Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Friday June 16 2017, @10:08AM   Printer-friendly
from the let-me-contain-my-surprise dept.

Arthur T Knackerbracket has found the following story:

Home routers from 10 manufacturers, including Linksys, DLink, and Belkin, can be turned into covert listening posts that allow the Central Intelligence Agency to monitor and manipulate incoming and outgoing traffic and infect connected devices. That's according to secret documents posted Thursday by WikiLeaks.

The 175-page CherryBlossom user guide describes a Linux-based operating system that can run on a broad range of routers. Once installed, CherryBlossom turns the device into a "FlyTrap" that beacons a CIA-controlled server known as a "CherryTree." The beacon includes device status and security information that the CherryTree logs to a database. In response, the CherryTree sends the infected device a "Mission" consisting of specific tasks tailored to the target. CIA operators can use a "CherryWeb" browser-based user interface to view Flytrap status and security information, plan new missions, view mission-related data, and perform system administration tasks.

[...] All the communications between the FlyTrap and the CIA-controlled CherryTree, with the exception of copied network data, is encrypted and cryptographically authenticated. For extra stealth, the encrypted data masquerades as a browser cookie in an HTTP GET request for an image file. The CherryTree server then responds to the request with a corresponding binary image file.

CherryBlossom is the latest release in WikiLeaks Vault7 series, which the site purports was made possible when the "CIA lost control of the majority of its hacking arsenal." CIA officials have declined to confirm or deny the authenticity of the documents, but based on the number of pages and unique details exposed in the series, there is broad consensus among researchers that the documents are actual CIA materials.

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by bart on Friday June 16 2017, @10:47AM (7 children)

    by bart (2844) on Friday June 16 2017, @10:47AM (#526383)

    Given the fact that we have (at least) two US multi-billion dollar goverment agencies actively working to eavesdrop anything and everything, without any oversight whatsoever, it should come as no surprise that a continuously growing number of people doesn't place ANY trust in whatever the US government has to tell.

    Starting Score:    1  point
    Moderation   +4  
       Insightful=4, Total=4
    Extra 'Insightful' Modifier   0  

    Total Score:   5  
  • (Score: 0) by Anonymous Coward on Friday June 16 2017, @03:52PM (1 child)

    by Anonymous Coward on Friday June 16 2017, @03:52PM (#526479)

    Maybe it's time for a crowd-sourced, distributed run at these f*ckers?

    • (Score: 1) by All Your Lawn Are Belong To Us on Friday June 16 2017, @09:05PM

      by All Your Lawn Are Belong To Us (6553) on Friday June 16 2017, @09:05PM (#526629) Journal

      What, precisely, do you think that would gain you, Coward? The key thing you miss in your evaluation is the assumption that the agencies are actually under the control of the elected government. They are NOT. The 'director' of said agency has, at best, some small say in how executive policies steer the organization. They have nothing to do with how they're actually run or the operations they undertake. The people actually DOING things... have civil service protection.

      If you're suggesting instead that there should be some kind of Anonymous style counter-operations..... you will lose. It is their ball game, their ball, their bat, their team, their spectators, and their umpire. The only winning move you conceivably have is NOT TO PLAY. Unplug. Completely. And socialize outside of any possible listening devices.

      --
      This sig for rent.
  • (Score: 1, Insightful) by Anonymous Coward on Friday June 16 2017, @04:02PM (4 children)

    by Anonymous Coward on Friday June 16 2017, @04:02PM (#526485)
    I find it hard to build a list of the good things the CIA has done for the USA, much less the world.

    In fact it seems most of the things the CIA has done has actually been bad for the USA.

    Even if you can build such a list I doubt there would be any net good. The USA would be better off shutting down the entire CIA and using the money for the welfare of US citizens.
    • (Score: 2) by bob_super on Friday June 16 2017, @05:18PM (3 children)

      by bob_super (1357) on Friday June 16 2017, @05:18PM (#526514)

      Considering how unbelievable it is that, despite being capable to hack everything everywhere, the bogeymen of drugs and terrorism are still at large... I'm gonna have to agree.

      • (Score: 2) by curunir_wolf on Friday June 16 2017, @07:34PM (1 child)

        by curunir_wolf (4772) on Friday June 16 2017, @07:34PM (#526579)
        But those aren't boogeymen to the CIA - they're "tools."
        --
        I am a crackpot
        • (Score: 0) by Anonymous Coward on Saturday June 17 2017, @09:57AM

          by Anonymous Coward on Saturday June 17 2017, @09:57AM (#526887)
          I think the term that the CIA prefers is "assets". They long referred to Osama bin Laden himself as such. And well, they managed to fund the Nicaraguan Contras with drug money, rather literal assets there.
      • (Score: 0) by Anonymous Coward on Saturday June 17 2017, @09:53AM

        by Anonymous Coward on Saturday June 17 2017, @09:53AM (#526885)

        I suddenly remember a joke from Neil Gaiman's American Gods:

        Q: How do you know the CIA had nothing to do with the Kennedy assassination?
        A: He's dead, ain't he?