Contact Me By Email

Tuesday, March 07, 2017

The CIA is hacking Samsung Smart TVs, according to WikiLeaks docs - The Verge





"WikiLeaks has published a new set of documents that shed light on the CIA’s hacking capabilities. Dubbed “Vault7,” the publication contains 8,761 documents and files purportedly taken from a secure network within the CIA’s headquarters at Langley, Virginia. The documents describe a number of remote exploits and hacking tools, similar to the NSA’s ANT catalog published by Der Spiegel in 2013.



The files contain numerous exploits for both iOS and Android devices, dating from between 2014 and 2016. The agency seems to have had more success targeting Android devices, with roughly 24 weaponized exploits, compared to 14 for iOS. The exploits come from a variety of sources, including partner agencies like the NSA and GCHQ or private exploit traders. In one case, a published iOS 8 kernel attack is listed as an exploit, credited to security researcher Stefan Esser.



Another of the published exploits — codenamed “Weeping Angel” — appears to target Samsung smart TVs, which drew criticism on release for their always-on voice command system. According to WikiLeaks, the exploit makes the television “operate as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.” The documents themselves paint a more ambiguous picture, with possible applications focusing on credential extraction rather than direct audio recording.



Today’s release is one of the few WikiLeaks publications to include redactions, erasing the IP addresses and other identifying information of many devices targeted by the CIA. WikiLeaks has been criticized in the past for failing to redact sensitive information, including the medical files of rape victims.



“While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model,” the post explains, “and note that the quantity of published pages in ‘Vault 7’ part one already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.”



The CIA is hacking Samsung Smart TVs, according to WikiLeaks docs - The Verge

The iPhone is not a luxury good - The Verge





"This morning, Rep. Jason Chaffetz (R-UT) suggested that the Republicans’ proposed Affordable Care Act replacement would require Americans to “make a choice” in order to pay for health care. “Maybe, rather than getting that new iPhone that they just love and they want to spend hundreds of dollars on, maybe they should invest in their own health care,” he told CNN. There are a lot of things wrong with this statement, including the fact that average health care spending per capita is thousands, not hundreds, of dollars annually. But one of the most subtly frustrating details is how “that new iPhone” is used as a stand-in for frivolous luxury — not a central fixture for many people’s lives.



Chaffetz is the latest of many people to imply that you can’t be poor (or simply not-wealthy) if you own a smartphone. A certain subset of internet users gets enraged every time a homeless person or refugee shows up with one, or when the government funds them for low-income Americans. But a smartphone is probably one of the most useful and efficient pieces of technology you can buy. It's a miniature computer that the average person consults dozens of times a day — not just for sending selfies and watching cat videos, but for arranging childcare, keeping in touch with family, staying on top of work emails, reading books, and managing classwork.



IT’S A MINIATURE COMPUTER YOU USE DOZENS OF TIMES A DAY

In some cases, smartphone ownership isn’t just nice, it’s practically required to participate in the workforce. Mobile broadband is the only way that many low-income Americans access the internet, where companies are increasingly keeping their job listings. Workplace “bring your own device” policies assume employees already have the equipment to stay in touch at all times.



Granted, Chaffetz didn’t say “smartphone” here, he said iPhone, one of the most expensive smartphone models. The average Android phone costs around a third of the iPhone’s roughly $650 price tag, and if price is your biggest concern, you can get one for under $200. But even leaving aside the existence of cheaper secondhand iPhones, there are still valid, practical reasons to spend that extra money. Maybe your friends and family use iMessage, and you don’t want to be left out of conversations. Maybe you’re worried about the vulnerabilities of budget Android phones that run on outdated software or get important updates late, something privacy expert Christopher Soghoian has called the digital-security divide. Or maybe you want something that repair shops can quickly fix if it gets broken — when a button got stuck on my own HTC phone last year, some stores refused to even look at it.



PICKING AN IPHONE ISN’T NECESSARY, BUT IT’S NOT FRIVOLOUS, EITHER"




The iPhone is not a luxury good - The Verge

WikiLeaks and how the CIA sees your WhatsApp messages, explained - CNET

"A WikiLeaks data dump claims to detail ways in which the CIA can hack your devices, including phones, computers and TVs. Here's everything we know about WikiLeaks' Vault 7 -- so far.



WikiLeaks, the organization notorious for leaking highly secure government data, published a cache of documents that reportedly exposes tactics the CIA uses to hack into our devices. WikiLeaks released more than 8,700 documents and files -- codenamed "Vault 7" -- on Tuesday, which it says are part of a CIA archive. We haven't yet independently verified the information.



According to WikiLeaks, the CIA lost control of an archive that details the ways in which it hacks devices. The archive landed in the hands of "former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive."



What do I need to know?



Here's the TL;DR: If the info WikiLeaks exposed is accurate, the CIA may be equipped with a variety of tools that let it hack into your phone, smart TV, computer and router. That's basically all the things you own that are connected to the internet.



It turns out that the CIA's tools can be used to read encrypted messages sent on otherwise secure apps like WhatsApp, Signal and Telegram.



What kind of devices can the CIA hack?



If the report is true, the CIA can hack devices such as:



Android phones

iPhones

Smart TVs (the report specifically outs Samsung TVs)

Routers

Windows and Linux computers

Mac computers



I spy with an iPhone: What tech's open to the CIA?

Can the CIA really read all of my WhatsApp (and other app's) private messages?



WikiLeaks' data dump suggests that, yes, the CIA can read your private messages before they even get encrypted. But again, that's if the info is real. We don't know that yet.



But I thought WhatsApp, Signal and other apps encrypted my messages?



Those apps do employ encryption, but that's useless if the CIA can hack your phone. If you crack the operating system, you don't need to crack the app.



The OS shows what's on screen, listens to you typing or dictating words, and captures that unencrypted original data. If software -- like the alleged CIA hacking software -- can access the phone at that privileged level, it doesn't matter whether data is encrypted at rest (stored on disk/flash memory) or in flight (sent over a network)."





WikiLeaks and how the CIA sees your WhatsApp messages, explained - CNET