Hacker News new | comments | show | ask | jobs | submit login
CIA malware and hacking tools (wikileaks.org)
2699 points by randomname2 138 days ago | hide | past | web | 1088 comments | favorite

In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of "Vault 7" — the CIA's weaponized malware (implants + zero days), Listening Posts (LP), and Command and Control (C2) systems — the agency has little legal recourse.

The CIA made these systems unclassified.

Why the CIA chose to make its cyberarsenal unclassified reveals how concepts developed for military use do not easily crossover to the 'battlefield' of cyber 'war'.

To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet. If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution. This means that cyber 'arms' manufactures and computer hackers can freely "pirate" these 'weapons' if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.

One of the more interesting passages. The arsenal must not be classified to protect those who deploy it from legal action. This cyberwarfare kit, which can just as easily be used to destroy the US as one of its enemies, is public domain software created and released at US taxpayer expense.

> Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently the CIA has secretly made most of its cyber spying/war code unclassified.

This is almost hilarious.

Not that being classified would make any difference: cyber-"weapons" have something in common with biological weapons in that they're prone to leaking and blowing upwind, but also once used it's possible for the enemy to vaccinate against them.

Obviously there's a difference between cyber and conventional weapons, but imagine if the same rationale were extended to physical munitions: "We can't drop this bomb on the enemy, it contains classified technology"

While the weapon too secret to use sounds very Dr Strangelove, there have been slightly similar things with real weapons. The one I remember is when radar-triggered proximity shells were invented at the end of WW2 they were only issued for use on ships, so that undetonated shells would fall into the sea, so couldn't be recovered and investigated by the enemy.

Another case, also WWII:

"[U]naware of the opposing air force's knowledge of the chaff concept, planners felt that using it was even more dangerous than not, since, as soon as it was used, the enemy could easily duplicate it and use it against them... for over a year the curious situation arose where both sides of the conflict knew how to use chaff to jam the other side's radar, but refrained from doing so fearing that if they did so the other side would 'learn the trick' and use it against themselves."


Which makes perfect sense. Any weapon leaves some trace (even if only new theory as to what is possible), so its use against a party that does not have that technology but is capable of understanding the technology at some level will always give information to the enemy.

Using a modern missile against an indigenous people will only impart that you are capable of that type of attach.

Using a modern missile against WWII Germany would likely quickly result in refinements to their V2 Rocket program, given enough remains to study.

Using a modern missile against Vietnam era USA would likely result in advancements in miniaturization and computation, given enough remains (even if they did not have the resources/facilities to capitalize on some aspects of those for years, I think it's likely it would advance the fields by a least a few years).

One of the biggest advantages the Allies had in WWII was that they had cracked the "uncrackable" Axis encryption. Even though they were able to decipher enemy messages, they often didn't act on that information because that would tip their hand. The strategic value of reading the enemies messages is enormous when the enemy doesn't know you can do it, and much less so, and possibly even negative when they do know.

this is like the second law of thermodynamics as applied to warfare...

It's also along the lines of Sun Tzu-esque deception.

I suppose the modern example are the constant probing of air defenses by the attacker (i.e. the US and its array of electronic warfare suites), and the game theoretic calculation by the defender on whether to turn on their radars or not...

You don't just have to worry about the people you are attacking. Their allies can also reverse-engineer the tech. Pakistan and China come to mind. Pakistan has given China a lot of tech that it's recovered.

True, but this is somewhat covered by considering everyone not us an enemy of some degree or another, which is natural in game theory.

Well you mentioned the Native Americans, they had allies here too. Each major tribe was allied with a major power. So if you used it against them, even in that case someone could get a hold of that tech and it could come to bite you in the ass later. Interesting example is the fact that Native Americans in the US were very soon all very well armed by their allies in terms of guns and ammo, and they used the armaments given to them by their allies to attack each other. Life in general is more than capable of cooperating when it is not competing even with beings that have little to do with each other. This in the end is called the Red Queen's race https://en.wikipedia.org/wiki/Red_Queen's_race https://en.wikipedia.org/wiki/Red_Queen_hypothesis.

Wow! I heard that when the UK began using radar to down enemy planes at night during WWII, the gov't claimed the pilots had been "eating a lot of carrots."

Yep, there's still a common belief in the UK that eating carrots gives you good night-vision, entirely because of that cover story.

On that note here's an image of a badge from Detachment 4 of the 18th Intelligence squadron based out of Feltwell Norfolk. Note the Carrot: https://en.wikipedia.org/wiki/18th_Intelligence_Squadron#/me...

And elsewhere in the world

IIRC there was a claim that the shells with the proximity fuses were also used, likely by Patton's forces, in the Battle of the Bulge. Supposedly having the shells explode at a carefully determined distance above the ground made the shells especially effective against German ground troops.

IIRC the proximity fuses were developed at the Johns Hopkins University Applied Physics Laboratory (JHU/APL); that is the story I got when I worked there.

IIRC, the shells were also especially effective as anti-aircraft artillery.

> having the shells explode at a carefully determined distance above the ground made the shells especially effective against German ground troops

It does. WWII tanks' armor is mostly concentrated to the front and sides, because those tanks are designed to force enemy lines against ground-bursting shells, field pieces, and other tanks, all of which fire mostly on low trajectories; what's on top is much thinner, because no one expects to need to withstand a lot of damage there. Bursting a shell above ground level throws a lot of fragments at that weak armor, where a ground burst mostly wastes them against armor designed to withstand direct hits from much more powerful weapons. For infantry, it's even worse; the whole point of a trench or a foxhole is to put a thick layer of earth between you and all the metal that's flying around at ground level. When an airburst can send fragments right down into the hole with you, that earth doesn't help one bit.

Fun fact: "daisy cutter" bombs work the same way. Up until Vietnam at least, their proximity fuse was on the end of a rod protruding a few feet from the nose of the bomb. Low-tech compared to a radar proximity fuse, but fearsomely effective; probably the only reason you wouldn't find it on a shell is that, unlike an air-dropped bomb, a shell has to withstand the force of being fired from a gun, and I doubt any such expedient could. (That's also why bombs tend to be so much more effective than shells, even when no more accurate. When the strongest force involved is 1g, you can spend a lot less mass on structure, and a lot more on explosive.)

The Swedish military has a lovely man portable anti-tank weapon built on this principle.

The sight is arranged so that if you aim at the tank, the weapon is actually aiming above it. Then the round will detonate as it pass over the target, sending a molten metal shaped charge right down.

The Germans in WWII could have brought the British to their knees with magnetic mines alone, but one German aircrew dropped their mine intact on mud flats instead of into the water, allowing the British to recover the mine intact and develop countermeasures.

This in fact has happened in real life : e.g. in WWII proximity fuse antiaircraft shells were not used in the European theater for fear unexploded examples would be reverse engineered by the enemy. They were used in the Pacific where it was reasoned they would fall into the ocean where they would be unlikely to reach enemy hands.

This is certainly a big headache not just for munitions but lots of military equipment. A famous recent example was the Navy Seals blowing up one of their (experimental) Stealth Black Hawks when it was damaged while landing during the Bin Laden raid.


scuttle; (verb):

sink (one's own ship) deliberately by holing it or opening its seacocks to let water in

Scuttling isn't just for the sake of classified technology (which usually has been separately rigged to be easily destroyed without destroying its carrier.)

The more important role of scuttling—at least during wartime—is to prevent the ship you just abandoned getting hauled into the enemy's shipyard as a "prize" and restored to service with its guns pointed back toward you.

This is also more toward what is meant by Naval captains "going down with the ship" during battle: they stick around to act as a guard (and proximity fuse) for the scuttling charges, so that whoever just disabled the vessel can't just hop on-board and drive her home. (And, just maybe, catch a large enemy marine contingent in a grand old explosion if they try.)

After WWI the German fleet was scuttled (by the Germans) in Scapa Flow to prevent the Allies from using them. Notable quote from British Admiral Wemyss:

> I look upon the sinking of the German fleet as a real blessing. It disposes, once and for all, the thorny question of the redistribution of these ships.

Also of note - in WWI ships had been deliberately scuttled ('the Blockships') to secure the smaller entry ways into Scapa Flow, by WWII these (and the anti-submarine netting in the larger channels) were shown to be inadequate when U-47 sunk the HMS Royal Oak. This attack led to the building of the Churchill Barriers without which I doubt we would have anywhere near as strong a community as we currently have in the Orkney Isles.

Today the wrecks of both the German Fleet and the Blockships are excellent shallow dive sites in slightly chilly water. If you dive I strongly recommend going to Orkney.



I believe this also occurred during the recent raid in Yemen. Seems our secret helicopters are one time use only...

I don't think the difference is so obvious even that far in the future, or even right now. If you targeted an attack correctly, I'm pretty sure you could achieve a statistical range of casualties. Does it matter that you used data instead of bombs?

The US chemical weapons program is downright frightening. Unlike these exploits which you can just leave in an office and never use (and which con subsequently go stale as people find and patch exploits), chemical weapons were stored in massive US facilities and many of them have started leaking over the years:


> The US chemical weapons program is downright frightening.

Was: they committed to destroying those weapons, and have been doing so for 24 years. They were 89.75% complete in 2012. The video you linked was from 1973.


Just like they committed to revealing exploits to the tech industry instead of hoarding them?

> Just like they committed to revealing exploits to the tech industry instead of hoarding them?

I think you're letting your cynicism get in the way of truth and understanding.

The US has signed and ratified a treaty committing to destroy all chemical weapons and never produce them again [1], and it has built the infrastructure to do so [2] [3].

It's conspiracy-nut territory to think the US is simultaneously stockpiling chemical weapons in some super-secret program without good evidence for it.

[1] https://en.wikipedia.org/wiki/Chemical_Weapons_Convention

[2] https://www.youtube.com/watch?v=7u-ACe1CBfA

[3] https://www.youtube.com/watch?v=wftLydix0Nw

Mass surveillance was conspiracy nut territory.

Wide spread market fixing, libor, gold, silver was conspiracy nut territory.

The US engaging in blscksites and systematic torture was conspiracy nut territory.

But criticizing your pro Government apologia only results in comments being banned and removed -- perhaps just more conspiracy nut territory?

So where's your evidence that the US is secretly stockpiling chemical weapons? Note: a cynical claim that "they're all liars." is not evidence.

Or am I supposed to trust a stopped clock [the nuts] since it was shown to be right twice a day?

There's a bit of difference between mass surveillance and the infrastructure necessary for a viable chemical weapons program. Assuming a major nation state would even want to, considering their rather limited tactical value on the modern battlefield.

Anyhow, the Organization for the Prohibition of Chemical Weapons out of The Hague oversees compliance with the Chemical Weapons Convention. That includes verifying the destruction of stockpiles and weapons facilities as well as industry inspections that closely monitor precursors, as well as investigating cases of alleged production or usage. As of last October, 93% of declared stockpiles has been destroyed and independently verified by the OPCW. You don't have to take the US government's word for their numbers.

I am taking issue with this. This was not conspiracy wing nut theory. As far back as 2004 cybersecurity (for lack of a better term) experts were reporting repeatedly that governments (not just the USA) were exponentially using exploits, as were other unknown or non-govt actors, and other techniques for malicious reasons, from spying on citizens to hacking infrastructure. Here's just a nice litmus of that:




here is even a hertiage foundation report talking about sharing privacy keeping technologies with the government in the name of 'fighting terrorism'



and here is the ACLU sounding the alarm in August of 2004:


Ironically, its around the same time the NSA purported to have their own 'rules' in how they gather, which were obtained here:


and of course, not more than a few years later we have these reports:



It was never a wing nut conspiracy theory. Its just nobody was looking close enough to care.

It was the scale of this kind of thing that was considered conspiracy theory.

It's not even that. Reading through the ample material I have cited it's clear that the scale was well defined. The ACLU even cited it as one of their primary concerns and even in the PBS doc they mention that it's a atrial evolution and that was in 2001.

I'm not convinced in any way this couldn't be foreseen if people would've paid more attention

How can one not have a whole giant mountain of cynicism with all we've become aware of in the last few years? We could just as easily turn the tables and call you irresponsibly naive.

While I get where you're coming from with cynicism, any deployment of chemical weapons by a belligerent is almost certainly a war crime under several international accords, most notably the Geneva Protocol[0]. As someone upthread pointed out, their production is also the subject of several more. All the NSA/CIA disclosures we've seen thus far are not, themselves, war crimes. The international community, with some exceptions, came to the consensus that chemical weapons are not a good thing about a century ago, while offensive hacking is a much more recent development (obviously) and basically the wild west right now. Comparing chemical weapons to offensive hacking simply because they're both big government naughties is disingenuous, to say the least.

My bar of cynicism is a little higher when you're talking about the United States discretely stockpiling mustard gas versus taking down a smartphone, you know? (Maybe I, too, am irresponsibly naive.)

[0]: https://en.wikipedia.org/wiki/Geneva_Protocol

Ah, yes, war crimes. The US definitely fears those, and would absolutely never shoot on POWs, rape civilians, commit mass murder, drop chemical weapons on fighters and civilians indiscriminately, use multiple atomic bombs on civilians, torture, etc. (https://en.wikipedia.org/wiki/United_States_war_crimes)

They are so terribly afraid of committing war crimes they do not recognize the International Crime Court and are reading to invade any country trying an american soldier.

Surely the US would never do that!

All I said was my cynicism bar is a little higher for war crimes as opposed to hacking a phone, or capturing email. That's it. Not trying to argue or state any position or claim beyond that.

> It's conspiracy-nut territory

While I agree, it was also considered conspiracy-nut territory to have believed most of the stuff in this leak. Look at how the wider tech community treats people like McAffee and Stallman.

What's that Sincliar quote people like to throw around on here again? Oh yeah, "It is difficult to get a man to understand something, when his salary depends upon his not understanding it!"

> McAfee

Yeah, why won't people respect the opinions of a meth-cooking, bath-salt abusing, murderer who lived in Belize with underage 'girlfriends'?

A few things that were considered conspiracy nut territory have been revealed to be true over the last few years. It might be time to stop throwing that dismissive pejorative around when talking about (at the very least) our western governments.

More importantly, it's a bit stupid/outdated to stockpile dangerous stuff when you have the facilities to produce it if/when it is actually needed.

I think the idea of it was that if a war happened the facilities to create it would be bombed.

It sounds like you're just saying this without doing any kind of real comparison between the probably very different scenarios.

The official policy is to use the VEP. https://epic.org/privacy/cybersecurity/vep/

I did not watch you link, but many modern chemical weapons are binary compounds. Meaning the two compounds has to be mixed to get the final weapon. This makes leaking etc, not as big problem as leaking of actual chemical weapons...


Once things start leaking you're a very small step away from them mixing accidentally.

Unless containment has been set up in such a way that this is a geographical impossibility (for instance, on two sides of the Rocky mountains to stop accidental mixing in groundwater).

That is one of the saddest 30 minutes of video I have seen up to date.

>once used it's possible for the enemy to vaccinate against them.

So think long term...

Is this an innoculation game >10 years out????

Classified or not, works of the federal government are all in the public domain. And classification is not legally relevant to anyone except to those entrusted with protecting classified data.

This is often overlooked, but very correct.

"Classification" only pertains to how the material should be treated within the government.

Once its out, the only penalty can fall on the person who let it out into the wild.

A person with a clearance can get in trouble for knowingly accessing or spreading the data, even after it is already released in the wild. The data is still considered classified, even after the leak. So those who are entrusted with a clearance still have to fulfill their duties to protect it.

But, yes a random citizen has no responsibility or rules they most follow.

I would be careful also if you think you might need to get a clearance in the future. I was in college during the initial Wikileaks Manning dump and I remember getting a email from the DoD forwarded through the Physics department that viewing or sharing classified wikileaks info could prevent us from getting a clearance in the future even of we did not have a clearance at the time.

And that's when you laugh and cite https://www.law.cornell.edu/uscode/text/18/793 subsection (e) wherein you have never transmitted nor believed the documents in question to be harmful to the defense of the United States.

Especially in this case as these are all offensive tools.

The other commenter is right. The government can deny a clearance for more or less any reason they choose. With that being said I did laugh and read the news articles anyway. Never caused me any problems but who knows maybe this comment will.

Then they laugh and deny you clearance because they can.

Are you implying that offensive tools cannot be useful for defense? Really?

That's typical damage control though, not really legally binding; you'd have to prove that x or y viewed/shared said content. Proving/knowing this is either going to be nigh impossible or downright obvious, thereby placing you in the category of an activist (deemed "anti-state" or at least subversive) which would be the real reason to refuse clearance.

However, this is not the case for information that is defined as "Restricted Data" under the Atomic Energy Act - you can get life in prison for passing that on to someone.


That is the fun part, attacking with a virus is basically the same as releasing the code (modulo IDA pro). So a US government official can not use a classified virus, while everybody else can.

is this why we hear about "state-sponsored actors" and the distinction between them and the state itself?

> This means that cyber 'arms' manufactures and computer hackers can freely "pirate" these 'weapons' if they are obtained.

Does the author really think that if the tools were exposed then people who wanted to use these tools actually wouldn't simply because they were labelled "classified" somewhere?

The bigger issue I think is when the prosecution of the CIA leakers happens. If the material is unclassified, they're just distributing materials that are public domain and definitely in the interest of the public. If it's classified, it's a breach and they should be punished in some way.

From the article it says that the files were circulating in the wild, so if this was not leaked to Wikileaks then "the bad guys" would continue using this and the public would not know.

I think that's referring to people who want to sell them, like the people who supply cracking tools to questionable governments.

Lol like anyone in this field cares about copyrights. It is like suggesting that North Korea cannot build nuclear bombs because doing so would infringe US patents. Some things are above IP rules.

Think about it. Having the code copyrighted, would leave a paper trail.

Not really; copyright is mostly implicit. If US law made all code developed for the purposes of the CIA automatically copyrighted, the code would be copyrighted. Right now the law says it isn't, so it isn't.

Having code be copyrighted does not require any explicit registration.

Yes and no. The law says that works of federal government employees arent to be protected. But it is unclear whether this only applies within the US or whether the US governmemt can assert those copyrights against non-us entities. It's a constitutional question never clearly addressed. Also, these tools could easily be the work of contractors rather than government employees. The fed can own/purchase/assert copyrights in such works. We do not have enough facts to say they are surely public domain.

Perhaps what parent meant was that exclusive use of the code by agency would lead to easy post attack origin analysis, so by leaking the code in obfuscated form a few other people inevitably stumble on it and use it which generates a form of cover traffic for the original agents.

And "pirating" copyrighted code doesn't either, so they'd have no way of knowing anyway. Basically, anyone who would use this would likely wouldn't care if its classified or not and copyrighted or not.

This is TOTALLY wrong.... All code developed by US Governement is PUBLIC DOMAIN.

The correct part is a work does not have to be registered to have copyright protection. You are also correct that works created by the U.S. federal government do not have copyright protection, they're in the public domain. However, and I think the post you're responding implies this, copyright protected work may be licensed by the federal government without losing its copyright and I think in at least some circumstances works can by created by contract for the federal government and retain copyright protection.

I don't think I've followed the larger point, I don't see how copyright is relevant to the production or dissemination of malware.

Copyright is an intrinsic property of a work in every legislation I have ever heard of.

What's the mechanism for that?

Why do they make such monumentally short-sighted, clearly bad decisions? Is it weak technical leadership (weak political or just old fashioned weak)? What is the internal logic these people use to justify pure folly that's probably done more harm than good even to their own interests and goals? Baffling.

Nobody makes "decisions" like this in an organization with the level of complexity and bureaucracy that the CIA has. A lot of these decisions can be seen more as emergent behavior, subject to politics, short-term immediate incentives, and the pragmatic observation that any attempt to make significant changes (i.e. "change the laws around classification of documents") has such a high time horizon that it's better to bypass the law than try to fix it.

All of this makes more sense when I imagine smaller groups within the bureaucracy with narrow objectives and severe myopia trying to "solve" immediate problems to achieve short-term objectives. It makes my skin crawl to contemplate but the truth is that human beings do this sort of thing all the time.

I think you're right as if you look at behaviors as the result of a rational decision-making process, it seems the sort of "decision" only an insanely self-destructive person or organization would make

That passage is just dumb. Copyright would not stop hackers from using the tool once it is leaked.

I think what it's trying to convey is that there's absolutely no legal recourse in any capacity for the CIA at this point to try and do any sort of damage control.

I am bemused by the naivete that they would care about legal recourse and not just blackbag you and Gitmo2.0 your posteriors if they felt like it.

That's difficult when a large company like Google or Microsoft use the tools as part of their development process to make their software more secure. These are organizations with a very large megaphone if the CIA did that to their employees.

What exactly can Google or Microsoft do to a state actor like CIA that's decided their employees are fair game. Not much.

So then there would be no justifiable reason to reject a FOIA request for the source code.

I’m going to assume that the response would be that there are no such thing as Vault 7, a digital capability or even the CIA.

No, it will be the Glomar defense or nothing at all.

"classified" is not the only reason FOIA requests are denied.

I honestly think this makes sense, based on how government bureaucracy is. Obviously everything else about it, is classified.

> The CIA has primarily had to rely on obfuscation to protect its malware secrets.


Based on the overview alone (of course I can't read the entire report that fast!), this is exactly what I expect a spy agency would be doing -- if they were not then I would be disappointed.

What exactly in the admittedly shortened list am I supposed to be upset about? It makes no distinction between US citizens and overseas parties. If these actions are being done domestically against US citizens, with no just cause sure I will get upset, but that has yet to be seen.

As usual it seems Wikileaks publishes a sensationalist story around one of their leaks, claiming dozens of zero-day releases where most were already patched. Hell, they included the i0nic jailbreak as one of the 0-day exploits (https://wikileaks.org/ciav7p1/cms/page_13205587.html).

I'll let journalists parse through the full report before coming to any conclusion as of yet. I just find it hard to get excited about any Wikileaks release that has yet to be vetted.

> this is exactly what I expect a spy agency would be doing

From Wikileaks' overview:

"In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers. ... "Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals."

By not releasing this information to technology companies affected, they are increasing the risk of the same exploits being used against high profile US targets.

Not to nitpick, I absolutely agree that the NSA should be responsible for disclosing this type of information to help secure the USA and its infrastructure.

The CIA on the other hand has clear (though not always followed) directive to only act outside the US and to act against foreign nationals.

It's less clear to me that they should be required to disclose these. Another post makes the claim that the CIA may have lost these, that case seems clearer that they must disclose to protect US interests.

The problem is that there are very few IT systems that are purely foreign.

For example, if the CIA finds an exploit in a wireless router made in China and sold all over the world, that hole can also be found by others and used against targets in the United States.

Is being able to hack others worth letting ourselves get hacked?

> Is being able to hack others worth letting ourselves get hacked?

The answer to this for me is a clear no. What I was more questioning is given the CIA's role and job, I don't think it's necessarily their responsibility to do it. We're talking about a government agency who's purpose is to collect information about potential threats against the US, they have no reason to want to make that harder on themselves.

If you want to debate changing the role of the CIA, and if or if not it should exist, that's a different set of questions. But given what their job is, why would they want to turn that funnel of information off? It's not in their interest to do that.

I want everything to be hyper secure on the internet, but I also know that there are threats against the US (some created because of our actions) which the CIA is responsible for trying to keep an eye on.

A similar question: is it worth being hacked so that we can know that there is an imminent attack coming against some US interest?

EDIT: I know that the CIA is responsible for some really ugly things in the world, I'm not defending any of those actions. I'm speaking more of what their theoretical function is and what responsibilities they have in disclosing some of this information.

If you want to debate changing the role of the CIA, and if or if not it should exist, that's a different set of questions. But given what their job is, why would they want to turn that funnel of information off? It's not in their interest to do that.

However, the CIA is still a part of the US Government, and as such it still should have a responsibility to work towards outcomes that are best for the US overall. When this appears to be in conflict with their direct mission, in many cases the correct response should be to punt the decision upstairs.

You wouldn't expect the US Forestry Service to take decisions harmful to the overall country even if it made their direct mission easier, would you?

If while performing counter-intelligence the CIA discovers that a foreign government/company can/is exploiting computer systems within the US, should the CIA have a responsibility to do anything?

I don't believe the clear answer to that is Yes. I'm not sure if it is No either. Maybe they should share that intelligence with the NSA, but I can imagine if sharing that intelligence would compromise the the mission of the CIA then they wouldn't.

Again, I think there is a difference between the desired and realistic roles of an intelligence agency in disclosing exploits. Sure, I would hope they disclose them. But at the same time if they are actively using an exploit, I have pretty much no expectation of them disclosing it.

I think this has way more to do with our reference-point than anything else. My expectations were never quite as high!

In other words, you feel attempting to constrain the operations of intelligence agencies is equivalent of asking nicely, and that's the way is should be?

I mean the mentioned attempt was not as general as it was made out to be. Obama placed an exception for “a clear national security or law enforcement need”. Pretty much what my expectations were set at. Again I am reluctant to take anything that Wikileaks says as absolute truth, they love to spin.


> What exactly in the admittedly shortened list am I supposed to be upset about?

That, with taxpayer dollars, the government of the United States is undermining the security of consumer devices around the world.

Part of the difference between your worldview and the view of those of us who find this behavior childish and unacceptable is that you "expect a spy agency would be doing [this;] if they were not then [you] would be disappointed." Whereas for many of us, the legitimacy of the state is already on thin ice and is subject to descent below the x-axis as the internet comes to supplant it.

Listening to my neighbor through their TV set is just one thing I want the state to stop doing as our species moves into the internet age; other things I want it to stop include all the other things it does.

You don't actually say why they shouldn't be doing this, though. Everyone with this opinion seems to base it on moral grounds around privacy, but in practical terms, is this really harming citizens? So far there's zero evidence these things being used illegally domestically. IE: Without a warrant. There is some evidence that they've prevented some wrongdoing with it, though.

I get the theoretical moral argument. I just don't understand why it matters in practical terms.

If the government wants to blackmail me, or discriminate against me, or whatever, they're going to do it with or without these tools. To not build them is to willfully give up an important competitive edge on the global stage.

You haven't looked at the dodgy stuff the CIA has done over the years, included bringing down governments, funding coups, responsible for the deaths of millions.

Yeah, I guess I don't think those guys should have power like this.

It's also altogether reasonable to believe that they murdered a sitting US President only 5 decades ago.

No. It's not. I've seen multiple documentaries about this (Best Evidence, etc), and was totally convinced. But the stories don't really add up. And too many people would have to currently be complicit (decades later!) for this to be successful. People don't really hold together that long on something like this.

> People don't really hold together that long on something like this.

Dead people.

> So far there's zero evidence these things being used illegally domestically.

There is evidence that NSA employees or contractors have used domestic surveillance to spy on exes. There is evidence that Marines have shared clandestinely obtained nudie pics of female Marines. Why would the people working at the CIA be any different?

If you take a large human organization, and give them the tools to spy on their fellow citizens, it is likely that those tools will be misused by some people in that organization.

Is it possible that the people at the CIA are abusing their privileges, of course; however, there still needs to made a distinction between what is possible and what was presented in this document drop. Within the drop itself there was no evidence that it was used domestically (even more so systematically), in which case everything within it, is so far, not outside the scope of the CIA.

That is what I and I believe the parent is getting at. Regardless of our moral standings on if the CIA should be doing this, realistically the CIA can be doing it.

Considering the government is letting pedophiles walk[1] because they don't want to release their exploits, do you really think we would know if they were abusing their power?

[1]: https://news.ycombinator.com/item?id=13798924

Ok, so we didn't prevent the maximum amount of wrongdoing? No program is perfect. Those pedophiles would've been just as free had they not developed the programs in the first place.

You're comparing reality against a theoretical world where we can both prevent crimes and never need to develop the tools necessary to do so.

As to the second point, sure, we don't know. That's tangential to my point. Let's assume the government is abusing their power. What does that have to do with these tools? Nothing, besides it maybe makes it a little bit easier for them. But, like I said, they'd do it anyways with sufficient motivation.

I still optimistically believe that an important tenet of liberalism is that you put some trust in your government, but recently it seems for many liberals that trust only extends to cushy (not to say I don't want them) domestic programs like healthcare, equality programs, or whatever the program du jour is. I'm willing to trust that our intelligence agencies aren't some nightmare Orwellian monster hellbent on subjugating the populace. Abuse of power could happen just as easily through other agencies, it just doesn't sounds as scary as when you slap a three letter acronym on it.

> an important tenet of liberalism is that you put some trust in your government

When did this become a tenet of liberalism? I've read a lot of liberal philosophy, from Aristotle to John Stuart Mill, and much more often the opposite is espoused: that the burden of proof of all claims of state authority is on the government to make.

> I'm willing to trust that our intelligence agencies aren't some nightmare Orwellian monster hellbent on subjugating the populace.

This sounds to me like a very privileged, safe point of view. After what these people did to Thomas Drake (and many others like him), I think it's long past time to take away their toys and send them to their room.

> You don't actually say why they shouldn't be doing this, though.

It weakens the US position in the world, how many people are going to be thinking today "Hm, I have really sensitive information on my phone, the US can hack Iphones and Androids? Maybe I need a different phone."

There is a risk due to the US intel agencies having so much power over US technology that other countries will end up shying away from US tech.

It sounds like you believe that what you do on the internet is private and that everyone will just agree to leave it at that. Global diplomacy is a competition, and if you aren't doing everything you can, and keeping pace with technology, you will get left behind. It might not be pleasant, but I would rather, have my country gathering intelligence about me in this manner than other countries. Plus warfare has always been one of the biggest drivers of innovation, this war will and is stimulating innovation in cyber security.

your chart is defective, the y-axis is supposed to continue indefinitely in either direction

Oh goodness. Thank you. edited. :-)

> If these actions are being done domestically against US citizens, with no just cause sure I will get upset, but that has yet to be seen.

May I just ask, why does this distinction matter? Why do you believe the world should be divided into "people who were issued bits of paper by my overlords" and "people who weren't"?

I never understood this division in other people's heads. It leads to all sorts of philosophical problems, like for example people believing that war is ethical.

I believe that in my heart as well. However, we don't currently live in a world with a federated global government. The recent election in the US highlighted that people do divide the world into imaginary lines on maps and it had a slogan: AMERICA FIRST. It's not just the political class that sees these divisions, it's a majority of the citizens.

How would you spark a revolution in people's thinking?

One must make a strong justification for why treating the citizens of the world the same as an American is good for Americans.

If we treat the world like we treat our citizens, then perhaps this leads to greater prosperity, more shared understanding about the rights of man, rule of law, and how to resolve conflicts (see the lately faltering "No two countries with a McDonald's have ever gone to war with each other" rule).

Lately, this has been harder to justify as Americans have felt scared of foreign terrorism (not making a value judgment on that fear, but that the fear exists is real). Because of this the "evangelize to the world" feelings of the Cold War have given way to "protect us from the world - we need to get OURS."

Many (including me) would argue this is short sighted. Best way to combat the narrative is to talk about the impacts of retreat from the world, and of arms races, etc. Communicating nuance, history, etc is hard. :/

> Because of this the "evangelize to the world" feelings of the Cold War have given way to "protect us from the world - we need to get OURS."

But looking from the outside -- when has the US ever done anything but put America first?

They have killed hundreds of thousands, to over a million people over the last 30 years by putting their interests first, by default.

I have written about this in the past.

I believe I proposed something like a "no executive" world government, where you had international laws, defined by treaties, and a commitment by some treaty signatories to "arrest" any state actor which broke them. If this coalition of "world police" (which are, of course, armies) were powerful enough, I believe this could lead to less lawbreaking by governments (from the USA to Zimbabwe). Note, the commitment is not to start wars/invade, but specifically to arrest e.g. presidents or generals. You can't do this without an army, but the objective is considerably different from invading, neutralising any opposing forces, and securing a place.

Of course, persuading people something like this is a good idea, your actual question, is just about the hardest problem I've ever thought about solving. I still don't really know where to begin, but I'm interested in teaching people epistemology before other things, as a means to halt the "post truth" stuff (which has been going on for years, not only recently!)

By the way, if anyone wants to work on these idea with me - I'm calling the concept "World Peace, Inc" in my head - please get in touch with me (clues in profile). I'd love for this to be my job rather than the hobby I don't have time for.

You know that what you're doing here is creating a world-dominating monopoly on the use of force, and whomever ran that army would be the defacto leader of the world, right?

We're organized as nation-states in the first place so we can protect (generally) and pursue interests based on some sort of shared goal or value. For the United States, it's the constitution (ostensibly), for others it's different reasons. Federations of nation-states contributing to a global force might work without totally corrupting, but not a single "no-executive" force. Further, if everyone contributes forces then countries can opt-out and go their own way... for their own interests. (See the UN)

Coming to an understanding between 10 people on what pizza to order is hard. Coming to an understanding between 8 Billion on who should be able to arrest them is extremely difficult.

> whomever ran that army would be the defacto leader of the world

That is specifically why I don't permit an executive. This isn't one army, it's an alliance of armies. They were (in my original proposal, not in the comment above) controlled by a council of heads of government who had to take (arrest) suggestions from the chief prosecutor of the international court, but were forbidden to take other actions collectively.

In fact, I recall suggesting that such a group of allies would promise to use force only to defend direct attack on their own borders, and to execute arrests.

> We're organized as nation-states in the first place so we can protect (generally) and pursue interests based on some sort of shared goal or value.

I'm not sure I was ever offered a choice of whether or which nation to join, nor given any arguments for it. The reason(s) for their formation are certainly not rational - they are an emergent phenomenon!

> the UN

The UN is a diplomatic mission, which aims to give nations who come into conflict a neutral space in which to talk to one another like grown ups (or, often, not like grown ups.) It is a fundamentally different goal to an organisation which aims to use the traditional enforcement of rule of law to coerce those with political power to act within at least some behavioural boundaries.

> Coming to an understanding between 8 Billion on who should be able to arrest them is extremely difficult.

Actually, again, this hypothetical force only has arrest power over international crimes - specifically, crimes which are committed by people wielding state power. This includes members of governments, civil services, uncivil services (police, army), and so on, but most definitely not civilians.

(An interested edge case I considered was the idea of an impromptu Texan militia who attempted to invade Mexico. I can't remember whether I decided they had designated themselves a pseudo-state or not by doing it. The same reasoning about whether jurisdiction should apply also works for most terrorists, anyway.)

Thank you for the rebuttal. These are definitely potential alternatives but I think they all lead to the same place. When it comes down to stopping a determined belligerent, you have to beat them on whatever the battlefield happens to be.

The group of allies comments make sense, but that assumes a super-state group of allies with shared values are willing to band together to share those values (NATO is a prime example of this, but it's not ALL countries of the world, just those nations that felt the need to counter Soviet / Russian influence)

> controlled by a council of heads of government who had to take (arrest) suggestions from the chief prosecutor of the international court, but were forbidden to take other actions collectively.

In order to effectively "arrest" activities of other countries outside of your typical shame, embarrassment, sanctions or other incentives you need to be able to pull together a force that is more powerful than that country.

In the case of 1-4 party hegemony this isn't really plausible, and that's the current situation (in my opinion). At a minimum you'd get hegemonic blocs like (totally random because they're not opposed but they're known blocs) BRIC vs. NATO.

Once a single country (or cartel of countries) has enough of a deterrent or military force, then they can (effectively) do whatever they would like, including go against any collectively forbidden actions. I'm not saying this is what _will_ happen if countries happen to think participating in a global order is a good idea and are friendly, but that's not the historical precedent. I'm not sure how to counter that, short of the current blocs or potential other future arrangements.

> I'm not sure I was ever offered a choice of whether or which nation to join

The reasons for a number of nation-state formations are very much rational. That said, they are not necessarily permanent or as binding as people think. The idea of being "French" is pretty powerful. If you live in Alsace, maybe you waffle, but it's a unifying thing that has territory tied to it due to a long history. Different for more recent Western assignments of borders, surely and you see the results of that. Just because you're a citizen doesn't necessarily mean you're part of the nation, but my guess is that you probably come to identify somewhat with your country at some point?

The problem of how to assemble the coalition in the first place remains unsolved, indeed. You also need buy in from a major player in each bloc, as you suggest. I believe my original idea was for it to start small (but diverse), and grow over time with success.

My entire scheme is to strike down the convention that someone is only put on international trial after they have lost a war and been captured (I would like justice to be done without having a war first.) this may not be possible, but is surely worth a try.

Re: citizenship, I strongly believe that these feelings of belonging are learned, indeed are engineered in us in much the same way as a religion. My objection is that, observing the emergent behaviour of a system where everyone is under either of these spells, they lead to undesireable behaviours (aggression, proselytising, belief that evil acts are justified, sometimes even committing the evil acts willingly). Both of these systems were, hypothetically, supposed to make people behave better, not worse!

> Of course, persuading people something like this is a good idea, your actual question, is just about the hardest problem I've ever thought about solving.

It's borderline impossible. People are social animals. While they don't necessarily form hierarhical societies, they are easily swayed by someone who offers simple solutions to their complex problems and have a bias towards following others vs being their own individual sovereign.

> "World Peace, Inc"

Alright Tony Stark :) Are you recruiting Avengers and trying to successfully privatize world peace?

Sadly, I'm not a billionaire. And privatise is a strong word - I think governments do a crappy job of it and I'd like to try! (I have stood for election, but winning while being nice is hard. note: I haven't stopped trying.)

Do keep in mind that Trump received 63M votes out of a total population of 319M (~20%). Even if you consider the election a referendum on globalization (and there are many reasons besides nationalism that people may have voted for Trump, as well as reasons that an anti-globalist might have voted for Clinton), that's pretty far from a majority.

Similarly, Brexit received 17.4M votes out of a total UK population of 64M (~26%).

There are certainly a non-negligible number of people who believe in borders and nations and patriotism, and they can't and shouldn't be overlooked. But "majority" is stretching it.

As for how to spark a revolution in people's thinking: you make your case to the young & open-minded, explaining why it's a good idea, and then you wait for the old and stubborn to die off. Some people will never change their mind, and you can't force them to. Everyone dies eventually, though, and if something is actually a good idea then future generations will have a chance to remake the world in their image.

The right denominator is either eligible voters (241 million) or registered voters (146 million) not the overall population.

[1] - http://www.statisticbrain.com/voting-statistics/

The claim made based on the election results was about what it showed about the belief of the "majority of the citizens", so that's the right denominator, but if it matters Trump also didn't get a majority of eligible voters, or a majority of registered voters, or a majority of actual votes cast, or a majority of votes cast for one of the two major party candidates.

Technically, the writer did use the term "majority". That's not really the point though.

There's this obnoxious US attitude that is really wide spread in the population that the US is the best, and that Americans are noble, even though they mess up occasionally.

It's to the point where even when criticizing their own country, Americans will write that the criticism is in the spirit of improving the greatest nation on Earth, etc.

It's just a really noticeable and obnoxious pattern, even among allies. It seems to be very, very deeply ingrained.

I don't perceive people of other advanced Western countries being so jingoistic. Canadians don't crow about how Canada is the best. We might have unrealistic views that we are e.g. more tolerant, or accepting than we really are, but the US attitude is really jarring, even among friends.

Depends what you're using it for. The parent poster seemed to be implying a wish-list for a future utopian society, in which case the right denominator really is the whole population. (Or even more accurately, the set of all human beings that will be born in the future, but this causes issues with the numerator, since unborn humans don't exist yet.) The fact that children are legally prevented from voting has no bearing when you're talking about a future legal system that doesn't even allow the concept of national sovereignty; only their opinion matters. Indeed, there's reason to believe that their opinion may vary significantly from the majority opinion of people several decades older than them.

> The recent election in the US highlighted that people do divide the world into imaginary lines on maps and it had a slogan: AMERICA FIRST. It's not just the political class that sees these divisions, it's a majority of the citizens.

Trump didn't even get a majority of the votes cast (or even just the votes cast for major party candidates), much less support from the "majority of the citizens".

That some governments use that kind of tribal moral relativism to justify war does not mean that war cannot be waged for justifiable and morally good reasons.

I agree with you, sort of. Specifically, I will admit that there are some cases where something some people would call war is justifiable.

> war [can] be waged for justifiable and morally good reasons.

I am fairly sure that's not true. A real war, where both parties have a fair chance of winning, only has losers. Or if one side is much bigger, like the Netherlands against the Germans in 1940 or the USA against Iraq more recently, it's more of a coup.

Give one example of a war where both sides had a justifiable and morally good reason.

Why on earth would you ever expect both sides to have justifiable reasons?

Justifiable from their perspective. Most border disputes would fall under this, at various points in time both sides have controlled an area and believe that it is rightfully theirs.

"Justifiable from their perspective" is trivial. Given the wealth of examples, which GGP can be assumed to know about, that's not what they were talking about.

It's the only situation where a build up of arms before war is understandable. Massing arms out of defense is basically indistinguishable from preparing an attack.

That has less to do with how I feel and more to do with how the CIA is setup. Their role in domestic affairs is severely restricted, that is primarily the job of the FBI which has more requirements to conduct "searches". For them to be operating to the fullest extent of their perceived role, I can't find myself to be upset.

As you accept elsewhere, there is the law, and there is reality. Oversight is captured; the intelligence agencies and surrounding industry has been given almost everything they wanted, even retroactively[1].

Information sharing has also removed a lot of practical barriers; what does it mean for the CIA to be constrained if they can use other agencies for domestic work? Interdepartmental rivalry is still a constraint, but hardly one to count on.

When thinking about the value-add of agencies like this, analyzing black-letter law is close to useless. You have to look at what actually happens. Tricky, that, when talking about spies.

[1] One interesting question is how, as a practical matter, to provide systematic oversight of spies with the ability to monitor and anonymously leak details of the overseer's lives, blackmail/manipulate third parties, and selectively leak to the media.


"their role in domestic affairs is severely restricted"

You're delusional if you still believe this.

It's not delusional to accurately state the law. But there does need to be strong oversight of these organizations to make sure they actually follow the law.

Edit: and yes, there is plenty of evidence that especially during the Vietnam war the CIA was actually breaking the law.

there is no oversight because it relies on the character of humans, who are weak and prone to folly.

There is no paper trail for this abuse. This is a system that should not exist.

I'm willing to acknowledge that you may have access to information that proves your point.

But I know for a fact that the CIA does have a committee of elected officials that oversee it. Whether that is effective oversight is debatable, but the fact is that it exists, and they must legally disclose their actions. This means there are legal means by which they can be held to account in the cases where they do not.

"But I know for a fact that the CIA does have a committee of elected officials that oversee it."

And they let their own inflated egos delude themselves in believing that the overall threat posed by the Russians/Chinese (which in comparison to the US, are much weaker) is greater than that of a government that surveys/records/interferes with the lives of its own citizens.

I think that is a separate issue entirely though. As defined, the role of the CIA domestically is pretty much nil. Personally I believe that if they stretch that role, it should be something that is dealt with separately from a document release. And is probably something better fitted for a different discussion.

> Why do you believe the world should be divided into "people who were issued bits of paper by my overlords" and "people who weren't"?

Because different people, and different groups of people, have different beliefs and intentions. The current divisions, such as nation states, may seem arbitrary, but some of them are currently necessary.

We quite simply do not live in a unified utopia as some posters here have deluded themselves into believing (which is an easy trap to fall into when one lives in a well-fed, massively rich democracy where one wants for nothing, such as the ones we all live in).

Like it or not, these divisions exist, and will continue to exist well beyond our lifetimes. Groups of humans want to dominate other groups, to exterminate them, or worse. The divisions are necessary to protect the things we value, such as social progress, our loved ones, our innovations, and so on.

In short, there is still a very clear and objective distinction between good and evil in the collective human species, and this leads to the development of the divisions with which you're uncomfortable.

Thankfully, such feelings of "that's icky!" are not (yet) a primary factor in the decision-making process with respect to defending our side of the line. If it were, we wouldn't be having this discussion. We wouldn't be able to have many discussions at all, and particularly not on a medium so free as this one. We'd probably be doing manual labor in between sessions of worship to some supreme leader or god-authority.

Yeah, I'll... I'll take those divisions for now, please.

There's a big difference between war and spying. Accurate intelligence can actually prevent wars as it keeps governments honest about their movements and actions. It can also limit the damage of aggressive actions as it allows us to help target only the actual enemies rather than the enemies plus everyone in the entire village (obviously not 100% accurate).

Your claim that having the tools to spy on people is inherently unethical, but I don't buy that. The ability to hack a TV is nowhere near the ability to destroy a city with a WMD. It's not even on the same slope.

One cause for concern is that the CIA appears to not only have lost control of the documentation, but of the tools themselves:

"Recently, the CIA lost control of the majority of its hacking arsenal...and associated documentation. This extraordinary collection...gives its possessor the entire hacking capacity of the CIA."

So, now, you get to worry about anybody else that might have this toolset. (Not withstanding your note that some of it might have already been available)

>> So, now, you get to worry about anybody else that might have this toolset.

You also have to consider who has the capability to actually use these tools - its not like they come with a user manual. Could Joe Schmo download these and start using them tomorrow? Probably not.

Also, I'm pretty sure this isn't "the entire hacking capacity of the CIA". If you consider all the stuff that came out with the Snowden leaks, you'd think this is more likely the tip of the iceberg in terms of tools they're currently using. I would think they're developing new tools and techniques daily.

>its not like they come with a user manual

"including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation"

Sounds like they do potentially come with a manual.

>Also, I'm pretty sure this isn't "the entire hacking capacity of the CIA"

Well, yeah. Wikileaks does like to put their spin on things.

Reading the leak, these are very clearly tool manuals.

Some of the technical documentation is better than the official stuff!

They have stated this is part 1 of a long series of Vault7 releases, so it might be possible.

These tools, whether from NSA or CIA, are made to be easy to use, and they come with detailed instructions and user guides.

I would also expect a spy agency to be hoarding exploits. I don't think that's the concerning part of the reveal. Here's what I gather are the main issues the analysis discusses.

1. Poor control of the resources means a proliferation concern. Hacking tools are not classified, because it would then be illegal to deploy them if they were. But leaving them unclassified makes it easier for them to spread outside of the agency.

2. The CIA is duplicating the NSA's capabilities for no real reason other than institutional rivalries.

One of the lesser issues I thought was particularly interesting is that the CIA works to make attribution more difficult, and in particular, to pin things on the Russians. That's got to be relevant in the current political climate.

>What exactly in the admittedly shortened list am I supposed to be upset about? It makes no distinction between US citizens and overseas parties. If these actions are being done domestically against US citizens, with no just cause sure I will get upset, but that has yet to be seen.

From the Reppublica article: "Three years ago the news that the Agency had spied on the US Senate intelligence committee's years-long effort to investigate CIA's tortures by penetrating the computers of the committee staff members sparked public outrage and political fury."

This is a past revelation that was already investigated, no? Without any direct connection to the current release it muddies the waters.

How does it muddle the waters? People are saying "no big deal I expect my agency to defend me from foreign threats", and it turns out they have been used against domestic do-gooders.

It seems incredibly relevant.

I think it makes an unwarranted (ha!) connection between the current released documents that do not indicate they were used against US citizens, and a previous probed and documented illegal act by the CIA. Not a justification for their previous behavior, more of drawing solid lines between two ideas, where maybe a dash is better fitted.

The "with no just cause" part of the argument is what scares me because the government's idea of a just cause for domestic spying and my own, are often very, very different.

I believe the revelation here is the the CIA has built a duplicate version of the NSA, but with much further reach and less accountability.

'further reach' is stretching it to put it lightly. all of the cia tools appear to be individually targeted, whereas the nsa's programs are broadly based on mass surveillance.

The internet and all electronics have just become one big spying and manipulation device and this is further evidence of that. No person who values freedom wants anything like that. I don't want to sit at home knowing that someone can listen in and see and record every thing I do! I am so close to throwing all of these electronics devices in the bin.

You are right that a spy agency should be expected to try to find ways into all of these devices. You are of course wrong in trusting that the spy agency is acting in your best interests. They don't have any accountability as we cannot see what they are doing. Wikileaks is the only organisation trying to bring accountability to the unaccountable.

> What exactly in the admittedly shortened list am I supposed to be upset about?

This part concerns me:

> The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

So, not so much the contents of the leak, but that it happened at all, and that Wikileaks is just one of many who have access. If the total cyber arsenal of the CIA were floating around on the web somehow, I'm glad that Wikileaks made that public. Could potentially see a big spike in viruses, and maybe make plans to avoid products with known exploits and stuff.

You don't have to be upset to find something interesting and worthy of discussion.

> this is exactly what I expect a spy agency would be doing

Loosing their "cyber" equivalents of atomic bombs after they deemed it unnecessary to improve the protection of the US against such those weapons is what you expect?

That type of hyperbole isn't helpful. 0-days are hardly equivalent to atomic bombs, much known and patched vulnerabilities.

So you didn't read any of it nor wait for anyone else to but have already come to a number of overarching conclusions and dismiss the release as whole?

I guess we can go ahead and close this particular thread then. If you don't want to read any of the source materials, you could possibly at least make the effort to respond to the various philosophical or policy questions this poses, that takes only an opinion.

They provided an overview which I read through, but I find it a bit silly to expect any single person to read through the entire report and fact-check it as well. That is what journalists are for.

What I find most interesting is that Trump tweets about Obama tapping his phone and then a few days later this leak happens. In the minds of his supporters this makes him credible.

But it also shows that he or Bannon might have known this leak was coming and the "wiretapp" rant was the set up. Which makes things very messy indeed.

I'm sorry but I didn't realize it was a requirement for spies to exist to have a free society.

Didn't you know, the best way to ensure the citizenry is informed, is to keep lots of secrets?!?

I'm just disappointed with the phone industry for the current state of rampant insecurity.

Is it really that bad?! The FBI took Apple to court because it couldn't crack its iPhones...

No, spy agencies aren't supposed to spy on every single person in the country.

I don't understand making this point unless it's to give yourself permission not to think about this. Feel free not to.

> am I supposed to be upset about?

Who do you imagine is asking you to be upset about anything. A strawman?

This is knowledge. Wikileaks is about spreading knowledge. How you react to that knowledge is entirely up to you.

It's interesting to note that Julian Assange didn't demonstrate control of the wikileaks private key during his Reddit AMA 1 month ago: https://www.reddit.com/r/IAmA/comments/5n58sm/i_am_julian_as...

Considering the political situation unfolding in the US and who this leak weakens, there is some evidence that wikileaks is not in the hands of a neutral party.

There is clear motive right now for undermining the CIA. This may not have been an act of altruism like Snowden. While shockingly damaging to the American arsenal, the CIA is by far the biggest loser.

This comment was immediately down voted on Reddit. Someone is seeking to control the narrative.

He very clearly explained his motives for not doing so in the AMA, and he gave an alternate POL by reading from the blockchain.

This whole narrative of Wikileaks not being neutral is a very weird story, because they've never published anything that wasn't verified to be true. Since that's something they can't be attacked on, it seems that the strategy for discrediting Wikileaks has now become to accuse them of association with the Russians. Assange touches on this in the AMA as well.

Beyond that, only speculation remains. So why even give a shit? As long as what they're publishing is true, which it has always been so far. Let them fight each other with the truth and the people will be better off. Nothing you've said changes the validity of this article, in fact, it only distracts from it. So I'd say you're doing us a disservice by distracting from the real story here.

For the purpose of devil's advocate in this, I think it's possible to state truths and still be misleading and/or distracting from another narrative. Just because something is true doesn't necessarily explain what the motive is for releasing that information. It's certainly healthy to have at least a shadow of a doubt as to what WikiLeaks's motivations are when it's already shown that it can either restrain itself from leaks or that it can falsify the existence of leaks.[0]

[0] In 2010, WikiLeaks declared to the public the intent to publish docs alleging significant Russian corruption. It was also picked up by a Russian newspaper that reported to be working with WikiLeaks. However, nothing happened and the topic has been untouched since.

Allegedly WL did not release every email they had from the Syria leak. While every email released may be legitimate, the omission of emails pertaining to russia creates a narrative.

Wikileaks may be telling the truth but it's far from clear whether they are telling the whole truth. And in between "truth" and "whole truth" there's a lot of room to shape the narrative

It's known that WL will often save some of the worst leaks as an 'insurance' against retaliation from the entity the leaks pertain to. It's likely there's aspects they're holding back from this leak as well, if they don't already hold enough over the U.S. gov.

They have already stated in black and white that they have held back a lot concerning this release; due to various concerns. They are completely open about that.

A lot of the stuff they keep to themselves can be used as collateral, like all the names they redact, operational details, etc, but I think they would quickly find themselves in an even more dangerous game than they are now, if they started to exploit these possibilities.

uhm... what are the current speculations as to what they may be holding back?

It's Manning stuff, I think. And it's not that they're "holding back" stuff. It's been torrented, but encrypted.

Well, it works both ways. You're creating an even shadier narrative, since you're parroting a familiar a story about the selective choice of leaks without any evidence that other leaks are being withheld, and this story is primarily used to distract from the information that Wikileaks publishes and discredit Wikileaks and Assange.

Even if Wikileaks withheld other leaks, for which no evidence has ever been presented so far, what they have published so far seems to have been factual and genuine material. So let's not distract from the truth...

It was an unsupported allegation by Daily Dot. See https://lists.cpunks.org/pipermail/cypherpunks/2017-March/03...

If Wikileaks is in any way editorializing the information, that is not specifically related to things like 'redaction of names to not put specific lives at risk' - then it is existentially damaging to their credibility.

It's not just 'shaping narrative' - it's 'creating it'.

I'm not for or against the very nature of Wikileaks - but I'm pointing out that editorialization is quite fundamentally bad - for an organization like them.

The 'best leaks' were the ones in concert with Guardian, NYT and Spiegel - that way they had a lot of transparency, a lot of eyes on it, and some people who could agree to redact specific names without changing the nature of the information.

Cutting out 'Russian related material' is really quite a bad thing.

Further interesting point: the news if fairly minimized at CNN, Fox etc.. No big headlines.

Also is the fact that Assange was trying to 'hand himself over' to authorities during the election. He may have been trying to use this potential leak as leverage. Who knows. It's all so mysterious ...

Even people here are susceptible to the logical problem. Here's a thread from last year: https://news.ycombinator.com/item?id=12984371

The people who support Wikileaks are arguing that none of the leaks were fraudulent, while critics point to evidence suggesting that Wikileaks was editorializing by withholding information. The supporters never really address the editorializing issue.

If I have information that you murdered someone, and information that a friend of mine murdered someone else and I only release the info I have on you does that make the information any less valid? Should you not be punished in this situation? I don't get this line of argument.

> I ... murdered someone ... and ... a friend of mine murdered someone else

- cmdrfred

Technically you wrote those words in that order, but by omitting other words the context was completely lost. This is why selective omission is dangerous. s/word/email/ and you have the Wikileaks situation of omitting certain emails. This is why, when people take the stand, they are asked to tell the whole truth. Because when you omit things, you lose the context and change the situation.

In this case though, and with the Democratic party. I have the original context that you have omitted. It would be a simple matter for me to release that context that proves my innocence. This clearly was not the case with Podesta's emails or the DNC or that's exactly what they would have done in response.

Is this what wikileaks is doing? Omitting words from sentences to change the meaning?

Surely omitting some emails is different from omitting pieces of some of the emails to change the meaning.

Addressing your last point because I'm not informed enough to argue the first questions: They differ only in the amount of space it takes to give an example. Imagine a loved one being held as leverage to force you to kill someone. You could beg/plead/bargain to avoid it, but if the only email that's published is the one that says "it's done. he's dead" that strips away a significant bit of context. Now, scale things up to state-level complexity and imagine being able to cherry pick the context in which things are said.

Re: Imagine a loved one being held as leverage to force you to kill someone. You could beg/plead/bargain to avoid it, but if the only email that's published is the one that says "it's done. he's dead" that strips away a significant bit of context.

I don't understand your example - murder coerced by blackmail is still murder. I imagine if this email was actually released to the public and people found out I was a murderer, when the police arrived I would show any documentation of the threat or call attention to the fact that my missing relative was being held. Society would be better off knowing I was a murderer and that I claimed to be coerced because then the perpetrators would at least have a harder time reusing the same tactic.

If that murder evidence email was released and discussed online, it'd be weird to see it be disqualified in discussion, despite being believed to be true, because of a belief that there might be a second email which compelled the execution of the murder. It would be fine for someone to show this second email as part of a defense, but again this example is kind of tricky because being compelled to murder under the threat of murder doesn't justify murder.

It's hard to trust your release if we learned you failed to disclose something of similar nature. It makes you appear biased.

Wikileaks was founded on the idea that it is a resource for getting transparency from all powerful entities, not just selected ones. Their recent string of one-sided releases calls all their reporting into question. We know corruption happens in every country. Why publish nothing on Russia?

When is the last time they did a big release that targeted the Russian Federation? I'm asking this because I sincerely don't know but I'm guessing the answer is that they never do. Their actions point to at least tacit cooperation with the Russian Federation.

Obviously and indisputably, any organization that really placed openness and opposition to secrecy as their highest values would put the Russian Federation at the top of their list. Clearly, WL has instead placed the United States at the top and dropped the Russians from the list altogether.

Wikileaks objectives seem to line up with the Russians too often to dismiss as coincidence. For example, WL clearly timed and staggered the DNC releases for maximum political impact. It had absolutely nothing to do with openness as clearly working for Russia against the United States in this last election worked against the objective of a more open world. This is not even a political statement but just acknowledging reality to state that supporting authoritative regimes is serving the interests of those who stand in direct opposition to the stated goals of WL.

I'm guessing that WL had integrity at one time but they were compromised and then captured. Their priorities alone make this completely obvious to anyone not in denial.

It's weak to take a hard position claiming something is true that is obviously not true. To those who employ this tactic, I respectfully request that you stop leaning on the crutch of reality denial to defend your positions. Please defend your positions on the merits, while acknowledging its weaknesses, even acknowledging that you're wrong when you are wrong. If you've never openly admitted that you were wrong on something in the course of a discussion then why bother?

Well, consider the Panama Papers. John Doe leaked stuff to Bastian Obermayer, not Wikileaks. Would Wikileaks have released more or less from the Panama Papers than we've seen? That's impossible to say.

I'm not disagreeing with you, I just don't see the connection with what I was saying?

WL publically criticized the decision to not release all of the Panama Paper's details so based on that, I think they would have released more of the information.

My point is just that perhaps Wikileaks has released less about Russia because less has been leaked to them about Russia. I mentioned the Panama Papers because there's a lot about Putin etc there. Also, if someone had provided stuff about Russia to Wikileaks, and they sat on it, why wouldn't the leaker use some other channel? They'd have another thing to leak about.

I somehow missed the bit about the Panama Papers having a lot about Putin in there. That makes me question my original assertion that WL would have released more. As you said, it's impossible to know.

Let history be our guide. Has WL released anything substantially damaging to Russia?

Are things about how rich and corrupt Putin is considered damaging and would Russian State media give it any play regardless? It'd play big internationally but in Russia I wonder if the public would even hear about it...

I'd accept this as plausible if it were merely "less" and if it weren't combined with at least the appearance of collusion with Russia. The DNC timing and staggering of the releases were so obviously political and not about openness.

By the way, are there people here who downvote things just because they disagree? I had a comment downvoted to -1. It's the one that you replied to originally above. What's wrong with my comment other than a lot of people think I'm wrong?

Hey, I upvoted your comment because it furthered discussion :)

Russia has been cultivating opposition to US hegemony since the falling out after WWII. Back in the day, it was leftists. But since the 80s, they've focused more on libertarians, anarcho-capitalists, conspiracy theorists, etc. Look at RT, for example, and who its fans are. So yes, Assange and associates roughed out Cypherpunks: Freedom and the Future of the Internet (2012) on his RT show, "World Tomorrow". The goal is "independence from the security guards of the world". For better or worse, that's pretty much the US.

Bottom line, I think that it's an enemy of my enemy relationship. I can't imagine that he'd deny that Russia is a kleptocratic horrorshow. Also, he clearly has a personal grudge against Ms. Clinton.

Thanks. Good points, all. I've not heard this theory before but it makes sense. I'd say that's exactly how Assange views the situation.

But the fact we are even discussing Assange's psychological makeup and his "views" and who he hates and who he's aligned with against a common enemy are enough to disqualify him for the position he and his organization have claimed.

He's not and WL is not a neutral arbiter of openness, he's an anti-U.S. propaganda tool.

If freedom from the world's security guards means the rise of the world's petty thugs, then I'd say he's made a deal with the devil.

I've not read the above document but is it accepted that it's the real deal? Given that and the massive amount of evidence, WL is not neutral and is not about openness why do people still cling to this absurd position? I liken it to those who still claim the earth is flat because it looks flat from from here so it must be flat.

Probably the core cypherpunk value is the right to privacy. That might seem funny, given Wikileaks. But there's the argument that right to privacy is inversely proportional to power. So governments should have no privacy.

But anyway, do read the book. You might also enjoy Of Captain Mission by Daniel Defoe.[0,1] It's rather the grandfather of laissez faire.

0) http://onlinebooks.library.upenn.edu/webbin/gutbook/lookup?n...

1) http://www.fullbooks.com/Of-Captain-Mission.html

One more thing, do you have any thoughts on whether the latest WL had anything really new in it? My personal reaction was tell us something we don't know.

But it could well be that the devil is in the details.

I haven't looked at it very carefully. As I understand it, it's a leak about a leak. That is, a bunch of CIA stuff got leaked to some hacker community, and then one of them leaked parts to Wikileaks. So the real leak is arguably far worse than we'll ever know. It'll mostly show up as criminal exploits :(

I had the same reaction. (1) they are a spy agency and (2) we had Snowden.

People who reacted incredulously to it online just reveal themselves to be uninformed, or politically motivated, in my opinion.

At this point, I feel our intelligence agencies were founded to counter moves by major foreign powers. And every day Russia is allying itself more with the Republican party.

It's a classic divide and conquer strategy spread out over a hundred years. First, attack from the left w/communism. Then, the right with fascism.

I have to feel intelligence agencies are the free public's allies at this point, and now I see why Obama and Clinton were so fearful of encryption. I'm not sure whether Clinton's idea of a Manhattan-style project on breaking encryption was right or not. My initial reaction was no way. I wonder what that would look like. Quantum computers?

Now, it appears bad actors have leapt to the top of government and the DOJ seems to be sluggish in building a case against them. Perhaps they can't gather evidence as quickly due to encrypted chat apps and hidden money transfers like Bitcoin.

Jesus, he also has an RT show? I somehow didn't catch that but read it as a document, not a show. He's so possessed by his ideology he can't think clearly. He's yet to learn that ALL ideologies are bullshit even his.

I guess I will go look on youtube but I'm pretty sure it's cringeworthy to watch this jackass on RT.

He had a talk show on RT in 2012.

It's US pretends to be the world police and not the Russia.

Imagine instead of murder the information was less extreme, like that you know that I once got a DUI 10 years ago, while your friend committed murder last year and is now being blackmailed for that fact. If both the friend and I are up to become CEO of some company, you might see how leaking only one set of information is distortive.

Should you not be punished for the DUI though? That is my original question.

You're referring to isolated incidents, which is an invalid comparison.

Instead, if you have information that I have a pattern of murdering lots of women, and my friend has a pattern of murdering lots of men, and you choose to release information about me and not my friend, it immediately suggests that you support killing men but not women.

I don't deny that it may show a bias, but as long as the information about the murders that I release is true why shouldn't it be acted upon?

Further if the Huffington Post (or name a left learning publication if you believe they are not) does an article on Trump and the facts they release are verified should we not act on them due to the lack of a similar article in regards to Obama?

I think it's possible to state truths and still be misleading and/or distracting from another narrative.

Indeed. The canonical example of this is releasing privately-commissioned polls. The data released can be a perfectly true reflection of the poll done, but if you are only choosing to release the polls that tell the story you want to tell, then the result is still going to be biased.

Assange outlined his goals [1] a while ago in regards to exposing secrets, and I think Wikileaks is staying in line with those rather well. It essentially states that they'll leak whatever they receive, and try to enforce a kind of 'secrecy tax' on governments/parties/organizations that refuse to be transparent via forcing them into less effective means of communication and overall less use of technology.

Additionally, this may be subjective, but Assange's story and personality makes him seem quite steadfast in these beliefs.

[1] http://cryptome.org/0002/ja-conspiracies.pdf

Why are leaks from the Russian Federation so conspicuously absent? When it comes down to it, WL is a public relations and marketing agency for leakers who want the media to notice their handiwork.

If you leaked something (document dump style) today there's a fair chance nobody would pay any attention to your claim to have this or that trove of documents so you'd need an agent. Who are you gonna call?

I find it impossible to believe there are never any significant leaks from the Russian Federation. I think the problem is the dominant PR agency in that space won't work with you if you're doing anything that might harm Russian interests.


I think you actually meant "Why are there no significant, recent leaks that have not been reported by anyone else about Russia"? There's plenty of innocuous explanations:

- the media is currently on an anti-Russian frenzy. Why would you leak to Wikileaks, which has a much smaller reach than say, the NYT?

- Assange has been painted as a Russian shill. Why would you leak to Wikileaks if you are afraid he might suppress that information or share it with Russia?

- Wikileaks has no political leverage. Why would you leak documents to Wikileaks instead of US intelligence agencies, which may/could offer some kind of protection vs Russian reprisal?

(By the way, browsing a few other countries, it seems like most of the indexed stuff is from 2008-, so Russia isn't an outlier in this regard. It seems like their recent leaks have significantly slowed down in number, which isn't surprising).

I thought about this a bit and if it's true that Russian leakers only leak to intelligence agencies because the main PR agency for leakers is viewed as pro-Russian, then WL should recuse itself from this business. They're doing way more harm than good by inadvertently suppressing would be Russian leakers.

With regard to the item above about the NYT you realize that WL has always used the media just like a PR agency would, right?

Your first choice isn't to release to the NYT because the NYT gets god knows how many claims each day and they'd ignore you not to mention that curating the documents and preparing for a an actual story is harder than it looks. The press wants information packaged and ready to use. They'd prefer not to devote resources to vetting, sorting, and curating, as that's what WL does for them. By the time something gets to the NYT it is ready to emerge as a headline.

Reporters operate on deadlines. If you send them a quote ready press release that writes their story for them they're going to take notice if they happen to read your email. If you mail them or email them a document dump they're going to ignore it if they notice it at all. These are extremely busy people on tight deadlines under tremendous pressure.

They'll return phone calls from WL. From you or me? Not likely.

Your explanation sounds reasonable, but I think there's examples that contradict it. I can immediately think of CNN publishing leaks about Trump and his briefings with intelligence agencies, these leaks didn't have any time for vetting and it's unlikely they went through an intermediary.

Here's a rather famous leak that the WaPo published about Trump and Russia - https://www.washingtonpost.com/world/national-security/obama...

Here's an example of the NYT publishing leaks that were sent directly to them about Trump - https://www.nytimes.com/2016/10/02/us/politics/donald-trump-...

Here's an example of a NYT journalist asking for leaks to be sent directly to them, concerning Trump - https://twitter.com/NickKristof/status/838554838329872384

I would agree that it's not clear whether the anti-Russian frenzy is Trump-related, so purely Russian-related leaks might not be getting the same attention. However, I don't think it's fair to say that leakers get ignored by the NYT et al.

Keep in mind we are not talking about just leaks we are talking about massive document dumps of classified material.

If you're an official who knows a couple reporters and you've delivered the goods before, you can successfully get your leak in the top headlines. You've got the credibility and the contacts to make it happen. Reporters treat you like the Oracle of Delphi and you never have to pay for your drinks.

Maybe there should be two different terms because these aren't really the same species. I'd say the day-to-day leaks are just that.

But what Snowden did had more in common with a waterfall then it did with a leaky pipe.

These are possible explanations.

But your claim is based on your faith that you "find it impossible to believe...".

They did say they've changed to a computer-free environment after the Snowden leaks. Or maybe Russian would-be leakers know the stakes are higher for them than for American leakers, because they can get tea with a portion of Polonium.

I acknowledge I have no hard evidence to point to back up my claim. It comes down to an intuitive feeling that WL's been compromised somehow by the Russians. I think the reason for this feeling is based on the actions of WL all of which have alternative explanations but taken as a whole defy what I think are reasonable expectations about how a neutral organization like WL would conduct itself.

Whether or not you were a Clinton supporter or not, it was pretty shady to time and stagger the DNC releases for maximum political damage. That's simply not how a neutral arbiter of openness would conduct itself. I think that on its own is enough to refute any claims that WL is neutral or that their mission is about openness.

Possibly but the consequences of leaking secret (classified) information is pretty bad in both the U.S. and Russia.

I think having to flee to Russia with no option to leave that country for the rest of your life to suck pretty bad. Snowden says he'd gladly come home to face trial provided he's offered a fair trial. So he'd risk it all for a fair trial but U.S. officials won't give him one.

Strongly concur.

Ask any military officer who is a ring knocker; telling a 100% truthful narrative in such a manner as to provide a false narrative is still grounds for breaking the spirit of the honor code, and thus grounds for disenrollment.

Reminds me of working with someone who was a devout Christian. They'd never tell a lie, but were more than happy to give you just enough of the truth to let you walk away with an understanding that was completely the opposite of what had happened. After seeing this a couple times, I realized that there was a material difference between always telling the truth, and actually being honest.

Ring knocker?

Academy graduate.

can concur, the honour code definitely cares more about intent than truthfulness

Intent matters. That's why the law will put you in prison for fewer years for texting and killing someone with your car than if you planned out the murder.

> For the purpose of devil's advocate in this, I think it's possible to state truths and still be misleading and/or distracting from another narrative.

I think while that's correct, we shouldn't let it distract our attention to the fact that transparency in government/democracy is good for the people, especially the working class.

Whether something is true or not is a separate question from whether they are neutral or not. Whoever twisted a discussion of bias into a binary question of truth vs. lies, muddled the question to the point where clear thinking about it would be impossible. Bias and truth are separate issues. You can be a lying bastard who lies to harm a specific person or entity and you can be a strict adherent to truth with the exact same motives.

Yes, exactly: there is no inherent conflict or contradiction in pushing truth (and especially only parts of it, manipulating by omission or redaction) and having an agenda. There are many ways in which you can manipulate e.g. public perceptions and policy with publishing the "right" truths at the right time.

Though, I am not of the opinion that WikiLeaks has a hidden agenda or is controlled by a third party. But, neither would I be shocked to learn such a thing.

God, I wish HN had a more convenient downvote button.

Then you should change to reddit. The spirit of Hacker News encourages you to argue not to blindly downvote everyone that doesn't have the same opinion.

It becomes available after sufficient karma is gained. It took me just over 6 months.

"In fact, the Devil's Advocate may be the biggest innovation killer in America today. "[1]

[1] Tom Kelley, co-founder of Ideo as in '10 Faces of Innovation'

Perhaps I'm confused, but this seems like a non-sequitur. We're not discussing innovation.

I think the point being made is that the devil's advocate brought out the norm to mobilise for every contingency (not that innovation won't suffer, which is obvious as misstrust rises) and that it can be used to rhetorically balance two points of view that are not equal (or two questionable actions).

In general: Ownership of information and facts are key points in the overall discussion here, if something is known it can be manipulated (just as they discuss above). Defensive patenting could be achieved, or releasing news of something to knock away at funding for its continuation...

One example how it could be relevant in particular to the general discussion is how the software and partially hardware has been kept by CIA to formally avoid reprecussions from good honest people.

I am not always able to fully elucidate my meaning. I never post without a point.

We also know that Mr. Assange did lie about something in the past, his repeated claims that John Podesta's gmail password was 'password':


From your link:

"a staffer tells Podesta that his Windows 8 login on what appears to be a new work computer is username: jpodesta and password: p@ssw0rd."

A windows 8 password is not a gmail password.

PolitiFact: "completely unbiased" goalpost mover. His password was an iteration of 'password' - e.g. no real difference.

Um, his win8 login password being a variation of password at some point doesn't automatically imply that his gmail password was "password".

I thought it was widely accepted that Podesta was the victim of a spearphishing attack (coupled with bad advice from IT), rather than just "hacked" via password-guessing.

A few points:

* Yes, lots of evidence says that Podesta did give his password to a hacker the spear phishing email you mention. The email dump cuts off soon after this event, the phishing bit.ly link was visited then according to the stats page, and we can see the phishing email here: https://wikileaks.org/podesta-emails/emailid/34899

* This appears to be a quote of someone speaking, I think it's pretty reasonable not to pronounce the @. All common variations on password are equally vulnerable to password guessing programs. There's a rule to use l33t speak in JTR and many other common programs.

* You can make a GMail account with the password p@ssword, something else they don't mention, choosing instead to go with a literal interpretation.

* It doesn't seem to mention that he also lost his phone in a DC cab, which is another possible source of leaks.

* They never appear consider whether or not the person who gave the emails to Wikileaks told them Podesta's password, they just say there's no evidence for them to verify, other than Gmail rejecting a password of 'password' (but not p@ssword), after which they rate that claim as false.

I don't disagree with any of those points. I simply disagree with the leap to the conclusion by several posters that because Podesta used "p@ssw0rd" in one place (based on the context, I'd guess that was presumably the initial password as set by some staffer), he definitely reused that same password for a different account.

I will also agree that the Politifact article's conclusion is hasty, and their selection of evidence is questionable at points (such as gmail account creation).

I think that's a fair assessment.

> His password was an iteration of 'password'

What the email indicated was that someone temporarily set a Windows 8 password to a variant of password.

What the email did not indicate that his gmail account itself used a variant of password as the password. It is disingenuous to conflate the two and claim his email password was password as Assange did in numerous interviews.

His Gmail password was probably runner4567, at least his icloud password was and he emailed it. Also not changed when that email leaked.

Just stop with the nonsense that his email password was "p@ssword", as the truth is just as stupid.


Let's say hypothetically that the Russian government has a Cyber Defense arm that has nearly the scope and capability as the US (the DNC/Hillary stuff seems to indicate this). Let's say this is true for many world powers (US, UK, China, and Russia for starters).

However, it seems like Wikileaks, while claiming to be a neutral source that "just wants to make powerful people accountable", they only seem to be releasing damaging information about systems in place in the US.

I think the issue here is that many (most?) of us assume that all global powers have this capability, yet a Wikileaks is trying to paint the US as the scary one, and so people are questioning their motives. Is what the US is doing morally wrong on a few levels? Undoubtedly. Can the US afford to stop doing these things when some arguably less moral actors are going to continue regardless? That is up for debate.

Assange to me seems irrationally anti-America. Has the US done many reprehensible things now and in the past? Absolutely. But that is true for every powerful nation ever. And if you're looking at America's competition, you'd need to be blind to think that Russia is somehow more benevolent than the US.

The amount of U.S. leaks is likely due to the relatively free environment compared to those other countries such as Russia and especially China, who have similar levels of espionage activity. The most leaks will come from environments with:

1) Relatively high freedom 2) Variety in values/opinions (often due to freedom) 3) Secrets to be leaked

1 ensures the leaker's ability to leak, 2 ensures there is a leaker to leak, and 3 ensures there is something to be leaked.

Assange outlined his goals [1] a while ago in regards to exposing secrets, and I think Wikileaks is staying in line with those rather well. It essentially states that they'll leak whatever they receive, and try to enforce a kind of 'secrecy tax' on governments/parties/organizations that refuse to be transparent via forcing them into less effective means of communication and overall less use of technology.

[1] http://cryptome.org/0002/ja-conspiracies.pdf

Wikileaks published the internal communications of the Erdogan Administration in Turkey, indicating among other things (corruption) the administrations back channel to the Assad Administration in Syria (an enemy of the United States).

The fallout of these disclosures potentially contributed to a building coup attempt in Turkey by forces loyal to the US (which the US tacitly supported) that burst just a week after the disclosures.

Wikileaks does not only publish "against" America. When it does, it's closer to home for the Americans and we hear more news coverage about it. In any case, wouldn't it okay that there are outlets that produce true news focused on negative aspects of the United States, keeping it accountable? That seems like a positive thing to me - though I don't think Wikileaks is "it".

Wikileaks could focus its hacking efforts anywhere, so the question is, why Turkey?

On 24 November 2015, Turkish F-16 combat aircraft shot down a Russian Su-24 during an airspace dispute close to the Turkish-Syrian border. Russian President Vladimir Putin described the incident as "a stab in the back by the accomplices of terrorists" and further stated that "today's tragic events will have significant consequences including for relations between Russia and Turkey".

7 months later, on 19 July 2016 WikiLeaks released the AKP Emails. AKP is the ruling party of Turkey and political force behind president Recep Erdoğan.

> Wikileaks could focus its hacking efforts anywhere, so the question is, why Turkey?

Wikileaks has stated repeatedly that it is not a hacking organization, it distributes items given to them by others.

Key point here! Wikileaks can leak what people give them. I've seen no evidence that they've hacked anything.

Right, because wikileaks is a website. In case it wasnt obvious from my previous post I'm insinuating there is heavy collusion between Russia and wikileaks. DNC emails, AKP Erdogan intel, CIA vault 7. If wikileaks soon publishes a vault of Russian secrets, I will stand corrected.

It's clear what is happening here. Russia is doing an excellent job of manipulating the rhetoric surrounding its ties with Trump. If the CIA is to look like a foolhardy and scary institution to the American public, Trump can say stuff like "Obama wiretapped me", and it degrades the legitimacy of all CIA input on Trump-Russia ties.

The CIA's legitimacy was undermined decades ago. Just look at their history of overthrowing democracies, or what happened in, say, Iran.

They do have a category on Russia, though: https://wikileaks.org/wiki/Category:Russia

IIRC, they don't have any staff fluent in Russian, though, and they pointed to other whistle-blowing operations as more able to operate there.

Russia doesn't need to collude with them, nor does any other party. They just need to leak to them. If you read what Assange wrote about how wikileaks works to raise the cost of conspiracies, you'll see that it actually doesn't matter who is using them, only whether or not the material is true.

Point this guy

With the gap of 7 months?

Russia and Turkey at the point of the disclosures were in a rapprochement: https://www.foreignaffairs.com/articles/turkey/2016-07-20/ru...

The result of the disclosures was a weakening of that warming relationship, with Turkey pivoting again in its foreign policy - at least for some short time.

What else has Wikileaks reported on?

The Italian "Hacking Team" - https://wikileaks.org/hackingteam/emails/

Saudi Arabian Embassy Cables - https://wikileaks.org/saudi-cables

Pirate Bay Court Documents - https://wikileaks.org/gottfrid-docs

Cables from the Assad administration in Syria - https://search.wikileaks.org/syria-files/

Documents from inside Scientology - https://wikileaks.org/wiki/Scientology

Swiss Banking Tax Offshore Scandals - https://wikileaks.org/wiki/Bank_Julius_Baer

His point isn't very compelling for the following reason: instead of taking my argument ("Wikileaks publishes on far more than the US") he took an anecdote decorating my argument ("for example Turkey") and tried to argue the anecdote (poorly).

I'll give him an upvote. Not because I think his argument is really good. But because he contributes to the conversation.

>The fallout of these disclosures potentially contributed to a building coup attempt in Turkey by forces loyal to the US (which the US tacitly supported) that burst just a week after the disclosures.

I thought the conclusion was that that coup attempt was more or less theater by Erdogan. Organized with his approval and prior knowledge, destined to fail, and used to enact martial law.

The coup attempt was very, very real.

Erdogan's subsequent power grab was/is also very real.

(They aren't mutually exclusive.)

The social media rumor that you're referring to has been widely discredited.

> Let's say hypothetically that the Russian government has a Cyber Defense arm that has nearly the scope and capability as the US (the DNC/Hillary stuff seems to indicate this). Let's say this is true for many world powers (US, UK, China, and Russia for starters).

Do we think that, though? We've heard a LOT about Russia's cyber capability lately and the consensus seems to be that they employ groups of criminal kids who are by and large given free reign and occasionally called upon to look at targets of interest. We also know that the US's military spending (known budget) is something like 6x Russia's military spending, and we can imagine that intelligence spending is a similar multiple higher.

I should also make the point that the DNC/Hillary stuff is not a foregone conclusion that it was Russian. These leaks cast new light on the DNI's Grizzly Steppe paper where the NSA gave a 50/50 level of confidence that Russia was involved (but CIA and FBI said that it was greater than 50%). This leak includes information about a project called "UMBRAGE" which is a CIA project to catalog and strategically make use of hacking tools of other countries for certain projects in order to point the finger.

We do know that GCHQ has capabilities that are similar in some ways to CIA/NSA, but is it a foregone conclusion that all world powers have cyber programs this extensive? I don't think that it is.

> We also know that the US's military spending (known budget) is something like 6x Russia's military spending, and we can imagine that intelligence spending is a similar multiple higher.

This is often misleading. Russia and China might spend less but their dollar goes further.

Not to mention the hackers for hire who don't exist like The Hacking Team.

> We also know that the US's military spending (known budget) is something like 6x Russia's military spending, and we can imagine that intelligence spending is a similar multiple higher.

Payroll for 5,000 hackers is within the reach of many world governments I'd think.

5,000 IT people in a government org is about $1B with base infrastructure.

No big deal.

In the U.S. it is.

Depends on where in the budget it (doesn't) appear.

No way. There are probably 7 US States that spend that much.

The Feds probably spend $700M just on Office 365.

> I should also make the point that the DNC/Hillary stuff is not a foregone conclusion that it was Russian. These leaks cast new light on the DNI's Grizzly Steppe paper where the NSA gave a 50/50 level of confidence that Russia was involved (but CIA and FBI said that it was greater than 50%).

Why would the CIA hack the DNC though? It certainly wasn't a smart strategic decision for the Democratic administration. Why would they hack the DNC and not the RNC?

I think you're missing the really obvious explanation that Assange (and the entire Wikileaks staff) speak English and not Russian.

Maybe the only sources they have are within American units. It stands to reason if sources in other countries leaked, Wikileaks would report as such.

That said, there definitely is a disproportionate amount of info on America v ROW.

That might have something to do with US citizens having freedom than Russian citizens. I mean, a guy like Snowden walked out with scores of documents and went out of US, I don't think anyone can do that in Kremlin

Journalism classes in Romania a few decades ago included exercises like: "Take this footage of snow in Bucharest and use it to tell a variety of different stories, e.g. 'Bucharest is paralysed by snow' or 'Bucharest enjoys fresh snowfall' or 'Bucharest efficiently deals with snow storm', etc".

If we think that just because something is factually true no one is trying to fool us, we're quite the fools.

I'm reminded of the replies to https://news.ycombinator.com/item?id=13445190 (about the Guardian story on WhatsApp). There Maciej, for example, said

> I think the vaccine analogy is really helpful here. You can make true statements, like "vaccines can kill you", that cause massive public harm if they're not correctly contextualized.

This is perfect.

Much of the US media narrative about its overseas interventions likewise fall into this category.

Much of the war propaganda consumed by the US population is based on truth. The problem is that US citizens don't have the appropriate context to understand that truth. The fallout is incredible damage to people and lives overseas caught up in great power struggle that could be a different way if there we a systemic commitment toward building a real basis toward international security (over, say, unipolar control).

Regarding the vaccine analogy I think the problem is opposite, that the positive sides to vaccines have always been accounted for but as soon as negative attributes are brought forward they're met with ad hominem or ad absurdum.

[Small rant] There are huge economical incentives to scold those who question medicines with high amounts of side effects. Do people really believe that big pharma doesn't account for a good share of the astroturfers online?

To give one example: In Sweden a vaccine for the pigflue caused narcolepsy in completely healthy young individuals. [End rant]

The problem here is not truth or how it's used to effect but foremost the missinformation that is blocking out all traces of it.

Truth helps any discussion and creates trust - which the vast majority of societies are built on (or used to be).

>In Sweden a vaccine for the pigflue caused narcolepsy in completely healthy young individuals.

And just to be clear, narcolepsy wasn't caused by the "additives" in the vaccine like anti-vaxxers claim. Narcolepsy was caused by the pig flu protein itself.

Thus, if there had been no pig flu vaccinations and people had been exposed to the real thing, a number of them would also have got the narcolepsy, in addition to the nasty symptoms of the pig flu itself.

Goodness. I read some really silly statements on HN from time to time but this is definitely a 1% comment.

We have more scientific evidence for vaccines than we do for gravity, and frankly I am disappointed in the quality of the argumentation here. What percentage of patients developed narcolepsy? Was the study powered for that causal conclusion? Was the methodology sound?

No idea, you're just spewing anecdata.

Astroturfing is absolutely a problem in online discourse but so is wilful ignorance.

Thanks for perfectly illustrating the parent's point.

That what? Big Pharma is a thing?

Vaccines are, by comparison, not big money makers.

Seemingly Hacker news are getting "overrun" by turfers, but that is not what I am, I only represent myself.

As there seem to be astroturfers out and those who require sources (which are not equated but noted to be a seperated quality) I'll ad some information; The vaccine was Pandemrix and the study was conducted by läkemedelsverket (basically a national study organ of medicine).

Pigflue itself would cause narcolepsy but the vaccine would increase the risk threefold.


Totally off-topic, but reading your example made me realize how learning basic journalistic skills could improve my media literacy. Would you happen to have some book recommendation or any other suggestion on hand?

I don't, sorry - my dad is the journalist and he studied this a number of decades ago.

While what they are publishing is true and should not be ignored, they certainly appear to be choosing their targets and not choosing others, for example, they claimed to have information from the RNC, but they did not publish it claiming it was already published in other sources.

The timing of the leaks was rather suspect too. In interviews, Assange insinuated months before during the primary that he had the emails that would eventually become the DNC leaks, but they waiting until after HRC was the sure nominee, during the DNC meeting, to release them. Procedurally, this made it so the Dems could not nominate another candidate before the general.

It may have been a coincidence, but they couldn't have been released at a politically more opportune time (for the R's) than then. In fact, during that interview, I recall Assange saying he was waiting for the right moment to release it. They aren't lying, and shinning light on wrong-doing is great, but the choice of when to do so and possibly sitting on information on the others who stand to benefit is suspicious.

> While what they are publishing is true and should not be ignored

Why does this matter? I feel like the reason people are worried about bias is that it means the source is not trustworthy. If Wikileaks is publishing true information, they should be trustworthy, even if their choice of targets is not unbiased.

I think this is very naive. Russia lists a number of true things about its opponents but it only includes the truths that fit the story it wants to tell. The same goes for China, and even the U.S.

What people here are asking is: "what is the story Wikileaks is trying to tell". Before they thought it was that "government is not trustworthy and needs a watchdog". Now it's possible the story is "Don't trust anyone who disagrees with Trump or Russia", and that's concerning.

This problem is instantly saolved if you have more than one source. The answer to this is not "IGNORE WIKILEAKS," and the suggestion that it is makes me doubt your motives, the answer is "READ MULTIPLE SOURCES."

There are far more than enough actors with far more than enough relevant information, and certainly the capacity to distribute that information, to fill in the gaps.


You can't do that when Wikileaks is the only source.

The problem is that other sources are not willing to perform the kinds of investigations and do the sort of publications Wikileaks and few others are willing to do.

When Snowden approached CNN, the Times and a number of other large media outlets they attempted to report him to the Feds rather than report on the domestic and global mass surveillance programmes.

The incentives, partnerships, timelines and ethics of major media outlets prevent them from speaking truth to power.

If the story was incomplete do you honestly believe we wouldnt find that out? I dont.


1) Wikileaks provides evidence of wrongdoing

2) You respond "Its possible evidence that proves this isnt wrongdoing exists"

Your position seems to be roughly meaningless and the only justification I see to take it on is ideological.

It's plausible that WL is selectively holding back documents on e.g. Russian activities in Syria. No one would have the power and incentive to leak those documents separately, so WL could portray an incomplete story.

It's not plausible that WL unfairly portrayed Podesta and the DNC by incomplete leaking. The leak targets have both the power and incentive to clarify any serious misrepresentation by releasing the context they already possess.

Somehow, I keep seeing people give the Syria example, then claim that we should disregard even the US-domestic leaks because "there could be context we don't have!" It doesn't make much more sense than saying "sure, the murder suspect didn't offer any defense, but maybe he has an alibi he never bothered to mention!"

The CIA could surely filll in the gaps if they wanted to, at the very least through leaks to any of the media organizations that would like to see them succeed.

Exactly! People say: "I think Wikileaks is not a neutral party". Dude, NO ONE is a neutral party. This thing doesn't exist! All sources have bias!

> All sources have bias

Some are more biased than others. I think that's actually what people are discussing: how biased is Wikileaks? How heavily curated is the information they are releasing? Throwing up your hands and saying everyone is biased is a lazy answer to a difficult problem.

Right. But it's curious that "How biased is CNN?" gets shut down any time it comes up as a serious topic. From the whitewashing they did on the genocide in Bahrain (after accepting money from that government) to the misleading coverage of Syria, Snowden's mass surveillance disclosures, US torture program, Iraq War - to its current poor coverage of the humanitarian crisis being caused by the US intervention in Mosul.

It would be wonderful to discuss the role that different outlets play and different biases come in. But it's difficult because any time the topic comes up "faithfuls" from all sides come in and it starts to look more like a sports or religion debate than it does an illuminating conversation.

Yeah, Wikileaks has some biases.

I actually think they are incredibly important biases. Also, I don't think they are nearly as "anti-American" as some panic about.

There is now some data showing one way CNN is biased --Breitbart and Fox News seed the media environment with disinformation, and eventually mainstream outlets pick up that disinformation. (Torture is a good example - the right really wanted to bury discussion and largely did).


Another way to say this: only one side is willing to blatantly lie. Luckily media outlets are starting to realize that and moving to coverage of the truth not just what people say.

This is whataboutism. (it may be inadvertent)

Firstly - On HN people do bash the media, but its based on the context of the conversation.

So on a discussion on wikileaks, very few people are going to make the side jump to criticizing the other media channels.

I don't think it is whataboutism in general. (It probably is if it's specifically targeting the HN thread, but that's now how I read it.) It's not just waving at someone else's misbehavior, it's noting that a double standard (examine bias in case A, acknowledge but ignore it in case B) is producing an agenda.

In mainstream discussions, there's a pattern of discussing WL bias against a baseline of whatever American mass media says. To repurpose a point from up-thread, that creates a situation where "how biased is WL?" is both a legitimate question and a misleading distraction.

If you want to create an informative media diet, you might ask "how biased is each source, in which direction?" You won't find objective truth, but asking that at least lets you curate inputs so that you won't have important information from any side go completely unmentioned. Lots of people I know do this, adding up equations like "NYT and Intercept both skew left, but one is largely pro-government and one anti-. BBC is moderately pro-government, but since it's a different government it reports US news better." Asking about Wikileaks is vital in that context.

If you want to distract from unpleasant facts, you might ask "How biased is Wikileaks in the direction of Russia?" And then the answer is treated as inherent bad - the more biased, the less attention should be paid. "All news is biased" is defeatism, but "all news is biased, how biased is Wikileaks?" is still manipulative because it ignores the magnitude of non-WL bias. I see that trick used a lot when US politicians and reporters cover Wikileaks, and it smuggles in an that we don't need to seek balance, just exclude a few too-biased voices.

My purpose was to talk about biases of media outlets in general rather than discuss the biases of one particular media outlet (Wikileaks).

Wikileaks has important biases. So does CNN. Wikileaks does important reporting. So does CNN.

Of course these are just two outlets. I don't mean to focus just on the two.

(Of the two I think Wikileaks would be the most missed, were it to disappear.)

My point is that it is incredibly important to discuss and take into account the biases of the outlets information is being published by. This is how I intended to discuss the bias of CNN and if you look you will see I brought this up under the context of the parent comments of my own. Namely, it is not quid pro quo.

Every news medium, even you as a human being, makes intentional and unintentional selections on what to publish or not. As long as the published documents are not fakes (and independent sources verified them), motives are secondary.

If what is published is true, projecting motives in the publisher are an obvious attempt to distract from the message by questioning the messenger. The message is a fact, your interpretation of the messenger is at best guesswork, at worst fanfiction.

What exactly is difficult here?

Are there? Because the only big ones I hear about are Wikileaks.

(I certain that more groups exist, but really, I can't name any others.)

The media.

I think a lot of what's being construed as political bias from Wikileaks is simply optimizing for maximum impact. They want their leaks to be felt, to have real-world results. If they were to just dump everything months before the election, they'd be long forgotten by the time the election had come and gone.

"I feel like the reason people are worried about bias is that it means the source is not trustworthy

No, people are worried about bias because the source could be selectively publishing truth with an ulterior motive, such as pushing a predefined agenda.

Propaganda is even more dangerous when it's true, but only tell people half the story.

Because what isn't printed is often more important than what is. That's what editorial influence does.

In my city, the local Hearst rag often doesn't report on things that the city administration doesn't want published. For example, a city employee was indicted for killing a girl and burying her body on city property (probably while on the clock) and was on "paid suspension" (i.e. On payroll, not working) for two years. Awkward situation for the mayor.

The arrest happened on a Friday night. The story? Page 4, section B on Monday.

In a story like this Wikileaks thing, the context is missing. How are these things used? To what end? Snowden tried to provide that context.

It's kind of the effect we have with BPA. As soon as the idea got widespread that it might be unhealthy it was replaced with other chemicals we know less about and that might be even worse.

Intelligence Agencies often use information to push their agenda. I don't see why it is different for Wikileaks which sees itself as one.

Hillary was under investigation throughout the primaries, and we know from the leaks that some democratic political operatives thought it was a bad idea for her to run due to the amount of dirt out there about her.

You are being misleading. Hillary has been investigated nonstop for twenty years, and their are entire nonprofits (Judiciary Watch) funded by the right to dig up dirt on her and her family.

So instead I think the opposite is true- the fact she hasn't had major (true) scandals (Benghazi and emails we know are trumped up) means she is fairly clean. Yes, she has some flaws.

It is unbelievable to me that Mike Pence was using his own private email to conduct state business _while_ decrying Hillary. How hypocritical is it possible to be?

And re dirt on Hillary, this puts it into perspective. http://www.vox.com/policy-and-politics/2016/12/25/14037576/t...

Wow, the left are the new loony, tin foil hat conspiracy theorists.

Sure, it was definitely a "vast right wing conspiracy" (Hillary's exact words) that threw up flags when she opened her first ever trading account with $1k, turned it into $1 million in less than a year with no experience, or understanding of the markets (she supposedly started trading futures on a tip from a friend) and then never did it again because it was stressful. I guess that same conspiracy group were trying to go after this irrelevant governor in Arkansas for the other scandals going on during his governorship.

Then when Bill became president the scandals continued. People like you and Hillary want to claim this is some vast conspiracy by the republicans but the question any critical thinker has to ask themselves is why? Clinton was the most conservative president since Reagan [1]. Why on earth would the Republicans be out to get someone who's more conservative than most of their own presidential candidates? Like most conspiracy theories, it requires a great deal of faith in absence of evidence, motive or even logic.

[1] https://www.cato.org/publications/commentary/was-clinton-mor...

Don't lump everyone on the left in with Hillary Clinton supporters.

I didn't intend to imply that all the left fit this. What I meant (and probably din't make clear enough) is that the right used to have the crazy "femi camps", etc. conspiracy theory wackos. Now the left has them too (they had them in the past but mostly just people who claimed to be abducted by aliens).

44 USC §3301

What country is Benghazi in? What does the leader of that country have to say about how serious Benghazi is?

> This whole narrative of Wikileaks not being neutral is a very weird story, because they've never published anything that wasn't verified to be true.

First off, I have no opinion on whether they are neutral.

That said, your argument imo doesn't hold much sway - not publishing something wrong, doesn't at all imply that they're not selectively publishing.

And while I agree that there's some interest as describing them as partisan, I also think that some of Assanges public statements make that really really easy.

This whole narrative of Wikileaks not being neutral is a very weird story, because they've never published anything that wasn't verified to be true.

What does the one thing have to do with the other? Just because you're truthful doesn't mean you're neutral, and nobody is seriously denying the authenticity of these files.

What, exactly, have we learned here other than a spy agency knows interesting methods of spying? I mean, of course it's interesting to see they use this or that vector, but that this technology exists isn't surprising in itself.

I see two possibilities: either this has caught the CIA on the hop, in which case everyone else will harden their security and the CIA will be less effective at gathering intelligence for a while, or the CIA has already moved onto better tools and is dumping details of its older ones to see who reacts and raise the technological stakes. There's no sure way for me to know if it's compromised or not, and the only predictable outcome is another leap in the diversity and capability of malware and another round of the cybersecurity arms race.

> What, exactly, have we learned here other than a spy agency knows interesting methods of spying?

That the US government pays software companies to keep their products insecure [1]. Why do you believe that they aren't spying on American citizens?

1. https://twitter.com/Snowden/status/839168025517522944

Government is always asking technology companies for backdoors so that doesn't seem like news to me, but you may well be right that it's never been documented before. To me this doesn't seem any different from the Chubb lock company teaching spooks how its locks are put together or somesuch.

I have no opinion on whether they're spying on American citizens, I have always assumed they would do so sometimes in the course of spying on other countries' citizens. Foreign spies seek agents and unknowing assets in their country of posting so that just seems inevitable. So what?

I have to say that a lot of the response here seems very theatrical, albeit unwittingly so. Going back to the lock analogy, I'm sure the CIA has some of the world's best lock pickers and burglars on their payroll, but doesn't mean the CIA are trying to break into your house, does it? They could break into your house, if you embarked on an affair with a beautiful spy (or even a sort of frumpy one) they maybe would break into your house, but realistically they probably have zero incentive to do so right now.

It's really hard for me to give a shit about the CIA possibly-in-theory-maybe spying on people when you have government organizations like ICE actually plucking ordinary people off the street and putting them in detention centers where the normal rules of arrest and imprisonment don't apply.

Paying for it is different than a request, NSL, or other means of coercing a company to do what the government wants.

There are significant barriers to the CIA picking the locks of everyone in the world's door, that don't exist when it comes to spying on the whole world. The analogy isn't meaningful.

The people ICE picks up actually committed a crime.

Living in the US illegally is as harmful to other people as internet piracy, sure the crime may have consequences for the country on a macro-scale, but any individual act of piracy is not harming anyone. I think most would agree that the measures the Government takes to prevent piracy is absurd (SOPA, FBI raids, etc) and that the solution to piracy is not harder enforcement, but structural and societal changes as a whole.

That comparison is ridiculous, but this is the worst possible forum to address your points. I'll leave it at that.


> Name a fucking job that a mexican worker is currently doing that you would do? Would you pick tomatoes? Lettuce? Will you cook me a burrito? Will you wash my dishes? Will you make me sushi?

I've had a variant of all those jobs, so.. yeah. Don't project your hesitation to do physical labor onto other people.

How many music pirates have murdered someone this year? The point is still garbage, even in longform.

> I have long said, if the Mexican Rapture happened, you will starve to death....

That you consider this an actual point is a fucking joke.

Sure, Ill take your points...

So, exactly what are you doing now? Are you pulling lettuce?

[I am not attacking or berating you, but I want to understand.. so please educate me, I am not trying to be offenssive i Just disagree with you]

So, to my second point; would you be willing to compile data regarding those who work in the food service industry and determine what % of them actually feed people based on mexican heritage? I dont think this data exists, but happy to help find out...

This, really, is what immigration policy should be built around. I believe that youre emotional/passionate about the subject which is fantastic... let me change your view/or you mine, but yeah - we cant let emotions lead (which I can give you LOTS of information about how emotions are used to steer populations....)

>How many music pirates have murdered someone this year?

Considering half of Americans pirate music I'm sure that there have been plenty of murders by pirates this year. But it would be stupid to go around arresting music pirates and claim we're preventing murders.

And if pirating music involved breaking into the office of a record company and stealing a CD off their shelf, the comparison to piracy might be valid. But it's not.

You clearly misunderstand my comments... [we are on the same side] --- but youre very belligerent, and that is fine... but clarify what side youre on? Humanity or...

> Name a fucking job that a mexican worker is currently doing that you would do? Would you pick tomatoes? Lettuce? Will you cook me a burrito? Will you wash my dishes? Will you make me sushi? I have long said, if the Mexican Rapture happened, you will starve to death....

I understand them perfectly. If you want a discussion, try entering it in good faith, with someone who hasn't already expressed interest in avoiding the subject further.

This is unclear from the doc though. "Purchased" could mean they purchased the exploit from a hacking group or from the developers of the software (to keep it unsafe). Snowden'a tweet seems premature unless there are more documents showing this.

Holy shit and yay!

It is a rare day when I agree with you, but I think you nailed it.

This is an effective honeypot move; Lets float some shit out there to flaunt some balls and see who reacts and how... WE ARE THE CIA, BECAUSE FUCK YOU, THATS WHY!!

They are above what we have speculated in the past...

LPT: If you have a device, ANY device, know that youre monitored...

I get what you're trying to say, I'm even inclined to agree, but how can "they" fight each other with the truth if only one of the sides fighting gets it's dirty secrets outed?

During the elections I kind of wrote it off as them being prepared for Hillary and unprepared for Trump, but I have to wonder why they haven't run any leaks on Trump by now, considering how willing people seem to be to leak information. Where is his taxes? Where is the truth about his Russian ties?

I mean, take a stroll through the front page of Wikileaks and then tell me you don't wonder about the lack of Russian stories. Does Russia not have leakers?

If I hacked two people's private emails who were in some popularity contest, and they both contained severely incriminating things, and I only release 1 of those to the public, then I believe it is arguable that I have gone beyond mere truth-disclosure and on to outright manipulation.

I'm out of the loop; whose emails did they not release? Trump's?

This was more on principle, but there is some evidence that parts of the RNC were also hacked and the information never released: http://www.politifact.com/truth-o-meter/statements/2017/jan/...

This is the approach used by both left and right parties in the U.S.

The parties and their surrogates attempt to taint sources as biased and by proxy all content from the source invalid.

No, this is not true.

We now have data showing that the left tends to read both mainstream and left sources. While the right tends to live in their own little Fox-Breitbart bubble. This means that the right gets news from extremely biased sources with no anchor in reality. While the left tends to read and share a wider variety of media. http://www.cjr.org/analysis/breitbart-media-trump-harvard-st...

It's also been shown that the right is more likely than the left to distrust the fact-bearing mainstream media [1], because a strategy of the right, as in some authoritarian countries, is to generate distrust in media that they do not control.


So no, both sides do NOT do it equally. The right does way more to taint real sources like the NYT as biased.

[1] within mainstream I'd tend to separate profit-seeking and independent/family-owned media. But you can lump them together for purposes of contrast with GOP-donor-funded conservative media.

I think this last election showed there is a coastal elite bubble and a clear cnn-msnbc bubble as well.

What part of what I said is not true?

Are you asserting both parties are not guilty or one is more guilty than the other.

In any case I don't think what I said is untrue or was an attempt to mislead.

>This whole narrative of Wikileaks not being neutral is a very weird story, because they've never published anything that wasn't verified to be true.

Note that "being neutral" is not at all the same as "publishing only things that are verified to be true".

What you choose to publish still has a lot of impact on whether you are neutral or not. Even some of the worst propaganda sites publish true things. The propaganda is in which part of the truth they publish and which not.

In Russian, the truth is "Pravda" and you know what it was. It was propaganda. Mostly it was quite true, just with a very specific view on truth.

> So why even give a shit? As long as what they're publishing is true

Guess the phrase "lie by omission" doesn't mean much to you.

I agree with you that if the info is true that's good enough to use that infor. But it is still worth knowing the motivations of the people providing your information.

The truth is the most common source of bias in media is not telling out right lies but in deciding which truths to tell you. Its hard to believe that now given how much false information is being spread. But its still true. Propaganda is in the editing- choosing which stories get focus, which voices get amplified.

Facts, stats and even graphs can all be used to push a narrative. Context is pretty key.

To my eyes, Wikileaks seems to be cherrypicking and giving passes to others. The timing of the leaks has been nothing short of convenient, which makes me suspicious. That's my opinion, though. I have nothing to back it up and I wouldn't even try to prove it.

But, hey, we're speculating here.

The thing is, wikileaks publishes info that is given to them. What we could interpret as cherry picking, could just be that most of wikileaks' information is coming from particular interested actors. In other words, the bias isn't in wikileaks, but before wikileaks.

We cannot know that. WikiLeaks is a proverbial black box. Julian himself is sort of trapped in a box, too. Funny how for so many people he's conveniently become an acceptable Ministry of Truth. If you could work his levers, whether it be by compromising him with threats of violence/incarceration/family/use imagination.

There's this mythology of "never publishing a falsehood" that's repeated in a meme-like din within the WikiLeaks context, but even if it is correct, it does not preclude selective publishing of the truth, or political timing, misdirection.

Anyways, having watched the output of this black box over many years, even if I believe that black box were built with the best of intentions, I can no longer trust that the machine is altogether acting in good faith.

The editorial discretion of a mere two billion dollars in Russia-Syrian transactions, for example, omitted completely by Assange as reported by The Daily Dot, make the man highly suspect as an objective purveyor of leaked materials received.

As the US intelligence community seeks to investigate Trump, the Trump-aligned WL begins dumping on the CIA. Trump will begin whining about the "Deep State" even more. Prepare for another week of whataboutism.

You can publish only true facts and still push a narrative

> You can publish only true facts

Can we go back to just calling them "facts"? A statement can be true or false, but a fact is true.

You're playing into the idea that there are "false facts" or "alternative facts." There aren't. Those are lies or errors.

It's useful to be able to talk about "facts" - including a fact pattern which is inaccurate - as distinct from opinion or assessment.

From WikiPedia:

> Alternatively, fact may also indicate an allegation or stipulation of something that may or may not be a true fact, (e.g., "the author's facts are not trustworthy"). This alternate usage, although contested by some, has a long history in standard English.

A statement can also be an opinion, I think the intention was to differentiate from statements that are meant to appear to be facts but are false.

Because context matters? And people with any level of sophistication in their thinking can understand that.

I don't even know how to respond to some folks here. You really think it's impossible to use facts to construct a narrative that is untrue?


Come on now. We're better than this.

> You really think it's impossible to use facts to construct a narrative that is untrue?

What? That's completely unrelated to what I said, which is simply that the phrase "true facts" is redundant.

> people with any level of sophistication in their thinking can understand that. I don't even know how to respond to some folks here.

I wrote just two lines of text to express a simple thought using basic vocabulary. The fact that you misunderstood my comment so thoroughly, and yet with such extreme condescension, is simply spectacular.

>Come on now. We're better than this.

We should be above abusing the word "because". Honestly that shit is jarring.

They are not neutral. I don't think it's even controversial to say they're working against the United States. They clearly are. It's an observation not a political statement to point this out.

If they were neutral you'd see big releases of Russian secrets, etc.

It's possible there just aren't Russian leakers though. Russia can do some shady things to retaliate against leakers US not so much.

Really? I find it hard to believe that there haven't been any significant Russian leaks since WL started their work. I am pretty sure they've declined to release information damaging to Russia.

And I'd have to disagree that leakers have it easy in the U.S. For example, if Snowden comes back he's facing life in prison and the trial they've offered him isn't exactly what we would call a fair trial. My understanding is the only concession they've offered him is a promise not to execute him.

He'd get a closed trial and no due process. Snowden's trial would not look unfamiliar to a Russian at all.

People with leaks about Russia don't need Wikileaks. They just go to establishment media.

Also, US responses to Manning and Snowden seemed rather shady.

Huh? Could you give some examples of Russian leaks that got legs through talking to the establishment media? And by the way, who are the establishment media you're talking about in this context? It can't be Russian State Media such as RT so you must be talking about U.S. media such as the NYT and Wahington Post though I'm not sure.

Also, wasn't it this same establishment media that worked with WL to leak Snowden's documents? So why was WL needed at all since the media ultimately did the publishing that people saw in that case?

People might forget that WL depended on "media" to actually publish the documents as WL has not always been the sort of household name it is now. They were just the agent now they're a publisher and a PR agent all in one.

Please see my other comment about the Panama Papers. That went to German media. I occasionally see leaks about Russia in NY Times etc. But they generally aren't styled as "leaks", just reporting.

Also, Snowden specifically didn't work through Wikileaks, because he didn't want a mass leak, but rather substantive and "responsible" reporting. Wikileaks just helped him find refuge in Russia.

Ah, right, he wanted a responsible leak. I recall that much but I forgot he didn't use WL. Did he leak directly to news outlets without an agent? Extraordinary. He must have had connections or really knew what he was doing as I think successfully leaking (waterfalling?) a massive document dump is harder than it looks.

With regard to Snowden, I think the right thing to do is offer him a free and open trial. If U.S. officials are unable to offer him due process and a fair trial then the charges should be dropped. We need to get out of the habit of violating basic principles (the right to due process is one of these). Offer the guy a trial or drop the charges. Right now the offer on the table is he comes back and they'll throw him in jail, then an administrative judge will hold a private, secret proceeding, then rubber stamp the decision to throw him in jail. That's anything but due process.

This opinion is independent of my thoughts on him and what he did.

Oh now it's coming back to me, didn't the NYT's totally fuck up the responsible part? I think they inadvertently revealed that the U.S. was using one of these tools in Afghanistan during the time it was being used on the ground? I might have this wrong.

He went to Laura Poitras and Glenn Greenwald based on their reputations. They and associates have managed analysis and reporting of the information. Some have criticized them for profiteering and censorship. Others have criticized them for putting US interests at risk. The truth is likely somewhere in the middle.

> Please see my other comment about the Panama Papers. That went to German media.

A common accusation by the FSB, that PP were CIA backed. Any proof at all of that claim?

Any significant Russian leak will be instantly picked up by the western media.

There is a lot of leaks on Russia in the media. No one actually cares anymore since it's mostly corruption stories and everyone is already knows there is a lot of corruption there. Here is the last corruption story on prime minister Medvedev: https://navalny.com/p/5255/

A better question: Is this story (obviously in Russian) an example of independent media in Russia? I thought that was a dangerous business to be in?

Also, are there ever leaks on the scale of Snowden? I'd say the lack of a Snowden level incident isn't damning as that's a high bar for sure. Jesus. That dude put it all on the line.

It is dangerous. This guy's (Alexey Navalny) brother is in jail on a fabricated lawsuit as a hostage. Alexey himself was also convicted guilty and the only reason he personally is not in jail is because he will only get more rating points from being a political prisoner.

There was a massive smear campaign against him on all major government controlled mass media where they were blaming him to be an US agent and also a corrupt person.

The only reason Putin has good approval rating now is because he managed to convince the majority of TV owners in US conspiracy.

And Ukraine crisis, sanctions, ISIS, and oil price drop did actually convince majority of Russians in that. So as long as people blame US Putin is safe.

One similar thing I see here in US: when facts are too painful and too obvious - blame another country.

You are aware there is a 40 page dossier on Trump that leaked, several people have died who were tied to it.

Which proves the point of above, Russia kills people for infowarfare and the US does not.

> it seems that the strategy for discrediting Wikileaks has now become to accuse them of association with the Russians.

I don't know if this would be in the Russian interest to publish all these expensive zero day vulnerabilities, it would be in their interest to (continue to) use this stuff too.

these vulnerabilities will have to be fixed within some time (now that they are known). I wonder how long it will take for the spooks to get a new stash like this, this must be very damaging. I fear for Assange, the spooks will have a clear motive for demanding retribution against him.

You are right, the whole POL is a way to distract from WL and their releases. There are national actors trying to stir confusion, of course. But Assange remained cool, so should we.

Truth or not, I'm curious to know how the high probability that all content is curated doesn't bother you?

I can't find one leak that's been damaging to Putin's agenda. That doesn't prove Russia is in control of the site, but it's curious that every single leak has been either damaging to the United States, other parties that have not had good relations with Russia or relatively inconsequential to either.

The fact that Assange cannot verify he produces the content of his site only furthers the probability of Russia having seized possession of it, given there exists no damaging information to Putin's regime. Would it not be better if those leaks were exposed along with everything else?

There is no such thing as 'neutral' where humans and politics intersect.

Many others have made the point that it is perfectly possible to lie with a collection of true statements.

It is also possible to be used in this context; that's where the phrase 'useful idiot' comes from. So Assange should be pure as the driven snow and be laundering manipulated documents, thereby giving them the imprimatur that you, among others, appear to grant great value. In fact, this is what I and others believe to at least occasionally happen with WL.

> which it has always been so far.

How do you know this? How do you know that 'truth' hasn't been shaded by blending observable facts with unverifiable ones or by omitting documents, or parts of documents? How do you know that everyone outside of WL insiders (loosely defined) is granted access to documents at the same time? I think there are still questions about Stone's access to the Clinton dumps.

> distracting from the real story here

Please. Everyone gets to pick "the real story" for themselves.

This account was created 3 weeks ago and this is the only comment with no submissions or other favorites stories. This is not a lot of info to go off but i'd be willing to bet it is a schill.

> they've never published anything that wasn't verified to be true

Says the 21 day old account with this single, highly upvoted comment.

There are millions of documents on Wikileaks. I highly doubt everything there is verified.

Me too. On the other hand, they do try to verify what they publish, because they would lose credibility if some major release turned out to be fake / unverified. I read interviews in which Assange addresses this specific issue and its implications.

Assange will be leaving the Ecuadorean Embassy soon.

I have a feeling he tries to get to the Russian Embassy or Russia itself?

You can bet GCHQ and NSA know something and could tell you exactly if Assange is working with Russia or anyone else for that matter. At this point they have people inside the Embassy cleaning his bathroom and vacuuming the carpets.

> because they've never published anything that wasn't verified to be true

Mr Assange repeatedly claimed that Podesta's gmail password was 'password' in interviews, which was false:


This is a far, far cry from the kinds of quality journalism that Wikileaks does. It appears that the claim the password was 'password' wasn't a story in and of itself but an anecdote relating to the weakness of Podesta's password (which is true).

Compare that to Clapper, Director of National Intelligence stating for the record under oath that national intelligence does not have a surveillance operation targeting Americans in the homeland. That was a lie and one intended for testimony.

Assange here is just saying: Podesta's password is weak. It's hard for him to qualify that it was spelled "p@ssw0rd" rather than "password" during an interview.

The fact that you think saying "password" rather than "p@ssw0rd" disqualifies Assange as a lier goes to the heart of the anti-body reaction that nationalists have about hearing news that doesn't validate pre-existing opinions that they have about the nobility of their nation and its leadership.

The difference between "password" and "p@ssw0rd", while technically true, it is so pedantic it does not apply to the spirit of the conversation.

> Compare that to Comey, Director of National Intelligence

There is no Comey who has ever been Director of National Intelligence. I suspect you mean Clapper.

Yes. Correction made in the parent comment.

Thank you.

You are missing the point that the "p@ssw0rd" was for a Windows 8 account, not the gmail account. There was no evidence that the gmail account password was a variant of password. It would still be disingenuous even if he claimed it was a 'variant' of password, because there is no evidence to suggest it was.

right... so it was something like `p@SSw0Rd`, what's the difference?

We don't know the email password was something like `p@SSw0Rd`, only that a staffer temporarily set a Windows 8 password to a variant of password. This does not mean that the gmail password was a variant of password. It was disingenuous of Mr Assange to claim his email password was password, as the only indication we had of a password being a variant of password was for a Windows 8 account and not the email account.

It absolutely provides the Trump Administration with cassus belli to take punitive measures against the CIA. WikiLeaks appeared to have received the dump quite recently.

This is all conjecture, but this could be seen as a 'civil cyber war'. The Executive branch suffers from leaks, followed by an evisceration of the CIA hacking capabilities? Trumps love of the intelligence community is well known, and the scale of these leaks can be seen as a warning to the other agencies: the Executive branch will accept severe destabilization risks to protect itself.

Will be interesting to see if things escalate.

Are you positing that Trump or members of his administration have somehow released these CIA resources? Or just that WikiLeaks is bringing attention to these resources and their current "libre" status in the wild?

Im stating the possibility that the Executive Branch made available the means to doxx the CIA.

The timing, the target, and the vector of attack all line up very nicely.

We had such leaks all the time during Obama's presidency (what with Snowden et al).

So, no reason at all to assume anything particular changed, except that people want to assume something -- because Trump.

It is interesting that the dumps were primarily from the NSA. I don't know the issue well enough to state whether the antipathy existed between the CIA and NSA enough for them to make this kind of move under the nose of Obama, but it certainly could have helped move some NSA funds to the CIA.

So Trump is simultaneously a complete incompetent blowhard and pulling off these mastermind plans??

I think it's likely that Trump will make difficult demands of his staff, and they find a way to make it happen. The President doesn't necessary get involved with the details of formulating the strategy to accomplish the demand. What's more important is the President thinks about risk factors, fallout, long-term implications of the strategy their staff proposes.

The 'incompetent' comes from an apparent disregard of thinking about the consequences of his actions. The 'blowhard' is self-documented.

just because the demands are difficult, doesnt mean that the staff will work to make it happen.

The staff can let it fail and place the blame on a rival

The staff can fail, and distract the president

The staff can fail, and blame a convenient political opponent.

The staff can succeed, in a few things, but not the whole remit. They can then spin it as a success

The task could be very complicated and would require multiple steps to achieve it.

But finally, the reason this fails as an argument - is that gutting the security apparatus of the state when you control it, is absurd.

The assumption for this to be non-absurd, is that the CIA is working against the government, and the constitution.

If that was the case, then following the constitution and declassifying their arsenal was not necessary in the least.

Essentially, the theory can be disproved by contradiction/occams razor.

>Essentially, the theory can be disproved by contradiction/occams razor.

You haven't disproved anything. You've stated an opposing viewpoint.

I haven't seen any evidence that leads me to believe that someone in the administration leaked this to harm the CIA, but nothing you said came close to proving that that's not what happened.

>the reason this fails as an argument - is that gutting the security apparatus of the state when you control it, is absurd

Your entire argument rests on the assumption that the hypothetical administration leakers will come to the same cost benefit conclusion you did. I can think of limitless situations in which covertly injuring the CIA may appear to be worth it to people within the administration.

The administration doesn't appear to trust the CIA and it's entirely possible they view them as an enemy to be dealt with rather than an asset to be controlled. Again I don't think this is the likely explanation, but it's not so unlikely that you can just throw out "occams razor I'll accept your concession now."

That sounds like such a CIA move. Always attacking indirectly.

It looks more like Wikileaks chose this timing to help Trump. No one is talking about his paranoid surveillance tweets now. Everyone's talking about how suddenly the CIA is in all our phones and TV sets. Trump gets to say "See, I told you!", and the world gets to witness another NSA surveillance style scandal, only this time possibly on an even larger scale.

Interesting coincidence that Wikileaks chose to help Trump during the election as well.

I doubt it was a coincidence. Wikileaks supports Trump.

> Wikileaks supports Trump.

I wonder whose hand is really stuck in that sock puppet.

This is my hypothesis right now. It was recently reported that the CIA was withholding material from Trump - while the FBI helped him get elected.

People assume this needs mastermind-level capability. It just needs motive and capability. All it takes is one CIA defector or a previously existing plant.

I would think securing inside intel on other government institutions would be pretty standard. How else can you check that they're not compromised by Russians ;)

> There is clear motive right now for undermining the CIA.

I think this is irrelevant and distracts from the issue. You are trying to change the narrative.

If this is true, this is incredibly bad, and the CIA should be discredited.

"If this is true, this is incredibly bad, and the CIA should be discredited.

What do you mean by "discredited"? If anything this gives a ton of credibility to CIA's rumored capability. Hell, it gives CIA so much credibility now that they can practically make up stuff and people will believe it by saying "oh they can bug everything, of course they found out about it".

It tells us what they can do but it certainly doesnt incentivize trust.

Public trust is a pretty low tier item on the list of priorities for global intelligence agencies. They exist to do their job and be effective at furthering our own national interest while screwing over enemies.

Public trust is a PR problem and there are other people that manage it.

Why is it bad? Does anyone expect spies not to have spy tools? Espionage is their job, after all.

OK fine. But let's stop pretending.

The CIA has access to the search history and phone call log of everything single American, and is blatantly breaking the constitution, and every single one of them should be arrested and sent to jail, for breaking the US constitution.

It is "their job", but it is also illegal and they should be sent to jail for treason.

You are correct, though, that it is completely expected that they have spy tools that blatantly break our constitutional rights.

The CIA is specifically constructed to operate in other countries. I see no reason to think that they are "blatantly breaking the constitution."

There are other agencies like the NSA that are spying on Americans, but I've seen no evidence that the CIA is doing this.

It is the CIA's job to spy on other countries and that doesn't violate the constitution. Nothing in the leak so far says that the CIA is spying on Americans.

Well the CIA can legally spy on Americans "incidentally" when they communicate with foreigners. See Flynn calls with Kislyak for example.

Maybe GP is starting to finally see the CIA how the rest of the world has seen them for say, oh the last 60 years or so.

Yeah, not being American I always thought the USA was quite proud of its spy service, just the Russians are sort of proud of the KGB, the british are proud of MI6 and so on. Large countries have espionage agencies, and every government since ancient history has used spies.

Put it this way, I have a Samsung TV and plan to do absolutely nothing about it. If I want something to be really private i discuss it outdoors or write it down by hand on paper. I'm kind of baffled about eh public and the media's inability to distinguish between the ability to carry out espionage and the targets against which it is deployed.

> really private

Just be sure not to put the TV in your bedroom.

Anyone spying on my sex life is welcome to whatever insights they can derive from studying my moves :)

You mean the bedroom where you charge your phone?

Exactly. Escaping that vecomes really difficult.

No matter what your opinion on the CIA, it's bad. If for no other reason than that it was a huge counter-intelligence failure.

edit: tl:dr; I don't think Assange signing a message with a private key would disprove he's not compromised (which was the implication). It's naive to say otherwise.

> It's interesting to note that Julian Assange didn't demonstrate control of the wikileaks private key during his Reddit AMA 1 month ago

It's easy to see why Assange didn't oblige, compromised or not.

Minor note: the Reddit thread was from Jan 11th. This is relevant because Assange wasn't only asked to verify control of the private key. Assange hadn't appeared in public and skeptics wanted "proof of life." The Reddit comment, currently at 15K upvotes, even includes Assange's response with reasons that talk to the difficulty of maintaining private keys and avoiding taxing precedents like having to provide proof of life all the time. Again, compromised or not, I can understand why Assange wouldn't want to become conditioned to respond to every request for proof of life or locking down private keys.

> This comment was immediately down voted on Reddit. Someone is seeking to control the narrative.

I can't tell whether or not this is a joke. A) of course Reddit is manipulated and B) a single vote is within the range of background noise, not signal.

A vote don't mean shit.

This argument that "they're building a narrative" really rubs me the wrong way.

Yes, they're building a narrative - by pointing out the crap the CIA has been doing. This is not unlike how the US used to point out human rights abuses by China, Russia, and so on.

If the "narrative" is accurate, then that's on the CIA.

Is that you, magical tux?

There are several elements:

1) what the material exposes

2) how it was obtained

3) why it was released

We should condemn (2) and (3) even if we condemn (1). That is, a properly functioning society shouldn't need to rely on leaks for corruption and abuse of power to be exposed.

At the same time, we should always respond to abuse of power and trust; to do so because we don't want to help "the bad guys" simply creates an environment in which such abuses are tolerated.

Similarly, we should not assume that any comment that we disagree with is a conscious manipulation by malicious actors; otherwise, I could just as easily argue that you have some ulterior motive to post your comment.

I feel like it has been very thoroughly demonstrated that we in the US do not enjoy the comforts of a properly functioning society, and as such leaks are a hard requirement for corruption and abuse of power to be exposed.

> That is, a properly functioning society shouldn't need to rely on leaks for corruption and abuse of power to be exposed

How do you figure? Abuse is just use you don't agree with. If everyone in control is perpetrating the abuse, the only way forward is leaking. See: the Snowden leaks.

Those in power have little incentive to restrict it. Leaks are very effective at letting people police their own government.

I have to disagree - leaks seem to be the only way that this information gets out and the only way that people seem to care much about privacy.

I think that anyone who has been following the Wikileaks social media accounts has noticed what can only be described as a blatant subverting of those accounts by another party.

What are some examples?

The insane, continued obsession over Hillary's emails and the phrasing of the social media accounts is definitely not congruent with the clear-headed logic and essays that Assange has written in the Wikileaks manifesto, "Cypherpunks", and others.

The Wikileaks Twitter handle just used a Fox News video as evidence for something.

You could say the man's gone insane, but the theory of these accounts and the WL org being subverted by a state power sounds more plausible at this point.

Hmm. Someone do some frequency analysis on the tweets and compare the date ranges before and after the Assange hiatus.

edits to do list

What are you talking about. Julian absolutely hates Hillary, and for good reason. Hillary and the Obama administration hardcore went after him. Of course he hates them. So him being biased is completely expected.

So does every government for which the have leaks. They have tons of enemies and yet they have never shown the ridiculous, singular obsession. It is just not congruent with the rest of their reasoning.

It is because of Hillary that he has been held in the embassy for years.

Julian has tons of enemies, but only one of them forced him to stay locked up for years.

Julian Assange can't demonstrate control over the Wikileaks key. That's a pretty damn solid canary for control over Wikileaks being out of the proper hands.

Can't or won't?

>There is clear motive right now for undermining the CIA.

And why NOT to undermine the CIA?

Because we don't live in a Disney movie where everyone gets along and lives happily ever after? Do you think if we get rid of CIA the Russians will just disband the FSB? The Chinese will just suddenly become transparent and stop all international espionage? The entire world will suddenly love US and try to suck up to the biggest superpower?

>Because we don't live in a Disney movie where everyone gets along and lives happily ever after? Do you think if we get rid of CIA the Russians will just disband the FSB?

No, but I'm not American, and I know that 80% of the world has been royally fucked over (toppling governments, meddling, dictatorships supported) by the CIA, whereas few have had any issues with FSB (just/mainly their neighboring countries, and not the sweetest ones either).

At the time of USSR, yes, but not with Russia, which is, and will always be, a second player that just happens to have inherited nukes, so they can't be easily pushed over.

And same for China. Until now at least it was others who were the aggressors to China. I mean, the Senkaku Islands dispute? What's that compared to the hell that Japan created (and never recuperated or even really regretted) in Manchuria?

(All of those countries of course have disputes and issues with bordering countries and territories they claim as their own. But only the ex-colonial powers, the US and the diseased USSR harmed countries all over the world -- which can also be gauged by military bases presence).

(And concerning "territories they claim as their own", it takes a lot of "down-with-whataboutism-lalala-hands-in-the-ears" for US to point to Nepal and forget Puerto Rico, or for that matter Hawaii. And let's not go further back...)

>The entire world will suddenly love US and try to suck up to the biggest superpower?

Well, CIA is one of the main reasons the entire world doesn't love US.

Or rather, even in the developing world, people will love the country, the people, the music, the movies, the food, etc., but the foreign policies? Not so much...

(And concerning "territories they claim as their own", it takes a lot of "down-with-whataboutism-lalala-hands-in-the-ears" for US to point to Nepal and forget Puerto Rico, or for that matter Hawaii. And let's not go further back...)

What about Nepal?

Sorry, meant to write Tibet.

> 80% of the world has been royally fucked over (toppling governments, meddling, dictatorships supported) by the CIA, whereas few have had any issues with FSB (just/mainly their neighboring countries, and not the sweetest ones either).

I'd ask for sources for this claims... but I'm really afraid for the outcome.

If you really believe in all of this... it's extremely disturbing.

This is "80% of the world" you've mentioned?

Some of us are not USians. I'd say if your goal is to make people elsewhere in the world love the US, then CIA dirty tricks isn't the way to do it. Dirty tricks by other governments wouldn't do much if the US was a genuinely beneficial influence in the world. At the moment it's not so clear that the US is beneficial, with it doing some things that are useful, but which Trump seems to want to eliminate as soon as possible, and other things that are questionable.

The accepted demonym in English is American. I don't go around dictating what inhabitants of other countries are called in their language.

In the English speaking world, North and South America are considered 2 separate continent, and the single word American is universally understood to refer to citizens of the United States of America.

We have referred to ourselves as American for over 200 hundreds years and we are the only country with the word America in the name.

Well, I'm a programmer and the ambiguity of "America" and "American" disturbs me. Maybe "US American" would be better than USian though, since it matches the name of the country.

There is always some form of ambiguity in natural languages. I get the desire to avoid it, but unless we want to communicate in Lojban, that's not possible.

In the English speaking world, there is no continent called "America" there is only North America and South America. If you want to refer to both we would normally say "The Americas" or maybe "The New World".

Since there is no "America" commonly used in English other than the country, there is for all practical purposes, no ambiguity.

Use is what gives language meaning, and if you look at the numbers "American" is almost always used to mean a resident of the US. Attempting to force a fix on a perceived issue is never going to work.

By the way prescriptivists have been trying to force manufactured demonyms on us for years and none of them have ever become mainstream.

I've met several South Americans who insist that they are "American", but after investigating further, even in South America, the word "American" is almost never used in English to refer to people who come from what we call North and South America.

When you think about it why would anyone want to refer to themselves as basically coming from the Western Hemisphere? There is no shared language, no shared culture, no shared government. It would be like saying "I'm from The Old World", when that applies to people from France, China, and Zimbabwe.

It's pretty much a useless distinction. And language use patterns back that up.

The logic of it is simple to me. The name "America" was initially assigned to a newly discovered area in the south, and was later used for the entire land mass. Eventually the USA was founded in part of that area, but with such an unwieldy name, "America" became a popular abbreviation. That doesn't invalidate the original meaning. I understand that it's not ambiguous to many people, but it's ambiguous in my own mind because I do think of "America" as applying to the entire land mass.

>That doesn't invalidate the original meaning.

It does invalidate the original meaning because no one uses America to refer to that landmass anymore (in English). Common use is what determines the meaning of language.

"Nice" used to mean simple or foolish, "Silly" used to mean blessed, and "Awful" used to mean worthy of awe--modern usage patterns have invalidated their original meanings in modern use.

>I understand that it's not ambiguous to many people, but it's ambiguous in my own mind because I do think of "America" as applying to the entire land mass.

And I think of Columbia as an alternate name for the US. It doesn't mean I'm going to get on a Colombian Spanish language forum and start making up new demonyms for them.

The worst is that you end up with statements like "America is a country in North America", which to me is just bizarre.

New York is a city in New York. Are you going to use New York Citians instead of New Yorkers?

Mexico City, Mexico.

Belize City, Belize.

Panama City, Panama.

Djibouti City, Djibouti.

Nope, the goal is not to make the rest of the world love the US. It is to further our own national interest while fucking over our enemies. Just like any other countries that ever existed in the history of human civilization.

That seems about right. You have to wonder what "national interest" really means though. Something to do with making US billionaires richer than their foreign competitors, I think.

Maintaining the use of the USD as default fiat currency for key commodities which in turn implies geopolitical leverage through access to USD and the banking system which supports it, with participation in this state of affairs defining what is and is not the 'accepted' system.

See also: BRICS & recent political turmoil in Brasil, Ukraine

Currently our national interests can be defined as whatever the latest talking head Trump was watching on Fox News said they were.

>Just like any other countries that ever existed in the history of human civilization.

Self-Godwin'ed. Nice!

The CIA doesn't follow the rule of law (as evidenced by this leak). Wanting to disband them is not the same thing as saying we shouldn't have a US intelligence agency.

They have consistently acted outside rule of law, helping to commit many egregious acts of human rights abuse. So, yeah, I'm not too pleased with them.

This is obviously a false dichotomy.

The CIA should have been splintered into a thousand pieces and scattered to the winds.

> This comment was immediately down voted on Reddit. Someone is seeking to control the narrative.


The number of times I've had perfectly reasonable ideas downvoted immediately on reddit...

But part of these leaks implicate the Russians, as their toy chest has been exposed too.

Russians do not have free press and the state controlled media allows them to use nationalism to strongly insulate themselves from criticism and foreign press.

Combined with their propensity for assassinating dissenters and journalists, there is less willpower to resist the fascism.

It's to the point now that things like this improve Putin's poll numbers, not hurt them.

> the state controlled media allows them to use nationalism to strongly insulate themselves from criticism

Have you watched news in the US recently?

>Have you watched news in the US recently?

You mean have I watched the non-state controlled media from a widely disparate number of sources offering wildly disparate assessments of current events along a dramatically huge spectrum?

Have you watched Russian news, ever?

If you think American News and Russian (or Chinese) news are comparable, I don't know what to tell you. It's beyond ignorance at that point.

P.S. In Russia, there isn't any dissent. Like the major media in America, they are dissenting from the current government.

Do you understand that what is happening in America -- mass media dissent -- is literally impossible in Russia?

It's possible that the GP was referring to the evidence in recent US news reporting that the present government is attempting to build control of the media analogous to that in Russia and prevent dissent, though clearly that attempt is in its early phases and has not yet succeeded. That, in other words, the implied conclusion of "Have you seen the media in the US?" wasn't "It's relationship to the state is just like in Russia" but "There is an active effort to transform the relationship of media to the state to one like that currently seen in Russia."

I'm certainly not seeing any insulation here.

A flock of Mockingbirds.

everyone knows russia does it. their whole game is, "see. everyone oppresses their citizens. america is just as bad as us and real democracy can't exist"

Where everyone = every American that knows very little about foreign affairs (and probably couldn't even point Iowa on the map), but believes all the crap they see in mainstream media, from WMDs to the latest "Russians hacked our elections" -- and always roots for the current "enemy du jour" of the establishment.

Aside from the constant pressure and threats, and the constant military presence around its borders, few in Russia would give a flying duck what the US does. Seriously, why don't people just get a passport and try to talk to people around the world to see what they actually think?

yes everyone who disagrees with you must be ignorant and uninformed.

Any other rezson to disagree? This is literally the only reason to believe in your position over another

On particular topics, like whether the earth is flat, or the one I mention above, yes.

>Seriously, why don't people just get a passport and try to talk to people around the world to see what they actually think?

Have you done this? A lofty goal.

Yes. I'm from Europe, and I've been to over 20+ countries, including all around the states many times.

We have a tradition of paying more attention to international affairs in this here parts (Europe at large) -- and being quite more mindful of geography and history in general. With the US the only international affairs that people talk about is mainly the current enemy du jour or philanthropic cause. And it's not like they know a lot of the background of those things (or even basic elements of them) when asked.

Not to mention we are actually learning/speaking foreign languages and even reading foreign movies and media (the people at large: not e.g. some art-cinema watching hipsters).

A European online would read US media AND his country's media. And often of 1-2 other countries where he shares a language or speaks their language. An American? Not so much from everything I've seen and read.

> A European online would read US media AND his country's media. And often of 1-2 other countries where he shares a language or speaks their language.

This is also very true in Asia. If you turn on a TV where I am, there are channels from all over in many languages. There are the big US news networks, BBC, RT, France 24, other news networks from China, Japan, Singapore, Vietnam, etc. We get cheesy Indian and Thai dramas and horrible 80s cop movies from China that are remarkably similar to horrible 80s cop movies from the US. The last time I watched TV here (I don't own one) I saw an interview with Slavoj Žižek on a European network.

I am of the same mind as you that US citizens would benefit tremendously from exposure to more outside media.

Constant pressure and threats? Can you provide a few examples?

The NATO expanding its presence all around their border states, 24x7 demonization of Russia and its actions in the media, financing "orange revolutions", sanctions and embargoes, all kinds of NGOs and opposition parties sponsored openly (and often covertly) by US organizations to meddle in internal Russian politics.

Just check how many Russian political groups, organizations, events and "NGOs" a single US body, the National Endowment for Democracy (funded by the U.S. Congress through the State Department) openly lists as funding:


And here's an example of crude double standards, either never put forward (since few in the US even know anything of the history of those regions, short and long-term, and just repeat what they read, about an innocent country victimized by those Russian bullies), or ignored by invoking "whataboutism":

A border state to Russia has its elected government toppled and a group of various opposition powers (including neo-nazis) comes to power with strong anti-Russian sentiments. This state has areas with huge populations of Russian ethnicity that don't like the new situation and feel threatened. Russia moves in to those places to protect them. And they're called all kinds of things for it, get sanctions and embargoes, etc. Meanwhile, the US can invade 3 countries they have no borders and no business with -- and no population of US ethnicity living there -- in the span of 10 years, with BS pretexts like WMDs, and leave hell-holes of fundamentalist and civil war behind, plus hundreds of thousands of deaths, and that's a-OK. Or some "self-critique" and crocodile tears is enough to forgive it, but what Russia did in Crimea is unforgivable.

Heck, every second Evil Plotter / Crazy ex-General etc in action movies is still Russian, 25+ years since the end of the Cold War...

Some moar stuff: http://www.counterpunch.org/2016/07/12/putins-threats-to-the...


"A border state to Russia has its elected government toppled and a group of various opposition powers (including neo-nazis) comes to power with strong anti-Russian sentiments. This state has areas with huge populations of Russian ethnicity that don't like the new situation and feel threatened. Russia moves in to those places to protect them. "

Oh, now I understand where your position on conscription [1] comes from.

Russian info space, apart from this "protecting russians from nazis" war propaganda, is also full of serving-your-country/patriotism propaganda. And it's ridiculous how far reaching it is. Some russians even take pride in not hiring people, who didn't serve. So, this is where your views come from.

[1] https://news.ycombinator.com/item?id=13777782

>Russian info space, apart from this "protecting russians from nazis" war propaganda, is also full of serving-your-country/patriotism propaganda. And it's ridiculous how far reaching it is. Some russians even take pride in not hiring people, who didn't serve. So, this is where your views come from.

Only I'm not a Russian. And apart from occasional checking out of RT (as I do of Guardian, Al Jazeera, NYT, BBC, and dozens of other outlets, being a reading junkie) I don't have any exposure to the "Russian info space" (whenever that means, probably a derogatory word for "their" media and websites, who obviously aren't as worthy as yours).

So there goes the BS theory. As if only Russians, and propaganda victims of some "info space" would ever be patriotic.

In fact, visiting the US, one has the impression it's the most patriotic place on the western world.

Nowhere in Europe do we have as many (or any at all, for that matter) flags front and center, or BS "support our troops" stickers on our cars, and heart-felt soap opera news about our "heroes". Or so uniform support of wars, from all sides of the parliament. And our Presidents and PMs seldom talk to God.

(Oh, and referencing a different thread on conscription etc -- a little stalky).

"As if only Russians, and propaganda victims of some "info space" would ever be patriotic."

Here's the thing, that's exactly it. Patriotism doesn't come from nowhere, it's part of government propaganda. And if someone is influenced by it, he either would reject conflicting views from other propaganda sources, like from the enemy, or would reject his government's propaganda and would stop being patriotic.

So, I don't believe you.

> A border state to Russia has its elected government toppled and a group of various opposition powers (including neo-nazis) comes to power with strong anti-Russian sentiments. This state has areas with huge populations of Russian ethnicity that don't like the new situation and feel threatened. Russia moves in to those places to protect them.

Sorry, I've not realized before, that your job is to spread Russian propaganda.

And talking with Kremlin people is pointless, since they're on the payroll and they need to push their agenda.

Yep. I remember when shortly after our [Romania] anti-communist revolution in 1989, some politicians advocated for requiring permits for street demonstrations (something which was still happening at the time) with the excuse that "even America does that".

Honestly I dont care who's behind wikileaks. At the end of the day, they are helping to balance out the power of government.

I don't see anything in the leaks that couldn't have been (somewhat easily) fabricated. I am still looking.

WL, like more normal journalism outlets, relies on its reputation. They are biased, but have a very good track record for not releasing false documents.

Also, Snowden says they look real so far because they contain elements only a cleared insider could know. https://twitter.com/Snowden/status/839159736977227777

So because your completely unproven claim that wikileaks is not in the hands of a neutral party was downvoted, that means the narrative is being controlled!?

It looks like someone wants to pull an Erdogan, and they know that the CIA, FBI, and NSA (the American security deep-state) are the chief obstacle to their goal. Which makes sense, considering it's those agencies who are usually responsible for both preventing foreign intrusion into our government (if the enemy is foreign) and mounting coups d'etat (if the enemy is domestic).

> It looks like someone wants to pull an Erdogan, and they know that the CIA, FBI, and NSA (the American security deep-state) are the chief obstacle to their goal. Which makes sense, considering it's those agencies who are usually responsible for both preventing foreign intrusion into our government (if the enemy is foreign) and mounting coups d'etat (if the enemy is domestic).

I think you're really overstating things here.

While Turkey's military may have mounted coups to restore secular order in the past, that's a peculiarity of their history. To think that the CIA, FBI, or NSA would serve a similar role in the U.S. is unrealistic. The times I can think of off the top of my head that they've gone against the law it hasn't been to the people of America's benefit, to say the least.

Besides of which, it's not even a reasonable comparison. The intelligence agencies aren't comparable to the military. If God forbid there were a coup in the U.S. it would involve the military, and they would probably be following Mattis, who is on Trump's side at the moment.

Lastly, come back to me when Trump is rewriting the Constitution and jailing journalists and judges by the thousands. Until then, this comment comes across to me as either paranoid hysteria about the U.S.'s situation or tragically belittling Turkey's.

I didn't mean that the American military or security state have mounted coups in the past. I meant that the current occupants of the Executive Branch seem to be going after them as if they were likely to do so in the future. This may not indicate that any of our institutions actually plan to mount a coup, but it indicates that the people attacking those institutions fear their plans are coup-worthy.

> This comment was immediately down voted on Reddit. Someone is seeking to control the narrative.

Reddit has been beyond terrible the last year and it didn't recover post election. There always used to be a bias but you could usually drill down into some good back and forths in the comments, now you will only find that if it even exists in heavily downvoted posts along with troll posts.

>the last year

The Reddit front page has always been terrible. Maybe it was once terrible in your favor, but that doesn't really matter.

Ever since it became popular, it has been the best place to influence millions of people and forge opinions.

For the nth time, find good subreddits because the front page is terrible.

Yeah that's what I say when I'm downvoted too. My voice of freedom must not be silenced etc.

> It's interesting to note that Julian Assange didn't demonstrate control of the wikileaks private key during his Reddit AMA 1 month ago

So... what's the concern of people? The video seems to be clearly him, not under duress, and current. What more could someone want? If he weren't in control of wikileaks surely he would say something.

>seems to be

>surely he would say something

These aren't exactly reassuring statements, at least not to me.

I'm not sure if this was a joke comment or not, but when the lack of evidence becomes evidence of concealment, you've fallen into paranoia. What would you think if your mother seemed to be fine, and you were fairly sure she would say something if she wasn't? Would you suspect someone was keeping her quiet?

My mother also isn't borrowing space in an embassy while pursued by any number of highly sophisticated government agencies.

For someone who so often revels in the authenticity of their work, why is the backlash so fierce when their own authenticity is questioned?

You're either a nutjob or you have at least as much of a political motive as you claim Wikileaks have.

I can't believe this warmongering is on top. Yes, maybe ask who is dumping what and question the authenticity, but stop trying to talk up a nuclear war on the basis of downvotes on Reddit.

I'm pretty sure that this got immediately downvoted on reddit because it's a crackpot conspiracy theory, not because someone is seeking to control the narrative.

> Someone is seeking to control the narrative.

China and Russia immediately come to my mind. China has been influencing american public opinion in more than subtle ways. Hollywood movies are forced or incentivises to show china is positive light. Any material manufactured in China is forced to adopt Chinese world view for example China secretly forces printers to make changes to how Taiwan or Tibet is mention in the books. NN Taleb's recent book face the same issue.

The problem with CIA or US Government in general has been they have long stopped using american ideas of freedom, transparency to their own advantage while being transparent and accountable to public. Constant lies, optimising for dubiously useful goals, financial mismanagement etc. has made them less credible and very correctly so.

I bet the next thing CIA would try to get Assange killed and facts suppressed only making themselves less and less credible and reducing freedom in the country.

When John Kennedy appeared on television during Cuba missile crisis the American public to a large extent believed their president. After what Bush did in Iraq I think American public will not trust another President like that even in the face of a real crisis.

I think that is how nations probably fail.

>* Someone is seeking to control the narrative.*

Uh... welcome to /r/conspiracy....

Don't be naive. Gaslighting people on the internet is a billion dollar industry.

Is the concept of a 3rd party attempting to steer a conversation so hard to believe?

Is someone downvoting a comment on reddit so hard to believe?

exactly my point... it has been said for years, decades, centuries...

NO - not hard to believe... but interesting the unveiling we are seeing now...

forgive all typos as my fingers are experiencing the chilling effect ( my hands are cold... makes it hard to type)

Seriously. This is the exact dialog that has been running on reddit for months (since Sept 2016 at least). People are constantly asking for Assange to provide 'proof of life' etc. They basically just assume Wikileaks is compromised for any number of weak reasons (typically many weak reasons taken in sum), and then jump straight to the conclusion that there is narrative controlling. The likely reason his post was downvoted was because the notion is played out.

im suprised, i thought it was beyond question that wikileaks is basically an attack vector used by russia. i guess you are saying while that may be true, it wasn't clear that assange was actively helping to that end.

my thinking is, everyone keeps things private. its fairly probable that there is as much damning info on most other orgs. in the context of wikileaks role in the 2016 election, im sure the RNC would look just as bad if they had all their dirty laundry aired. to my mind, you must consider the consequences and context when leaking, and for that reason i think wikileaks was highly unethical and they are partially culpable. there is no way assange wasnt aware of the motivations behind the leaks. so, to me, he hasn't been impartial- its a sin of inaction, not action.

a third, and minor point- when assange was last interviewed on bill maher, he struck me as very careful with his words, and very talking point ish. sounded just like a politician. wouldn't give any play to bill's questions about putting thumb on the scale for trump. not much there, but weird for someone who purports to be even minded, rational, fair and pure to behave like that.

Reddit.. The narrative has been violently pushed and pulled 1000 directions for a couple years now. I'm not sure exactly what you're suggesting, but are you saying someone is either mind controlling him, or effecting leverage over him to coerce him to become their tool? You do believe it was indeed him in his interview with Hannity a month ago, right?

> This comment was immediately down voted on Reddit. Someone is seeking to control the narrative.

Oooor, you know, the knee jerk reaction is to downvote you because it's an unpopular opinion. Even I had it for a brief second before I realized 1. You may be right; 2. I don't really give a shit.

Make no mistake, this is the latest salvo on the modern battlefield. This is not the result of some patriotic citizen trying to rein in what he sees as an abuse of power. This release was used as a weapon.

I'm going to be wildly speculative here. Let's assume that the timing of this release helps the Trump administration and smears the US intelligence apparatus writ large. There's only one person on his team who has displayed the forethought, intelligence, and capability necessary to do something like this. Jeff Sessions obviously isn't. Bannon, while an effective and shrewd minister of propaganda not this sophisticated.

There is, however, one person who thinks twelve moves ahead like a chess grandmaster. I wonder what, if any, Peter Thiel's role is in all of this

As has been demonstrated, the narrative is very easy to manipulate when people are lazy about how they acquire and treat data. Interestingly, this new development could also be a good thing for the CIA. A way to clean the slate as well as a rallying call for new talent with fresh minds, with far less baggage. The proliferation of this tech was inevitable. We need to set standards for responsible use. My perspective constitutionally is that it falls between the 2nd and 4th amendments, depending on intended and actual use. As a data collection tool, it should be treated with the same care as medical data.

What is the clear motive for undermining CIA and who is the biggest loser?

I'm not quite following... Who does this leak weaken?

I appreciate your username.

Hello "abandonliberty".

Keep in mind, it also very clearly serves the CIA's interests to suggest that Assange is compromised, so people should take those who push this idea with perhaps greater skepticism than they do Assange himself.

Also, control of a private key only demonstrates control of the machine on which that key exists, so it is not definitive proof of anything. It is possible Assange's machine was wiped or hacked, or that the person in control of that machine was killed or taken out of play. There have been multiple mysterious deaths associated with Wikileaks in the past couple years. It is conceivable that Assange never was in control of the private key and that one of those people was, in which case it makes perfect sense that he can make multiple convincing videos but not produce that specific key.

Finally, the question of whether Wikileaks is "neutral" (whatever that is supposed to mean) is not particularly relevant given their implacable record of truth in reporting. The leaks are most likely completely true, and as new information, should be evaluated independently/objectively.

As someone who has read a few histories of the CIA, I can say that anyone who is their enemy is my friend. Their worldview and approach to international action has caused mass human suffering on the world stage for decades, usually in the name of protecting things like unfair trade agreements, destroying unionization efforts & democracy, and eliminating political affiliations that are not in the perceived interests (in terms of world hegemony) of the US government. In popular media this is portrayed as a "necessary evil", but in reality it is a sociopathic service to power that degrades the soul of all humanity.

Syria is probably the most recent example. The CIA was envisioning an eerily similar scenario to the one that is playing out right now...in 1986. [0] I encourage you to read up on their origins and history, it is a fascinating if extremely unsettling story.

[0] - https://www.cia.gov/library/readingroom/docs/CIA-RDP86T01017...

Or someone is seeking to force a narrative but can't quite decide how to do that while actually making sense and not backpedaling on accusations.

> This may not have been an act of altruism like Snowden

I'm still really surprised no one questions the Snowden narrative. A man who earned $200k a year, worked remotely in Hawaii with his smoking hot wife, suddenly decided he has a conscience, either collected data slowly over time or did a massive data dump and released all this information to Greenwald and Der Sepgiel. Then he flees to Russia where he openly tweets against Russian policy.

Unlike many other stories, there were no where near the level of government denial. Media outlets ate it up without looking into any of it.

I really feel like Snowden was an intentional leak, either to show the NSA could proclaim their spying abilities and no one would be able to stop them, or they wanted to profess they had capabilities they don't actually have.

In either case, the US government is still spying relentlessly, creating war zones and expanding military powers. People say I'm a "tin foil hat conspiracy theorist" when I say that the CIA most likely created ISIS to destabilize Syria.

It's not crazy, it's what the CIA has been doing for decades. The 1973 Coupe in Chile, Bay of Pigs, School of the Americas, Iranian Contras .. the list is as long as you want to make it.

You should question each "leak."

If Snowden was fake, and someone can make the NSA and government's response to his leaks look as genuine as they did, this is going to be someone so powerful, well-connected, and invisible, that's it's likely it's not even human. Every time you come up with a complex conspiracy theory, ask yourself how easy it would be to orchestrate that and just handle all of the logistics of it with zero leaks and 100% undying loyalty without getting stabbed in the back yourself.

People did question it -- he was getting spy accusations as soon as Russia let him in, but then they looked at the actual documents and realized that Snowden is irrelevant as far as the content is concerned. You don't need Snowden's motivations to interpret any of that.

What benefit does it serve you to suddenly get all of your enemies and frenemies to suddenly change all of their communication methods to avoid the NSA? You're spying on them without them knowing about it -- that's exactly what you want!

Maybe AI is already in charge. :)

Simple: I have compromised your communications, using one of many methods. I publicly release some of my obsolete methods (unofficially of course). You scramble frantically and at great expense to plug all your leaks, and I watch you through a channel whose existence I haven't revealed.

I wouldn't say it's crazy to question it, but neither of the potential motivations you cite for faking the leak really holds up to me. The NSA didn't need to leak on itself just to flex its muscles, people are plenty scared of it as is. Not to mention many of the capabilities confirmed by Snowed were already widely speculated to exist - Wired wrote an article shortly before Snowden that touched on them[0]. Nor can I imagine they would try to claim capabilities they don't have: what would be the point? Seems pretty expensive for a psy-op without a discernible target.

Also Snowden ending up in Russia has never seemed suspicious to me - where else could he go that would protect him from both legal and clandestine extradition?


Snowden was living in Hawaii with his girlfriend, not his wife.

Facts are important if you want to promote your theories/wild fantasies.

I agree that they could've done it, and they've done stuff like this in the past. The pros outweigh the cons. The reasons you've listed don't seem 'worth it' to me.

Maybe there's some alternative motive we're missing - but I doubt it was to prove they couldn't be stopped even after exposal.

- Smart TV turned into listening devices with fake off mode?

- Intercepting audio/texts before encryption by Signal, Whisper, WhatsApp etc.

- Dozens of O-day attacks again Andriod and iPhone.

Pretty powerful stuff.

> Intercepting audio/texts before encryption by Signal, Whisper, WhatsApp etc.

This basically means if your device is compromised, expect malware to be able to read all content (including Signal, WhatsApp messages). Nothing new. The way it's phrased makes it sound like Signal, WhatsApp have vulnerabilities, but no, the intention is sensationalism over sound analysis.

Yes, that's nothing new, and it's obvious to us here on HN.

However, I disagree that the intention can only be sensationalism. The average computer/smartphone user (or journalist!) absolutely does not understand that if their device's operating system is compromised, that so are all the apps they run. Saying that messages can be intercepted before they are encrypted is worth pointing out as a realistic consequence of someone's device being compromised; a consequence that J. Random Journalist would not realize if it were not specifically pointed out.

Bypass encryption means they broke the protocol. They could say "also malware can read your private messages and anything else on your phone". But no, bypassing encryption sounds a lot better. Fake news.

I don't read it that way. To me, if they meant they broke the protocol, they would say "broke the encryption" or "defeated the encryption". "Bypass" implies to me that they get the information without interacting with the encryption.

I agree with you on the semantics. They didn't break the encryption, but they certainly did get around it / bypass it.

English is my second language but i used to think security bypass means breaking the protection. Especially considering the title focuses on the messengers.

"Bypass" means to go around something in order to avoid it. If there was a traffic jam on the highway, you could bypass it by exiting the highway and traveling down a side street.

"Bypassing encryption" then would mean to avoid the encryption step. Maybe it has a different meaning in the security community, but if taken literally, the phrase is accurate.

We basically need to just accept: "If you have a device, it is being monitored, PERIOD."

No mention of Windows Phone. I guess I'm safe =)

Sure, maybe, but there are very few of your kind left. ;)

I'm pretty sure I have a Nokia 3310 in one cupboard or another, maybe I'll dig it out and swap my SIM to it...

Try nokia 3310. They made new ones recently.

The iOS attack breakdown lists a combination of vulnerabilities in very old versions of iOS, vulnerabilities first published by jailbreak teams, and a couple purchased vulnerabilities. The breakdown ends with a publicly jailbroken iOS version.

The Smart TV implant appears to just be a modified version of an open source firmware replacement project.

I was upset that our government is exploiting our consumer devices. Now I'm upset that our government isn't exploiting our consumer devices better.

> vulnerabilities first published by jailbreak teams,

I guess we now know who is sponsoring these jailbreak guys and why.

Jailbreak teams publish widely and open source (mostly) they are actually the CIA's opponents burning zero days which they would much rather keep to themselves. The CIA would undoubtedly be customers of companies like Vupen and Zerodium though.

> I guess we now know who is sponsoring these jailbreak guys and why.

One of the vulnerabilities on the iOS page is from a team I had founded a few years ago. I certainly do not recall us getting a check from the CIA.

What would be the point of the CIA sponsoring jailbreak teams? The exploits they find are generally burned very quickly.

> Intercepting audio/texts before encryption by Signal, Whisper, WhatsApp etc

I wish I could say that I'm surprised but no... not surprised at all. Same for the IoT stuff.

Why would you be surprised by the fact that if your phone is compromised, even the best encryption software in the world isn't going to help?

Another victim of sensationalism.

The conclusions are correct. Talking about them isn't sensationalist just because you think they're foreseeable.

I refered to "being not surprised that encryption is broken". There was nothing relevant to encr in the document. The title is wrong.

Who said "being not surprised that encryption is broken"??? Read the quote again: "Intercepting audio/texts before encryption"

I'm not surprised that they can INTERCEPT and read ALL your communications... jeez

Ok in that sense i am wrong. But it could mean sometging else.

Yep. We all knew it was happening but turn a blind eye.

And then one of these revelations are exposed and we all start wearing tin foil hats for a month or two.

The big question for me is: What's the alternative?

AFAIK, there's no secure replacement for most IoT stuff, or phones.

It's 0-day, not O-day.

I applaud what seems like a coordinated attempt to outdo each other when it comes to extreme transparency.

1) Wikileaks revealing the CIA has undermined consumer goods with malware. (this looks like a bigger deal than the Snowden revelations on the NSA side).

2) Russian opposition leader Navalny revealing that former Russian President Medvedev has been accused of amassing a billion-dollar plus property empire, based largely on bribes and subterfuge.

I can only hope this extreme transparency, despite the biases of its torchbearers, lights its way into every hall of power from the White House to the Great Hall of the People.

Conspiracy as Governance. Assange wrote a paper predicting this 10 years ago as his vision, and it's clearly coming true: https://www.wired.com/2016/10/want-know-julian-assanges-endg...

Wow this is really big. There are tons of documents about the various tools they use, but it seems the majority of the actual source code is still being reviewed and the links just show a link to the file list. I hope they eventually release the source code, as a lot of these tools seem very interesting. I can imagine that many at the CIA are running around on fire, as this seems like a big problem for them.

According to Wikileaks [0], they were explicitly redacted until their safety could be assessed. They didn't want to be responsible for accidentally releasing malware in to the wild.

0: https://wikileaks.org/ciav7p1/#FAQ

Feel much safer knowing the CIA keeps them safe and only use them for good causes /s

I'm pretty okay with wikileaks not releasing hundreds of zero day exploits into the wild en mass.

I'd like to hear a security expert's opinion on whether releasing even patched 0-days could be considered harmful ? even if the 'sploits dont work out of the box, it seems like they would still advance the state of the art, and allow moderately-skilled hackers to build on very sophisticated designs, adapt and make them effective again - "stand on the shoulders of giants" kind of thing.

Many things are patched in theory but not in practice. For example, exploits on Android are very useful even if they are patched because lots of people don't upgrade their smartphones very often.

Releasing the exploits is also the quickest way to get them patched.

In the Equation Group releases, there were 0-days for older versions of Cisco's ASA software.

Others built on that and updated it to also exploit newer versions (9.x, IIRC) of the software.

Thats a very interesting comment...

I am going to make a few assumptions: You have no kids. You're realatively young.


That said, lets unpack your comment... sure it would be good to explore this (as many people havent looked into the depth of the layers of cyber culture... few really and honestly understand it) - but the implications are fractally deep... if there are people who are diving into this, we shall never know. cyberwar is a known but also unknown thing... implecations are not known, but tactics appear to be revealing themselves.. how to attack... how to defend.

Firewalls are one-dimensional - we are talking 5+ dimensions with CW, arent we...

What are those 5Ds? think of OSI as 1 and add some layers... I would love your feedback....

(BTW, How many ppl work at [company] which are ex [service] - Why is it called 'The Company')

Also: OmniGraffle and Sublime Text license keys (registered to "Affinity Computer Technology")

https://wikileaks.org/ciav7p1/cms/page_25264141.html https://wikileaks.org/ciav7p1/cms/page_9535650.html

I tried Sublime Text license key and it worked!

Aren't they verified server-side somehow? … I assumed the 10 seats would have been gone almost immediately.

According to LittleSnitch Omnigaffle 5 doesn't phone home at least when entering license keys. It may do so at some other time though.

Speaking of little snitch...


Congratulations. You're on (another) list.

Ooo now I can say my text editor is commissioned by the CIA!

Your tax dollars at work!

... along with VMware Fusion and Workstation keys, Microsoft KMS keys, and probably more I missed.

One very interesting thing is that the exploits, rootkits, etc are all unclassified and the CIA has no copyright on them either. The logic is supposedly that an agent putting a classified rootkit/trojan/whatever on a machine is mishandling classified information and thus it would be illegal.

Does that mean that someone who leaked them could not be prosecuted? Or simply that they would be prosecuted under some other law?

Indeed, that's what the doc implies. They say they reckon the CIA has no recourse. Probably sue-able for breaking their employment contract where they presumably agree to never disclose anything, regardless of classification level. But doubtful that'd be a federal crime.

Or their life expectancy would decrease significantly.

The technology used by the CIA and NSA is all stuff people on HN can totally grok. That's kind of exciting and disappointing at the same time.

Some people on this site could probably do better than the CIA and NSA is doing. Some people here probably wrote some of leaked stuff. Hah!

I like the way the teams are broken up by device target but I think they should probably have an even more decentralized setup. Or maybe just more teams doing the same work. Wikileaks tries to make a political point about wasted effort, but more people means more exploits found, etc.

Saw this at a glance:

> Add to your Vim configuration:

    " :w!! 
    " write the file when you accidentally opened it without the right (root) privileges
    cmap w!! w !sudo tee % > /dev/null

Much of it is like this, little recipes ranging from building EFI executables to setting up a Debian machine and so on. Like collected stackoverflow answers.

It's interesting to see how they write up these little how-tos in a way that gets the reader very quickly up to speed and hacking on a particular problem.

> The technology used by the CIA and NSA is all stuff people on HN can totally grok.

Yep, the typical stuff: CentOS, Debian, Ubuntu, Python, Ansible, Packer(.io), vim, Sublime Text, SourceTree, Git, ...

Plenty of references to Stack Overflow, Reddit, and such too.

And this whole thing seems to be a Confluence dump.

WikiLeaks Vault7 Year Zero 2017


Passphrase is SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds

"U.S. Consulate in Frankfurt is a covert CIA hacker base "

Germans are usually privacy nuts. I know many who maintain no presence on Facebook, Twitter and Instagram. I wonder how Germany will react to this.

Sorry, news flash, virtually all of the countries' embassies and consulates are a natural place where a lot of intelligence operations are conducted. Counterintelligence operations watch them very closely.

The fact that Frankfurt is a hub among their European intelligence operations is not terribly interesting IMO.

> I wonder how Germany will react to this.

Germany always knew operations were conducted there but now must react to this overt news.

> Germany always knew operations were conducted there but now must react to this overt news.

Snowden outed Frankfurt (and Berlin) years ago. [0] There's no more interest in meaningful consequences now as it was back then.

[0] http://www.spiegel.de/international/germany/cover-story-how-...

Not long ago it was hinted that US ambassy in Paris is a nice CIA antenna too. Nobody denied nobody answered, question still up in the air.

Also, latest Russian project, a large church-like building in Paris is suspected to hide intel dept.

Poster is referring to this thing, for anyone curious:


Is the suspicion that the domes are actually radomes?

It was pretty much an open secret already.

Up to our ears in Erdogan and now this?

If they call in James Clapper, will he perjure himself again?


It would have been illegal for him to tell the truth in that testimony, since it was public. I know people don't like that, but it's true. He could either lie or break serious secrecy laws. There's no immunity just because you're talking to congress.

In that case, you say "I can't answer that question" and let the system do its job.

You don't lie.

"I can neither confirm nor deny the existence of such a program." This has been absolutely formalized since the 70s.

No. The only way he couldn't answer the question was if the program existed, thus revealing the existence of the program, so he had to lie.

You are mounting the most ridiculous defence of perjury I have ever seen. Do you seriously think that Congress passed laws they intended to be interpreted in the way you propose? That they want to be lied to?

Clapper lied under oath. He should have paid the penalty for that. He didn't because the US Government has decided that it either can't or doesn't want to control the shadow state.

Thus my point. The CIA should not be running programs that "do not exist". Classified, sure, but not hidden programs nobody knows about. That is not what we are paying them for.

They have vim editing tips https://wikileaks.org/ciav7p1/cms/page_3375350.html

No emacs?

They have secret unit testing tips too! https://wikileaks.org/ciav7p1/cms/page_11629048.html

In many pages I explored from the leak I keep coming across this *.devlan.net domain. Whois info belongs to a French personality and is suspiciously updated 2 days ago and it has a month for expiration:

    Updated Date: 2017-03-05T16:38:16Z
    Creation Date: 2004-04-19T13:12:21Z

    Registrar Registration Expiration Date: 2017-04-19T04:00:00Z
    Registrant Name: SADIER, NICOLAS
    Registrant Organization:
    Registrant Street: 5 Bis Chemin Des Hautes Terres
    Registrant City: ST HILAIRE
    Registrant State/Province:
    Registrant Postal Code: 91780
    Registrant Country: FR
    Registrant Phone: +33164954698
    Registrant Email: pservor@free.fr

What's suspicious about that? It's certainly hosted on their intranet, they just picked a sensible name that employees could remember. The publicly-registered devlan.net is probably unrelated or unused.

Now whenever I get into a holy war, at least I'll know Uncle Sam approves of my tribe.

That's how you know it's fake.


One of the findings: Notepad++ has a DLL hijack [1]

[1] https://wikileaks.org/ciav7p1/cms/page_26968090.html

Any executable is vulnerable to DLL hijacking, they're just looking for easier targets that load known DLLs (with known function signatures) from their own folders (NOT system folders).

I'm assuming the goal is to minimise detection by what they call PSPs (av / security products)

This is not a flaw within notepad++

Arguably loading DLLs from non-system folders is bad design in this day and age.

No, it's not, not even 'arguably'.

This had the potential of being a positive development brought by Trump's election: many behaviors by the US three letter agencies that were glossed over for the past 8 years (due to the party in power being "on the right side of history") are again reprehensible and deemed a threat to be fought by the tech community.

Anyone that thinks the Trump administration is going to lead the charge on reforming these agencies is foolhardy.

Governments rely on information to function.

Once an administration comes into power and sees the amount of information provided to them through these means, there's no way they would relinquish it in any meaningful sense.

> Anyone that thinks the Trump administration is going to lead the charge on reforming these agencies is foolhardy.

I think they were saying that the public (and tech community especially) will demand the reforms because they view Trump as nefarious; not that Trump & co will freely relinquish them.

I'm not a US citizen, but if I was, I would want professionals sworn to defend my country and the constitution to be able to modernize their capabilities. Today, these tools are essential to defense. It may turn out to have been the best defense against RU attempt to Balkanize USA.

The best offense is a good defense. Improving the quality of software in general would be far more beneficial than developing zero-day short-sighted tools.

I've never heard the phrase "the best offense is a good defense," but I have heard a great many times the phrase "the best defense is a good offense." I don't have any data to back it up, but inclined to believe the more popular form of the statement.

"the best offense is a good defense" - 51,600 Google results

"the best defense is a good offense" - 143,000 Google results, and the only one with a Wikipedia article.


That wouldn't help you break into a Russian generals email account to read his email to his mistress saying he's going to Ukraine for a couple weeks.

The CIA isn't even really responsible to cyber defense. They are an offensive spy agency.

I haven't heard of RU attempts to Balkanize USA; could you please elaborate.

Some people have connected Trump's Putin connections with the Russian connections of Calexit to conclude that they are part of a coordinated effort to exacerbate regional divides in the US to the point of Balkanization.

The same way Obama's election was going to bring transparency and "change"?

This comment is just too depressing and accurate. It kills me I voted for obama and the dems, and they just spied on people nonstop. It is uniparty...

I agree but unless every other nation stops doing this there is little value in being the only "clean" country (assuming somehow we stop). And what are the implications of doing so? We used to believe that free and open societies would naturally prosper compared to authoritarian/totalitarian societies but what if that was all a lie? "Five Eyes" dates back to the 1940's, ECHELON at least the 1980's - none of this is new. Maybe we are all just naive to the realities of geopolitics? Is this just the modern version of "We sleep soundly in our beds because rough men stand ready in the night to visit violence on those who would do us harm."?

Personally, I'd rather live in a world dominated by America/Europe than one dominated by Russia or China. All parties have lengthy histories of atrocious behaviour but the US/Europe doesn't have a "Great Firewall" and critics of our leadership are not disappeared (yet?). I just hope "If you want a vision of the future, imagine a boot stamping on a human face - forever." remains fictional....

If we are ever going to be dominated by something, I wish it's an Artificial Superintelligence

> We used to believe that free and open societies would naturally prosper compared to authoritarian/totalitarian societies but what if that was all a lie?

Then give up your freedom and start advocating for monarchy in America.

Wouldn't it be easier to try and push for a return to a more open/free society? I don't see how a monarchy solves anything in the US.

How do you justify that with

> unless every other nation stops doing this there is little value in being the only "clean" country (assuming somehow we stop)

If there is little value in being "clean", intelligence agencies have minimal to 0 oversight and accountability, and a non-trivial percentage of the population wants them to dominate geopolitics through any means necessary, how will we ever have an open/free society again?

Domestic surveillance using these tools seems like a different issue than whether the US or its allies use these tools for geopolitical advantage?

Hypocrisy aside, in theory it would be possible to have an open society domestically even if these tools are used internationally.

Given the track records of the US intelligence community in that regard [1-4], I honestly don't understand how anyone could possibly believe them when they say they aren't using their tools domestically. There is insufficient oversight of their activities for anything they say to be believed, given their long history of lying directly to the American public. Saying the CIA doesn't use their hacking tools on the American public is like arguing the sky is green.

1. https://www.nytimes.com/2014/11/16/magazine/what-an-uncensor...

2. https://www.thenation.com/article/cias-student-activism-phas...

3. https://www.cia.gov/library/readingroom/docs/DOC_0000538627....

4. https://en.wikipedia.org/wiki/Michael_Hastings_(journalist)

I think you are confusing my hypothetical question with me somehow condoning mass surveillance, disagreeing that it is currently happening, or disagreeing that it wouldn't happen in a hypothetical future?

I have no doubt that these tools are used against domestic targets, perhaps not from the CIA but certainly by agencies like the FBI - I work in aviation and routinely see mystery flights. Everyone in the office can guess what they are (http://imgur.com/a/17hSR - 6 hours of circling - Maybe they had a warrant, who knows.

My point was that even if we could somehow stop domestic mass surveillance, I'm not sure it we would stop using them internationally or even have any obligation to do so?

Nothing will stop them from using their tools anywhere, which is my point. When the agencies themselves are fundamentally untrustworthy, as they have repeatedly demonstrated themselves to be, the distinction between surveillance domestically and abroad isn't meaningful. Especially with the data sharing rules Obama pushed through at the end of his presidency.

I don't think it's possible to value open and free societies while spying on the entire world for the purposes of asserting your geopolitical dominance. Freedom for me but not for thee.

We have one and this shit is what we came up with.

Do you have any examples of them being glossed over?

The tech community has been pretty up in arms against the three letter agencies ever since Snowden's revelation, so I'm not sure how Trump's election is going to change that; if anything it might produce the opposite effect since these agencies seem to be feuding with Trump on some level. Besides, wikieaks is a pro-Trump organization so I doubt that Trump losing the election would have caused them to go more softly with their criticisms of the government.

> I'm not sure how Trump's election is going to change that; if anything it might produce the opposite effect since these agencies seem to be feuding with Trump on some level

A big part of Trump's appeal is that he's seen as anti-establishment. I don't think it's unreasonable to expect that he may make significant changes at those agencies as a result of their "feuding" with him.

> wikieaks is a pro-Trump organization

I don't believe that for a moment. WikiLeaks helped Trump's campaign, certainly - but their reason for doing so was orthogonal to Trump himself.

If WikiLeak's behavior during the 2016 election was driven by anything personal or partisan, I would say it was Assange's own personal vendetta against Hillary Clinton.

> I don't think it's unreasonable to expect that he may make significant changes at those agencies as a result of their "feuding" with him.

And? What does that have to do with the tech community being critical of three letter agencies?

> but their reason for doing so was orthogonal to Trump himself.

I don't care what the reasoning is, Assange explicitly stated that he wasn't going to release info on Trump because he felt the media was sufficiently critical of him and he has kept up with that promise and maintained a mostly positive disposition regarding Trump, that's Trump support. Don't misunderstand, I don't think supporting Trump invalidates any of the info that wikileaks has released, my point is precisely the opposite, that this info was released despite their support for Trump so if Trump hadn't have won the election, it makes sense that they would have been just as critical if not more so.

Can you source Assange stating this? As far as I remember, his explanation was that since there was already a bevy of mainstream media ready to publish any dirt on Trump, leakers did not have to go to Wikileaks to publish their stories, therefore it was unlikely anyone would send their leaks there.

“I mean, it’s from a point of view of an investigative journalist organization like WikiLeaks, the problem with the Trump campaign is it’s actually hard for us to publish much more controversial material than what comes out of Donald Trump’s mouth every second day," Assange said.

So this seems like a clear admission that they are in possession of controversial material regarding Trump, but Assange figures, why bother publishing it, it's not much more controversial than what comes out of Trump's own mouth, so we won't bother publishing it, nothing to see here.

In this case the enemy of your enemy is a deranged megalomaniac. I'll take the enemy thanks.

This is an incredible and sensational claim that, if true, can quite literally "break the internet". Makes me very sad to imagine that CIA grade cyber weapons for getting into iPhones are now in the hands of heaven knows who. Hope Apple security teams are on this.

EDIT: To clarify, I'm commenting on the original situation of the tools getting out of CIA to the entities it was "circulated to", not this leak later by WikiLeaks - presumably the damage has already been done.

I wonder how many of the exploits/tools released are still usable today.

Also, the actual video press release had to be rescheduled due to their video stream being attacked.[0]

"NOTICE: As Mr. Assange's Perscipe+Facebook video stream links are under attack his video press conference will be rescheduled."

[0]: https://twitter.com/wikileaks/status/839104886625157120

Streisand effect; didn't know they're holding a press conference.

Are they implying that Facebook is being DOS'ed?

I don't really get into political commentary, and I'm not a US citizen, but there's some great RE tips in there.

I genuinely lol'ed at their assessment about Comodo's whitelist-only firewall/av.

Also, this: https://wikileaks.org/ciav7p1/cms/page_17760284.html


Thats how you know the leak is real, because this is classic internal Wiki shenanigans, you can't make this up. Also, though there are some talented people working here (you can identify some of their github accounts, thanks to wikileaks tying users to their posts by ID) but I think a LOT of these tools are made/stolen/purchased from elsewhere..

TIL that CIA is using Atlassian Stash for internal code hosting. Many references to the stash.devlan.net, would be nice to see some code, I just found some python scripts: https://wikileaks.org/ciav7p1/cms/page_9535551.html

And they're using git flow

Glad to see CIA hackers are Dr. Who fans!

"Weeping Angel" makes it look like a Samsung television is off while it is really on and recording the room. Precisely what the Weeping Angel does during the Dr's first encounter.

Sontarans also make an appearance: https://wikileaks.org/ciav7p1/cms/page_524426.html

Gotta hand it to the CIA, they really know how to give things badass names.

I wander what phones / computers CIA operatives use - do they have special patched versions which address the zero day exploits they are aware of.

Doubtful. Part of being an undercover operative means deniability. Imagine if a foreign power arrested a suspected spy, and found non-standard software on their phone.

So they'd probably use off the shelf software and mitigate risks in other ways.

(Ex: not bringing smartphones to sensitive meetings)

This is a great question. Surely they look for vulnerabilities also in their own systems but then what do they do when they find them? Is there some special set of software that always gets patched because the CIA uses it?

> Is there some special set of software that always gets patched because the CIA uses it?

If so, a diff between the "CIA version" and the "civilian version" would be highly instructive.

Presumably the same thing others do when they know about 0-days? Signatures.

Could you explain a bit more? I'm not sure what you mean.

Sure, this is essentially the argument for disclosure of bugs before they've been patched. If I had known about e.g. shellshock before the patch was out, I could have written a Snort signature looking for it in network traffic and have my IPS drop the packets. I do this on my network with bugs I find before the vendor patches them.

This is an example of security through defense in depth; patching is one layer of defense, but if you can't patch there are other mitigating actions you can take to protect against (especially) known threats. It allows someone with an offensive and defensive mission to simultaneously use exploits while not being vulnerable to them.

This looks interesting: Hive's developer guide. It has a auto-destruct feature, just like in the movies:


Seems to have been having issues with premature self destruction:

"Discrepancy report DR-00134-2012 was issued after Operations determined that Hive version 2.5 was self-deleting prematurely. Analysis showed that a calculation involving the current time and the file modification time used to determine the time since last contact could result in a negative number that was then cast from an integer to an unsigned long integer. This resulted in a large positive number that exceeded the delete delay and subsequently caused Hive to self-delete."

The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.

With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.

This has interesting implications for the claim that "Russians" hacked the election (although I can't imagine the CIA wanting to hack the election in Trump's favour).

There also still hasn't been any public evidence that Wikileaks got their Podesta email data from Russians yet. So far we only know the DNC leaks were very likely Russian. That means until today only about ~50% of the 'election hacks' have been attributed to Russia with public evidence.

Now this leak calls into question some of the evidence about the DNC hack [1]. This evidence being the malware was Russian. But there were many other pieces of evidence that pointed to Russia so I'm personally not anymore persuaded it wasn't Russia for the DNC stuff. The Podesta stuff is still up in the air AFAIK. [edit: see pvg reply]

Either way this leak will just add to the deniability angle for the partisan hawks. Although this is probably way over the head of CNN/Fox News crowd so it's also possible it will have zero effect.

[1] Previous leaks mentioned NSA/Five Eyes collected foreign malware. This leaks adds CIA to that group and further solidifies the "misdirected attribution" angle.

There is no hard evidence where the DNC/Podesta leaks came from. However, Julian Assange has repeatedly said that the source is not the russian goverment or a affiliated state party [1] and in a other interview has hinted that the source may be Seth Rich [2], a former DNC staff member that was murdered in Washington DC.

[1] https://www.youtube.com/watch?v=uyCOy25GdjQ

[2] https://www.youtube.com/watch?v=Kp7FkLBRpKg

> There is no hard evidence where the DNC/Podesta leaks came from. However, Julian Assange has repeatedly said ...

Assange's claims are not hard evidence either, nor do I trust him.

US intelligence agencies say the Russians were involved and that kind of activity by the Russians is corroborated by intelligence agencies in Europe.

The nature of intelligence operations is that, if done correctly, there is no hard evidence unless the perpetrator wants there to be.

Is Julian Assange a reliable actor in this? He has every motive to deny that Russia are the source of the leaks.

Why wouldn't he suddenly be? Because he exposed the corruption of the party you supported? It doesn't work that way really. Either he is reliable, or not reliable to begin with. I have every reason believe he is, and he has demonstrated that people turn a blind eye on things if it fits their narrative of the world and politics.

You can trust the leak without trusting the leaker. I believe everything wikileaks has leaked has been legit. I also believe they frequently make extremely misleading statements(like the Seth Rich stuff) to push their own goals and I wouldn't doubt for a second that they would lie to push forward their own goals/or mask them.

We never needed to trust Assange, because we knew the source of the leaks - Snowden. I trust Snowden, I have never particularly trusted Assange.

Why wouldn't he suddenly be? Because he exposed the corruption of the party you supported?

He was never neutral or objective on the subject of Hillary Clinton. And isn't it convenient that despite our knowing of multiple politicians whose private email got hacked, hers is the only one he felt was worthy of publishing...

So, yeah, not exactly a "sudden" lack of objectivity on his part. Also it's been demonstrated his followers will turn a blind eye to things that don't fit their narrative.

> However, Julian Assange has repeatedly said that the source is not the russian goverment or a affiliated state party

How would he know? Isn't wikileaks set up so that people can submit data anonymously? Is he claiming that they got the data through different channels? Why would an insider purposefully leak the data in a way that de-anonymized him to Assange and possibly others, instead of using the established channels?

> How would he know?

Not all leaks are submitted through the web forms. Craig Murray has stated that he received some of the leaks in person from a DNC insider during a face to face meeting in Washington, and he couriered those leaks to wikileaks himself.


Huh, I had never heard that, why is that? Does Murray have a credibility problem, has he no evidence for his claim? Assume that any explanation that amounts to suppression by the "liberal media" or the "establishment" will fall on deaf ears.

Murray's Wikipedia page is not full of alarm bells, it does mention him appearing on Alex Jones's radio program but to discuss a non-crazy subject.

Yeah, but why would an insider do that? It just seems like it's exposing him/herself to undue risk for no real benefit.

Wikileaks offers that possibility, but you can always include self-identifying documents in there.

I’m a lot more puzzled by the fact that Assange would say anything about the uploader, even if it is negative. I guess denying it’s the most likely suspect re-rolls the dice in most people’s head.

> Assange has repeatedly said that the source is not the russian goverment or a affiliated state party


He does not answer the question about someone affiliated with Russia handing him the information.

He always repeats this carefully worded answer: "our source is not the Russian government and it is not [a] state party."

Why so carefully worded -- why can't he say "no one affiliated Russia gave me the data"?

Because he knows it came through an intermediary for Russia and wants to be able to lie, but still have a weaselly excuse if he's caught.

The fact that he's spent a lot of time spreading the Seth Rich idea is even more suspect. It's a conspiracy theory straight out of the KGB's cold war book.

Seth Rich was murdered and his watch was yanked at. He fought back at his attacker(s). "Nothing was stolen!"

The professional assassin got into a fight with the victim and then shot him, but forgot to actually steal something? Not very likely.

Attributing the release of such secrets to someone who is already dead seems like it could be a very effective way of hiding one's source. ;)

If Assange knows and has hard evidence that it isn't from any Russian connected source then he could present that and this would do huge damage to the US.

So why doesn't he ? If it was really the CIA that hacked the DNC then why would they be so stupid to blame Russia if Assange could so easily falsify that claim ? That's a huge reputation risk.

Assange only said that it wasn't the Russian Government themselves. Doesn't rule out it being a team of hackers with connections to Russian IC or even directly to the Kremlin.

Or even Russian hackers acting on their own but with the wink wink approval of Putin. Kremlin may even fund groups like startups. Give out money, see what happens. It's like Al Qaeda - they don't need to have an org chart or any explicit communication.

The circumstantial evidence in the Podesta phishing is pretty decent, not really 'up in the air'.



(the second link is a lengthy thread)

Right, someone found a phishing link sent to Podesta that reused a GMail login page by autogenerating URLs, hundreds of hashed urls were reversed and a bunch of the target emails were people/companies of interest to Russia. I was only thinking about what the US gov released regarding the DNC leaks. I forgot about that one.

It's very possible that many people had access to Podesta's email but the timing of that phishing attempt and the Wikileaks leak was a little too convenient to ignore.

Can you point to information to research about connections to the DNC hack and Russia?

this is the best public evidence afaik (and it's pretty good): https://twitter.com/pwnallthethings/status/81662291586096332...

What public evidence is there that the DNC leaks were related to Russia?

Mostly this intelligence report from the Office of the Director of National Intelligence: https://www.nytimes.com/interactive/2017/01/06/us/politics/d...

"We assess that X happened" isn't really public evidence for X. It's an argument from authority at best.

There's no evidence. It makes for a good romance though...

I am nearly convinced by The Grugq's summary:


"Alternating Competing Hypothesis"

> So far we only know the DNC leaks were very likely Russian.

We don't know that at all. There isn't a single piece of evidence for it anywhere.


There is some evidence, but no definitive evidence.

'"[SecureWorks] researchers assess with moderate confidence that the group is operating from the Russian Federation and is gathering intelligence on behalf of the Russian government," the report from SecureWorks concluded.'

The "evidence" appears to be simply that one anonymous group about which nothing is known was going after targets that would presumably be of interest to Russia.

But that's simply heresy: such targets might also be of interest to western intelligence, or really anyone who wanted to stir up trouble by framing another country.

All we can say is that the correlation is interesting, but that's about it.

This is why we have intelligence -- the evidence for almost anything of consequence will never be able to meet a judicial, syllogistic standard. The idea that we need mathematically perfect deduction before we can make actionable conclusions is an assumption on your part.

And the people inside the government to whom the intelligence is provided have every right to trust the source. However, to us in the public, we don't know these people, and have zero reason to trust them, absent actual factual evidence. What, you wouldn't put it past them to lie all the sudden?

The logical end of that position is that states aren't allowed to keep secrets, which you are welcome to believe is possible, but it's not the world I believe we live in.

Unfortunately for this we aren't going to get some 1080p video of someone in a mask sneaking into the DNC server room, just the fact that the 17 agencies all agree based on what they've seen believe that to be the case.

Unfortunately everyone these days think everything is a conspiracy or has to have HD recordings of something they think happened as public evidence or it is false, but that's not how the world really works...

>" just the fact that the 17 agencies all agree based on what they've seen believe that to be the case."

This simply isn't true. The whole "17 agencies" thing is a talking point that first came up in one of Hillary Clinton's debates and gets repeated without challenge.

The "17 agencies" didn't all independently make their own assesments about what happened and decided it was the Russians. Instead, James Clapper (at the time, the Director of National Intelligence) made the claim that the Russians were behind certain hacks. Clapper is the ultimate head of sixteen out of seventeen of the agencies.

The actual agencies involved include parts of the coast guard and the department of energy and other groups that seem REALLY unlikely to have conducted an in-depth, independent investigation into the hacking of a politician's emails.

Also, this is the same James Clapper who lied under oath to congress. Specifically, when asked “Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?” He responded, “No, sir.” Wyden asked “It does not?” and Clapper said, “Not wittingly."

This is perjury and he should have been prosecuted for it. At a minimum, lying under oath makes it less likely that anything else he claims should be taken at face value.

I don't believe it was perjury -- a statement made with the intention to deceive.

NSA makes a distinction between data and metadata, as we know. If you assume that distinction, then the question is -- "does the NSA collect actual communications content on millions or hundreds of millions of Americans" -- something which, to our knowledge, is not the case.

Can it? Potentially yes. But we haven't seen anything that suggests that it actually does.

At best, his response contains an assumption which is arguably normal for an NSA director to make, and which may have be conveniently advantageous to hold. But I'm sure, even if you ask him today, he will say that metadata does not constitute intelligence collection.

To prove perjury you need to demonstrate mens rea (guilty intent) and I think it's plausible that he did not intend to mislead the investigation. It was a hard question to answer, because he could not answer in a way that would reveal the existence of the program to collect metadata either.

I'm not a lawyer and can't speak to whether or not he's guilty of perjury. But, he's definitely a fucking liar, and you can't argue with that.

> "This is for you, Director Clapper, again on the surveillance front. And I hope we can do this in just a yes or no answer because I know Senator Feinstein wants to move on. Last summer, the NSA director was at a conference, and he was asked a question about the NSA surveillance of Americans. He replied, and I quote here, ‘The story that we have millions or hundreds of millions of dossiers on people is completely false.’

> "The reason I’m asking the question is, having served on the committee now for a dozen years, I don’t really know what a dossier is in this context. So what I wanted to see is if you could give me a yes or no answer to the question, does the NSA collect any type of data at all on millions or hundreds of millions of Americans?"

To answer "no" to this question is to say that the NSA does not "have millions or hundreds of millions of dossiers" on Americans. I see no reason to believe why that's not the case. You're welcome to explain to me why storing communications metadata at the NSA is worse than requiring telcos to store it, but that's hardly the slam dunk "he's definitely a fucking liar" case you want it to be.

It's also unreasonable to expect the DNI to voluntarily admit to the existence of a centralized metadata repository in public, on TV. That's what the "he lied" folks expect to have happened here.

At the end of the day, "Clappergate" is just "where should the metadata live," and that is, to my mind, a very minor argument.

He wasn't going to out a secret program in a public hearing.

The folks asking the questions had security clearance and could have asked the question during a classified briefing but they chose not to.

That doesn't make perjury legal.

If grandstanding to out a secret program when he knew the answer and was supposed to be asking that question in private I'd say it was fine, and it seems everyone else thought so also hence no charges.

That's irrelevant.

Seems the consensus was the grandstanding was less important than national security since nothing came of it. I'd agree.

I don't.

The thing is, "17 agencies agree" doesn't really mean anything, if the evidence that all 17 agencies are relying on is a single report from a private security company hired by the DNC, and not independent investigation. If all of those agencies had looked at the original evidence themselves, the story would be different.

Also, the "17 agencies" statement came from James Clapper, and not individually issued from each of the agencies themselves. It also bears mentioning that the "17 agencies" include groups that I really, really doubt bothered to investigate ANYTHING to do with a politician getting his emails hacked - do people actually believe that the coast guard was tracking down Russian hackers after DNC secrets? What about the department of energy? These are some of the "17 agencies" mentioned.

But they aren't just relying on a single report from a private security company, where did you assume that?


fun fact, it is the same private company the government paid for evidence that North Korea (yeah, right) was responsible for the sony hack.

If 30 helens agreed, it would be a different case.

I think it's vitally important, at least in this forum where tech knowledge is fairly high to avoid saying that "Russia hacked the election" without any sort of qualifier. Because the implication is that they hacked voter booths or somehow changed votes.

In reality they allegedly hacked computers of people related to a single party and brought to light the illicit activities that party was doing.

tl;dr Saying Russia hacked the election is the same as saying that some kid hacked the FBI when all he did was deface their website. It implies a level of sophistication that did not happen.

> In reality they allegedly hacked computers of people related to a single party and brought to light the illicit activities that party was doing.

My understanding was the Security professionals expected that the most likely scenario was that both parties were hacked: one side was revealed and the other one used for leverage.

Agreed. All this fuss gives Russia more prestige/soft power.

> that "Russians" hacked the election

That's not the claim. In fact, multiple people have said that is not the claim.

The claim is that the Russians influenced the election in favor of Trump by promoting propaganda against Clinton.

I think it's a little more nuanced than that.

I think the more likely objective (assuming the Russians were behind this, which for the time being is a fair assumption) is that they wanted to delegitimize a President Clinton. Everyone thought she would win. I think it's a bold claim to make that the Kremlin set out on a campaign to elevate an obtuse philanderer in a field of 16 who ignores any semblance of political norms. Rather, I think they just wanted to further tarnish Clinton's image, as President, as a corrupt establishment figure.

There's also an argument to be made that Hillary would not have been the nominee had the DNC played fair. The leaked emails show that they actively worked to suppress Bernie, who had huge rallies, similar to Trump.

A US political party playing favorites with it's own candidates (however upsetting that is), is very different from a foreign state engaging in a successful propaganda campaign to influence the US election.

The DNC problems are part of a long term reshaping of US political identities. The Russia issues are a serious near-term national security concern.

Absolutely no one intelligent thinks that. And rally size means literally nothing.

Through leaks like this one. Leaks that can be partially validated or corroborated, but which (by their nature) cannot be entirely proven true.

And those leaks were very transparently beneficial to a person/group who are also going to benefit from this one.

I don't trust the CIA at all. But I don't trust Wikileaks either. I see way too many self-described "skeptical" types who aren't approaching any of this with any shred of skepticism.

Actually, that was the claim, but once people started undermining the story they had to shift to the word "influence" to save face. This kind of shit is why middle-class rightwing America cheers when Trump calls out fake news. A complete inability to honestly say, ok, we don't know, or ok, we fucked up. Nope, the story always was X... sure it was.

Can you provide some evidence? Links to articles?

Objective proof is usually not considered "propaganda". We used to call it "investigative journalism".

Yeah it's irritating how our media is ignoring the propaganda machine and looking at "hacks" instead.

> although I can't imagine the CIA wanting to hack the election in Trump's favour

Doesn't preclude planting 'evidence' of Russian hacking to stir up a red scare (towards renewed cold war -level funding of the intelligence community) irrespective of the election's outcome. I.e., the fact that anyone actually uncovered secret data through some other means could have just been unrelated/incidental. E.g., if Wikileaks got their material from an inside whistle-blower as they've insinuated.

I wouldn't either be surprised if the 'evidence' of Russian interference was just circumstantial rather than planted... E.g., "Woah, we found evidence of probing originating from Russia (in the pile of probing evidence from script-kiddies all over the world, mostly Nigerian princes but those don't bolster our narrative)!"




The Russians really seem like to most likely there still. It would’ve taken quite a bit of knowhow and resources so the Russians would be one of the few organization with motive and opportunity so at this point it seems highly likely that it was the Russians. It could also be some nation state that wants us to think that they are Russian (which I don’t know who would have motive for this). The only other option would be a corporation or hacker group that is really good and knows enough to be able to (and also have a motive to) implicate the Russians convincingly, but that seems unlikely.

That’s the analysis I heard so it doesn’t really change the overall analysis but I’m no expert and I’m open to other views.

I'm wondering if these documents are going to match the same ones that were taken by Harold Martin III and if the CIA will out him as the Wikileaks source.

These documents were being passed around by former CIA hackers. It says this right on the page. Harold has already been disproven to have any connection to leaks. He was just a hoarder with a mental illness.

This hasn't stopped people from connecting every leak since his arrest to him.

Actually, WikiLeaks press release says:

> The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

and later specifically mentions Martin:

> Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booze Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers.

> A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents.

> Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information. The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools.

EDIT: I would infer from this that WL mention Martin to shore up their claim that the CIA hacking archive is circulating among contractors, not to hint that he's a source.

IMO it just doesn't make much sense, though, as soon as you picture actual groups of people running these schemes. It's super secret and all, but behind the iris-scanner doors and extreme vetting, people are sitting in offices, drink coffee, have meetings, etc. There's oversight, reports to file and activity logs. Now how should a group of employees, in this environment, sit together and decide to manipulate an election in their own country? That just doesn't seem feasible.

I honestly imagine the day-to-day activity there to be way more mundane than we imagine. It's probably just sifting through thousands of pages worth of intelligence (transcribed phone calls from terrorism suspects, reports from people at foreign embassies, etc) for things that are usable. Probably often with few results. I don't even think the amount of information is the real limitation. It's probably the quality.

Well, you've nailed it in your parenthetical comment. Lack of a credible motive is one of the telltale signs of conspiracy theories, but has never kept conspiracy nuts from presuming all kinds of nefarious motives if they fit into their preconceived world-view.

Of course the CIA could have constructed a complicated false flag operation to get Trump elected, but they lack a reasonable motive. Similar things can be said about many conspiracy theories, only few of them attribute credible motives to the state actors and/or individuals involved.

That video of Hillary touting that "17 different intelligence agencies yada yada Russia is who hacked my emails" is going to be even more amusing now.

>although I can't imagine the CIA wanting to hack the election in Trump's favour

CIA is overwhelmingly republican, just like the FBI. So yes they would.

Actually, if you look at donations in the last election government employees in all branches donated over 85% to Clinton. So I'm not sure I'd say overwhelmingly Rebublican by any means.

Trump has been aggressively critical of the CIA and has, to some extent at least, ignored their intelligence briefings. He openly opposes much of what they advocate. I don't think they like him.


I've always understood the FBI v. CIA conflict as a classic Red vs Blue security alignment. FBI aligned with Defense and CIA aligned with State.

The term "hacked the election" goes beyond the literal computer hacking of the dnc. It also covers the well-targeted "fake news" propoganda program ... something not touched by the release of these tools.

The "hack" of the election was trickery to twist a system to a desired end. Like all good hacks it ignored definitions to employ whatever techiques were availible regardless. That some were not traditionally called "hacking" means nothing given the overall effectiveness of the program.