Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Friday March 10 2017, @01:18AM   Printer-friendly
from the cat-and-mouse dept.

We had two stories submitted pertaining the recent announcement that Wikileaks claimed it had received a cache of CIA hacking tools.

Security Firms Assess Impact of CIA Leak

Security firms have started assessing the impact of the CIA hacking tools exposed on Tuesday by WikiLeaks as part of the leak dubbed "Vault 7."

Files allegedly obtained from a high-security CIA network appear to show that the intelligence agency has tools for hacking everything, including mobile devices, desktop computers, routers, smart TVs and cars.

The published files also appear to show that the CIA has targeted the products of many security solutions providers, including anti-malware and secure messaging applications. The list of affected vendors includes Symantec, Kaspersky, Avira, F-Secure, Microsoft, Bitdefender, Panda Security, Trend Micro, ESET, Avast, AVG, McAfee, Comodo and G Data.

While WikiLeaks has not released any of the exploits it has obtained, an initial investigation conducted by security firms indicates that the CIA's capabilities may not be as advanced as some have suggested.

[...] WikiLeaks reported that the CIA had found a way to bypass the encryption of Signal, Telegram, WhatsApp and other secure messaging applications.

While many jumped to conclude that the agency had actually broken the encryption of these apps, WikiLeaks actually meant that gaining access to a mobile device using iOS and Android exploits could have given the CIA access to conversations, without having to break their encryption.

Source: http://www.securityweek.com/security-firms-assess-impact-cia-leak

Julian Assange Offers Exclusive Access to CIA Hacking Tools for Tech Companies

Julian Assange has offered tech companies exclusive access to CIA hacking tools so that they can patch flaws in their software. However, some of the companies claim to have already patched the exploits:

WikiLeaks will provide technology companies with exclusive access to CIA hacking tools that it possesses, to allow them to patch software flaws, founder Julian Assange said on Thursday. The offer, if legitimate, could put Silicon Valley in the unusual position of deciding whether to cooperate with Assange, a man believed by some U.S. officials and lawmakers to be an untrustworthy pawn of Russian President Vladimir Putin, or a secretive U.S. spy agency.

It was not clear how WikiLeaks intended to cooperate with technology companies, or if they would accept his offer. The anti-secrecy group published documents on Tuesday describing secret Central Intelligence Agency hacking tools and snippets of computer code. It did not publish the full programs that would be needed to actually conduct cyber exploits against phones, computers and Internet-connected televisions. [...] Several companies have already said they are confident that their recent security updates have already accounted for the purported flaws described in the CIA documents. Apple said in a statement on Tuesday that "many of the issues" leaked had already been patched in the latest version of its operating system.

Original Submission #1   Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Friday March 10 2017, @02:03PM

    by Anonymous Coward on Friday March 10 2017, @02:03PM (#477347)

    Don't be so dramatic.

    A simple wipe is sufficient.