09 March 2017

I am Surprised and Impressed

It appears that Wikileaks is exercising a bit more due diligence in its releases, as it is making the CIA hacks leaked to it available to the tech firms that were targeted before making them available to the general public:
Technology firms will get "exclusive access" to details of the CIA's cyber-warfare programme, Wikileaks has said.

The anti-secrecy website has published thousands of the US spy agency's secret documents, including what it says are the CIA's hacking tools.

Founder Julian Assange said that, after some thought, he had decided to give the tech community further leaks first.

"Once the material is effectively disarmed, we will publish additional details," Mr Assange said.


Mr Assange said that his organisation had "a lot more information on the cyber-weapons programme".

He added that while Wikileaks maintained a neutral position on most of its leaks, in this case it did take a strong stance.

"We want to secure communications technology because, without it, journalists aren't able to hold the state to account," he said.

Mr Assange also claimed that the intelligence service had known for weeks that Wikileaks had access to the material and done nothing about it.

He also spoke more about the Umbrage programme, revealed in the first leaked documents.

He said that a whole section of the CIA is working on Umbrage, a system that attempts to trick people into thinking that they had been hacked by other groups or countries by collecting malware from other nation states, such as Russia.

"The technology is designed to be unaccountable," he said.

He claimed that an anti-virus expert, who was not named, had come forward to say that he believed sophisticated malware that he had previously attributed to Iran, Russia and China, now looked like something that the CIA had developed.
This is why cyber security needs to be completely separate from any intelligence agency.

Otherwise, there is too much pressure to cover up the bugs so that the folks on the other side of the office spy on the rest of us.

Any hole which the CIA, NSA, DIA, or other TLA* can exploit can also be exploited by criminals, the Chinese, the Russians, terrorists, or the New England Patriots.

*Three letter acronym.


Post a Comment