truths and still be misleading and/or distracting from another narrative. Just
because something is true doesn't necessarily explain what the motive is for
releasing that information. It's certainly healthy to have at least a shadow
of a doubt as to what WikiLeaks's motivations are when it's already shown that
it can either restrain itself from leaks or that it can falsify the existence
of leaks.[0]

[0] In 2010, WikiLeaks declared to the public the intent to publish docs
alleging significant Russian corruption. It was also picked up by a Russian
newspaper that reported to be working with WikiLeaks. However, nothing
happened and the topic has been untouched since.

~~~
TAForObvReasons
Allegedly WL did not release every email they had from the Syria leak. While
every email released may be legitimate, the omission of emails pertaining to
russia creates a narrative.

Wikileaks may be telling the truth but it's far from clear whether they are
telling the whole truth. And in between "truth" and "whole truth" there's a
lot of room to shape the narrative

~~~
alehul
It's known that WL will often save some of the worst leaks as an 'insurance'
against retaliation from the entity the leaks pertain to. It's likely there's
aspects they're holding back from this leak as well, if they don't already
hold enough over the U.S. gov.

~~~
erikbye
They have already stated in black and white that they have held back a lot
concerning this release; due to various concerns. They are completely open
about that.

A lot of the stuff they keep to themselves can be used as collateral, like all
the names they redact, operational details, etc, but I think they would
quickly find themselves in an even more dangerous game than they are now, if
they started to exploit these possibilities.

~~~
samstave
uhm... what are the current speculations as to what they may be holding back?

~~~
mirimir
It's Manning stuff, I think. And it's not that they're "holding back" stuff.
It's been torrented, but encrypted.

------
bhouston
\- Smart TV turned into listening devices with fake off mode?

\- Intercepting audio/texts before encryption by Signal, Whisper, WhatsApp
etc.

\- Dozens of O-day attacks again Andriod and iPhone.

Pretty powerful stuff.

~~~
ploggingdev
> Intercepting audio/texts before encryption by Signal, Whisper, WhatsApp etc.

This basically means if your device is compromised, expect malware to be able
to read all content (including Signal, WhatsApp messages). Nothing new. The
way it's phrased makes it sound like Signal, WhatsApp have vulnerabilities,
but no, the intention is sensationalism over sound analysis.

~~~
roryisok
No mention of Windows Phone. I guess I'm safe =)

~~~
amenod
Sure, maybe, but there are very few of your kind left. ;)

~~~
maus42
I'm pretty sure I have a Nokia 3310 in one cupboard or another, maybe I'll dig
it out and swap my SIM to it...

------
EternalData
I applaud what seems like a coordinated attempt to outdo each other when it
comes to extreme transparency.

1) Wikileaks revealing the CIA has undermined consumer goods with malware.
(this looks like a bigger deal than the Snowden revelations on the NSA side).

2) Russian opposition leader Navalny revealing that former Russian President
Medvedev has been accused of amassing a billion-dollar plus property empire,
based largely on bribes and subterfuge.

I can only hope this extreme transparency, despite the biases of its
torchbearers, lights its way into every hall of power from the White House to
the Great Hall of the People.

~~~
ExactoKnight
Conspiracy as Governance. Assange wrote a paper predicting this 10 years ago
as his vision, and it's clearly coming true:
[https://www.wired.com/2016/10/want-know-julian-assanges-
endg...](https://www.wired.com/2016/10/want-know-julian-assanges-endgame-told-
decade-ago/)

------
aeleos
Wow this is really big. There are tons of documents about the various tools
they use, but it seems the majority of the actual source code is still being
reviewed and the links just show a link to the file list. I hope they
eventually release the source code, as a lot of these tools seem very
interesting. I can imagine that many at the CIA are running around on fire, as
this seems like a big problem for them.

~~~
imron
According to Wikileaks [0], they were explicitly redacted until their safety
could be assessed. They didn't want to be responsible for accidentally
releasing malware in to the wild.

0: [https://wikileaks.org/ciav7p1/#FAQ](https://wikileaks.org/ciav7p1/#FAQ)

~~~
e12e
Feel much safer knowing the CIA keeps them safe and only use them for good
causes /s

------
chillydawg
One very interesting thing is that the exploits, rootkits, etc are all
unclassified and the CIA has no copyright on them either. The logic is
supposedly that an agent putting a classified rootkit/trojan/whatever on a
machine is mishandling classified information and thus it would be illegal.

~~~
colinbartlett
Does that mean that someone who leaked them could not be prosecuted? Or simply
that they would be prosecuted under some other law?

~~~
chillydawg
Indeed, that's what the doc implies. They say they reckon the CIA has no
recourse. Probably sue-able for breaking their employment contract where they
presumably agree to never disclose anything, regardless of classification
level. But doubtful that'd be a federal crime.

------
mrpippy
Also: OmniGraffle and Sublime Text license keys (registered to "Affinity
Computer Technology")

[https://wikileaks.org/ciav7p1/cms/page_25264141.html](https://wikileaks.org/ciav7p1/cms/page_25264141.html)
[https://wikileaks.org/ciav7p1/cms/page_9535650.html](https://wikileaks.org/ciav7p1/cms/page_9535650.html)

~~~
mo17i
I tried Sublime Text license key and it worked!

~~~
thecynh
Aren't they verified server-side somehow? … I assumed the 10 seats would have
been gone almost immediately.

~~~
codezero
According to LittleSnitch Omnigaffle 5 doesn't phone home at least when
entering license keys. It may do so at some other time though.

~~~
subroutine
Speaking of little snitch...

[http://i.imgur.com/JR5Ehbc.png](http://i.imgur.com/JR5Ehbc.png)

------
brakmic
WikiLeaks Vault7 Year Zero 2017

[https://archive.org/details/WikiLeaksYearZero2017V1.7z](https://archive.org/details/WikiLeaksYearZero2017V1.7z)

Passphrase is SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds

~~~
jlgaddis
n.b.: The actual file is at
[https://archive.org/download/WikiLeaksYearZero2017V1.7z/Wiki...](https://archive.org/download/WikiLeaksYearZero2017V1.7z/WikiLeaks-
Year-Zero-2017-v1.7z)

Torrent:
[https://archive.org/download/WikiLeaksYearZero2017V1.7z/Wiki...](https://archive.org/download/WikiLeaksYearZero2017V1.7z/WikiLeaks-
Year-Zero-2017-v1.7z.torrent)

------
staunch
The technology used by the CIA and NSA is all stuff people on HN can totally
grok. That's kind of exciting and disappointing at the same time.

Some people on this site could probably do better than the CIA and NSA is
doing. Some people here probably wrote some of leaked stuff. Hah!

I like the way the teams are broken up by device target but I think they
should probably have an even more decentralized setup. Or maybe just more
teams doing the same work. Wikileaks tries to make a political point about
wasted effort, but more people means more exploits found, etc.

~~~
jlgaddis
> _The technology used by the CIA and NSA is all stuff people on HN can
> totally grok._

Yep, the typical stuff: CentOS, Debian, Ubuntu, Python, Ansible, Packer(.io),
vim, Sublime Text, SourceTree, Git, ...

Plenty of references to Stack Overflow, Reddit, and such too.

~~~
rand83746
And this whole thing seems to be a Confluence dump.

------
TheArcane
"U.S. Consulate in Frankfurt is a covert CIA hacker base "

Germans are usually privacy nuts. I know many who maintain no presence on
Facebook, Twitter and Instagram. I wonder how Germany will react to this.

~~~
wyldfire
Sorry, news flash, virtually all of the countries' embassies and consulates
are a natural place where a lot of intelligence operations are conducted.
Counterintelligence operations watch them very closely.

The fact that Frankfurt is a hub among their European intelligence operations
is not terribly interesting IMO.

> I wonder how Germany will react to this.

Germany always knew operations were conducted there but now must react to this
overt news.

~~~
Schlaefer
> Germany always knew operations were conducted there but now must react to
> this overt news.

Snowden outed Frankfurt (and Berlin) years ago. [0] There's no more interest
in meaningful consequences now as it was back then.

[0] [http://www.spiegel.de/international/germany/cover-story-
how-...](http://www.spiegel.de/international/germany/cover-story-how-nsa-
spied-on-merkel-cell-phone-from-berlin-embassy-a-930205.html)

------
cQ5ktKqTvOPZ
If they call in James Clapper, will he perjure himself again?

[http://www.hasjamesclapperbeenindictedyet.com/](http://www.hasjamesclapperbeenindictedyet.com/)

~~~
strictnein
It would have been illegal for him to tell the truth in that testimony, since
it was public. I know people don't like that, but it's true. He could either
lie or break serious secrecy laws. There's no immunity just because you're
talking to congress.

~~~
degenerate
In that case, you say "I can't answer that question" and let the system do its
job.

You don't lie.

~~~
strictnein
No. The only way he couldn't answer the question was if the program existed,
thus revealing the existence of the program, so he had to lie.

~~~
zigzigzag
You are mounting the most ridiculous defence of perjury I have ever seen. Do
you seriously think that Congress passed laws they _intended_ to be
interpreted in the way you propose? That they _want_ to be lied to?

Clapper lied under oath. He should have paid the penalty for that. He didn't
because the US Government has decided that it either can't or doesn't want to
control the shadow state.

------
ttctciyf
They have vim editing tips
[https://wikileaks.org/ciav7p1/cms/page_3375350.html](https://wikileaks.org/ciav7p1/cms/page_3375350.html)

No emacs?

~~~
dvcc
They have secret unit testing tips too!
[https://wikileaks.org/ciav7p1/cms/page_11629048.html](https://wikileaks.org/ciav7p1/cms/page_11629048.html)

~~~
yread
And Visual Studio
[https://wikileaks.org/ciav7p1/cms/page_11629039.html](https://wikileaks.org/ciav7p1/cms/page_11629039.html)

~~~
alpb
In many pages I explored from the leak I keep coming across this *.devlan.net
domain. Whois info belongs to a French personality and is suspiciously updated
2 days ago and it has a month for expiration:

    
    
        Updated Date: 2017-03-05T16:38:16Z
        Creation Date: 2004-04-19T13:12:21Z
    
        Registrar Registration Expiration Date: 2017-04-19T04:00:00Z
        Registrant Name: SADIER, NICOLAS
        Registrant Organization:
        Registrant Street: 5 Bis Chemin Des Hautes Terres
        Registrant City: ST HILAIRE
        Registrant State/Province:
        Registrant Postal Code: 91780
        Registrant Country: FR
        Registrant Phone: +33164954698
        Registrant Email: pservor@free.fr

~~~
btym
What's suspicious about that? It's certainly hosted on their intranet, they
just picked a sensible name that employees could remember. The publicly-
registered devlan.net is probably unrelated or unused.

------
randomname2
One of the findings: Notepad++ has a DLL hijack [1]

[1]
[https://wikileaks.org/ciav7p1/cms/page_26968090.html](https://wikileaks.org/ciav7p1/cms/page_26968090.html)

~~~
mpeg
Any executable is vulnerable to DLL hijacking, they're just looking for easier
targets that load known DLLs (with known function signatures) from their own
folders (NOT system folders).

I'm assuming the goal is to minimise detection by what they call PSPs (av /
security products)

This is not a flaw within notepad++

~~~
lmm
Arguably loading DLLs from non-system folders is bad design in this day and
age.

~~~
roel_v
No, it's not, not even 'arguably'.

------
luso_brazilian
This had the potential of being a positive development brought by Trump's
election: many behaviors by the US three letter agencies that were glossed
over for the past 8 years (due to the party in power being "on the right side
of history") are again reprehensible and deemed a threat to be fought by the
tech community.

~~~
buzz27
I'm not a US citizen, but if I was, I would _want_ professionals sworn to
defend my country and the constitution to be able to modernize their
capabilities. Today, these tools are essential to defense. It may turn out to
have been the best defense against RU attempt to Balkanize USA.

~~~
omouse
The best offense is a good defense. Improving the quality of software in
general would be far more beneficial than developing zero-day short-sighted
tools.

~~~
morley
I've never heard the phrase "the best offense is a good defense," but I have
heard a great many times the phrase "the best defense is a good offense." I
don't have any data to back it up, but inclined to believe the more popular
form of the statement.

~~~
LeoPanthera
"the best offense is a good defense" \- 51,600 Google results

"the best defense is a good offense" \- 143,000 Google results, and the only
one with a Wikipedia article.

[https://en.wikipedia.org/wiki/The_best_defense_is_a_good_off...](https://en.wikipedia.org/wiki/The_best_defense_is_a_good_offense)

------
mpeg
I don't really get into political commentary, and I'm not a US citizen, but
there's some great RE tips in there.

I genuinely lol'ed at their assessment about Comodo's whitelist-only
firewall/av.

Also, this:
[https://wikileaks.org/ciav7p1/cms/page_17760284.html](https://wikileaks.org/ciav7p1/cms/page_17760284.html)

(ﾟヮﾟ)

~~~
benmcnelly
Thats how you know the leak is real, because this is classic internal Wiki
shenanigans, you can't make this up. Also, though there are some talented
people working here (you can identify some of their github accounts, thanks to
wikileaks tying users to their posts by ID) but I think a LOT of these tools
are made/stolen/purchased from elsewhere..

------
codeisawesome
This is an incredible and sensational claim that, if true, can quite literally
"break the internet". Makes me very sad to imagine that CIA grade cyber
weapons for getting into iPhones are now in the hands of heaven knows who.
Hope Apple security teams are on this.

EDIT: To clarify, I'm commenting on the original situation of the tools
getting out of CIA to the entities it was "circulated to", not this leak later
by WikiLeaks - presumably the damage has already been done.

------
danyim
I wonder how many of the exploits/tools released are still usable today.

Also, the actual video press release had to be rescheduled due to their video
stream being attacked.[0]

"NOTICE: As Mr. Assange's Perscipe+Facebook video stream links are under
attack his video press conference will be rescheduled."

[0]:
[https://twitter.com/wikileaks/status/839104886625157120](https://twitter.com/wikileaks/status/839104886625157120)

~~~
teamhappy
Streisand effect; didn't know they're holding a press conference.

------
addedlovely
I wander what phones / computers CIA operatives use - do they have special
patched versions which address the zero day exploits they are aware of.

~~~
DickingAround
This is a great question. Surely they look for vulnerabilities also in their
own systems but then what do they do when they find them? Is there some
special set of software that always gets patched because the CIA uses it?

~~~
Godel_unicode
Presumably the same thing others do when they know about 0-days? Signatures.

~~~
redblacktree
Could you explain a bit more? I'm not sure what you mean.

~~~
Godel_unicode
Sure, this is essentially the argument for disclosure of bugs before they've
been patched. If I had known about e.g. shellshock before the patch was out, I
could have written a Snort signature looking for it in network traffic and
have my IPS drop the packets. I do this on my network with bugs I find before
the vendor patches them.

This is an example of security through defense in depth; patching is one layer
of defense, but if you can't patch there are other mitigating actions you can
take to protect against (especially) known threats. It allows someone with an
offensive and defensive mission to simultaneously use exploits while not being
vulnerable to them.

------
t0mk
TIL that CIA is using Atlassian Stash for internal code hosting. Many
references to the stash.devlan.net, would be nice to see some code, I just
found some python scripts:
[https://wikileaks.org/ciav7p1/cms/page_9535551.html](https://wikileaks.org/ciav7p1/cms/page_9535551.html)

~~~
TheHippo
There are even images here:
[https://wikileaks.org/ciav7p1/cms/page_13205694.html](https://wikileaks.org/ciav7p1/cms/page_13205694.html)

~~~
abrkn
And they're using git flow

------
rgacote
Glad to see CIA hackers are Dr. Who fans!

"Weeping Angel" makes it look like a Samsung television is off while it is
really on and recording the room. Precisely what the Weeping Angel does during
the Dr's first encounter.

~~~
mintplant
Sontarans also make an appearance:
[https://wikileaks.org/ciav7p1/cms/page_524426.html](https://wikileaks.org/ciav7p1/cms/page_524426.html)

------
eternalban
This looks interesting: Hive's developer guide. It has a auto-destruct
feature, just like in the movies:

[https://wikileaks.org/ciav7p1/cms/files/DevelopersGuide.pdf](https://wikileaks.org/ciav7p1/cms/files/DevelopersGuide.pdf)

~~~
abrkn
Seems to have been having issues with premature self destruction:

"Discrepancy report DR-00134-2012 was issued after Operations determined that
Hive version 2.5 was self-deleting prematurely. Analysis showed that a
calculation involving the current time and the file modification time used to
determine the time since last contact could result in a negative number that
was then cast from an integer to an unsigned long integer. This resulted in a
large positive number that exceeded the delete delay and subsequently caused
Hive to self-delete."

------
imron
_The CIA 's Remote Devices Branch's UMBRAGE group collects and maintains a
substantial library of attack techniques 'stolen' from malware produced in
other states including the Russian Federation.

With UMBRAGE and related projects the CIA cannot only increase its total
number of attack types but also misdirect attribution by leaving behind the
"fingerprints" of the groups that the attack techniques were stolen from._

This has interesting implications for the claim that "Russians" hacked the
election (although I can't imagine the CIA wanting to hack the election in
Trump's favour).

~~~
dmix
There also still hasn't been any public evidence that Wikileaks got their
Podesta email data from Russians yet. So far we only know the DNC leaks were
very likely Russian. That means until today only about ~50% of the 'election
hacks' have been attributed to Russia with public evidence.

Now this leak calls into question _some_ of the evidence about the DNC hack
[1]. This evidence being the malware was Russian. But there were many other
pieces of evidence that pointed to Russia so I'm personally not anymore
persuaded it wasn't Russia for the DNC stuff. The Podesta stuff is still up in
the air AFAIK. [edit: see pvg reply]

Either way this leak will just add to the deniability angle for the partisan
hawks. Although this is probably way over the head of CNN/Fox News crowd so
it's also possible it will have zero effect.

[1] Previous leaks mentioned NSA/Five Eyes collected foreign malware. This
leaks adds CIA to that group and further solidifies the "misdirected
attribution" angle.

~~~
sparkling
There is no hard evidence where the DNC/Podesta leaks came from. However,
Julian Assange has repeatedly said that the source is not the russian
goverment or a affiliated state party [1] and in a other interview has hinted
that the source may be Seth Rich [2], a former DNC staff member that was
murdered in Washington DC.

[1]
[https://www.youtube.com/watch?v=uyCOy25GdjQ](https://www.youtube.com/watch?v=uyCOy25GdjQ)

[2]
[https://www.youtube.com/watch?v=Kp7FkLBRpKg](https://www.youtube.com/watch?v=Kp7FkLBRpKg)

~~~
openasocket
> However, Julian Assange has repeatedly said that the source is not the
> russian goverment or a affiliated state party

How would he know? Isn't wikileaks set up so that people can submit data
anonymously? Is he claiming that they got the data through different channels?
Why would an insider purposefully leak the data in a way that de-anonymized
him to Assange and possibly others, instead of using the established channels?

~~~
droithomme
> How would he know?

Not all leaks are submitted through the web forms. Craig Murray has stated
that he received some of the leaks in person from a DNC insider during a face
to face meeting in Washington, and he couriered those leaks to wikileaks
himself.

[http://www.washingtontimes.com/news/2016/dec/14/craig-
murray...](http://www.washingtontimes.com/news/2016/dec/14/craig-murray-says-
source-of-hillary-clinton-campai/)

~~~
extra88
Huh, I had never heard that, why is that? Does Murray have a credibility
problem, has he no evidence for his claim? Assume that any explanation that
amounts to suppression by the "liberal media" or the "establishment" will fall
on deaf ears.

Murray's Wikipedia page is not full of alarm bells, it does mention him
appearing on Alex Jones's radio program but to discuss a non-crazy subject.

------
dogma1138
I'm surprised so many acronyms from their org chart are missing.

FINO is Financial Operations Group. FIO is Field Intelligence Officer. ESD is
Executive Services Directorate. Don't see a single term that anyone who spent
any time in the intelligence community wouldn't recognize.

------
teekert
Had the CIA's efforts been targetted towards improving encryption and
security, US citizens and its government may well have had the ability to
communicate safely. They may well have been able to trust new smart gadgets
such as smart TVs and smart phones. Instead the CIA aided the nefarious people
of the world by not reporting and exploiting security holes in devices used by
the citizens it should protect. Now it has leaked said exploits and the CIA
has helped their enemies in spying on every aspect of US life to a degree
never seen before.

~~~
nkassis
That's part of the NSA's mission.

------
rosalinekarr
This idea that the government should somehow be exempt from proper
cybersecurity ethics is disgusting. When the CIA or the NSA find zero day
attacks in software, they should report them immediately to be fixed, not
build tools specifically to exploit them. It's only a matter of time before
these attacks either leak or are rediscovered by other malicious parties. The
government is effectively turning their own people into cannon fodder for
their ridiculous "cyberwar."

~~~
Spooky23
I think that's an absurd position. The government has a need to be able to
access hostile systems. A hacked computer can avoid armed conflict where
people die.

A better question is... why aren't major vendors devoting a fraction of the
resources to find this stuff and fix t on their own?

~~~
andai
They're being paid by the spooks!

On a serious note, doesn't cyberwarfare sound more like it could lead to nasty
consequences, such as regular warfare, rather than preventing it?

~~~
Spooky23
As nuclear proliferation becomes more and more common, "regular warfare" is
going to become impossible.

The reality is that there isn't going to be a traditional war with any nuclear
power. WW2 was the last big state on state conflict -- that cannot happen
again. Since 1948, the US vs. USSR model has applied, where nuclear powers
have proxy wars at the fringes with various minor states.

As nukes become available to 2nd/3rd tier states, you need lower impact
fighting methods to avoid setting off a nuclear chain reaction. "Cyber
warfare", IMO, is a tool in the toolbox. Instead of proxy states, we fight
with proxy corporations.

~~~
LyndsySimon
> WW2 was the last big state on state conflict -- that cannot happen again.

Respectfully, the belief that large-scale war was impossible between modern
states was prevalent prior to the First World War.

I strongly believe that there will eventually be another large conflict, and
that the only reason there hasn't been one to date is because we've managed to
maintain the balance between Russian and American interests throughout the
Cold War.

The collapse of the Soviet Union marked the beginning of a transitional state,
and we've not reached a stable balance of power since.

~~~
Spooky23
Perhaps "cannot" was the wrong word choice. "must not" may be more
appropriate.

I share your fears and find it terrifying, as that large scale war with the
technology that we have today is a profoundly more damaging thing.

------
sschueller
I hope Europe and Germany especially finally wake up and start kicking out
these pests. The US/CIA is conducting crimes against humanity on foreign soil.
Like the drone war. The US may not be part of the international court but
Germany is.

~~~
empath75
Germany knows they're there, are you kidding?

~~~
pabloski
A slight correction: "Germany is an US occupied country since the end of
WWII".

This is the truth about Nato, friendship between US and Japan, EU countries,
South Korea, etc... There are no friends in geopolitics, only masters and
slaves.

~~~
LyndsySimon
That's an interesting thought, indeed.

The US doesn't benefit financially from Germany, as far as I can tell. The
argument could be made that we benefit from Japanese trade, but I find that to
be rather weak.

If your claim is correct, then what benefit does the vassalage of Germany and
Japan have for the US?

~~~
pjc50
Vassals are not competitors and the US doesn't have to risk them developing
their own idea of national interest.

Germany is also part of the anti-Russian buffer zone NATO.

------
alxdistill
Maybe this is a stupid question but how does one go about verifying the
information wikileaks releases is accurate?

I assume the people who submit info are verified in some way, does wikileaks
then pass on that verification info to the public or are we supposed to just
trust that they are providing truthful information in an unbiased way?

~~~
ww520
Wikileaks has pretty good track record. I believe so far every single one of
the leaks have turned out true, or no one has challenged their authenticity.

~~~
1_2__3
Which is it? Your phrasing implies those are the same thing. They're not.

~~~
monochromatic
They're not the same, but they're pretty well indistinguishable for anyone who
isn't omniscient.

~~~
chatmasta
The CIA has a long standing "no comment" policy when asked about the
authenticity of any documents. So you can't rely on the absence of a counter-
claim to prove the veracity of the documents.

I wouldn't rule out an intentional leak to spread misinformation.

~~~
monochromatic
> So you can't rely on the absence of a counter-claim to prove the veracity of
> the documents.

That's fine... but if no one is disputing the truth of something, there's no
evidence whatsoever that it's false.

------
myegorov
Looks like the CIA is screwing the public by mutual consent. The public is
demanding more of the same, just as long as it's directed at whoever is out
their favor. Here're the two topmost comments on NYT at the moment[0]:

    
    
      karma2013 New Jersey 3 hours ago
      If anyone still has doubts that Wikileaks and the Russians   
      are working together to undermine and destabilize our    
      government institutions, erode public confidence in our 
      government, and generally wreak havoc in our country, this 
      latest document dump should erase all doubt. We are under 
      attack by an adversarial nation, with a President here at  
      the helm who seems not to take any of this seriously.
      Spy agencies spy, this should come as no shock -- this is 
      how they infiltrate potential terrorist plots against 
      America and keep us safe. We are less safe today thanks to 
      Wikileaks and Assange's unholy alliance with Putin..
    
      Thomas Marin County, CA 3 hours ago
      Where's the hacking of trump's taxes and his Russian 
      connections??
      This information is needed NOW!
    

[0][https://www.nytimes.com/2017/03/07/world/europe/wikileaks-
ci...](https://www.nytimes.com/2017/03/07/world/europe/wikileaks-cia-
hacking.html)

~~~
nosuchthing
If you've spent anytime on twitter or reddit lately, there's an increasingly
large amount of political astroturfing from special interest organizations.

[https://en.wikipedia.org/wiki/50_Cent_Party](https://en.wikipedia.org/wiki/50_Cent_Party)

[http://www.sfgate.com/technology/businessinsider/article/US-...](http://www.sfgate.com/technology/businessinsider/article/US-
Government-Funded-Domestic-Propaganda-Has-4668001.php)

[https://en.wikipedia.org/wiki/Smith-
Mundt_Modernization_Act_...](https://en.wikipedia.org/wiki/Smith-
Mundt_Modernization_Act_of_2012#Smith-Mundt_Modernization_Act_of_2012)

[https://www.theguardian.com/technology/2011/mar/17/us-spy-
op...](https://www.theguardian.com/technology/2011/mar/17/us-spy-operation-
social-networks)

~~~
myegorov
Have you noticed this trend on HN? Because I see essentially the same
sentiment in this thread. Little if anything is effected purely by overt or
tacit collusion.

~~~
nosuchthing
There's certainly been a handful of very overt political troll commentators
with talking point narratives which I've noticed on HN in the last few weeks.

Thankfully HN has a better reputation system in place. News website comments
have 0 barrier to entry, and Twitter and Reddit are clearly prone to mass
bot'ing. It helps that there's access to an API for transparency on those
sites but the persona astroterfing ops are getting more advanced tactics like
copying random user comments to build up an appearance nearly
indistinguishable from a normal user's history at first glance.

[https://en.wikipedia.org/wiki/Sybil_attack](https://en.wikipedia.org/wiki/Sybil_attack)

~~~
myegorov
Interesting. I was actually joking about HN. I can't think of an example where
hangers-on or bots or engagée interest groups have ever been able to sway the
popular opinion en masse. Not saying the special interest groups won't take
bids from any interested takers or have negligible effect. Luckily for the
rest of us, it takes more than a marketing campaign to bring Putin to power or
turn the tide against Trump. From my observations, the NYT (and HN) comments
are symptomatic of the US popular opinion as of today that looks favorably on
mass spying in the face of ISIS or Russia or whatever it is they feel requires
the military/special agents to intervene.

~~~
nosuchthing
There's certainly significant efforts intended to dilute and distract
discourse in reddit threads and infiltrating influential moderator positions
on the main subreddits.

/r/undelete logs many instances of some of the weirdness.

Check any popular political tweet and you'll likely notice the first or top
replies are coming from trolls pushing empty narratives.

------
jwtadvice
Anyone in the know how about whether the CIA subverted the security of
software or whether they inserted vulnerabilities into software?

One of the shocking and disgusting things from the NSA leaks was that it
actively sought to create new vulnerabilities and to create subverted software
industry products in the United States.

So far it looks like the CIA is using discovered vulnerabilities (imo better
than sabotaging industry). But given the size of the leaks I'm having
difficulty confirming that this is indeed the case.

------
agopaul
"and even Samsung TVs, which are turned into covert microphones." \- Sounds
very Orwellian

------
r721
the grugq‏: "I guess the .ru investigation in the US is getting too hot, time
to throw a big distraction at the CIA; drive wedge between executive & IC"

[https://twitter.com/thegrugq/status/839138456894763008](https://twitter.com/thegrugq/status/839138456894763008)

------
goodroot
I will continue using Swiss cheese and hungry mice as my metaphor for global
network security.

------
thraway2016
Any guesses on why CNN and MSNBC are completely avoiding reporting this news?

~~~
Aaron1011
[http://money.cnn.com/2017/03/07/technology/wikileaks-cia-
hac...](http://money.cnn.com/2017/03/07/technology/wikileaks-cia-hacking/)

[http://www.msnbc.com/andrea-mitchell-reports/watch/former-
ci...](http://www.msnbc.com/andrea-mitchell-reports/watch/former-cia-director-
wikileaks-dump-could-be-very-damaging-892208195559)

"Completely avoiding"?

~~~
mikeyouse
It's like 80% of the first page real estate on MSNBC right now:

[https://i.imgur.com/KDLbXOx.png](https://i.imgur.com/KDLbXOx.png)

------
rrggrr
CIA needs to work with the tech community to patch the vulnerabilities, and
the US business community for awareness of the vulnerabilities. The cat is out
of the bag and CIA's mission is very much consistent with a direct defense
effort to ensure foreign powers and organized criminal entities cannot use the
CIA's compromised assets against US citizens.

~~~
bluejekyll
Actually, it's the CIAs job is to actively collect information on foreign
governments and nationals. This information is then supposed to be given to
other organizations in the government to be used to guide decisions on foreign
policy and potentially active missions to disrupt foreign activity.

I would argue that the group you are talking about is really the NSA. They
should be doing everything in their power to make the US more secure, not
easier to spy on.

~~~
rrggrr
I agree with you. NSA or NIST should be tasked. On the other hand, its their
mess and they should clean it up.

------
whereisthegun
The value of all of these electronics devices becomes increasingly smaller the
more you find that they are all just listening and recording everything you do
and sending that information to some powerful entity.

The people who run these electronics companies might want to think about that
if they have the best interests of their shareholders in mind.

------
marmot777
In media accounts, I keep seeing quotes that cyber security experts were
alarmed by the revelations. I'm no expert but to me all of the revelations
have been open secrets for years. Are cyber security experts really alarmed by
the revelations? I'm not saying the info itself isn't alarming but "alarmed"
implies shocked by information you didn't already know about. It occured to me
that some of these experts could have their own motives (promotion?) for
getting quoted in the media.

What am I missing in my understanding of this in saying that I wasn't alarmed
(in the sense of surprised) by anything I've read so far? Most of the source
code they released has been circulating for several years? This is basically
publicity for already existing open secrets? That is, this was an act of
political theatre?

------
5ersi
OS-level backdoors can be easily patched. Unlike hardware based backdoors,
curtesy of Intel AMT.

~~~
ajross
And yet the leaked tools don't seem to have much in the way of hardware-based
exploits, which might say something about the feasibility of this kind of
thing on actual systems. Obviously it can be done, but it were as pervasive as
the tinfoil hatters believe, surely it would have shown up here. No?

~~~
moduspwnens14
The document covers how they put a good amount of effort into ensuring there's
not a clear link back to the CIA or relevant parties if one of these things is
discovered. I imagine having hardware level vulnerabilities would much more
quickly point directly to the only agencies capable of such techniques.

~~~
ajross
That's sort of my point though. If hardware back doors exist (and I don't
argue that they can't!) they're exotic, highly protected and rarely used. They
aren't routine instruments of state surveillance.

~~~
moduspwnens14
Yes--sorry. My comment was in support of your point.

------
dandare
Maybe it is just my lack of knowledge but why were all the recently leaked
hacking tools made by US and none by Russia or China?

~~~
zigzigzag
The CIA dump apparently contains malware stolen from other countries. So
perhaps if/when wikileaks starts releasing them, that'll include
Russian/Chinese malware.

It may also be that they simply have far smaller security states, with fewer
people who feel alarm at the extent of what's happening. Or maybe leaking to
Wikileaks just isn't in vogue in those countries.

------
davesque
Honestly, what's the news here? The US's top spy agency is engaged in spy
activity? This shouldn't come as a surprise to anyone just as it shouldn't
have surprised anyone that Russians hacked the DNC.

What's more interesting and important to consider is the way in which this is
yet another move in the information war that Russia is waging with its
enemies. Their intentions in this war are not to "uncover the truth" or
whatever the purported mission of Wikileaks was at one point.

------
Keyframe
Is anyone actually surprised? Even military has USCYBERCOM. What do you think
their type of 'weapons' are? My only surprise it that this has leaked.

~~~
dmix
I'm surprised so much of this work done by NSA is being duplicated by the CIA.
Not just a waste of tax payer money but also an even larger risk of lacking
oversight than NSA. We all knew NSA was doing this stuff and dug into their
oversight mechanisms. But the CIA is a larger and better funded organization
than the NSA, so the implications of this are as large as the Snowden stuff.

Not to mention that before Obama left office he made intel sharing between
these agencies and domestic agencies even easier. So this can't easily be
dismissed as 'not surprising that spy agencies are hacking foreign entities'.

This just provides further insight into how widespread these powerful tools
are within the US government.

Whether it's surprising or not is not really the only relevant question.

------
exabrial
I'll be really honest... I don't think any of the stuff I've seen so far is
"news". We already know our smartphones, tvs, and IOTs are very vulnerable to
attack. Shouldn't we expect intelligence agencies to take advantage of it?

The only "real" news would be if the Trump administration plans to continue
the illegal monitoring of US citizens without warrants from the previous
administration.

------
blauditore
This may sound stupid, but I'm wondering if using Windows Phone 8 (not Windows
10 mobile) might be a strong measure for protecting oneself against such
attacks.

First, it's quite restricted in terms of deep system access towards devs and
users. Apps are sandboxed and extremely isolated from each other. Then, its
market share is so low that probably no one makes an effort to build targeted
attacks towards it.

~~~
roryisok
I was just wondering the same, looking down at my trusty old lumia here.
Unfortunately no desktop OS seems to be safe

~~~
dandelion_lover
> Unfortunately no desktop OS seems to be safe

What about Qubes OS?

~~~
roryisok
never heard of it until now

------
rogerthis
I wonder if, supposing a legit war use, those tools would work. Maybe in
taking down some enemy tech infra, but on collecting information, i really
have doubts. That would be too much data to process unless they had specific
targets. Human intelligence would be much more effective.

Anyway, I remember a story of a US submarine that hacked soviet cables in the
70s or 80s.

~~~
rogerthis
More, being those tools not effective, development and maintenance is stupid
spending, and certainly the tools are having other uses.

My conspiracy side looks at CIA like a public sector (state owned) company in
Brazil: they are not owned by the government, but by the chaste of unionized
workers that work there.

~~~
PKop
"Deep State"

[https://en.m.wikipedia.org/wiki/Deep_state_in_the_United_Sta...](https://en.m.wikipedia.org/wiki/Deep_state_in_the_United_States)

------
demarq
This and every conversation on the intetnet to do with the leaks quickly
devolves into "did russia do it?"

The content of the leak is mind blowing, how are people not paying attention
to this. No one seems to find the content shocking.

It's just disappointing, especially on hn. I guess this just another thing
that's going to be hypernormalized. :(

------
zepto
When will people stop pretending that Wikileaks is anything other than an
anti-American political faction that is allied with Russia?

If Assange truly believed in transparency and a new kind of open democracy, he
would stop preferentially targeting the US and get on with showing the world
how all of our governments are the same in this regard.

~~~
angry-hacker
But Russia is not even trying to show they care about democracy or all the
rights U.S preaches. We already know what Russia is.

~~~
zepto
Are you suggesting that the two are the same?

------
agumonkey
torrent for distribution [https://file.wikileaks.org/torrent/WikiLeaks-Year-
Zero-2017-...](https://file.wikileaks.org/torrent/WikiLeaks-Year-
Zero-2017-v1.7z.torrent)

ps:

Password: SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds

Hash: 7BF9A9F2A2809E13BD57A96A360725F1688A0D51

------
patrickaljord
Use of undisclosed zero day vulnerabilities by governments is not really news.
But the article makes it sounds like these OS come with a rootkit pre-
installed to exploit those vulnerabilities. My guess is that they first need
to find a way to install these on targeted devices. Any idea?

------
megous
I guess some responsible disclosure to the affected vendors would be nice. If
the tools are being actively exploiting bugs, which they are, there's not much
else to do in order to stop the exploitation. Give it a few weeks and then
publish them in the wild.

------
everybodyknows
New York Times weighs in:

[https://www.nytimes.com/2017/03/07/world/europe/wikileaks-
ci...](https://www.nytimes.com/2017/03/07/world/europe/wikileaks-cia-
hacking.html)

------
Animats
The Samsung TV attack seems rather lame. The attack apparently has to be
installed via a USB device, which means somebody has to physically reach the
TV. If you can get that far, there are other ways to plant a bug. The
documents don't indicate they've been able to install it remotely. Looking
into remote update was on the to-do list.

There's little interesting technical detail in any of this. It looks like
stuff that would be classified CONFIDENTIAL; it's mildly embarrassing, but
doesn't give much away.

~~~
sidegrid
Not hard to use USB exploit at the shipyard or warehouse (Amazon).

------
40acres
It's very sobering to realize that if the government wanted to track my every
movement they could easily do so. Arguing about the security features of
Android vs. iOS just seems redundant now.

------
debatem1
While I'm glad they published this much, I wish they had published the tools
themselves. As is, this is really just enough information to get worried and
not enough to fix anything.

------
kregasaurusrex
I found the Windows exploits dealing with legacy fax DLL's to be comical. It's
arguably the lowest hanging fruit that continues to be the crux of proper
security practices.

------
chatmasta
Interesting page titled "ConnectifyMe Research" [0] appears to be reverse
engineering Connectify [1], which is an In-Q-Tel funded project!

[0]
[https://wikileaks.org/ciav7p1/cms/page_16385111.html](https://wikileaks.org/ciav7p1/cms/page_16385111.html)

[1]
[https://en.wikipedia.org/wiki/Connectify](https://en.wikipedia.org/wiki/Connectify)

------
alva
Quite a lot of the twitter security scene seem to be pointing towards Hal
Martin. Apparently timeline and level of classification is consistent.

[https://www.wsj.com/articles/former-nsa-contractor-
indicted-...](https://www.wsj.com/articles/former-nsa-contractor-indicted-for-
stealing-top-secret-documents-1486597329)

------
futurebnd
This one is great:

'* Linksys WRT54G flashed with DD-WRT v24sp2 used as surrogate for testing
MikroTik MIPS-LE binaries. No actual RouterBoard (i.e. MikroTik) hardware was
used

[https://wikileaks.org/ciav7p1/cms/files/UsersGuide.pdf](https://wikileaks.org/ciav7p1/cms/files/UsersGuide.pdf)

------
ryanisnan
Since the inception of Smart TV's, I've often wondered, is it still possible
to buy a modern "stupid" TV?

~~~
astrange
You can just not tell it your wifi password.

~~~
mikeyouse
I did that and manually set my IP address to 1.1.1.1 with a 255.255.255.255
subnet mask. I figure that's one more level of protection so if my wireless
radio can be turned it, it won't be able to connect to a network that's baked
into the firmware or something. (E.g. if Samsung has a test net that their TVs
automatically connect to if in range.)

------
RichardHeart
You know the expense of doing this is over 100 Billion a year (especially if
you include lost business for American corps over the mistrust). You have to
wonder what the upside is, in dollars. I have to imagine its very, very low,
and perhaps only justified in having a lottery ticket to prevent an extinction
level event like WW3?

~~~
anigbrowl
It's like nuclear weapons; if you don't have one, then you're nobody, if you
do then you're untouchable, at least by conventional means.

------
rodionos

      > Self-delete is used to insure that any Hive implant that lays dormant ... for a predetermined amount of time
      > effectively destroys itself with the only remnant being a “configuration file” 
      > (.config) and a log file (.log) left behind in /var directory.
    

.log & .config in /var

------
cliffy
Have there been any leaks showing TLAs using Intel's ME or AMD's PSP as a
means to compromise a target?

------
luckydude
Has anyone with a clue actually gone over the code? If so, is there a
description of how it works?

Unless things like smart TV's are shipped with malware, or unless they reach
out and ask for malware and install it themselves, wouldn't having all your
devices behind a NAT box make all this stuff benign?

Or am I too naive?

~~~
socmag
It seems to be a dump of a git "wiki" that is shared between a bunch of devs
within the agency.

The content mostly centers around typical wiki style documents where
developers are chatting between each other and leaving useful snippets of code
and discussing different attack vectors and approaches. It's organized into
folders relating to different technologies, platforms and tools.

There isn't a "use me to gain root on an iPhone" program anywhere that I can
see, although there are some hints that those things actually exist in the
main git repo.

In general there seems to be a lot of information on performing pre-cursor
work to get devices into a state where they can be compromised via firmware
rewrites etc.

There is quite a lot of interesting information that I'm sure will be of use
in hardening systems in years to come, so it isn't all bad news.

It reads as kind of a "Book of tips and tricks" mainly as well as the results
of various attack attempts.

Linux seems very low on the list in priorities for attack development. I did
see something about opening a side channel inside an SSH session, but it
doesn't seem to be a focus.

"X capability that injects a pthread into an OpenSSH client process creating a
surreptitious sub-channel to the remote computer."

Certainly looks like they are having a lot of fun attacking Windows boxes and
Apple phones mainly, plus Android devices and a smattering of common routers
and other gear.

They also seem to have a great sense of humor. Some of the comments are
hilarious, as are their project code-names. I laughed at the code sample for a
Windows keyboard logger using DirectInput. Does that thing really work? :-)

------
doggydogs94
Ethics aside, the CIA looks like a cool place to work. Look at the cutting
edge stuff they are up to.

~~~
the_cyber_pass
Not really, I was looking through it and it looks to me like organizations NCC
group has more advanced people in it. The advantage the CIA has is you get to
go all the way with exploits instead of having to restrain yourself.

------
rattray
_These techniques permit the CIA to bypass the encryption of WhatsApp, Signal,
Telegram, Wiebo, Confide and Cloackman by hacking the "smart" phones that they
run on and collecting audio and message traffic before encryption is applied._

------
mrcactu5
Just something totally ridiculous. These spyware / malware competitions remind
me of poker in that these are games of imperfect information and we just throw
hoops tring to gain a tiny bit more information than the next guy, to improve
our bets.

------
ataur
Makes me think of this article about the American surveillance state
[http://harvardmagazine.com/2017/01/the-
watchers](http://harvardmagazine.com/2017/01/the-watchers)

------
kome
It's like a friendly reminder about how Stallman was right about everything...

~~~
kulu2002
That's absolutely true!

------
gressquel
I looked through the leak, they promised source codes, all I found was source
codes from various public projects.

For the CIA tools, there was only descriptions and guides to how to get it
implemented and in use, not the actual source code.

~~~
tannhauser23
Wikileaks said they have the source code but they're not releasing it for now:

"Wikileaks has carefully reviewed the "Year Zero" disclosure and published
substantive CIA documentation while avoiding the distribution of 'armed'
cyberweapons until a consensus emerges on the technical and political nature
of the CIA's program and how such 'weapons' should analyzed, disarmed and
published."

Source: [https://wikileaks.org/ciav7p1/](https://wikileaks.org/ciav7p1/)

~~~
sand500
Send vulnerabilities to appropriate software vendor, wait 30-90 days then
release to web publically?

------
whiskeySix
So... uh... where can one find these tools? Asking for a friend.

------
neotek
"There is an extreme proliferation risk in the development of cyber
'weapons'," says man eagerly proliferating cyber weapons.

------
aussieguy1234
Wikileaks has the code for these tools but wisely didn't release it.

Hopefully they will notify vendors of the security vulnerabilities being
exploited

------
randiantech
I think it would be completely fair to see all countries affected by CIA's
hacking to take the exact actions US did with Russia.

------
benkarst
Does anyone have any comments about technical aspects of the documents
released? Seeing how this is Hacker News and all...

~~~
c0nsume
Yeah, this to me is the wiki of an average tech startup. Lots of mundane stuff
like how to use git, how to install wireshark. If you don't know how to
install wireshark or how to use git maybe you shouldn't be in the fucking CIA
trying to defend the country from foreign adversaries. Not because these
things show proficiency in being a 'tech' person, but because one would expect
a well funded intelligence agency to be far beyond the use of popular pc
tools. While I'm sure there are some advanced researchers there, it makes me
wonder where the pros work. The Chinese or Russians sure as shit are not
sitting in a lab somewhere trying to install wireshark.

------
samirm
>These techniques permit the CIA to bypass the encryption of WhatsApp, Signal,
Telegram...

So much for guaranteed encryption and safety.

~~~
lmm
Control of the local device has always meant game over. How could it be
otherwise?

~~~
NoGravitas
You know that, and I know that, but it has to be made explicit for journalists
and the general public to understand it.

------
jl6
I'll add my view that I don't see this as being all that surprising. Didn't we
all expect that this is the sort of thing that TLA's get up to behind closed
doors?

My main complaint is that even though I'm otherwise fairly well aligned to the
US (ideals, principles, culture and such), I'm not a US citizen and therefore
get treated as an enemy :(

------
SadWebDeveloper
meh CIA tools still require "intervention" or well "manually infecting
things", on the other hand NSA tools don't... so the day, all the NSA tools
gets available then it will be doomsday for all sysadmins in the world.

------
known
Thank you Assange;

"Never do anything against conscience even if the state demands it."
\--Einstein

------
ptrptr
Can anyone confirm that due to SIP in 10.10 it won't work on newer version of
macOS?

------
jungletime
Wikileaks seems to be supporting Trump as the lesser of two evils. Why they
see the other side as more evil, is not entirely clear, or on what information
it is based on. it could be they know more than we, and can't release it. Or
it could be something like getting revenge for the apparent assassination of
DNC leaker.

------
drvdevd
I just have to say... glossing over the details quite a bit, not reading the
article. Mostly I've just read peoples' thoughts on here and Twitter.

But my initial gut feeling/reaction about this news is that it's distinctly
un-interesting as compared with, say, Shadow Brokers or Snowden.

Just my initial reaction...

------
arca_vorago
Taking the chance to vent just a bit. These are the sort of things I have been
telling people about but have been derided as paranoid and a conspiracy
theorist. The Samsung TV was a great example of this, which I called would be
more than just samsung sending voice data. Also, so many people have loved to
respond to people talking about this with some variation of, "but you're not
important, why would they bug you". It really makes me wonder how often those
responses were sock puppets attempting to control and derail the narrative,
but criticisms like that are so trite eand easily debated.

I have spent a lot of time since the Iraq war (USMC), trying to understand how
we got entangled in such a fucking mess, and have continually come to the
conclusion that the deep state, of which the CIA is a major part, has actively
been working against what I consider the true interests of the United States.

While I agree we need an international intelligence collection unit, let's not
forget that originally the CIA's mandate was just to almagamate intelligence
from military intelligence units, not to go do shadow operations all over the
globe. Truman even wrote an article about how that was not his intention after
the JFK assassination, but the article only ran once and Dulles personally
flew out to talk to him about a retraction. Ok, though, perhaps that ship has
sailed, and ops are a permanent part of collection.

My issue then, is with the disparity between operational intention and what I
consider true national interests. I understand a certain amount of realpolitik
pragmatism is necessary in the function of nation states and diplomatic
international affairs, but I think it has become realpolitik run amok with no
anchor on core principles, creating blowback after blowback, to the point that
such blowback no longer just seems like incompetence and seems like
intentional malice.

Never forget where the CIA came from. It was formed as the OSS by _Wall Street
Bankers /Lawyers_ with help from the much older MI6! Those foundations have
largely been maintained through their selection process (Yale skull and
bones/wolf/scroll and key heavy) The main connection I have eeked out that I
don't think most understand though is the relationship between the Wall Street
group and The City of London/Vatican/Swiss Banking groups and their many
associated secret society groups and orders of knighthood.

In the end, I have postulated that the corruption of the country has been top
down, and deliberate. The CIA is a key node point in this corruption, and I
question their loyalty to the constitution. Compartmentalization has been used
and abused to the point that the mostly good worker bees doing the intel work
don't understand the bigger picture plays at work here, and I think it is
telling that the decryption passphrase was JFK talking about scattering them
to a thousand winds.

There is plenty of evidence that _The Company_ has been operating
domestically, unconstitutionally, and against their mandate, for quite some
time. I promise you these tools have been used domestically on American
whistleblowers, dissidents, and general rabbelrousers considered enemies of
the _the company_. This has been the danger I have been speaking about with
the total surveillance state, because now between _the company_ and _the
agency_ , all will take is a few turns of some keys and the totalitarian
dystopia is fulling engaged, and if you think this was ever about national
security I have a bridge to sell you in the pacific. Of course there will be
those who claim releases like this are a detriment to national security, and
what I claim is the fact that these tools have been used domestically for the
purposes of the deep state is the real threat to national security. The agency
and the company should be working to help us secure our systems, not NSL
gagging tech companies to insert backdoors or give the source so they can do
their own 0days, so don't fall for the inevitable cries of _but this hurts us
and is legitimate_. I mean there is evidence they were even corrupting NIST
committees! This kind of bullshit is not about national security. I can't
believe how easily people accept unconstitutional moves as long as some
offical or other claims _national security_ (usually with no evidence). This
is about the deep state maintaining power.

For us, the hackers and geeks of the world, they left us alone for a bit,
after they lost the 90's cryptowars. It's back on though. This is the danger
of tivoization, of proprietary licenses, of closed source code (including BSD
licenses that allow such actions). We need to open source everything, start
encrypting everything, and making it easier for the layman to use the tools.

Stop using windows and osx, even for gaming. Stop installing windows at your
business. Start using HIDS like OSSEC. Start checking your logs. Start
checking your checksums. Start hardening your systems and your kernel (grsec).
Stop using stock android, and don't use IOS. Desoder microphones on systems.
Build faraday cages. Get an SDR and do bug sweeps.

When the surveillance engine is turned on, FOSS hackers will be the only ones
free.

~~~
kbenson
> The main connection I have eeked out that I don't think most understand
> though is the relationship between the Wall Street group and The City of
> London/Vatican/Swiss Banking groups and their many associated secret society
> groups and orders of knighthood.

This is where you started to lose me. If you've eeked this out, surely you
have something you can include to convince us?

> I think it is telling that the decryption passphrase was JFK talking about
> scattering them to a thousand winds.

I'm not sure what this is referring to. Can you elaborate?

> Stop using windows and osx, even for gaming. Stop installing windows at your
> business. Start using HIDS like OSSEC. Start checking your logs. Start
> checking your checksums. Start hardening your systems and your kernel
> (grsec). Stop using stock android, and don't use IOS. Desoder microphones on
> systems. Build faraday cages.

That will protect you in your home and on your personal devices (to a degree),
but it doesn't protect you in public. Anonymity and privacy are an artifact of
our congregating in large enough groups that it's not possible to know all
those you see in a day, but _the vast majority of our history was spent with
no anonymity and little to no privacy_. I'm convinced our return to a lack of
anonymity and privacy is a return to the norm. That doesn't mean I support it
or think it's necessarily better, but information wants to be free and humans
like to know things, even if that happens to be what you had for breakfast
today. Fighting naturally incentivized systems rarely ends well.

~~~
dredmorbius
The vast majority of our history was spent with substantial limits on the
ability to collect, distribute, and access information on any one individual,
let alone cross-compile information from multiple sources or for multiple
individuals.

Scale and rates matter.

~~~
kbenson
I don't think the scale matters for the past. You spent the majority of your
time with other people in your tribe or village, and they knew everything
about you, and you knew everything about all of them. New information could be
distributed to 90% of the people within minutes. You could physically ask most
the people any questions you wanted about someone else with just a little more
time than that.

The current scale just makes this true again.

Again, I don't think that makes it good, but I do think it's important to
note.

~~~
dredmorbius
Today the observer can be anywhere on Earth, and the data are vastly more
detailed. Impunity of the observer is far greater.

The subject isn't conversations but surveillance.

~~~
kbenson
> Today the observer can be anywhere on Earth

It's all a matter what you consider "the world". If you were born into and
died in a small group of people and had little to no interaction with
outsiders, your "world" is that group. In that respect, anyone in the "world"
can easily know just about anything about you just by asking, because there's
almost always someone around you, and people like to share information
(gossip).

> and the data are vastly more detailed

How so? Because they can determine everything down to what food I like and
dislike? I know that about most my coworkers. I think you are treating
information you leak through normal interaction with people differently than
what is gathered about you online, when really they are no different.

> Impunity of the observer is far greater.

In the end it's all about enforcing compliance with some group norm and
governmental dictate. That's no different in the small group either. The group
is the government, and you can take measures to hide your behavior, which in
both systems might actually draw attention to yourself, or you can attempt to
fit within the group norms, whether that group is the literal or figurative
world.

A sweet deal has existed for a couple millennia if you've been in a large
enough group to benefit from anonymity and the increased privacy that imparts.

~~~
dredmorbius
Let me put this in other terms.

In the world you're talking of, the surveillance happened in person, within a
village, with approximately one book per million inhabitants[1], with a
typical travel and data transmission speed of roughly 3 mph, a peak of perhaps
three times that, exceedingly low literacy (~5% in villages, perhaps 25% in
towns[1]), and very low data transmission rates: verbal recitation. Though
perhaps with a fairly fast interactive natural-language query system (e.g.,
interrogation).

It was possible to escape that domain by travel, either temporarily or
permanently, as little as 10-20 miles might suffice.[2] As late as the 19th
century in the United States, it was possible for a well-connected and
politically connected man to lead a double life.[3]

As to the detail of the data, your question begs credulity in light of what
I've stated above. The rates of data accumulation today simply surpass all of
recorded history. Something like 90% of all recorded data come from within the
past decade. As of 2007, 94% of all information were in digital form.[4]

You assert, without proof or evidence, that there is no difference between
digital information stored across servers, and the disaggregated wetware
knowledge of your immediate associates. I pose as counterexamples Uber's
Greyball program, which in realtime tied multidimensional characteristics of a
user's Uber account, available hardware information, and social networking
profiles, amongst other signifiers, to determine who was or wasn't a possible
government employee, and to literally change their perception of reality as a
consequence.[5] Thirty years ago, your magazine subscriptions might have been
shared amongst marketing organisations, sixty years ago, state intelligence
services might have had access to them. Today, your Kindle reader tracks what
passages you've read within books, and every website, and its third-party
scripts and cookie shares, track precisely what you've read online.[6][7]

That is straight up the definition of "Orwellian"[8]

 _Size, scale, and rate, matter._ As a noted expert in the field observed,
"quantity has a quality all its own".[9] Even gradual changes lead to phase
shifts past a transition point, some sudden, some not. A small group of
observers -- the few hundred of a mediaeval village -- is well within the
Dunbar's limits of our brains,[10] and is subject to direct observation to
boot. It has little capacity to keep a permanent record of its information, or
even, particularly, to correlate observations from different observers. It
cannot spread that information throughout all of humanity (some seven billion
three hundred million souls, presently), nor can it act from out of the blue
based on that information. It is a petty oppression, not a grand one.

Today's digital information attacks are difficult, often impossible, to
precisely attribute.[11] Those who build information systems do no, will not,
and ultimately in all likelihood _can not_ protect them from attacks or
subversion.[12] Data is described, by seasoned experts in the field, as a
toxic asset.[13] It persists, can be used for fraud, blackmail, character
assassination, to micromanage individuals lives (a supreme denial of liberty),
and more.

Your arguments, or should I say assertions, are supremely unconvincing.

________________________________

Notes:

1\. Buringh, Eltjo; van Zanden, Jan Luiten: "Charting the “Rise of the West”:
Manuscripts and Printed Books in Europe, A Long-Term Perspective from the
Sixth through Eighteenth Centuries", The Journal of Economic History, Vol. 69,
No. 2 (2009)

2\. Though, yes, there were strong limitations on such travel, see the
Vagrancy and Poor laws of England, as examples, which applied to labourers.
Nonetheless, a skilled craftsman, scribe, or professional could and many did,
travel throughout Europe, particularly when the political heat got too great
at home.

3\. Geologist Clarence King, whose professional colleagues had no knowledge of
his marriage, and his black wife, who thought he was a Pullman Porter, comes
to mind.

4\.
[https://www.sciencedaily.com/releases/2011/02/110210141219.h...](https://www.sciencedaily.com/releases/2011/02/110210141219.htm)

5\. [https://www.nytimes.com/2017/03/03/technology/uber-
greyball-...](https://www.nytimes.com/2017/03/03/technology/uber-greyball-
program-evade-authorities.html?_r=0)

6\. [http://www.ibtimes.com/psst-your-amazon-kindle-spying-
you-92...](http://www.ibtimes.com/psst-your-amazon-kindle-spying-you-925439)

7\. [https://www.eff.org/deeplinks/2009/09/online-trackers-and-
so...](https://www.eff.org/deeplinks/2009/09/online-trackers-and-social-
networks)

8\.
[https://www.worldcat.org/title/1984-a-novel/oclc/905951412&r...](https://www.worldcat.org/title/1984-a-novel/oclc/905951412&referer=the_white_fbi_van_outside)

9\. Though he covered his tracks well:
[https://en.m.wikiquote.org/wiki/Talk:Joseph_Stalin](https://en.m.wikiquote.org/wiki/Talk:Joseph_Stalin)

10\.
[https://en.m.wikipedia.org/wiki/Dunbar%27s_number](https://en.m.wikipedia.org/wiki/Dunbar%27s_number)

11\.
[https://www.schneier.com/essays/archives/2017/01/why_proving...](https://www.schneier.com/essays/archives/2017/01/why_proving_the_sour.html)

12\.
[https://www.schneier.com/essays/archives/2017/03/botnets_of_...](https://www.schneier.com/essays/archives/2017/03/botnets_of_things.html)

13\.
[https://www.schneier.com/essays/archives/2016/03/data_is_a_t...](https://www.schneier.com/essays/archives/2016/03/data_is_a_toxic_asse.html)

~~~
kbenson
> It was possible to escape that domain by travel, either temporarily or
> permanently, as little as 10-20 miles might suffice.[2] As late as the 19th
> century in the United States, it was possible for a well-connected and
> politically connected man to lead a double life.[3]

Yes, but I would argue if you go farther back, to the era I'm talking about,
there would rarely be any other group close enough to make this feasible. When
it takes days to reach the next group of people, if you even know where they
are, it's a bit harder to pull this off. At the same time, if you're traveling
back and forth between locations commonly, I imagine others would too, and
information would eventually get out.

I'm referring to pre-history, you keep bring up examples form a few hundred
years ago. I would argue there' a fundamental difference in how societies
functioned in pre-history, where we have tribal groups, and the historical
record, which is largely after people have started congregating into larger
societies. You are bounding your examples with "as late as the 19th century",
when really that's the wrong end of the temporal spectrum to be talking about.
That statement implies that it was always possible prior to that. Do you
believe that it makes sense in the context I'm referring to?

> You assert, without proof or evidence, that there is no difference between
> digital information stored across servers, and the disaggregated wetware
> knowledge of your immediate associates. I pose as counterexamples Uber's
> Greyball program, which in realtime tied multidimensional characteristics of
> a user's Uber account, available hardware information, and social networking
> profiles, amongst other signifiers, to determine who was or wasn't a
> possible government employee, and to literally change their perception of
> reality as a consequence.

As opposed to me using my information about my coworkers habits, statements,
attire, friends and living situation to determine whether they are Democrats
or Republicans, or dog people or cat people? If they asked me a question I
could _misrepresent_ reality based on assumptions about them just as well.
(also, let's not go overboard by stating they changed perceptions. I'm sure
they ended up doing that in some cases, but they _misrepresented reality_ ,
and only through the specific aspects of reality you asked them about).

> Thirty years ago, your magazine subscriptions might have been shared amongst
> marketing organisations, sixty years ago, state intelligence services might
> have had access to them.

And 5000 years ago, everyone you had contact with already knew that
information.

> Today, your Kindle reader tracks what passages you've read within books, and
> every website, and its third-party scripts and cookie shares, track
> precisely what you've read online.

Sure, if you opt in to using a device that gathers all that information. If I
decided to broadcast what passages and pages I found interesting to those
around me while reading a paperback, they would know a lot about what I found
interesting as well. I'm not sure any equivalent action in ancient history
where the nature of collecting or utilizing some resource isn't fairly obvious
to those around you (unless you choose to hide it, which you can also do
today).

> Size, scale, and rate, matter.

Yes, but in this case they are all relative. I content they were for the most
part absolute in ancient history for intents and purposes, and they are
becoming absolute again.

As a thought experiment, let's assume we're 50 years in the future, and
information awareness is absolute. Humans have started colonizing Mars, and
there is thus a communication delay between 22 seconds and 3 minutes depending
planetary location. Transmission channels will be _somewhat_ limited. Will
each know everything about a person on Mars? Will Mars know everything about a
person on Earth? Now assume some sort of colony or station in the Alpha
Centauri system, with a 4.3 light year delay. How much knowledge will be
shared about individuals across what communication channels exist? I think
this is in some small way emulating the separation we had in our early
history, and in your local area, there will be full information gathering, but
that information will not necessarily be shared remotely, as the value is too
low compared to the cost.

There's what's known about you, and then there's who knows it. I simple think
that in the ancient past what was known was close to everything (but there was
less to know), and who knew it was everyone you knew about (for the most
part). I think that's becoming true again. Scale and size do matter, I just
think in both cases it's everyone and anything (for values of those that make
sense).

~~~
dredmorbius
Today's world can focus the energies of vastly more respurces, and people,
than any one village or tribe. And no, fundamentally, _scale is not relative_.
That's what scalee effects _mean._

A member of Daesh, or the Russian dissident press, or Free Tibet activists,
can find the resources of a nation-state or global alliance turned against
the, without warning. Enemy counts are far greater. Attacks are at little or
no risk.

Again: "Today the observer can be anywhere on Earth, and the data are vastly
more detailed. Impunity of the observer is far greater."

I don't believe we're going to reach agreement, and we're both repeating our
earlier points, which is my stop rule.

~~~
kbenson
> I don't believe we're going to reach agreement, and we're both repeating our
> earlier points, which is my stop rule.

Fair enough, and I agree. So you don't go away empty handed, I'll note that
some of your counter examples have merit and are illustrative of a _valid_
counterargument, I just don't think they go var enough to explain away my
point of view.

Also, thanks for the conversation. I've expressed this concept a few times
before, but I believe this is the first substantive conversation it has
generated, and it was useful in exploring it in more detail. I only wish I had
more time to devote towards making my responses more coherent and substantive,
but I've been pressed for time lately. (Which is not to imply that the only
reason you weren't convinced is because I didn't try hard enough. I'm fully
willing to concede I may be wrong.)

------
wired_devil
Pretty cool names for the tools... Is this really real or a honeypot?

------
therealmarv
So will this zero days be reported to Google,Apple,Microsoft & Co.? Or is this
more a "FYI document"? It seems you can be on the safer side if you use a more
exotic phone OS which is not widely used or a more dumb feature phone.

~~~
strictnein
Security through obscurity isn't a thing

~~~
therealmarv
It's not security through obscurity (which I agree is bad). It's more like
"more security" through "less market share".

------
samstave
CIA: "Hey! lets see how the whole world responds to this ' __ _leak_ __' while
we know we are 10+ years ahead of them... lets figure out how they all
responds, the fucking idiots....

------
frogpelt
Those who live by the sword will die by the sword.

------
Sinbe
Is it legal to access the docs on wikileaks? is it legal to post a link here
to those docs?

------
no_wizard
I feel like this might get lost in the shuffle, so I'm posting it
independently.

I'm not shocked at any of this. The writing has been on the wall as early as
2001 that the NSA and CIA has been gearing up and building these exploits out.
Here is a nice PBS documentary on the subject of FISA & NSA surveillance, and
of course the CIA is no lone wolf, these agencies were given carte blanche by
previous administrations to work together. While I believe they are different
in aspects of what they do, from this perspective, I think its fair to say
that likely if the CIA has it, the NSA has it, and if the NSA has it, the CIA
most likely has it or can get it.

To illustrate a nice timely, take a look at this gem from 2001

[https://ca.pbslearningmedia.org/resource/fl32-soc-
ussfisa/un...](https://ca.pbslearningmedia.org/resource/fl32-soc-
ussfisa/united-states-of-secrets-warrantless-wiretapping/)

Around the same time, we even had this pop up: its a run down as to why the
NSA needs to have this 'legal authority' to act with impunity for 'American
interests'

[http://nsarchive.gwu.edu/NSAEBB/NSAEBB178/surv34.pdf](http://nsarchive.gwu.edu/NSAEBB/NSAEBB178/surv34.pdf)

and of course, we have the NPR story that breaks it all down over the NSA
wiretapping debate:

[http://www.npr.org/news/specials/nsawiretap/legality.html](http://www.npr.org/news/specials/nsawiretap/legality.html)

Take special note here: hardly any at length commentary at all so far and the
news is pretty sparse. Largely, it seems people were not paying attention, yet
right here its clear as day that the NSA was gearing up to expand and use its
surveillance capabilities.

Of course, around all this, it is clear the NSA and the CIA would be sharing
exploits like these, it is likely these were all used in joint context with
each other:

[https://www.cia.gov/library/readingroom/docs/DOC_0006184107....](https://www.cia.gov/library/readingroom/docs/DOC_0006184107.pdf)

and of course, the ACLU has a relevant statement on this as well, i think its
quite a good summary of the feelings at the time:

[https://www.aclu.org/other/how-anti-terrorism-bill-puts-
cia-...](https://www.aclu.org/other/how-anti-terrorism-bill-puts-cia-back-
business-spying-americans)

Then, we have these here, around 2004-2006:

The first real report coming out is from the ACLU, reporting about the NSAs
massive build up since 9/11 and how its creating a lot of questionable actions
to be undertaken by the agency, in which they allege, at the time, among other
things, that the NSA is spying on US citizens:

[https://www.aclu.org/files/FilesPDFs/surveillance_report.pdf](https://www.aclu.org/files/FilesPDFs/surveillance_report.pdf)

My favorite quote:

 __ _National Security Letters. These obscure devices, which can be written by
FBI officials in field offices without the approval of a judge, give the
government broad power to demand records. Once upon a time this sweeping power
could only be used to get information about “agents of a foreign power” from
banks, credit agencies and Internet service providers. But the Patriot Act
changed the law to allow their use against anyone, including persons not
suspected of a crime. The bill quietly signed into law by President Bush in
December 2003_ __

but wait, there is more!

Around the same time, the GAO had noted that there was an increasing amount of
trouble coming from cyber security experts about cybersecurity infrastructure
in the states. How easy they were to exploit, their threat to infrastructure,
and how it could affect people. How is this related? This same type of report
details alot of the exploits that the NSA has used, such as stuxnet, which
come to light many years later:

[http://www.gao.gov/new.items/d04321.pdf](http://www.gao.gov/new.items/d04321.pdf)

and less us not forget, the NSA tried to sway attention away from itself by
releasing this tidy memo, which got leaked, in and around 2004:

[https://epic.org/privacy/nsa/foia/EPIC-NSA-USSID-18-and-
Dome...](https://epic.org/privacy/nsa/foia/EPIC-NSA-USSID-18-and-Domestic-
Procedures.pdf)

In which they promise to quote 'no longer use their spying apparatus on US
citizens knowingly'(i'm paraphrasing)

and of course,

We have this report from 2006 from the Indiana Law Journal detailing all of
the potential pitfalls and abuses of the FISA courts. In essence, to sum it
all up, it states:

 __ _Accordingly, to extend the “special needs” doctrine to the NSA program,
which authorizes unlimited warrantless wiretapping of the most private of
conversations without statutory authority, judicial review, or probable cause,
would be to render that doctrine unrecognizable. The DOJ’s efforts to fit the
square peg of NSA surveillance into the round hole of the “special needs”
doctrine only underscores the grave constitutional concerns that this program
raises_ __

oh and i didn 't forget: we got concrete evidence of state sponsored Russian
hacking against US systems since as early as 2008:

[http://nsarchive.gwu.edu/NSAEBB/NSAEBB424/docs/Cyber-027.pdf](http://nsarchive.gwu.edu/NSAEBB/NSAEBB424/docs/Cyber-027.pdf)

relevant quote:

 __ _The head of the Russian Army Centre for Military Forecast, Colonel
Anatoly Tsyganok, made comments to the Russian news outlet, Gazeta, about the
cyber attacks on Estonia. He believes that there was nothing wrong with the
attacks because there are no international agreements established. Colonel
Tsyganok also believes that NATO couldn’t do anything to stop the attacks and
that they were highly successful. The most telling example of Russian
government involvement in cyber warfare was with Herman Simm selling IT
secrets to the Russian Foreign Intelligence Service that was discussed in
Section VIII of this monograph. This case showed that the government of the
Russian Federation is actively seeking information on cyber defenses and is
willing to pay large sums of money (Mr.Simm is accused of selling cyber
security secrets for millions of dollars) to receive information on cyber
security._ __

I feel like the tech public that should be doing the diligence on this has
been asleep at the wheel. On the recent stories from NSA surveillance, the CIA
leak we are reading here, or other government programs. Its not crackpot. Its
not a conspiracy. The evidence has been out there in our faces for years. I
feel like we fell asleep at the wheel as a tech community to stand up to this.

------
aRationalMoose
just saw half of these comments on /r/hacking. literally word for word.

------
thraway2016
EDIT: This post is no longer relevant.

Meta: 351 points in < 2 hours and it's bouncing between #10 and #16.

Conclusion: HN is flagging this fairly aggressively.

Question: Why? This is not overtly political, and it is definitely in the
interest of the community, with the potential to be at least half as
interesting as the Snowden documents or the hack of Hacking Team.

~~~
publicfig
There are multiple articles for this topic on the front page. This is
currently the top post but I think they're having issues merging in other
discussions into this one. I keep seeing this flash in the top spot then see
it redirect incorrectly/disappear temporarily.

~~~
thraway2016
Thanks for this. It has suddenly shot up to position #1, possibly due to
resolution of reasons you cite.

------
Florin_Andrei
> _the omission of emails pertaining to russia creates a narrative._

Maybe Assange dislikes the taste of polonium in his tea, or something.

~~~
Bogdanovich
He hiding from the United States in Ecuadorian Embassy for many years. No
surprise he is biased against US. Unites States pretends to be the country
that does 'good' things, and blames all other countries that do 'bad' things.
That's why Snowden is so painful, and Assange is so painful.

~~~
giaour
Assange is hiding from the government of the United Kingdom, which has agreed
to extradite him to Sweden, where he faces trial for rape.

~~~
hollander
This is an excellent example of telling the facts while distracting from the
truth. He's afraid that he will be extradited to the US after being extradited
to Sweden. The rape accusations are thought to be just a trick to get him to
Sweden. If he had the guarantee that he would not be extradited he would go to
Sweden immediately.

~~~
vacri
I used to support Assange, but that fell away when finally Sweden agreed to
interview him at the embassy as per his request... and he demanded that the
interview questions be submitted as a document... and _in Spanish_. A Swedish
prosecutor interrogating an anglo-Australian man residing in England _in
Spanish_? With preprepared questions only? That's clearly obstructing the
course of justice beyond the concern for his extradition.

~~~
belorn
All the reporters that wrote news article about the issue said that the
demands was from the _Ecuadorian Embassy_ , not from Assange. A Swedish
prosecutor interrogating on _Ecuadorian land_ has to follow what ever
requirement that the diplomats want and those requirements depend on relations
and politics. Recently there was a story on Swedish nation TV about a case
where the other nation dragged their feet by loosing documents, by demanding
them to be first faxed then signed then signed with the right colored inc,
then mailed by post, then signed again, and a half year later had past and
nothing had happened until an "agreement" was reached on a total different
political subject and everything suddenly started to move.

In the Assange case I recall even the prosecutor saying that the kind of
things was common when doing police work over borders, but that they hoped
that things would be done on time. From what I remembered, it was also mostly
on time.

~~~
vacri
Embassies are _not_ the land of the foreign country. Embassies are considered
sacrosanct from uninvited local LEOs, because if you violate their embassy,
you've created a precedent where anyone can violate yours.

~~~
belorn
While true, the technicality of the case means that Swedish prosecutors want
to interview a Australia person on UK land inside a Ecuadorian embassy.

But since Embassies are considered sacrosanct, it is the Ecuadorians that
exercised their right to dictate the rules of the interview rather than the
three other involved nations.

------
teekert
Well, traveling to the US I have had to fill out a green form stating that I'm
not a terrorist or a 40-45 Nazi. I guess they capture a lot of pathological
truth-telling terrorists/Nazis with this piece of paper

~~~
vidarh
That's form I-94W [1] for those who are curious. We also had to promise we'd
not been traficking drugs and were not planning on engaging in illegal or
immoral activities, and more.

I always wonder how many idiots have been denied entry because they were dumb
enough/drunk enough to think it'd be fun to tick the wrong box on that form.

I also love how under the Paperwork Reduction Act they have had to estimate
the burden of filling it out, but seemingly not consider whether or not is
serves any actual purpose to ask those questions in the first place.

[1]
[https://www.cbp.gov/sites/default/files/documents/%20I-94W%2...](https://www.cbp.gov/sites/default/files/documents/%20I-94W%20English%20%2811-11%29%20FINAL%20%28reference%20only%29.pdf)

~~~
alain94040
You misunderstand the point of the form. The point is that if later you are
suspected of one of those activities, you can be deported because you lied on
the form, even though it might be impossible to convict you for the activity
itself.

~~~
tannhauser23
This is absolutely correct. Plus, what they did may not be illegal per se, but
we might not want them in the country. For example, I'm not aware of any U.S.
law that specifically makes it illegal to have been Nazi concentration camp
guard. But we don't want people like that in the country and want to deport
them if they are ever found here. Hence the purpose of the immigration form.

~~~
mulmen
Unless they are really good rocket scientists...

~~~
DashRattlesnake
Nazi concentration camp guards weren't building rockets.

~~~
mulmen
_Maybe_ not guards but that's splitting hairs. Nazi party members with
rocketry experience were absolutely granted citizenship. Even von Braun
himself used slave labor to build rockets during the war.

------
u_wot_m8
>"As of October 2014 the CIA was also looking at infecting the vehicle control
systems used by modern cars and trucks. The purpose of such control is not
specified, but it would permit the CIA to engage in nearly undetectable
assassinations."

Reminds me of the reporter who was supposedly working on a massive
investigation and then died in a flaming car crash while skipping town. Forgot
his name

~~~
struct
Michael Hastings? [0]

[0]
[https://en.wikipedia.org/wiki/Michael_Hastings_(journalist)](https://en.wikipedia.org/wiki/Michael_Hastings_\(journalist\))

~~~
knowaveragejoe
While the above is certainly plausible(killing someone with a car), I highly
doubt this is the case here:

[https://www.metabunk.org/debunked-michael-hastings-crash-
car...](https://www.metabunk.org/debunked-michael-hastings-crash-cars-just-
dont-blow-up-kim-dvorak.t2148/#post-62380)

~~~
digler999
While I don't think the CIA is above killing a US citizen on US soil (you
know, for "security" or something), I don't think they need to hack a vehicle
to do it, nor would they want to draw the unnecessary speculation and
attention. I would expect antics like that to be reserved for high-ranking
foreign officials or other hard-to-reach people. If there's one thing that
agency should be expected to excel in, it's untraceable targeted killings.

~~~
fnordfnordfnord
> I don't think they need to hack a vehicle to do it,

The CIA has multiple ways to cause a death. No doubt about that. They don't
"need" to use any particular method, but if they want to kill someone, that
have to choose at least one method.

>nor would they want to draw the unnecessary speculation and attention.

What unnecessary speculation and attention? Is LAPD going to bust out their
JTAG debuggers, and compare the collection of firmwares in Hastings' car to a
clean sample? Practically nobody believes that the CIA/US gov't killed
Hastings by hacking his car. Given the propensity for most Americans to never
even consider a thing once its been labeled as a conspiracy theory, I'd say
that gives about as good a cover as the CIA (or whomever) would ever need. We
already have people hypothesizing this as the manner of Hastings' death; but
do we see any apparent effort to dispute/disprove it? No, simply chuckle and
call it a conspiracy theory. It will go away on its own without regard to
whether it was in fact a conspiracy.

>I would expect antics like that to be reserved for high-ranking foreign
officials or other hard-to-reach people.

The spies have to perfect their craft somehow. Where is it written that a
method of assassination must vary by the apparent importance of the proposed
victim?

~~~
digler999
why would they resort to elaborate techniques to do so when they could have
someone walk up and pick him off with a gun or poison or just have him
"disappeared"? You're saying instead they chose a method that requires a
sophisticated firmwmare hack that may not even work (just gunning the engine
is no guarantee it will kill the man), installing it, and then finding an
appropriate time and place to deploy it (while also putting other bystanders
at risk). To me it seems quite a stretch. I would prefer Occam's razor on
this. I think a more likely scenario is he was being surveilled (and possibly
even intimidated) by feds, which led to his anxiety and paranoia (which has
been established). Then he got spooked that night, thinking someone was
following him (and he may have been right), and flipped out and overreacted.
It's also possible his accelerator stuck and he didn't react correctly/in
time. Look at my comment below: I'm not saying feds wouldn't kill a US
citizen, I just dont think they chose to hack the firmware in this case.

As an aside, I"m not familiar with his car but I find it hard to believe that
neither the ebreak, main break, ignition, nor transmission lever (assuming it
was auto) could mitigate his situation. I think they would have to hack more
than just firmware, since there are mechanical linkages and/or hardware
interlocks on some of those components.

~~~
fnordfnordfnord
Read very closely. I'm not saying they did anything. I never said "they" did
anything; but rather just that I don't find any of your reasoning convincing,
for the reasons I mentioned. I do think it is a plausible attack.

>why would they resort to elaborate techniques

Spy agencies in general, and the CIA in particular are infamous for concocting
and using elaborate sometimes down right goofy techniques to assassinate
people, and also for periodically failing at the job. This isn't just
hyperbole, or me reading too much spy fiction, it's in the public record if
you care to look.

>I'm not saying feds wouldn't kill a US citizen, I just dont think they chose
to hack the firmware in this case.

I don't really think they did either, it's extremely unlikely. But I won't
rule it out because I haven't seen any convincing reason to do so.

>As an aside, I"m not familiar with his car but I find it hard to believe that
neither the ebreak, main break, ignition, nor transmission lever (assuming it
was auto) could mitigate his situation. I think they would have to hack more
than just firmware, since there are mechanical linkages and/or hardware
interlocks on some of those components.

If you care to look into it I think you'll find it to be plausible to take
control of the car's accelerator, and steer it with the brakes. In principle
it's possible with any car that has electronic ABS, and electronic fuel
injection and throttle. On some models, advanced features could simplify the
job quite a bit. That's not to say that a quick-thinking person couldn't
survive the attempt either, by applying the brake, or shifting the
transmission or something.

~~~
digler999
> Read very closely.

> If you care to look into it (x2)

comments like this really have no place on HN and don't strengthen your
position.

~~~
fnordfnordfnord
I think the CIA's "heart attack weapon" which was exposed to the Church
committee in 1975 qualifies well enough as an "elaborate technique". There's
also the myriad utterly ridiculous ways that the CIA attempted to assassinate
Fidel Castro, and the Bay of Pigs incident. None of these things are secrets
and I think any well informed US person is at least familiar with some of the
above. Any of the above ought to put to rest your apparent assertion that the
CIA has an aversion to elaborate or even dubious assassination schemes.
There's enough in the public record to suggest that the CIA might even prefer
wacky assassination schemes over the boring straightforward ones.

>comments like this really have no place on HN and don't strengthen your
position.

In your own post you admit that you know none of the relevant details (and
apparently can't be bothered to look) about some recent event A which was
covered widely in the press. But nevertheless, you can't believe that event A
could have occurred in some particular way because you think it implausible or
because you like a simpler or more familiar explanation. In fact, there is
nothing at all implausible about steering a four wheeled vehicle by applying
left or right brakes, and the correct spelling is brakes, not breaks FYI. Nor
is it implausible for an attacker to take control of a vehicle's accelerator
in a modern automobile. No, I am not going to prove that for you. If you think
that I or any other poster on HN is your paid technical or historical research
assistant / spoon-feeder, you are mistaken.

------
afandian
I am completely bemused that on the one hand the CIA is quite happy to
literally murder, rape and and torture left right and centre, overthrow
foreign governments, interfere with elections etc ... but is careful about
adhering to the finer points US Constitution.

~~~
huffmsa
That's why the CIA doesn't operate inside of the United States.

It is beholden to the laws of the United States and tasked with protecting and
upholding the Constitution.

But there are no stipulations against doing bad things in non-US lands.

~~~
1001101
> That's why the CIA doesn't operate inside of the United States.

False [1] [2] [3] [4] [5] [6]

[1]
[https://en.wikipedia.org/wiki/Project_ARTICHOKE](https://en.wikipedia.org/wiki/Project_ARTICHOKE)
[2]
[https://en.wikipedia.org/wiki/Crusade_for_Freedom](https://en.wikipedia.org/wiki/Crusade_for_Freedom)
[3]
[https://en.wikipedia.org/wiki/Project_MKUltra](https://en.wikipedia.org/wiki/Project_MKUltra)
[4]
[https://en.wikipedia.org/wiki/Operation_Mockingbird](https://en.wikipedia.org/wiki/Operation_Mockingbird)
[5]
[https://en.wikipedia.org/wiki/Project_SHAMROCK](https://en.wikipedia.org/wiki/Project_SHAMROCK)
[6]
[https://en.wikipedia.org/wiki/HTLINGUAL](https://en.wikipedia.org/wiki/HTLINGUAL)

~~~
huffmsa
Why the CIA isn't supposed to operate inside the United States.

~~~
afandian
That's just it. Are they "supposed" to be out raping and murdering in foreign
countries?

------
pottersbasilisk
Unbelievable the depth and scope. Absolutely frightening that most of these
tools are out in the wild.

------
jankedeen
Poisoning or making disclosure questionable the public medium of communication
has long been the control mechanism of autocracy.

We have known for a long time that some governments and vested interests have
no interest in critical discourse regarding their basic mythologies of
substance and staple.

That is: if we all stood up today and said we don't believe in your economy
and the dollar and democracy and evil and good they would have to kill the
people who don't believe the fiction(s) or make another set of fiction(s)
palatable.

This effort is not unbelievable but maybe the details are unreal.

------
SomeStupidPoint
I... Uh... I'm disturbed by lots of things the CIA does, and I'm sure there's
_something_ incriminating in here.

But isn't it a little weird we're suddenly talking about the CIA's capability
instead of the investigation in to the administration's Russian connections?
You know, the one that seems to have every high level official with illicit
contact, including the AG lying about contact to Congress and a campaign
adviser making serious allegations just last week?

We definitely have to do something about the CIA and their shenanigans, but
this "leak" is mostly them doing their job effectively made out to be scary by
people with a known bias.

Maybe we can stop chasing random scary thing, and focus on the election that
had a major PSYOP by a foreign power that resulted in an administration with
unusual to illicit ties to that foreign power.

Im all for holding out intel community to account for their behavior, but now
isn't really the time for it. We have more major issues to deal with.

------
69mlgsniperdad
Maybe someone can clear this one up. So from the Snowden leaks, we know the
extent of the NSA toolkits and the requirements which need to be met to
utilize them. Now we know what the CIA has to work with, which requires the
same authorizations, however apparently they encounter less
oversight/obstructions(irrelevant), and after Apple refused to unlock the San
Bernardino Shooter's iPhone, we found out the FBI was playing some sort of
politics, by claiming that justice might not be served without Apple's
intervention, and proceeded to publicly shame the ethical position they took.
So why on earth was Obama trying to force Apple's hand in that matter? Soon as
Apple said no, the FBI somehow found the single magical person willing and
able to defeat the privately enhanced security of the 5s the shooter carried?
Makes no sense to me.

------
kahrkunne
I'd just like to point out that the CIA has gone so far as to have a meme
warfare department. CIA agents posting on HN is well within the realms of
possibility.

Don't take everything you read here at face value

------
Frogolocalypse
The solution is for the US to ensure vulnerabilities are identified and
patched.

------
jjawssd
If I was CIA and I wanted to waste time by arguing and distracting forum
readers, what would I be posting in this thread?

~~~
anigbrowl
If I were the CIA I'd be quite pleased for people to know how clever and
powerful I am so they don't mess with me. Human assets are rare and precious,
but I have no problem flinging a few technological ducats in the general
direction of the peasants.

This may or may not be an accurate read of events, but in my view many major
'leaks' of recent years are backdoor propaganda; the State Department Cable
archive was embarrassing only if you consider it as a leak, but a really great
way to express our government's outlook on a wide variety of topics that would
result in conflict if done through formal channels. One can't really know what
teh motivations of the people revealing teh information is, and one can
imagine many benefits as well as headaches from its release, so it's best not
to get too invested in any one one model.

------
palavsen
This is insane!

------
jowiar
Quit with the fucking conspiracy theories. Seriously -- can we get a fucking
mod in here to get rid of this shit.

~~~
alasdair_
What conspiracy theory? Assange, the person most likely to actually know what
happened, has stated that the source for the Podesta emails was a disgruntled
"washington insider"

In addition, former British ambassador Craig Murray (a man with a solid
reputation and little reason to lie) claims to have personally met the source
and insists that the source is definitely a political insider without ties to
Russia.

[https://www.craigmurray.org.uk/archives/2016/12/cias-
absence...](https://www.craigmurray.org.uk/archives/2016/12/cias-absence-
conviction/)

~~~
WillyOnWheels
I thought the Podesta emails (at least the ones in the Wikileaks archive that
Wikileaks keep tweeting urls to searches of) were from someone sending Podesta
a fake gmail password reset email?

I don't think a disgruntled washington insider did that! I could be confused
and there's another set of emails that you're referring to. It's impossible to
keep up on everything lately.

~~~
mschuster91
> I don't think a disgruntled washington insider did that!

Quite the contrary: If I definitely know that my target is too incompetent to
check what he clicks on, or that he forgets his password every week, it's
waaay easier for me to achieve my goal.

~~~
WillyOnWheels
Creating a plausible site that looks like a Google password reset workflow may
be a few minutes work for hackernews reading front end wizards, but it's not
really the domain of disgruntled washington bureaucrats.

~~~
Nadya
Disgruntled Washington bureaucrats have money. Money can buy you black hat
devs. A few minutes work for a chance at $[x-xx],000? Done and done. Payment
upon successful phish.

There are plenty of people that value money over morals.

~~~
WillyOnWheels
I think it's still easier to blame a group run by a well funded nation state.

~~~
Sunset
It certainly would be more politically expedient.

------
logicallee
I never read wikileaks but I did glance at a couple of things here -
[https://wikileaks.org/ciav7p1/cms/page_14587109.html](https://wikileaks.org/ciav7p1/cms/page_14587109.html)

which are "do's and don't's" for malware writers. I like this:

S//NF) DO NOT perform operations that will cause the target computer to be
unresponsive to the user (e.g. CPU spikes, screen flashes, screen "freezing",
etc).

But the rationale is only:

(S//NF) Avoids unwanted attention from the user or system administrator to
tool's existence and behavior.

It should go farther. When a user's impact is affected, this is a firm and
definite step toward living in a police state.

I like the idea of a state where the director of the CIA can tell the
President "We do not have private files on anyone, nor anything not directly
related to imminent terror action and the like. We live in a free world, and
if we didn't have people abducting others for ransom, planning terrorist
activities, or the like, nobody country would need such capabilities.

Generally I am against a surveillance state and for one of these reasons I do
not read these documents.

I also like this part:

(S//NF) DO make all reasonable efforts to minimize binary file size for all
binaries that will be uploaded to a remote target (without the use of packers
or compression). Ideal binary file sizes should be under 150KB for a fully
featured tool.

To put this in perspective, if you were to load the front page of the wall
street journal right now, your browser would download something like 900 KB.

I think getting 100 kb slipped in here or there that makes sure I'm not
running a huge terrorist network is worse than the total inability for the
government to do this if someone _is_.

it shouldn't impact my experience and it should be denied.

It's problematic that some of this is extralegal, but I'd rather not know
about it than to have to have someone acknowledge its existence. Sorry.

if bitcoin assholes weren't ransoming people's pc's and life's work, or if
people weren't being abducted for ransom, or if people weren't radicalized in
a matter of weeks and then transmitted secret payments and chose to plough
into a group of people celebrating independent democracy (the French 14 July
thing with the truck), I might have a little more sympathy toward the idea
that there doesn't need to be anything except might makes right on the
Internet, letting users and terrorists do whatever they want and fend for
themselves.

-

Edit: the cleanup/uninstall section explicitly mentions in the rational, not
collecting private (unwanted) data. This might not be great but certainly
sounds like the kind of hidden machinery you would want, in the kind of world
we live in.

------
pinaceae
So what exactly is the goal of this leak beyond embarrassing and weakening the
US?

------
booleandilemma
[Deleted]

~~~
cloakandswagger
RTFA. They didn't release the tools.

------
MrNoad
Sontaran and weeping angel? Well somebody go get The Doctor.

------
lngnmn
Looks like a fake. Tons of publicly available crap in the files section and 3
pdfs with words SECRET and even TOP-SECRET in the names.

This could be a dump of any amateur team whatsoever with just these 3 files
added.

------
alva
VLC 2.1.5 compromised
[https://wikileaks.org/ciav7p1/cms/page_15729066.html](https://wikileaks.org/ciav7p1/cms/page_15729066.html)

edit: please see response below from remlov

edit: this post was premature, see below posts

~~~
teamhappy
2.2.0 was released in early 2015.

