Jump to content

Welcome to FutureTimeline.forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

Hacking & Cyberwarfare News and Discussions

CIA hacking hacker NSA surveillance spyware cyberwarfare cyberattack cyber cyberterrorism

  • Please log in to reply
98 replies to this topic

#41
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts
Hacker Shows Us How to Unlock a Laptop Using an NSA Tool


Written by


Lorenzo Franceschi-Bicchierai


August 29, 2016 // 11:41 AM EST


Around Christmas in 2013, a German newsmagazine published a large cache of leaked NSA files, detailing several spy tools used by the NSA.

The leaked documents were dubbed ANT (Advanced Network Techniques) Catalog, and showed that the US spy agency had a wide array of tools to spy on people’s computers and, as they put it, get the “ungettable.” The tools ranged from a set of fake cellular base stations that hijack phone calls, a USB plug to steal data as soon as it’s connected to a computer, and “radio frequency reflectors,” devices that beam radio signals to other devices, forcing them to beam data back.

Continued at...

https://motherboard....rce=recommended

#42
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

Voter Records Get Hacked a Lot, And You Can Just Buy Them Anyway

 

On Monday, Yahoo reported the FBI had uncovered evidence that foreign hackers had breached two US state election databases earlier this month. The article, based on a document the FBI distributed to concerned parties, was heavily framed around other recent hacks which have generally been attributed to Russia, including the Democratic National Committee email dump.

 

The thing is, voter records are not some extra-special commodity that only elite, nation-sponsored hackers can get hold of. Instead, ordinary cybercriminals trade this sort of data, and some states make it pretty easy to obtain voter data through legal means anyway.

In December of last year, CSO Online reported that a database of some 191 million US voter records had been exposed online. They weren't grabbed through hacking, per se: the dump was available to anyone who knew where to look, or was happy to just cycle through open databases sitting on the internet (which, incidentally, common cybercriminals are).

 

Read more: Hackers Are Sharing Reams of US Voter Data on the Dark Web

 

Tech Insider previously spoke with a hacker advertising registration records for voters from all 50 US states. Although the publication did not see the full set of data, they did manage to confirm a small number of samples provided to them.

 

And back in January, we reported that alleged voting records of millions of American citizens were uploaded to dark web site linked to the well-known hacking forum Hell. Those files appeared to include voters' full names, dates of birth, the date they registered to vote, their physical address, local school districts, and other information too.

 

The dumps had been uploaded to a databin, where anyone with the password could easily just log in and help themselves to all of those details. (The password was also openly advertised on the Hell forum, so it wasn't an exclusive cache either.)

SQLi on state election systems is probably to get the same data voter-data-brokers sell, but in bulk.

Nicholas Weaver August 29, 2016

It's likely that plenty of those records were obtained through semi-public sources, too: many states make this sort of information available to political campaigns, or advocacy groups. After the 191 million voting records were found online, Jim Gilliam, the CEO of NationBuilder, a company that provides records to various groups, said, “From what we've seen, the voter information included is already publicly available from each state government so no new or private information was released in this database.” (The 191 million records didn't come directly from NationBuilder, Gilliam wrote, although some of the information may have come from data the company has made available.)

 

continued at...

 

http://motherboard.v...buy-them-anyway



#43
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts
Dropbox hack 'affected 68 million users'


A Dropbox security breach in 2012 has affected more than 68 million account holders, according to security experts.


Last week, Dropbox reset all passwords that had remained unchanged since mid-2012 "as a preventive measure".


In 2012, Dropbox had said hacks on "other websites" had affected customers who used their Dropbox password on other sites too.


But now what purports to be the details of 68.6 million Dropbox accounts have emerged on hacker trading sites.


The 5GB document has been acquired by a Motherboard reporter, who also said it had been verified as genuine by a "senior Dropbox employee" speaking on the condition of anonymity.


The data includes email addresses and hashed passwords.


But security researcher Troy Hunt, who has also seen the document, said the hashing algorithm that obscured the passwords was "very resilient to cracking".


continued at...

http://www.bbc.co.uk...nology-37232635

#44
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

http://motherboard.v...r-a-credit-card

 

This Is How Easy It Is to Hack a Passport or a Credit Card

 

(with video)

 

Anything with a chip in it is vulnerable to attack. Your contactless credit card, your office key card, your passport—as more of our most valuable possessions get an electronic component, more opportunities open up to hackers.

 

In the third episode of Can I Hack It?, made possible by Mr Robot on Amazon Prime, we visit Adam Laurie, better known by his hacker name Major Malfunction.

Laurie specialises in hacking devices that use RFID, or radio frequency identification. He’s a white hat researcher who finds ways to hack into products in order to test their security, and he also runs the London chapter of the Defcon hacking community.

 

Laurie’s home isn’t exactly what you’d expect a hacker’s digs to look like: it’s a huge old house in the middle of the British countryside. Through a maze of corridors we reach his office, where he tinkers with everything from TV sets to new internet-of-things devices (when he’s not indulging his other hobby: guns).

 

continues at...

 

http://motherboard.v...r-a-credit-card



#45
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

A Sex Toy Lawsuit Highlights Privacy Concerns Around 'Smart' Dildos

 
Written by Joseph Cox Contributor

 

With the internet of things, previously innocuous devices have been rigged up to collect all sorts of data about their users—including sex toys. According to a recently filed US lawsuit, at least some people are unhappy with the privacy risk this could pose.

 

In the complaint, an unnamed plaintiff claims one “smart” sex toy collected identifiable details on her use of the device without her knowledge, and she is now seeking punitive damages. That data allegedly included details such as when the device was used, and what intensity setting the user selected.

 

Although this sort of data collection may come as a surprise to some, researchers have discovered that other similar devices are also pooling sensitive information, highlighting a looming privacy threat: What if the company is hacked, and those details are released? Even if the data is kept secure, some customers perhaps don’t want unknown employees to have access to a wealth of data on how they spend their most personal time.

 

continues at...

 

http://motherboard.v...nd-smart-dildos

 



#46
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts
Security Experts Agree: The NSA Was Hacked


Analysis of the software tools made available by the Shadow Brokers suggests that they’re the real deal.


by Jamie Condliffe August 18, 2016


It looks as if the NSA has indeed been hacked.


A group of hackers known as the Shadow Brokers is currently selling off cyber-spying tools, which it claims belong to the U.S. government, in an online auction. Now, analysis of software that the group made freely available to prove its legitimacy suggests that it’s authentic, and likely to belong to the National Security Agency.


The Shadow Brokers claimed that their initial public release of the software included tools that could be used to break into firewall systems from companies like Cisco Systems and Juniper Networks. Just days later, Cisco has urgently announced that it’s going to patch two vulnerabilities in its firewall systems, which may have been exploited since as early as 2013. Security experts had claimed that the espionage tools appeared to be old, but Cisco appears to be seeing some of them for the first time.


Meanwhile, Russian security firm Kaspersky has also been interrogating the software. It’s discovered unusual math in the code that’s been published so far, which it believes ties the software to the so-called Equation Group. Kaspersky identified the previously unknown Equation Group last year, and at the time Reuters claimed that it was the work of the U.S. National Security Agency. The same quirky mathematics seen in last year’s analysis is also present in the recently released code.


Ex-NSA employees have also told the Wall Street Journal that they believe the code published by the Shadow Brokers to be “authentic.”


These scraps of information raise the question of why the NSA had for years been sitting on vulnerabilities that affect widely used networking gear. They also suggest that the agency may have gone against White House policy on when it is reasonable to keep flaws secret.


The Cisco bugs were zero-day vulnerabilities, so called because they give the author of a piece of software zero days to identify and distribute a solution. Zero-days are valuable to criminals and spies because they can be used to break into systems undetected.


continues at...


https://www.technolo...nsa-was-hacked/

#47
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

 

A group of Chinese white hat hackers has found a way to hack a Tesla, hitting the brakes on it from 12 miles away.

 

Keen Team, a renowned security research team, announced the successful hack in a YouTube video late Monday night, announcing on Twitter that they had “pwned Tesla Model S remotely.”

 

“As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars,” the group wrote in a blog post. “We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected.”

 

In a statement, Tesla said that the company had pushed an update to fix the bugs exposed by Keen Team within 10 days of receiving their alert. The company also downplayed the real-world risk posed by this attack.

 

continues at...

 

http://motherboard.v...m-12-miles-away


  • wjfox likes this

#48
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts
Hacker-Proof Code Confirmed

Computer scientists can prove certain programs to be error-free with the same certainty that mathematicians prove theorems. The advances are being used to secure everything from unmanned drones to the internet.

 

ProgramVerification_BoyaSun_1K.jpg

 

By Kevin Hartnett

September 20, 2016

 

In the summer of 2015 a team of hackers attempted to take control of an unmanned military helicopter known as Little Bird. The helicopter, which is similar to the piloted version long-favored for U.S. special operations missions, was stationed at a Boeing facility in Arizona. The hackers had a head start: At the time they began the operation, they already had access to one part of the drone’s computer system. From there, all they needed to do was hack into Little Bird’s onboard flight-control computer, and the drone was theirs.

 

When the project started, a “Red Team” of hackers could have taken over the helicopter almost as easily as it could break into your home Wi-Fi. But in the intervening months, engineers from the Defense Advanced Research Projects Agency (DARPA) had implemented a new kind of security mechanism — a software system that couldn’t be commandeered. Key parts of Little Bird’s computer system were unhackable with existing technology, its code as trustworthy as a mathematical proof. Even though the Red Team was given six weeks with the drone and more access to its computing network than genuine bad actors could ever expect to attain, they failed to crack Little Bird’s defenses.

 

“They were not able to break out and disrupt the operation in any way,” said Kathleen Fisher, a professor of computer science at Tufts University and the founding program manager of the High-Assurance Cyber Military Systems (HACMS) project. “That result made all of DARPA stand up and say, oh my goodness, we can actually use this technology in systems we care about.”

 

The technology that repelled the hackers was a style of software programming known as formal verification. Unlike most computer code, which is written informally and evaluated based mainly on whether it works, formally verified software reads like a mathematical proof: Each statement follows logically from the preceding one. An entire program can be tested with the same certainty that mathematicians prove theorems.

 

“You’re writing down a mathematical formula that describes the program’s behavior and using some sort of proof checker that’s going to check the correctness of that statement,” said Bryan Parno, who does research on formal verification and security at Microsoft Research.

 

The aspiration to create formally verified software has existed nearly as long as the field of computer science. For a long time it seemed hopelessly out of reach, but advances over the past decade in so-called “formal methods” have inched the approach closer to mainstream practice. Today formal software verification is being explored in well-funded academic collaborations, the U.S. military and technology companies such as Microsoft and Amazon.

 

The interest occurs as an increasing number of vital social tasks are transacted online. Previously, when computers were isolated in homes and offices, programming bugs were merely inconvenient. Now those same small coding errors open massive security vulnerabilities on networked machines that allow anyone with the know-how free rein inside a computer system.

 

“Back in the 20th century, if a program had a bug, that was bad, the program might crash, so be it,” said Andrew Appel, professor of computer science at Princeton University and a leader in the program verification field. But in the 21st century, a bug could create “an avenue for hackers to take control of the program and steal all your data. It’s gone from being a bug that’s bad but tolerable to a vulnerability, which is much worse,” he said.

 

The Dream of Perfect Programs

 

In October 1973 Edsger Dijkstra came up with an idea for creating error-free code. While staying in a hotel at a conference, he found himself seized in the middle of the night by the idea of making programming more mathematical. As he explained in a later reflection, “With my brain burning, I left my bed at 2:30 a.m. and wrote for more than an hour.” That material served as the starting point for his seminal 1976 book, “A Discipline of Programming,” which, together with work by Tony Hoare (who, like Dijkstra, received the Turing Award, computer science’s highest honor), established a vision for incorporating proofs of correctness into how computer programs are written.

 

It’s not a vision that computer science followed, largely because for many years afterward it seemed impractical — if not impossible — to specify a program’s function using the rules of formal logic.

 

A formal specification is a way of defining what, exactly, a computer program does. And a formal verification is a way of proving beyond a doubt that a program’s code perfectly achieves that specification. To see how this works, imagine writing a computer program for a robot car that drives you to the grocery store. At the operational level, you’d define the moves the car has at its disposal to achieve the trip — it can turn left or right, brake or accelerate, turn on or off at either end of the trip. Your program, as it were, would be a compilation of those basic operations arranged in the appropriate order so that at the end, you arrived at the grocery store and not the airport.

 

The traditional, simple way to see if a program works is to test it. Coders submit their programs to a wide range of inputs (or unit tests) to ensure they behave as designed. If your program were an algorithm that routed a robot car, for example, you might test it between many different sets of points. This testing approach produces software that works correctly, most of the time, which is all we really need for most applications. But unit testing can’t guarantee that software will always work correctly because there’s no way to run a program through every conceivable input. Even if your driving algorithm works for every destination you test it against, there’s always the possibility that it will malfunction under some rare conditions — or “corner cases,” as they’re called — and open a security gap. In actual programs, these malfunctions could be as simple as a buffer overflow error, where a program copies a little more data than it should and overwrites a small piece of the computer’s memory. It’s a seemingly innocuous error that’s hard to eliminate and provides an opening for hackers to attack a system — a weak hinge that becomes the gateway to the castle.

 

“One flaw anywhere in your software, and that’s the security vulnerability. It’s hard to test every possible path of every possible input,” Parno said.

 

continues at...

 

https://www.quantama...ker-proof-code/


  • Infinite likes this

#49
Astralator

Astralator

    100 Billion Suns

  • Members
  • PipPipPipPip
  • 140 posts
  • LocationHamburg

Hacker-Proof Code Confirmed

Computer scientists can prove certain programs to be error-free with the same certainty that mathematicians prove theorems. The advances are being used to secure everything from unmanned drones to the internet.

 

By Kevin Hartnett

September 20, 2016

 

In the summer of 2015 a team of hackers attempted to take control of an unmanned military helicopter known as Little Bird. The helicopter, which is similar to the piloted version long-favored for U.S. special operations missions, was stationed at a Boeing facility in Arizona. The hackers had a head start: At the time they began the operation, they already had access to one part of the drone’s computer system. From there, all they needed to do was hack into Little Bird’s onboard flight-control computer, and the drone was theirs.

 

When the project started, a “Red Team” of hackers could have taken over the helicopter almost as easily as it could break into your home Wi-Fi. But in the intervening months, engineers from the Defense Advanced Research Projects Agency (DARPA) had implemented a new kind of security mechanism — a software system that couldn’t be commandeered. Key parts of Little Bird’s computer system were unhackable with existing technology, its code as trustworthy as a mathematical proof. Even though the Red Team was given six weeks with the drone and more access to its computing network than genuine bad actors could ever expect to attain, they failed to crack Little Bird’s defenses.

 

“They were not able to break out and disrupt the operation in any way,” said Kathleen Fisher, a professor of computer science at Tufts University and the founding program manager of the High-Assurance Cyber Military Systems (HACMS) project. “That result made all of DARPA stand up and say, oh my goodness, we can actually use this technology in systems we care about.”

 

The technology that repelled the hackers was a style of software programming known as formal verification. Unlike most computer code, which is written informally and evaluated based mainly on whether it works, formally verified software reads like a mathematical proof: Each statement follows logically from the preceding one. An entire program can be tested with the same certainty that mathematicians prove theorems.

 

 

continues at...

 

https://www.quantama...ker-proof-code/

 

 

Now this is exciting/interesting news. In combination with quantum cryptography this might actually lead to a future that is more secure -

which again means that the two biggest security risks are laziness by the developer and naivety of the user.


Playing God is actually the highest expression of human nature. The urges to improve ourselves, to master our environment, [...] have been the fundamental driving forces of all of human history. Without these urges to ‘play God’, the world as we know it wouldn’t exist today.” - Ramez Naam


#50
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

There may be ways around this.  A few come to mind off the top of my head which should work for systems like the internet, but their application may be limited for remote systems like drones. 



#51
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts
iOS 10 Has a 'Severe' Security Flaw, Says iPhone-Cracking Company

 

September 23, 2016 // 04:08 PM EST

 

Apple has introduced a “severe” flaw in its newly-released iOS 10 operating system that leaves backup data vulnerable to password-cracking tools, according to researchers at a smartphone forensics company that specializes in unlocking iPhones.

 

In a blog post published Friday by Elcomsoft, a Russian company that makes software to help law enforcement agencies access data from mobile devices, researcher Oleg Afonin showed that changes in the way local backup files are protected in iOS 10 has left backups dramatically more susceptible to password-cracking attempts than those produced by previous versions of Apple’s operating system.

 

Specifically, the company found that iOS 10 backups saved locally to a computer via iTunes allow password-cracking tools to try different password combinations at a rate of 6,000,000 attempts per second, more than 40 times faster than with backups created by iOS 9. Elcomsoft says this is due to Apple implementing a weaker password verification method than the one protecting backup data in previous versions. That means that cops and tech-savvy criminals could much more quickly and easily gain access to data from locally-stored iOS 10 backups than those produced by older versions.

 

continues at...

 

https://motherboard....cking-company-1



#52
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

Hack This: Catching Up with Hack This

 

September 25, 2016 // 11:00 AM EST

 

Hack This has been started and restarted a few times in through Motherboard history. The first batch of columns was written in 2011, when I didn't really know shit about shit. Nowadays, I'm a computer science grad student, which is pretty weird.

 

The Hack This idea is to write tutorials on doing technical things that can be digested by pretty much anyone, about a wide range of topics and at varying depths. It's hard to get the right balance, and, left to my own devices, I err on the side of detail and length. Which is fine sometimes, but it winds up excluding whole galaxies of bite-sized one-weird-trick how-tos, which are fun and useful. They're also sort of implied by the Hack This name, right? In any case, mixing it up is a goal going forward, and I would love to hear your suggestions for topics. What do you want to know?

 

Get at me at michael dot byrne at vice dot com, or @everydayelk.

 

The story so far:

 

Hack This: Programming with the Twitter Firehose

 

continuess at...

 

http://motherboard.v...his-catching-up



#53
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts
A critical vulnerability resides in the fully-patched version of the Mozilla's Firefox browser that could allow well-resourced attackers to launch man-in-the-middle (MITM) impersonation attacks and also affects the Tor anonymity network.

The Tor Project patched the issue in the browser's HTTPS certificate pinning system on Friday with the release of its Tor Browser version 6.0.5, while Mozilla still has to patch the critical flaw in Firefox.
 

Attackers can deliver Fake Tor and Firefox Add-on Updates
The vulnerability could allow a man-in-the-middle attacker who is able to obtain a forged certificate for addons.mozilla.org to impersonate Mozilla servers and as a result, deliver a malicious update for NoScript, HTTPS Everywhere or other Firefox extensions installed on a targeted computer.
"This could lead to arbitrary code execution [vulnerability]," Tor officials warned in an advisory. "Moreover, other built-in certificate pinnings are affected as well."

Although it would be challenging to obtain a fraudulent certificate for addons.mozilla.org from any one of several hundred Firefox-trusted certificate authorities (CAs), it is within reach of powerful nation states attackers.

The vulnerability was initially discovered Tuesday by a security expert that goes by the name of @movrcx, who described the attacks against Tor, estimating attackers would need US$100,000 to launch the multi-platform attacks.

Actual Issue resides in Firefox's Certificate Pinning Procedure
However, according to a report posted Thursday by independent security researcher Ryan Duff, this issue also affects Firefox stable versions, although a nightly build version rolled out on September 4 is not susceptible.
 

Duff said the actual problem resides in Firefox's custom method for handling "Certificate Pinning," which is different from the IETF-approved HPKP (HTTP Public Key Pinning) standard.
 
continued at...
 


#54
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

Here’s a Live Map of the Mirai Malware Infecting the World

 
Written by Joseph Cox Contributor

 

October 3, 2016 // 01:43 PM EST

 

Last weekend, a hacker publicly released the code of “Mirai”, the piece of Internet of Things malware that was used to create some of the most powerful botnets ever. Those botnets fired record breaking attacks at well-known security journalist Brian Krebs’s site, as well as a popular server provider company.

 

Naturally, this is a notable event for security researchers. But with one tool, ordinary, non-technical citizens can watch the malware spread too.

On Monday, the security researcher known as MalwareTech released a map showing, in real-time, infections of Mirai across the world.

 

As MalwareTech explains in a blog post, the scanner uses hundreds of custom servers designed to emulate vulnerable internet of things devices. These act as honeypots, and report when someone, somewhere, tries to hack them.

 

“It’s a stream from the sensors; as soon as you connect it will notify you of each hit,” MalwareTech told Motherboard in a Twitter message.

Serbia, China, Brazil, Russia, India, Pakistan: the list of affected countries goes on and on, as this capture of the map shows:

 

 

continues at...

 

https://motherboard....cting-the-world



#55
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

double



#56
Unity

Unity

    Information Organism

  • Members
  • PipPipPipPipPipPipPipPip
  • 2,477 posts

The Internet of Things Sucks So Bad Even ‘Amateurish’ Malware Is Enough

1426537898417487.jpg?resize=300:*&output
Written by Lorenzo Franceschi-Bicchierai Staff Writer
  •  

 

October 3, 2016 // 02:40 PM EST

 

Over the last few weeks, unknown hackers have launched some of the largest cyberattacks the internet has ever seen. These attacks weren’t notable just by their unprecedented size and power, but also because they were powered by a large zombie army of hacked cameras and other devices that fit into the category of Internet of Things, or IoT.

 

On Friday, the hacker who claims to have created the malware that was powering this massive “Botnet Of Things” published its source code, which appears to be legitimate.

 

“It looks like this release is the real deal,” according to Marshal Webb, the chief technology officer of BackConnect, an anti-DDoS firm, who has been collecting samples of the malware in the last few weeks.

However legitimate, the malicious code isn’t actually that sophisticated, according to security researchers who have been studying it.

 

Read more: The Internet of Things Will Turn Large-Scale Hacks into Real World Disasters

 

“Whoever originally wrote it clearly put some thought into it. Like, it’s better than most of the shit out there hitting IoT,” Darren Martyn, a security researcher who has been analyzing the malware told Motherboard in an online chat. “[But] it’s still fairly amateurish.”

 

continues at...

 

https://motherboard....ware-mirai-ddos



#57
Yuli Ban

Yuli Ban

    Born Again Singularitarian

  • Moderators
  • PipPipPipPipPipPipPipPipPipPipPip
  • 20,318 posts
  • LocationNew Orleans, LA

CIA Hacking Tools Revealed

Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities.
By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

C6U03BkVMAAMfbn.jpg


  • Mike the average and nomad like this

And remember my friend, future events such as these will affect you in the future.


#58
caltrek

caltrek

    Member

  • Members
  • PipPipPipPipPipPipPipPipPipPip
  • 9,215 posts

Reference to this was also in the link provided in the opening post, but I thought I would use this article to post further items of interest.

 

WikiLeaks Releases Documents It Says Show CIA Hacking Methods

 

http://www.upi.com/T.../8081488902927/

 

Extract:

 

One program code-named Weeping Angel was allegedly able to use Samsung smart televisions as covert listening devices.

 

(Samsung) provided the following disclaimer with the TVs at one time: "Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition."

 

But in an amended policy Samsung said conversations were not being transmitted to a company data center and users can turn off the interactive commands.

 

WikiLeaks said the CIA could do more than spying.

 

"It would permit the CIA to engage in nearly undetectable assassinations," the release stated.

WikiLeaks-releases-documents-it-says-sho

 

The logo of the CIA is seen during a visit of U.S President Donald Trump the CIA headquarters January 21 in Langley, Virginia.

 Pool photo by Olivier Douliery/UPI 

| License Photo

The principles of justice define an appropriate path between dogmatism and intolerance on the one side, and a reductionism which regards religion and morality as mere preferences on the other.   - John Rawls


#59
BasilBerylium

BasilBerylium

    Banned

  • Banned
  • PipPipPipPipPipPip
  • 734 posts

Good tags


This website has a magic that makes people draw back here like moths to light.


#60
nomad

nomad

    The Darkness

  • Validating
  • PipPipPipPipPipPip
  • 548 posts

I can't believe people don't get more excited about this. It's a planefull of bombshells!


Cats.






Also tagged with one or more of these keywords: CIA, hacking, hacker, NSA, surveillance, spyware, cyberwarfare, cyberattack, cyber, cyberterrorism

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users