SoylentNews

Fnord666 [soylentnews.org] writes:

Security firms have started assessing the impact of the CIA hacking tools exposed on Tuesday by WikiLeaks as part of the leak dubbed "Vault 7."

Files allegedly obtained from a high-security CIA network appear to show that the intelligence agency has tools for hacking everything, including mobile devices, desktop computers, routers, smart TVs and cars.

The published files also appear to show that the CIA has targeted the products of many security solutions providers, including anti-malware and secure messaging applications. The list of affected vendors includes Symantec, Kaspersky, Avira, F-Secure, Microsoft, Bitdefender, Panda Security, Trend Micro, ESET, Avast, AVG, McAfee, Comodo and G Data.

While WikiLeaks has not released any of the exploits it has obtained, an initial investigation conducted by security firms indicates that the CIA's capabilities may not be as advanced as some have suggested.

[...] WikiLeaks reported that the CIA had found a way to bypass the encryption of Signal, Telegram, WhatsApp and other secure messaging applications.

While many jumped to conclude that the agency had actually broken the encryption of these apps, WikiLeaks actually meant that gaining access to a mobile device using iOS and Android exploits could have given the CIA access to conversations, without having to break their encryption.

Source: http://www.securityweek.com/security-firms-assess-impact-cia-leak [securityweek.com]

Original Submission