CIA malware and hacking tools

<i>In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of &quot;Vault 7&quot; — the CIA&#x27;s weaponized malware (implants + zero days), Listening Posts (LP), and Command and Control (C2) systems — the agency has little legal recourse.</i><p><i>The CIA made these systems unclassified.</i><p><i>Why the CIA chose to make its cyberarsenal unclassified reveals how concepts developed for military use do not easily crossover to the &#x27;battlefield&#x27; of cyber &#x27;war&#x27;.</i><p><i>To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet. If CIA implants, Command &amp; Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently the CIA has secretly made most of its cyber spying&#x2F;war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution. This means that cyber &#x27;arms&#x27; manufactures and computer hackers can freely &quot;pirate&quot; these &#x27;weapons&#x27; if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.</i><p>One of the more interesting passages. The arsenal must not be classified to protect those who deploy it from legal action. This cyberwarfare kit, which can just as easily be used to destroy the US as one of its enemies, is public domain software created and released at US taxpayer expense.

Based on the overview alone (of course I can&#x27;t read the entire report that fast!), this is exactly what I expect a spy agency would be doing -- if they were not then I would be disappointed.<p>What exactly in the admittedly shortened list am I supposed to be upset about? It makes no distinction between US citizens and overseas parties. If these actions are being done domestically against US citizens, with no just cause sure I will get upset, but that has yet to be seen.<p>As usual it seems Wikileaks publishes a sensationalist story around one of their leaks, claiming dozens of zero-day releases where most were already patched. Hell, they included the i0nic jailbreak as one of the 0-day exploits (<a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_13205587.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_13205587.html</a>).<p>I&#x27;ll let journalists parse through the full report before coming to any conclusion as of yet. I just find it hard to get excited about any Wikileaks release that has yet to be vetted.

It&#x27;s interesting to note that Julian Assange didn&#x27;t demonstrate control of the wikileaks private key during his Reddit AMA 1 month ago: <a href="https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;IAmA&#x2F;comments&#x2F;5n58sm&#x2F;i_am_julian_assange_founder_of_wikileaks_ask_me&#x2F;dc8pgqr&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;IAmA&#x2F;comments&#x2F;5n58sm&#x2F;i_am_julian_as...</a><p>Considering the political situation unfolding in the US and who this leak weakens, there is some evidence that wikileaks is not in the hands of a neutral party.<p>There is clear motive right now for undermining the CIA. This may not have been an act of altruism like Snowden. While shockingly damaging to the American arsenal, the CIA is by far the biggest loser.<p>This comment was immediately down voted on Reddit. Someone is seeking to control the narrative.

- Smart TV turned into listening devices with fake off mode?<p>- Intercepting audio&#x2F;texts before encryption by Signal, Whisper, WhatsApp etc.<p>- Dozens of O-day attacks again Andriod and iPhone.<p>Pretty powerful stuff.

I applaud what seems like a coordinated attempt to outdo each other when it comes to extreme transparency.<p>1) Wikileaks revealing the CIA has undermined consumer goods with malware. (this looks like a bigger deal than the Snowden revelations on the NSA side).<p>2) Russian opposition leader Navalny revealing that former Russian President Medvedev has been accused of amassing a billion-dollar plus property empire, based largely on bribes and subterfuge.<p>I can only hope this extreme transparency, despite the biases of its torchbearers, lights its way into every hall of power from the White House to the Great Hall of the People.

Wow this is really big. There are tons of documents about the various tools they use, but it seems the majority of the actual source code is still being reviewed and the links just show a link to the file list. I hope they eventually release the source code, as a lot of these tools seem very interesting. I can imagine that many at the CIA are running around on fire, as this seems like a big problem for them.

One very interesting thing is that the exploits, rootkits, etc are all unclassified and the CIA has no copyright on them either. The logic is supposedly that an agent putting a classified rootkit&#x2F;trojan&#x2F;whatever on a machine is mishandling classified information and thus it would be illegal.

Also: OmniGraffle and Sublime Text license keys (registered to &quot;Affinity Computer Technology&quot;)<p><a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_25264141.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_25264141.html</a> <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_9535650.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_9535650.html</a>

WikiLeaks Vault7 Year Zero 2017<p><a href="https:&#x2F;&#x2F;archive.org&#x2F;details&#x2F;WikiLeaksYearZero2017V1.7z" rel="nofollow">https:&#x2F;&#x2F;archive.org&#x2F;details&#x2F;WikiLeaksYearZero2017V1.7z</a><p>Passphrase is SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds

The technology used by the CIA and NSA is all stuff people on HN can totally grok. That&#x27;s kind of exciting and disappointing at the same time.<p>Some people on this site could probably do better than the CIA and NSA is doing. Some people here probably wrote some of leaked stuff. Hah!<p>I like the way the teams are broken up by device target but I think they should probably have an even more decentralized setup. Or maybe just more teams doing the same work. Wikileaks tries to make a political point about wasted effort, but more people means more exploits found, etc.

&quot;U.S. Consulate in Frankfurt is a covert CIA hacker base &quot;<p>Germans are usually privacy nuts. I know many who maintain no presence on Facebook, Twitter and Instagram. I wonder how Germany will react to this.

If they call in James Clapper, will he perjure himself again?<p><a href="http:&#x2F;&#x2F;www.hasjamesclapperbeenindictedyet.com&#x2F;" rel="nofollow">http:&#x2F;&#x2F;www.hasjamesclapperbeenindictedyet.com&#x2F;</a>

They have vim editing tips <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_3375350.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_3375350.html</a><p>No emacs?

I don&#x27;t really get into political commentary, and I&#x27;m not a US citizen, but there&#x27;s some great RE tips in there.<p>I genuinely lol&#x27;ed at their assessment about Comodo&#x27;s whitelist-only firewall&#x2F;av.<p>Also, this: <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_17760284.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_17760284.html</a><p>(ﾟヮﾟ)

One of the findings: Notepad++ has a DLL hijack [1]<p>[1] <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_26968090.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_26968090.html</a>

This had the potential of being a positive development brought by Trump&#x27;s election: many behaviors by the US three letter agencies that were glossed over for the past 8 years (due to the party in power being &quot;on the right side of history&quot;) are again reprehensible and deemed a threat to be fought by the tech community.

This is an incredible and sensational claim that, if true, can quite literally &quot;break the internet&quot;. Makes me very sad to imagine that CIA grade cyber weapons for getting into iPhones are now in the hands of heaven knows who. Hope Apple security teams are on this.<p>EDIT: To clarify, I&#x27;m commenting on the original situation of the tools getting out of CIA to the entities it was &quot;circulated to&quot;, not this leak later by WikiLeaks - presumably the damage has already been done.

I wonder how many of the exploits&#x2F;tools released are still usable today.<p>Also, the actual video press release had to be rescheduled due to their video stream being attacked.[0]<p>&quot;NOTICE: As Mr. Assange&#x27;s Perscipe+Facebook video stream links are under attack his video press conference will be rescheduled.&quot;<p>[0]: <a href="https:&#x2F;&#x2F;twitter.com&#x2F;wikileaks&#x2F;status&#x2F;839104886625157120" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;wikileaks&#x2F;status&#x2F;839104886625157120</a>

I wander what phones &#x2F; computers CIA operatives use - do they have special patched versions which address the zero day exploits they are aware of.

TIL that CIA is using Atlassian Stash for internal code hosting. Many references to the stash.devlan.net, would be nice to see some code, I just found some python scripts: <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_9535551.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_9535551.html</a>

Glad to see CIA hackers are Dr. Who fans!<p>&quot;Weeping Angel&quot; makes it look like a Samsung television is off while it is really on and recording the room. Precisely what the Weeping Angel does during the Dr&#x27;s first encounter.

This looks interesting: Hive&#x27;s developer guide. It has a auto-destruct feature, just like in the movies:<p><a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;files&#x2F;DevelopersGuide.pdf" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;files&#x2F;DevelopersGuide.pdf</a>

<i>The CIA&#x27;s Remote Devices Branch&#x27;s UMBRAGE group collects and maintains a substantial library of attack techniques &#x27;stolen&#x27; from malware produced in other states including the Russian Federation.<p>With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the &quot;fingerprints&quot; of the groups that the attack techniques were stolen from.</i><p>This has interesting implications for the claim that &quot;Russians&quot; hacked the election (although I can&#x27;t imagine the CIA wanting to hack the election in Trump&#x27;s favour).

I&#x27;m surprised so many acronyms from their org chart are missing.<p>FINO is Financial Operations Group. FIO is Field Intelligence Officer. ESD is Executive Services Directorate. Don&#x27;t see a single term that anyone who spent any time in the intelligence community wouldn&#x27;t recognize.

Had the CIA&#x27;s efforts been targetted towards improving encryption and security, US citizens and its government may well have had the ability to communicate safely. They may well have been able to trust new smart gadgets such as smart TVs and smart phones. Instead the CIA aided the nefarious people of the world by not reporting and exploiting security holes in devices used by the citizens it should protect. Now it has leaked said exploits and the CIA has helped their enemies in spying on every aspect of US life to a degree never seen before.

This idea that the government should somehow be exempt from proper cybersecurity ethics is disgusting. When the CIA or the NSA find zero day attacks in software, they should report them immediately to be fixed, not build tools specifically to exploit them. It&#x27;s only a matter of time before these attacks either leak or are rediscovered by other malicious parties. The government is effectively turning their own people into cannon fodder for their ridiculous &quot;cyberwar.&quot;

I hope Europe and Germany especially finally wake up and start kicking out these pests. The US&#x2F;CIA is conducting crimes against humanity on foreign soil. Like the drone war. The US may not be part of the international court but Germany is.

Maybe this is a stupid question but how does one go about verifying the information wikileaks releases is accurate?<p>I assume the people who submit info are verified in some way, does wikileaks then pass on that verification info to the public or are we supposed to just trust that they are providing truthful information in an unbiased way?

Looks like the CIA is screwing the public by mutual consent. The public is demanding more of the same, just as long as it&#x27;s directed at whoever is out their favor. Here&#x27;re the two topmost comments on NYT at the moment[0]:<p><pre><code> karma2013 New Jersey 3 hours ago If anyone still has doubts that Wikileaks and the Russians are working together to undermine and destabilize our government institutions, erode public confidence in our government, and generally wreak havoc in our country, this latest document dump should erase all doubt. We are under attack by an adversarial nation, with a President here at the helm who seems not to take any of this seriously. Spy agencies spy, this should come as no shock -- this is how they infiltrate potential terrorist plots against America and keep us safe. We are less safe today thanks to Wikileaks and Assange&#x27;s unholy alliance with Putin.. Thomas Marin County, CA 3 hours ago Where&#x27;s the hacking of trump&#x27;s taxes and his Russian connections?? This information is needed NOW! </code></pre> [0]<a href="https:&#x2F;&#x2F;www.nytimes.com&#x2F;2017&#x2F;03&#x2F;07&#x2F;world&#x2F;europe&#x2F;wikileaks-cia-hacking.html" rel="nofollow">https:&#x2F;&#x2F;www.nytimes.com&#x2F;2017&#x2F;03&#x2F;07&#x2F;world&#x2F;europe&#x2F;wikileaks-ci...</a>

Anyone in the know how about whether the CIA subverted the security of software or whether they inserted vulnerabilities into software?<p>One of the shocking and disgusting things from the NSA leaks was that it actively sought to create new vulnerabilities and to create subverted software industry products in the United States.<p>So far it looks like the CIA is using discovered vulnerabilities (imo better than sabotaging industry). But given the size of the leaks I&#x27;m having difficulty confirming that this is indeed the case.

&quot;and even Samsung TVs, which are turned into covert microphones.&quot; - Sounds very Orwellian

the grugq‏: &quot;I guess the .ru investigation in the US is getting too hot, time to throw a big distraction at the CIA; drive wedge between executive &amp; IC&quot;<p><a href="https:&#x2F;&#x2F;twitter.com&#x2F;thegrugq&#x2F;status&#x2F;839138456894763008" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;thegrugq&#x2F;status&#x2F;839138456894763008</a>

I will continue using Swiss cheese and hungry mice as my metaphor for global network security.

Any guesses on why CNN and MSNBC are completely avoiding reporting this news?

CIA needs to work with the tech community to patch the vulnerabilities, and the US business community for awareness of the vulnerabilities. The cat is out of the bag and CIA&#x27;s mission is very much consistent with a direct defense effort to ensure foreign powers and organized criminal entities cannot use the CIA&#x27;s compromised assets against US citizens.

The value of all of these electronics devices becomes increasingly smaller the more you find that they are all just listening and recording everything you do and sending that information to some powerful entity.<p>The people who run these electronics companies might want to think about that if they have the best interests of their shareholders in mind.

In media accounts, I keep seeing quotes that cyber security experts were alarmed by the revelations. I&#x27;m no expert but to me all of the revelations have been open secrets for years. Are cyber security experts really alarmed by the revelations? I&#x27;m not saying the info itself isn&#x27;t alarming but &quot;alarmed&quot; implies shocked by information you didn&#x27;t already know about. It occured to me that some of these experts could have their own motives (promotion?) for getting quoted in the media.<p>What am I missing in my understanding of this in saying that I wasn&#x27;t alarmed (in the sense of surprised) by anything I&#x27;ve read so far? Most of the source code they released has been circulating for several years? This is basically publicity for already existing open secrets? That is, this was an act of political theatre?

OS-level backdoors can be easily patched. Unlike hardware based backdoors, curtesy of Intel AMT.

Maybe it is just my lack of knowledge but why were all the recently leaked hacking tools made by US and none by Russia or China?

Honestly, what&#x27;s the news here? The US&#x27;s top spy agency is engaged in spy activity? This shouldn&#x27;t come as a surprise to anyone just as it shouldn&#x27;t have surprised anyone that Russians hacked the DNC.<p>What&#x27;s more interesting and important to consider is the way in which this is yet another move in the information war that Russia is waging with its enemies. Their intentions in this war are not to &quot;uncover the truth&quot; or whatever the purported mission of Wikileaks was at one point.

Is anyone actually surprised? Even military has USCYBERCOM. What do you think their type of &#x27;weapons&#x27; are? My only surprise it that this has leaked.

I&#x27;ll be really honest... I don&#x27;t think any of the stuff I&#x27;ve seen so far is &quot;news&quot;. We already know our smartphones, tvs, and IOTs are very vulnerable to attack. Shouldn&#x27;t we expect intelligence agencies to take advantage of it?<p>The only &quot;real&quot; news would be if the Trump administration plans to continue the illegal monitoring of US citizens without warrants from the previous administration.

This may sound stupid, but I&#x27;m wondering if using Windows Phone 8 (not Windows 10 mobile) might be a strong measure for protecting oneself against such attacks.<p>First, it&#x27;s quite restricted in terms of deep system access towards devs and users. Apps are sandboxed and extremely isolated from each other. Then, its market share is so low that probably no one makes an effort to build targeted attacks towards it.

I wonder if, supposing a legit war use, those tools would work. Maybe in taking down some enemy tech infra, but on collecting information, i really have doubts. That would be too much data to process unless they had specific targets. Human intelligence would be much more effective.<p>Anyway, I remember a story of a US submarine that hacked soviet cables in the 70s or 80s.

This and every conversation on the intetnet to do with the leaks quickly devolves into &quot;did russia do it?&quot;<p>The content of the leak is mind blowing, how are people not paying attention to this. No one seems to find the content shocking.<p>It&#x27;s just disappointing, especially on hn. I guess this just another thing that&#x27;s going to be hypernormalized. :(

When will people stop pretending that Wikileaks is anything other than an anti-American political faction that is allied with Russia?<p>If Assange truly believed in transparency and a new kind of open democracy, he would stop preferentially targeting the US and get on with showing the world how all of our governments are the same in this regard.

torrent for distribution <a href="https:&#x2F;&#x2F;file.wikileaks.org&#x2F;torrent&#x2F;WikiLeaks-Year-Zero-2017-v1.7z.torrent" rel="nofollow">https:&#x2F;&#x2F;file.wikileaks.org&#x2F;torrent&#x2F;WikiLeaks-Year-Zero-2017-...</a><p>ps:<p>Password: SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds<p>Hash: 7BF9A9F2A2809E13BD57A96A360725F1688A0D51

Use of undisclosed zero day vulnerabilities by governments is not really news. But the article makes it sounds like these OS come with a rootkit pre-installed to exploit those vulnerabilities. My guess is that they first need to find a way to install these on targeted devices. Any idea?

I guess some responsible disclosure to the affected vendors would be nice. If the tools are being actively exploiting bugs, which they are, there&#x27;s not much else to do in order to stop the exploitation. Give it a few weeks and then publish them in the wild.

New York Times weighs in:<p><a href="https:&#x2F;&#x2F;www.nytimes.com&#x2F;2017&#x2F;03&#x2F;07&#x2F;world&#x2F;europe&#x2F;wikileaks-cia-hacking.html" rel="nofollow">https:&#x2F;&#x2F;www.nytimes.com&#x2F;2017&#x2F;03&#x2F;07&#x2F;world&#x2F;europe&#x2F;wikileaks-ci...</a>

The Samsung TV attack seems rather lame. The attack apparently has to be installed via a USB device, which means somebody has to physically reach the TV. If you can get that far, there are other ways to plant a bug. The documents don&#x27;t indicate they&#x27;ve been able to install it remotely. Looking into remote update was on the to-do list.<p>There&#x27;s little interesting technical detail in any of this. It looks like stuff that would be classified CONFIDENTIAL; it&#x27;s mildly embarrassing, but doesn&#x27;t give much away.

It&#x27;s very sobering to realize that if the government wanted to track my every movement they could easily do so. Arguing about the security features of Android vs. iOS just seems redundant now.

While I&#x27;m glad they published this much, I wish they had published the tools themselves. As is, this is really just enough information to get worried and not enough to fix anything.

I found the Windows exploits dealing with legacy fax DLL&#x27;s to be comical. It&#x27;s arguably the lowest hanging fruit that continues to be the crux of proper security practices.

Interesting page titled &quot;ConnectifyMe Research&quot; [0] appears to be reverse engineering Connectify [1], which is an In-Q-Tel funded project!<p>[0] <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_16385111.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_16385111.html</a><p>[1] <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Connectify" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Connectify</a>

Quite a lot of the twitter security scene seem to be pointing towards Hal Martin. Apparently timeline and level of classification is consistent.<p><a href="https:&#x2F;&#x2F;www.wsj.com&#x2F;articles&#x2F;former-nsa-contractor-indicted-for-stealing-top-secret-documents-1486597329" rel="nofollow">https:&#x2F;&#x2F;www.wsj.com&#x2F;articles&#x2F;former-nsa-contractor-indicted-...</a>

This one is great:<p>&#x27;* Linksys WRT54G flashed with DD-WRT v24sp2 used as surrogate for testing MikroTik MIPS-LE binaries. No actual RouterBoard (i.e. MikroTik) hardware was used<p><a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;files&#x2F;UsersGuide.pdf" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;files&#x2F;UsersGuide.pdf</a>

Since the inception of Smart TV&#x27;s, I&#x27;ve often wondered, is it still possible to buy a modern &quot;stupid&quot; TV?

You know the expense of doing this is over 100 Billion a year (especially if you include lost business for American corps over the mistrust). You have to wonder what the upside is, in dollars. I have to imagine its very, very low, and perhaps only justified in having a lottery ticket to prevent an extinction level event like WW3?

<p><pre><code> &gt; Self-delete is used to insure that any Hive implant that lays dormant ... for a predetermined amount of time &gt; effectively destroys itself with the only remnant being a “configuration file” &gt; (.config) and a log file (.log) left behind in &#x2F;var directory. </code></pre> .log &amp; .config in &#x2F;var

Have there been any leaks showing TLAs using Intel&#x27;s ME or AMD&#x27;s PSP as a means to compromise a target?

Has anyone with a clue actually gone over the code? If so, is there a description of how it works?<p>Unless things like smart TV&#x27;s are shipped with malware, or unless they reach out and ask for malware and install it themselves, wouldn&#x27;t having all your devices behind a NAT box make all this stuff benign?<p>Or am I too naive?

Ethics aside, the CIA looks like a cool place to work. Look at the cutting edge stuff they are up to.

<i>These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the &quot;smart&quot; phones that they run on and collecting audio and message traffic before encryption is applied.</i>

Just something totally ridiculous. These spyware &#x2F; malware competitions remind me of poker in that these are games of imperfect information and we just throw hoops tring to gain a tiny bit more information than the next guy, to improve our bets.

Makes me think of this article about the American surveillance state <a href="http:&#x2F;&#x2F;harvardmagazine.com&#x2F;2017&#x2F;01&#x2F;the-watchers" rel="nofollow">http:&#x2F;&#x2F;harvardmagazine.com&#x2F;2017&#x2F;01&#x2F;the-watchers</a>

It&#x27;s like a friendly reminder about how Stallman was right about everything...

So... uh... where can one find these tools? Asking for a friend.

&quot;There is an extreme proliferation risk in the development of cyber &#x27;weapons&#x27;,&quot; says man eagerly proliferating cyber weapons.

Wikileaks has the code for these tools but wisely didn&#x27;t release it.<p>Hopefully they will notify vendors of the security vulnerabilities being exploited

I think it would be completely fair to see all countries affected by CIA&#x27;s hacking to take the exact actions US did with Russia.

Does anyone have any comments about technical aspects of the documents released? Seeing how this is Hacker News and all...

&gt;These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram...<p>So much for guaranteed encryption and safety.

I&#x27;ll add my view that I don&#x27;t see this as being all that surprising. Didn&#x27;t we all expect that this is the sort of thing that TLA&#x27;s get up to behind closed doors?<p>My main complaint is that even though I&#x27;m otherwise fairly well aligned to the US (ideals, principles, culture and such), I&#x27;m not a US citizen and therefore get treated as an enemy :(

meh CIA tools still require &quot;intervention&quot; or well &quot;manually infecting things&quot;, on the other hand NSA tools don&#x27;t... so the day, all the NSA tools gets available then it will be doomsday for all sysadmins in the world.

Can anyone confirm that due to SIP in 10.10 it won&#x27;t work on newer version of macOS?

Wikileaks seems to be supporting Trump as the lesser of two evils. Why they see the other side as more evil, is not entirely clear, or on what information it is based on. it could be they know more than we, and can&#x27;t release it. Or it could be something like getting revenge for the apparent assassination of DNC leaker.

I just have to say... glossing over the details quite a bit, not reading the article. Mostly I&#x27;ve just read peoples&#x27; thoughts on here and Twitter.<p>But my initial gut feeling&#x2F;reaction about this news is that it&#x27;s distinctly un-interesting as compared with, say, Shadow Brokers or Snowden.<p>Just my initial reaction...

Taking the chance to vent just a bit. These are the sort of things I have been telling people about but have been derided as paranoid and a conspiracy theorist. The Samsung TV was a great example of this, which I called would be more than just samsung sending voice data. Also, so many people have loved to respond to people talking about this with some variation of, &quot;but you&#x27;re not important, why would they bug you&quot;. It really makes me wonder how often those responses were sock puppets attempting to control and derail the narrative, but criticisms like that are so trite eand easily debated.<p>I have spent a lot of time since the Iraq war (USMC), trying to understand how we got entangled in such a fucking mess, and have continually come to the conclusion that the deep state, of which the CIA is a major part, has actively been working against what I consider the true interests of the United States.<p>While I agree we need an international intelligence collection unit, let&#x27;s not forget that originally the CIA&#x27;s mandate was just to almagamate intelligence from military intelligence units, not to go do shadow operations all over the globe. Truman even wrote an article about how that was not his intention after the JFK assassination, but the article only ran once and Dulles personally flew out to talk to him about a retraction. Ok, though, perhaps that ship has sailed, and ops are a permanent part of collection.<p>My issue then, is with the disparity between operational intention and what I consider true national interests. I understand a certain amount of realpolitik pragmatism is necessary in the function of nation states and diplomatic international affairs, but I think it has become realpolitik run amok with no anchor on core principles, creating blowback after blowback, to the point that such blowback no longer just seems like incompetence and seems like intentional malice.<p>Never forget where the CIA came from. It was formed as the OSS by <i>Wall Street Bankers&#x2F;Lawyers</i> with help from the much older MI6! Those foundations have largely been maintained through their selection process (Yale skull and bones&#x2F;wolf&#x2F;scroll and key heavy) The main connection I have eeked out that I don&#x27;t think most understand though is the relationship between the Wall Street group and The City of London&#x2F;Vatican&#x2F;Swiss Banking groups and their many associated secret society groups and orders of knighthood.<p>In the end, I have postulated that the corruption of the country has been top down, and deliberate. The CIA is a key node point in this corruption, and I question their loyalty to the constitution. Compartmentalization has been used and abused to the point that the mostly good worker bees doing the intel work don&#x27;t understand the bigger picture plays at work here, and I think it is telling that the decryption passphrase was JFK talking about scattering them to a thousand winds.<p>There is plenty of evidence that <i>The Company</i> has been operating domestically, unconstitutionally, and against their mandate, for quite some time. I promise you these tools have been used domestically on American whistleblowers, dissidents, and general rabbelrousers considered enemies of the <i>the company</i>. This has been the danger I have been speaking about with the total surveillance state, because now between <i>the company</i> and <i>the agency</i>, all will take is a few turns of some keys and the totalitarian dystopia is fulling engaged, and if you think this was ever about national security I have a bridge to sell you in the pacific. Of course there will be those who claim releases like this are a detriment to national security, and what I claim is the fact that these tools have been used domestically for the purposes of the deep state is the real threat to national security. The agency and the company should be working to help us secure our systems, not NSL gagging tech companies to insert backdoors or give the source so they can do their own 0days, so don&#x27;t fall for the inevitable cries of <i>but this hurts us and is legitimate</i>. I mean there is evidence they were even corrupting NIST committees! This kind of bullshit is not about national security. I can&#x27;t believe how easily people accept unconstitutional moves as long as some offical or other claims <i>national security</i> (usually with no evidence). This is about the deep state maintaining power.<p>For us, the hackers and geeks of the world, they left us alone for a bit, after they lost the 90&#x27;s cryptowars. It&#x27;s back on though. This is the danger of tivoization, of proprietary licenses, of closed source code (including BSD licenses that allow such actions). We need to open source everything, start encrypting everything, and making it easier for the layman to use the tools.<p>Stop using windows and osx, even for gaming. Stop installing windows at your business. Start using HIDS like OSSEC. Start checking your logs. Start checking your checksums. Start hardening your systems and your kernel (grsec). Stop using stock android, and don&#x27;t use IOS. Desoder microphones on systems. Build faraday cages. Get an SDR and do bug sweeps.<p>When the surveillance engine is turned on, FOSS hackers will be the only ones free.

Pretty cool names for the tools... Is this really real or a honeypot?

So will this zero days be reported to Google,Apple,Microsoft &amp; Co.? Or is this more a &quot;FYI document&quot;? It seems you can be on the safer side if you use a more exotic phone OS which is not widely used or a more dumb feature phone.

CIA: &quot;Hey! lets see how the whole world responds to this &#x27;<i></i><i>leak</i><i></i>&#x27; while we know we are 10+ years ahead of them... lets figure out how they all responds, the fucking idiots....

Those who live by the sword will die by the sword.

Is it legal to access the docs on wikileaks? is it legal to post a link here to those docs?

I feel like this might get lost in the shuffle, so I&#x27;m posting it independently.<p>I&#x27;m not shocked at any of this. The writing has been on the wall as early as 2001 that the NSA and CIA has been gearing up and building these exploits out. Here is a nice PBS documentary on the subject of FISA &amp; NSA surveillance, and of course the CIA is no lone wolf, these agencies were given carte blanche by previous administrations to work together. While I believe they are different in aspects of what they do, from this perspective, I think its fair to say that likely if the CIA has it, the NSA has it, and if the NSA has it, the CIA most likely has it or can get it.<p>To illustrate a nice timely, take a look at this gem from 2001<p><a href="https:&#x2F;&#x2F;ca.pbslearningmedia.org&#x2F;resource&#x2F;fl32-soc-ussfisa&#x2F;united-states-of-secrets-warrantless-wiretapping&#x2F;" rel="nofollow">https:&#x2F;&#x2F;ca.pbslearningmedia.org&#x2F;resource&#x2F;fl32-soc-ussfisa&#x2F;un...</a><p>Around the same time, we even had this pop up: its a run down as to why the NSA needs to have this &#x27;legal authority&#x27; to act with impunity for &#x27;American interests&#x27;<p><a href="http:&#x2F;&#x2F;nsarchive.gwu.edu&#x2F;NSAEBB&#x2F;NSAEBB178&#x2F;surv34.pdf" rel="nofollow">http:&#x2F;&#x2F;nsarchive.gwu.edu&#x2F;NSAEBB&#x2F;NSAEBB178&#x2F;surv34.pdf</a><p>and of course, we have the NPR story that breaks it all down over the NSA wiretapping debate:<p><a href="http:&#x2F;&#x2F;www.npr.org&#x2F;news&#x2F;specials&#x2F;nsawiretap&#x2F;legality.html" rel="nofollow">http:&#x2F;&#x2F;www.npr.org&#x2F;news&#x2F;specials&#x2F;nsawiretap&#x2F;legality.html</a><p>Take special note here: hardly any at length commentary at all so far and the news is pretty sparse. Largely, it seems people were not paying attention, yet right here its clear as day that the NSA was gearing up to expand and use its surveillance capabilities.<p>Of course, around all this, it is clear the NSA and the CIA would be sharing exploits like these, it is likely these were all used in joint context with each other:<p><a href="https:&#x2F;&#x2F;www.cia.gov&#x2F;library&#x2F;readingroom&#x2F;docs&#x2F;DOC_0006184107.pdf" rel="nofollow">https:&#x2F;&#x2F;www.cia.gov&#x2F;library&#x2F;readingroom&#x2F;docs&#x2F;DOC_0006184107....</a><p>and of course, the ACLU has a relevant statement on this as well, i think its quite a good summary of the feelings at the time:<p><a href="https:&#x2F;&#x2F;www.aclu.org&#x2F;other&#x2F;how-anti-terrorism-bill-puts-cia-back-business-spying-americans" rel="nofollow">https:&#x2F;&#x2F;www.aclu.org&#x2F;other&#x2F;how-anti-terrorism-bill-puts-cia-...</a><p>Then, we have these here, around 2004-2006:<p>The first real report coming out is from the ACLU, reporting about the NSAs massive build up since 9&#x2F;11 and how its creating a lot of questionable actions to be undertaken by the agency, in which they allege, at the time, among other things, that the NSA is spying on US citizens:<p><a href="https:&#x2F;&#x2F;www.aclu.org&#x2F;files&#x2F;FilesPDFs&#x2F;surveillance_report.pdf" rel="nofollow">https:&#x2F;&#x2F;www.aclu.org&#x2F;files&#x2F;FilesPDFs&#x2F;surveillance_report.pdf</a><p>My favorite quote:<p><i></i><i>National Security Letters. These obscure devices, which can be written by FBI officials in field offices without the approval of a judge, give the government broad power to demand records. Once upon a time this sweeping power could only be used to get information about “agents of a foreign power” from banks, credit agencies and Internet service providers. But the Patriot Act changed the law to allow their use against anyone, including persons not suspected of a crime. The bill quietly signed into law by President Bush in December 2003</i><i></i><p>but wait, there is more!<p>Around the same time, the GAO had noted that there was an increasing amount of trouble coming from cyber security experts about cybersecurity infrastructure in the states. How easy they were to exploit, their threat to infrastructure, and how it could affect people. How is this related? This same type of report details alot of the exploits that the NSA has used, such as stuxnet, which come to light many years later:<p><a href="http:&#x2F;&#x2F;www.gao.gov&#x2F;new.items&#x2F;d04321.pdf" rel="nofollow">http:&#x2F;&#x2F;www.gao.gov&#x2F;new.items&#x2F;d04321.pdf</a><p>and less us not forget, the NSA tried to sway attention away from itself by releasing this tidy memo, which got leaked, in and around 2004:<p><a href="https:&#x2F;&#x2F;epic.org&#x2F;privacy&#x2F;nsa&#x2F;foia&#x2F;EPIC-NSA-USSID-18-and-Domestic-Procedures.pdf" rel="nofollow">https:&#x2F;&#x2F;epic.org&#x2F;privacy&#x2F;nsa&#x2F;foia&#x2F;EPIC-NSA-USSID-18-and-Dome...</a><p>In which they promise to quote &#x27;no longer use their spying apparatus on US citizens knowingly&#x27;(i&#x27;m paraphrasing)<p>and of course,<p>We have this report from 2006 from the Indiana Law Journal detailing all of the potential pitfalls and abuses of the FISA courts. In essence, to sum it all up, it states:<p><i></i><i>Accordingly, to extend the “special needs” doctrine to the NSA program, which authorizes unlimited warrantless wiretapping of the most private of conversations without statutory authority, judicial review, or probable cause, would be to render that doctrine unrecognizable. The DOJ’s efforts to fit the square peg of NSA surveillance into the round hole of the “special needs” doctrine only underscores the grave constitutional concerns that this program raises</i><i></i><p>oh and i didn&#x27;t forget: we got concrete evidence of state sponsored Russian hacking against US systems since as early as 2008:<p><a href="http:&#x2F;&#x2F;nsarchive.gwu.edu&#x2F;NSAEBB&#x2F;NSAEBB424&#x2F;docs&#x2F;Cyber-027.pdf" rel="nofollow">http:&#x2F;&#x2F;nsarchive.gwu.edu&#x2F;NSAEBB&#x2F;NSAEBB424&#x2F;docs&#x2F;Cyber-027.pdf</a><p>relevant quote:<p><i></i><i>The head of the Russian Army Centre for Military Forecast, Colonel Anatoly Tsyganok, made comments to the Russian news outlet, Gazeta, about the cyber attacks on Estonia. He believes that there was nothing wrong with the attacks because there are no international agreements established. Colonel Tsyganok also believes that NATO couldn’t do anything to stop the attacks and that they were highly successful. The most telling example of Russian government involvement in cyber warfare was with Herman Simm selling IT secrets to the Russian Foreign Intelligence Service that was discussed in Section VIII of this monograph. This case showed that the government of the Russian Federation is actively seeking information on cyber defenses and is willing to pay large sums of money (Mr.Simm is accused of selling cyber security secrets for millions of dollars) to receive information on cyber security.</i><i></i><p>I feel like the tech public that should be doing the diligence on this has been asleep at the wheel. On the recent stories from NSA surveillance, the CIA leak we are reading here, or other government programs. Its not crackpot. Its not a conspiracy. The evidence has been out there in our faces for years. I feel like we fell asleep at the wheel as a tech community to stand up to this.

just saw half of these comments on &#x2F;r&#x2F;hacking. literally word for word.

EDIT: This post is no longer relevant.<p>Meta: 351 points in &lt; 2 hours and it&#x27;s bouncing between #10 and #16.<p>Conclusion: HN is flagging this fairly aggressively.<p>Question: Why? This is not overtly political, and it is definitely in the interest of the community, with the potential to be at least half as interesting as the Snowden documents or the hack of Hacking Team.

&gt; <i>the omission of emails pertaining to russia creates a narrative.</i><p>Maybe Assange dislikes the taste of polonium in his tea, or something.

Well, traveling to the US I have had to fill out a green form stating that I&#x27;m not a terrorist or a 40-45 Nazi. I guess they capture a lot of pathological truth-telling terrorists&#x2F;Nazis with this piece of paper

&gt;&quot;As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.&quot;<p>Reminds me of the reporter who was supposedly working on a massive investigation and then died in a flaming car crash while skipping town. Forgot his name

I am completely bemused that on the one hand the CIA is quite happy to literally murder, rape and and torture left right and centre, overthrow foreign governments, interfere with elections etc ... but is careful about adhering to the finer points US Constitution.

Unbelievable the depth and scope. Absolutely frightening that most of these tools are out in the wild.

Poisoning or making disclosure questionable the public medium of communication has long been the control mechanism of autocracy.<p>We have known for a long time that some governments and vested interests have no interest in critical discourse regarding their basic mythologies of substance and staple.<p>That is: if we all stood up today and said we don&#x27;t believe in your economy and the dollar and democracy and evil and good they would have to kill the people who don&#x27;t believe the fiction(s) or make another set of fiction(s) palatable.<p>This effort is not unbelievable but maybe the details are unreal.

I... Uh... I&#x27;m disturbed by lots of things the CIA does, and I&#x27;m sure there&#x27;s <i>something</i> incriminating in here.<p>But isn&#x27;t it a little weird we&#x27;re suddenly talking about the CIA&#x27;s capability instead of the investigation in to the administration&#x27;s Russian connections? You know, the one that seems to have every high level official with illicit contact, including the AG lying about contact to Congress and a campaign adviser making serious allegations just last week?<p>We definitely have to do something about the CIA and their shenanigans, but this &quot;leak&quot; is mostly them doing their job effectively made out to be scary by people with a known bias.<p>Maybe we can stop chasing random scary thing, and focus on the election that had a major PSYOP by a foreign power that resulted in an administration with unusual to illicit ties to that foreign power.<p>Im all for holding out intel community to account for their behavior, but now isn&#x27;t really the time for it. We have more major issues to deal with.

Maybe someone can clear this one up. So from the Snowden leaks, we know the extent of the NSA toolkits and the requirements which need to be met to utilize them. Now we know what the CIA has to work with, which requires the same authorizations, however apparently they encounter less oversight&#x2F;obstructions(irrelevant), and after Apple refused to unlock the San Bernardino Shooter&#x27;s iPhone, we found out the FBI was playing some sort of politics, by claiming that justice might not be served without Apple&#x27;s intervention, and proceeded to publicly shame the ethical position they took. So why on earth was Obama trying to force Apple&#x27;s hand in that matter? Soon as Apple said no, the FBI somehow found the single magical person willing and able to defeat the privately enhanced security of the 5s the shooter carried? Makes no sense to me.

I looked through the leak, they promised source codes, all I found was source codes from various public projects.<p>For the CIA tools, there was only descriptions and guides to how to get it implemented and in use, not the actual source code.

I&#x27;d just like to point out that the CIA has gone so far as to have a meme warfare department. CIA agents posting on HN is well within the realms of possibility.<p>Don&#x27;t take everything you read here at face value

Thank you Assange;<p>&quot;Never do anything against conscience even if the state demands it.&quot; --Einstein

The solution is for the US to ensure vulnerabilities are identified and patched.

If I was CIA and I wanted to waste time by arguing and distracting forum readers, what would I be posting in this thread?

This is insane!

Quit with the fucking conspiracy theories. Seriously -- can we get a fucking mod in here to get rid of this shit.

So what exactly is the goal of this leak beyond embarrassing and weakening the US?

I never read wikileaks but I did glance at a couple of things here - <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_14587109.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_14587109.html</a><p>which are &quot;do&#x27;s and don&#x27;t&#x27;s&quot; for malware writers. I like this:<p>S&#x2F;&#x2F;NF) DO NOT perform operations that will cause the target computer to be unresponsive to the user (e.g. CPU spikes, screen flashes, screen &quot;freezing&quot;, etc).<p>But the rationale is only:<p>(S&#x2F;&#x2F;NF) Avoids unwanted attention from the user or system administrator to tool&#x27;s existence and behavior.<p>It should go farther. When a user&#x27;s impact is affected, this is a firm and definite step toward living in a police state.<p>I like the idea of a state where the director of the CIA can tell the President &quot;We do not have private files on anyone, nor anything not directly related to imminent terror action and the like. We live in a free world, and if we didn&#x27;t have people abducting others for ransom, planning terrorist activities, or the like, nobody country would need such capabilities.<p>Generally I am against a surveillance state and for one of these reasons I do not read these documents.<p>I also like this part:<p>(S&#x2F;&#x2F;NF) DO make all reasonable efforts to minimize binary file size for all binaries that will be uploaded to a remote target (without the use of packers or compression). Ideal binary file sizes should be under 150KB for a fully featured tool.<p>To put this in perspective, if you were to load the front page of the wall street journal right now, your browser would download something like 900 KB.<p>I think getting 100 kb slipped in here or there that makes sure I&#x27;m not running a huge terrorist network is worse than the total inability for the government to do this if someone <i>is</i>.<p>it shouldn&#x27;t impact my experience and it should be denied.<p>It&#x27;s problematic that some of this is extralegal, but I&#x27;d rather not know about it than to have to have someone acknowledge its existence. Sorry.<p>if bitcoin assholes weren&#x27;t ransoming people&#x27;s pc&#x27;s and life&#x27;s work, or if people weren&#x27;t being abducted for ransom, or if people weren&#x27;t radicalized in a matter of weeks and then transmitted secret payments and chose to plough into a group of people celebrating independent democracy (the French 14 July thing with the truck), I might have a little more sympathy toward the idea that there doesn&#x27;t need to be anything except might makes right on the Internet, letting users and terrorists do whatever they want and fend for themselves.<p>-<p>Edit: the cleanup&#x2F;uninstall section explicitly mentions in the rational, not collecting private (unwanted) data. This might not be great but certainly sounds like the kind of hidden machinery you would want, in the kind of world we live in.

[Deleted]

Sontaran and weeping angel? Well somebody go get The Doctor.

Looks like a fake. Tons of publicly available crap in the files section and 3 pdfs with words SECRET and even TOP-SECRET in the names.<p>This could be a dump of any amateur team whatsoever with just these 3 files added.

VLC 2.1.5 compromised <a href="https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_15729066.html" rel="nofollow">https:&#x2F;&#x2F;wikileaks.org&#x2F;ciav7p1&#x2F;cms&#x2F;page_15729066.html</a><p>edit: please see response below from remlov<p>edit: this post was premature, see below posts