Wikileaks releases CIA's Marble: Malware obfuscation tools (wikileaks.org)
73 points by daenz 1 hour ago | hide | past | web | 29 comments | favorite





I've really turned on Wikileaks. Itd be one thing if all the major powers had equivalent leaks publishing, but focusing on the US basically serves Chinese and Russian interests far more than it does the citizens of the US. String obfuscation isn't stemming from some corrupt deal that needs sunlight... this is just doing a disservice to their original mission.

you either die a hero or you live long enough to see yourself become the villian...

honest question: does wikileaks not have necessary connections in China to collect the intel and stuff?

I wonder if Sony really was "hacked by the North Koreans" then.

This describes a string obfuscation technology. It doesn't do anything to disguise the origin of malware.

wonder when wikileaks will publish fsb hacking tools

LOL

It's much harder to leak Russian stuff because a lot of it is in a paper form. After Snowden leaks, Russians returned to typewriters for all their secret stuff [0]:

>A source at Russia's Federal Guard Service (FSO), which is in charge of safeguarding Kremlin communications and protecting President Vladimir Putin, claimed that the return to typewriters has been prompted by the publication of secret documents by WikiLeaks, the whistle-blowing website, as well as Edward Snowden, the fugitive US intelligence contractor.

>“After scandals with the distribution of secret documents by WikiLeaks, the exposes by Edward Snowden, reports about Dmitry Medvedev being listened in on during his visit to the G20 summit in London, it has been decided to expand the practice of creating paper documents.”

>Unlike printers, every typewriter has its own individual pattern of type so it is possible to link every document to a machine used to type it.

Now, their hacking tools are obviously not in paper form but I bet they're much more tightly controlled than the CIA/NSA tools. They probably have a much smaller team of people who have access to such tools so it's much harder for them to leak.

US also has thousands of contractors who work for CIA/NSA/DIA and other intelligence agencies and many, supposedly, can easily walk out with some of the most sensitive documents that the USG possesses. One of these contractors, supposedly, leaked out these files to WikiLeaks [1].

Russians also don't have a huge network of contractors. I couldn't find the exact figure but by a quick estimation, Russians have 100x less people doing the intelligence work. They also have much, much smaller budgets. So it's easier for them to keep secrets from leaking.

CIA probably (most definitely?) has moles inside of FSB so their secrets do leak. Just not to WikiLeaks.

[0] http://www.telegraph.co.uk/news/worldnews/europe/russia/1017...

[1] https://www.wsj.com/articles/authorities-questioning-cia-con...

Or more bad news for the Trump administration with evidence of communication etc coming from Russian servers? ;)

Further down someone asked: "What would be the advantage to making your exploits appear to come from other countries?". If you want to sow doubt about the validity of evidence presented this seems like a good way to do so (not that we shouldn't be skeptical given the tools available).

Russia remains a black spot, due to the language/kyrilic alphabet? And they do most secret stuff with typewriters and photocopies these days, so i've heard. Snowdens revelations had a big impact there.

1) I kinda doubt Russian hackers code on typewriters.

2) Cyrillic is an alphabet, not magic incomprehensibility dust. There are plenty of Russian speakers who are not beholden to their spooks.

3) Assange has an agenda in addition and orthogonal to fighting secrecy. I'm not saying he's insincere; I'm saying that some leaks are clearly more equal than others. It would not surprise me in the least if he were to sit on some leaks in order to not piss off a source providing others, especially around hard deadlines.

> And they do most secret stuff with typewriters and photocopies these days, so i've heard. Snowdens revelations had a big impact there.

I think I heard the first heard the "Russia switches back to typewriters" story pre-Snowden.

Electronic typewriter bugs are also not unheard of: http://www.cryptomuseum.com/covert/bugs/selectric/.

Seems FSB has better security than CIA.

90% of intelligence community cyber security spending is on offensive projects, so this revelation should not be too surprising. (http://www.reuters.com/article/us-usa-cyber-defense-idUSKBN1...)

And FSB's attack surface is less than 1% of CIA's. Much fsb work is farmed out to contractors, the offensive stuff that CIA keeps in house. CIA people chat via email, messaging and by voice. FSB people chat in person. That's why russian hackers are always traveling while CIA hackers keep having thier stuff leaked.

Great points. I don't know many details of how they operate. Someone told me they still rely on paper-based methods in order to avoid some types of electronic surveillance.

In theory, 50% offense and 50% defense should be the only budget for a sane operation.

There's suspicion that Assange no longer has control over Wiki Leaks.

Send them documents and they will publish them if legit.

Why would they release their own tools?

Oh I get it, because Assange is a Russian FSB agent. Yap, makes total sense.

More like Assange knows that the FSB will just straight up poison him with Polonium instead of slapping him around a bit and shipping him to GITMO.

He could also be Seth Rich'd https://en.wikipedia.org/wiki/Murder_of_Seth_Rich


Polonium in tea, or "slaps" while in Guantanamo or solitary confinement like Manning?

They would probably be CIA tools disguised as FSB.

What would be the advantage to making your exploits appear to come from other countries? What do we gain from this? It feels like an instigation.

There is a huge advantage to do that. False flag attacks are one of the tried and true methods of intelligence agencies since ancient times.

For example the official pretext for WWII was started as a false flag: https://en.wikipedia.org/wiki/Gleiwitz_incident US did it at the start of Vietnam War: https://en.wikipedia.org/wiki/Gulf_of_Tonkin_incident

We gain a lot from this. We can for example manufacture "Russian hysteria" - "Look we found a Russian rootkit on a DNC server". We can attack our allies and then make it look like the Chinese did it, and so on. It is immensely useful.

reply


one powerful tool in our arsenal, then. Sounds like something that could foster world wars :)

I dont actually see anything in this that would indicate they could do that or that they wanted to. It appears to be 100% conjecture from Wikileaks.

Well this is the CIA.

It can confuse the attribution so that trust is spoiled, so that energy is spend uselessly, so that another country takes the blame, for false flag attacks to justify other strategic moves.

Misleading information is a weapon in any nation's arsenal. I have to say I'm a little taken aback and almost feel like your comment might be trolling.

Doesn't necessarily have to be instigation -- could just be misdirection. If you're targeting Russians, then making malware that looks like Russian hackers seems like a no brainer, if you don't want to attract attention from intelligence services.

