back to article Spies do spying, part 97: Shock horror as CIA turn phones, TVs, computers into surveillance bugs

WikiLeaks has dumped online what appears to be a trove of CIA documents outlining the American murder-snoops' ability to spy on people. The leaked files describe security exploits used to compromise vulnerable Android handhelds, Apple iPhones, Samsung TVs, Windows PCs, Macs, and other devices, to read messages, listen in via …

  1. vir

    I Wonder...

    If this will give manufacturers an incentive to take security of their devices seriously?

    Ahahahahahaha...couldn't say that with a straight face.

    1. NoneSuch Silver badge
      FAIL

      Re: I Wonder...

      Next will come pass keys so the cops can walk through your house whenever they want "just to make sure everything is OK."

      1. John Smith 19 Gold badge
        Unhappy

        "Next will come pass keys so the cops can walk through your house whenever they want"

        Nice analogy.

        Simple enough that most people would actually get a clue "This is not a good idea."

    2. Anonymous Coward
      Anonymous Coward

      Re: I Wonder...

      Well the Great Cyber War will learn everyone quick unless it happens in the next four years in which case millions of years from now only our plastic will be here to tell the tale.

    3. tr1ck5t3r

      Re: I Wonder...

      Fuck the lot of them, the easiest thing is to just roll over and die and then those ruling elite cunts cant farm you, its been going on since before Roman times. Divide and conquer ad infinitum.

      Then what will they do. Keep paying out benefits for the stupid to keep breeding.

    4. JimboSmith Silver badge

      Re: I Wonder...

      Seems to me that products where the battery can't be removed should be avoided if you're concerned about this. Most people won't care.

  2. Boris the Cockroach Silver badge
    Big Brother

    OMG!

    the government is spying on you

    Quick rip out the internet and smash your smart TV....... after you've downloaded a box set of 'the walking dead' and saved tonight's football on the tivo.....

    Mind you , one misplaced IP address and the CIA etc are listening to a 4 month old baby sleeping instead of the Russian 2nd trade secretary bonking an MPs typist.....

    All bought to you via some need to have everything connected to the internet whether its needs to be or not

    1. tr1ck5t3r
      Trollface

      Re: OMG!

      If you look at the reference in the wiki leaks article https://wikileaks.org/ciav7p1/ and note the reference to Weeping Angels, then look at the wiki reference for Weeping Angels https://en.wikipedia.org/wiki/Weeping_Angel

      It indicates a level of planning and tie up between the UK & US, both military/law enforcement as well as organisations like the script writers involved in the Dr Who series.

      Do you think these things are just co-incidences? So for your next challenge try and spot what other organisations or entities are also tied in with this planning and execution, and does it spread beyond the UK & US regions, to perhaps the 5 eyes region or even further?

      So many possibilities, but not enough data....

      1. MacroRodent Silver badge

        Don't close your eyes!

        No coincidence, but not necessarily a US+UK collusion either. Most hackers are science fiction fans. "Weeping angel" is actually an apt name for something that looks like an inert everyday object, but is actively listening.

        1. phuzz Silver badge

          Re: Don't close your eyes!

          I guess the strongest evidence of US/UK collusion would be the line:

          "Accomplishments during joint workshop with MI5/BTSS (week of Jun 16, 2014)" (from here).

          How lovely, they have spies-own hackathons where they work out how to spy on us with our tellys.

    2. getHandle

      Re: OMG!

      Incredible really, given my Samsung TV can't even do a software update in the background when it's turned on!! I'd be happy for them to listen to my kids argue about minecraft videos if they could make Sammy's crappy software a bit better while they're there...

  3. Hollerithevo

    And they all laughed...

    When I put electrician's tape over my camera lenses and unplugged by PC and TV at the wall, and used a pre-GPRS mobile, they all laughed. Ha! Who has the last laugh now, spied-on dupes?!? Answer me that!! Ha ha ha ha!

    --the one in the tin-foil hat, utterly vindicated

    1. rsole

      Re: And they all laughed...

      Just wondering how you managed to post this, considering you are disconnected?

      1. CrazyOldCatMan Silver badge
        Alien

        Re: And they all laughed...

        Just wondering how you managed to post this, considering you are disconnected?

        Alien lizard special mind powers. It's *always* alien lizard special mind powers..

    2. Anonymous Coward
      Anonymous Coward

      @Hollerithevo

      "Ha! Who has the last laugh now, spied-on dupes?!? Answer me that!!"

      The government. Because you obviously have something to hide which is highly suspicious. Just to be on the safe side I would recommend ignoring any possible (legit) lottery offers which suddenly declare you the winner of a free vacation to Cuba :P

      1. Anonymous Coward
        Anonymous Coward

        Re: @Hollerithevo

        Plus be sure you got ALL the cameras, including the secret pinhole camera concealed in the bevel of your screen.

    3. Mage Silver badge
      Facepalm

      Re: And they all laughed...

      There is nothing to see here, this is all oldschool stuff. If you have a specific target and get physical access, it's always been "game over". You don't even need CIA tools.

  4. Anonymous Coward
    Anonymous Coward

    WOW ! who'd have thought..

  5. The_Idiot

    So the secret people...

    ... who can't keep their own 'secrets', um, secret, want 'backdoors' into everything so they can make sure they don't keep _our_ secrets?

    Because, obviously, those backdoors will _never_ be leaked, right? Er... right?

    Sigh...

  6. Anonymous Coward
    Big Brother

    Don't laugh, one day you might disagree with your Government then the Eye of Sauron will be swivelled in your direction. Ever hear of the Tolpuddle Martyrs or the Peterloo Massacre ?

    Nothing to hide and plenty to fear.

    Anyone know where I can rent or buy a lead lined cave ?

    1. Anonymous Coward
      Facepalm

      Anyone know where I can rent or buy a lead lined cave ?

      Zoopla or Rightmove?

      No, wait. Big Brother saw you searching for that. Now you're a "person of interest".

    2. Flywheel Silver badge

      "one day you might disagree with your Government"

      Oh, but I do! And how many of us have sat watching TV and swearing at the witless politicians that allegedly run our country? I'm sure if the idiots were told that if our TVs were bugged we could be sued for slander at some stage.

      Mind you, we watch endless reruns of Murder She Wrote, so I have nothing to hide...

  7. Anonymous Coward
    Alien

    Makes you wonder

    What ELSE have they done that the tinfoil hatters said they were doing?

    False flag email hacks? Wiretapping Trump?

    Assassinations, drug/gun/human trafficking, gruesome experiments on unsuspecting citizens?

    Methinks we're about to find out.

    1. DropBear
      Trollface

      Re: Makes you wonder

      Oooh! Oooh! I know! Can we do HAARP next, please...?

  8. i1ya
    Linux

    While it was nice to see no mention of Linux here...

    1) ...but the original article mentions Linux too

    2) most interesting part for me in related HN thread was that CIA had to tag all this cyber-weaponry as "declassified" because otherwise the person who deploys it on hacked systems should be prosecuted

    1. Anonymous Coward
      Anonymous Coward

      Re: While it was nice to see no mention of Linux here...

      They do have Linux hacks.

    2. LegalAlien

      Re: While it was nice to see no mention of Linux here...

      Except for the detailed document showing the linux kernel hacked in the Samsung F8000 tv set, and used as 'FalseOff' to enable camera and microphone while appearing to be off...

    3. John Sanders
      Linux

      Re: While it was nice to see no mention of Linux here...

      This is because they need to "get into it" first.

      Not as trivial as with another OS that can't be audited.

      Not saying Linux is perfect or unhackable but it is a tad more difficult to get into Linux servers if they are configured correctly.

      The more savvy and seasoned the user, the hardest to hack.

      But all of this is moot if the state is after you.

      They will apprehend you at your door, bash the hell out of you, get your keys and passwords and simply plant whatever evidence they want on your computer.

      And you my dear friends will never know and will hate me once the press writes the corresponding kill piece and the BBC declares me enemy of the people.

      1. Anonymous Coward
        Anonymous Coward

        Re: While it was nice to see no mention of Linux here...

        "They will apprehend you at your door, bash the hell out of you, get your keys and passwords and simply plant whatever evidence they want on your computer." As some Police officers do already, arrest on sus, take your keys and using 'cain & able' spoof the date and insert something that will get you jail time...

  9. This post has been deleted by its author

  10. Anonymous Coward
    Anonymous Coward

    Security axioms:

    1. If it has an antenna, it can be compromised.

    2. If it has an internet connection, it is likely compromised.

    3. If it has a microphone, it may be listening.

    4. If it has a camera, it may be recording or imaging.

    5. If it has a GPS, WiFi, or maybe Bluetooth it is tracking your location.

    6. 'Off' may well be 'On'.

    7. If it is stored in the cloud, someone else has it.

    8. No cloud encryption can be trusted.

    9. Two factor authentication with a compromised device is compromised.

    10. Encryption with a compromised device is compromised everywhere.

    11. Anything that can reach an open or weakly encrypted WiFi should be presumed to be on the internet.

    12. If it is backed up to the cloud, someone else has it.

    13. Most things new and electronic have an antenna.

    14. Connected cars are on the internet.

    15. Insurance dongles for cars are an open attack vector.

    16. An air gap is not enough.

    17. Almost all browsers can be de-anonymized.

    18. Using WiFi without a VPN tunnel leaves you open to a bunch of attacks.

    19. Most operating systems are either vulnerable or pre-compromised with respect to privacy by their creator.

    20. Most browsers leak data to creators and third parties.

    Clearly you could list quite a few more.

    1. Anonymous Coward
      Anonymous Coward

      "3. If it has a microphone, it may be listening."

      If it has a speaker - it may be using that as a microphone.

      1. Adrian 4 Silver badge

        "If it has a speaker - it may be using that as a microphone."

        Or an accelerometer.

        Or a pressure sensor. Which might be described as an altimeter.

        1. Neil Barnes Silver badge

          Um, seems unlikely...

          A moving coil speaker being used as a microphone only registers pressure waves, within its frequency response. To be sure it's can't tell the difference between high frequency acceleration that's both changing direction 180 degrees very rapidly and is also axial to the speaker coil, but that I would argue is a very rare situation. No use for integrating acceleration to give speed and integrating that to give position - apart from anything else, it lacks two necessary axes.

          As a side issue, while a speaker *can* be used as a microphone, the usual setup in a digital audio system is microphone -> preamp -> ADC -> digits -> DAC -> amplifier -> speaker. The whole point of the microphone idea is that you need access to the speaker wires where the microphone goes in. Unless the whole of the audio interface industry for PCs (and generic systems: phones, TVs, IoT crap etc) has been designed with an undocumented link from the post-amp back to the preamp, it seems difficult to assume that this is a likely option.

          Which is not to say that it's not impossible, but I suspect that it needs either global interference with the chipsets, or one-off specialist adaptation (e.g. four resistors or so adding, and some code changes).

          1. This post has been deleted by its author

    2. Adam 1

      21. Your secret master key escrow backdoored encryption will be compromised. Don't worry though, it'll only be all encrypted information that's at risk.

      1. GrapeBunch

        22. Writing things on the backs of envelopes is fairly secure. If you are a physician, it is 99% secure. Only a pharmacist will be able to decrypt it.

    3. John Smith 19 Gold badge
      Unhappy

      "16. An air gap is not enough."

      Comment from security source in "Zero days."

      "There is no such thing as an air gap."

    4. Anonymous Coward
      Anonymous Coward

      Why not just sum it up as, "If someone wants it badly enough, neither God, Man, nor the Devil will save you. Don't trust anyone, not even yourself (you could be under subconscious compulsion). Either just go on living with no secrets or kill yourself."?

  11. This post has been deleted by its author

    1. amanfromMars 1 Silver badge

      Re: Spy agency spies and gives IT the Full Monty Spam Spam Spam Python

      Hi, Bandikoto,

      But who and/or what individually benefits is always the money shot question to be answered for clarity of purpose and transparency of covert and clandestine mission, for surely all common or garden spies/semi-autonomous agents and professional Walter Mitty types always follow orders and report to others.

      Is the answer in the clue that has one following the money to identify the base raw source of current woes and future tribulations, or are you likely to find heavenly hosts and the holy grail which rewards with bounty that know no bounds?

      Be they both one and the same at all times and a curse that has no rhyme or reason to exist, other than to torment the ignorant masses for the enrichment of an arrogant few with systems easily crashed with news of secrets and news of new secrets yet to come?

      Questions, questions, questions …… and all have answers if you have a fervent desire and rabid need to know. And how strange that so little is asked of vital matters in favour of delivering viral opinions for media to plug as hard enough fact to be spread as news rather than proclaim as just the work of penny dreadful fiction and fantasist spam for the masses which just truly benefits a troubled and troublesome few, who be not a few chosen.

  12. Tikimon

    Tinfoil Hat or Human Nature?

    For many years before Snowden I've been predicting this. The usual response was to label me a conspiracy-freak crazy and dismiss me with "why would the government want to spy on my phone/web surfing/e-mail/TV/etc.?"

    My answer was simple. Because They Can. Add in a profit or means to control others and it becomes inevitable and imminent. There is always one or a few who will do anything, no matter how onerous or horrible. If ten thousand people recoil in horror before a prospective action, the ten thousand and first will happily do it. You won't sell phone-hacking software to oppressive governments? Okay, but Cellebrite will.

    So moving on, apply this simple question: can it be done? If the answer is Yes, someone is already doing it. Wikileaks et. al. only provide confirmation.

    1. Anonymous Coward
      Anonymous Coward

      Re: Tinfoil Hat or Human Nature?

      "The usual response was to label me a conspiracy-freak crazy and dismiss me"

      Those who exhibit such a response may find themselves on the wrong side of natural selection before long.

    2. DropBear
      Facepalm

      Re: Tinfoil Hat or Human Nature?

      To be sure, the usual response still is to label people a conspiracy-freak crazy - not sure whether people simply haven't heard of a specific leak (trust me, still plenty would go "huh?" if asked who Snowden is...), are they shell-shocked into numbness and denial by the deluge of leaks of late, or simply bury their heads into the sand with the attitude that nobody they know ever suffered any direct consequence of any of this so it clearly doesn't matter. But regardless of which of these they go with, in my experience people outside IT _still_ call anyone crazy who wastes even a second of their time with any such "nonsense" *.

      * I'm still utterly stumped trying to explain to anyone why I prefer not using phonebook-slurping malware like WhatsApp and its ilk. "I'm using it and I'm fine, you freak!"

    3. Swarthy Silver badge
      WTF?

      Re: Tinfoil Hat or Human Nature?

      "The usual response was to label me a conspiracy-freak crazy and dismiss me"

      Even better, those that dismissed you a few years ago, now say "You knew it all along. Why are you complaining now? Get over it!"

  13. Anonymous Coward
    Anonymous Coward

    How do they pay for it all?

    I like paying taxes in this fascist State!

  14. Anonymous Coward
    Anonymous Coward

    What's next? These corporations are already in bed with them giving them access? Could this be to throw people off the truth? Are they already doing it?

    I await with anticipation wearing my obligatory tin foil hat and a pair of y-fronts eating a scotch egg.

  15. Palpy

    If a nation-state agency wants you --

    -- then they will get you.

    To me, naive fule that I are, it seems that running a write-protected thumb-drive OS configured to use a VPN into TOR -- of course using a no-JavaScript browser, Disconnect or similar plug-in, etc -- might be current best practice for staying unnoticed. (Going from your ISP into a VPN is less attention-getting than going directly to TOR, I believe.)

    (No, I don't mean all the time, just when you want privacy for whatever reason.)

    But if you make yourself interesting to a nation-state agency, then your privacy becomes much more fragile. Again, IMHO. So in my playbook, as it currently stands, the prime directive is do not be interesting in the first place.

    No, I do not like the idea of the CIA (NSA, et al) capturing my regular surfing. But my web use is pretty much in the middle of the Internet bell curve, I think. Nothing to see there, quite boring really. If I were to wish to browse to more attention-catching sites, then I might use a more secure and anonymous system.

    But of course that's all just talk on my part. I do not merely seem boring, I really am boring.

    1. Adam 1

      Re: If a nation-state agency wants you --

      > do not be interesting in the first place.

      So your argument is that your obscurity provides your security. Let me know how that works out for you....

      1. Palpy

        Re: @ Adam1

        "So your argument is that your obscurity provides your security."

        Only sorta. And not very sorta at that.

        If I were relying on obscurity I would not bother with a read-only OS like TAILS or TENS or Kodachi -- that's one step toward not getting hacked. If I were relying on obscurity, I would not bother with VPN+TOR+privacy plugins -- those are steps toward maintaining anonymity.

        My point is, if you become interesting to the big boys, then they will go as far as they need to go. Your home may have been your castle in 1920, but nowadays they will break in and mod your PC for you while you are out quaffing a cold one. If that's what they think they need to do. And of course they have many, many other options before the physical break-in.

        Wear a mask. But when you need to take the mask off -- and you will, often -- that's when you must be boring and obscure.

        1. Adam 1

          Re: @ Adam1

          Sorry. I misread your comment as don't bother with VPN or tor because that makes you interesting

    2. Anonymous Coward
      Anonymous Coward

      Re: If a nation-state agency wants you --

      I watch paint drying videos everyday.

      Not sure if I'm on their to-watch list or insane list.

    3. Anonymous Coward
      Anonymous Coward

      Re: If a nation-state agency wants you --

      "To me, naive fule that I are, it seems that running a write-protected thumb-drive OS configured to use a VPN into TOR -- of course using a no-JavaScript browser, Disconnect or similar plug-in, etc -- might be current best practice for staying unnoticed. (Going from your ISP into a VPN is less attention-getting than going directly to TOR, I believe.)"

      Except you forgot about the secrets in your hardware, probably embedded into your Ethernet/WiFi controller chip where you can't avoid it.

  16. IHateWearingATie
    Black Helicopters

    Assange to Snowden:

    "Ha - in your face. I got more secret CIA documents than you now! Who's the daddy? Who's the daddy??"

    Snowdon to Assange

    "Whatever, I'm off skiing later. Enjoy your dingy room...."

  17. Mark 85 Silver badge

    No Surprises...

    Just confirmation (more or less depending on your view of Wikileaks) of what most of us have suspected for a long time.

    Damnitall anyhow!!!!! 1984 was a work of fiction and not a frikkin' instruction manual.

    No tinfoil hat here... I'll just go hide out in the bunker with some excellent adult beverages and try to ignore the world for a while.

  18. Anonymous Coward
    Boffin

    "massive budgetary spend on duplicating the capacities of a rival agency could be justified"

    HAHAHAHAHAHAHA!!!...Ooooh, excuse me (chuckle)...that was a good one.(heh)....Someone clearly doesn't understand how Washington DC works...(hehe)

  19. Anonymous Coward
    Joke

    In CIA Russia...

    TV watches you!!

    1. Adam 1

      Re: In CIA Russia...

      In Soviet Russia, you listen to your TV.

    2. Anonymous Coward
      Anonymous Coward

      Re: In CIA Russia...

      Smartphone uses you.

      oh look a new ads!

  20. Anonymous Coward
    Angel

    what makes WikiLeaks so certain ..

    ... that these tools were written by CIA?

    It's the sharing economy. TLA's can share too.

    I am betting that this stuff was written at NSA, not CIA. CIA is just using them.

  21. dm_dv
    Mushroom

    None of you...

    None of you get it?

    Seriously? Everything has a back-door by it's creator??? Rubbish!

    An you guys call yourself computer user's? Programmers even?

    This is a standards war, the argument here is for encryption & privacy as your civil right!

    What Snowden leaked was enlightening to say the least, it concerns Micro kernels and Micro-code not Monolithic Kernels filled with C++ that do things differently, like co-exist as two Operating Systems on your Telephone as L4 from the American National Standards Institute (ANSI).

    The US forces companies to comply with the Communications Assistance for Law Enforcement Act (CALEA) is a United States wiretapping law passed in 1994, during the presidency of Bill Clinton. However they have attacked the security of there own operating system's and have been caught lying about it bare faced repeatedly. The ANSI Standards happens to be a secure standard, they've just been too busy squeezing there own math's department for back-door's to keep all the evil doers away, only to discover the agencies that do the most evil are there own.

    As to what it record's... Everything..

    So hackers are doing the only thing they can, helping spread the C standard everywhere, liberate your mind, your brain along with the Go code's will follow.

    Upgrade cryptography, include Galois Counter mode's with better padding and more Pi-P and S-Boxes and make encryption Ubiquitous!

    If a creator makes a back-door that's micro-code in size and hides it in your "compiler" or even on inside embedded chips as proposed by Professor Ken Thompsons paper "Reflections of Trusting Trust" how would you even know the back-door (trap-door) was there?

    You might suspect it exists, but finding out about it would prove difficult, but easily detectable if your every single device connection was slowly being sucked into a giant social & advertising network like Google via Google android!

    1. Palpy

      Re: None of you... Not me. Not me.

      I don't get it. Not smart enough by half.

      But. I do know that the Intel Management Engine is proprietary code which runs before the BIOS, is always running, and which has unrestricted access to the host. We dunno what's in there. I believe AMD and other chipsters have similar code. From x86 considered harmful:

      "There is another problem associated with Intel ME: namely it is just a perfect infrastructure for implanting targeted, extremely hard (or even impossible) to detect rootkits (targeting 'the usual suspects'). This can be done even today, i.e. before the industry moved all the application logic to the ME, as theorized above. It can be done even against users who decided to run open, trustworthy OS on their platforms, an OS and apps that never delegate any tasks to the ME. Even then, all the user data could be trivially stolen by the ME, given its superpowers on the x86 platform."

      So yes, there could be a backdoor in every modern PC regardless of OS, regardless of BIOS, regardless of sandboxes and hypervisors.

      If that is true, then the CIA and NSA are strewing red herrings all over the place with regard to hacking tools. I am not sure that's the case.

      1. dm_dv
        Devil

        Re: None of you... Not me. Not me.

        If that is true, then the CIA and NSA are strewing red herrings all over the place with regard to hacking tools.

        Ah now you are one of the Enlightened!

        Please see "security in Plan 9" an over-view by Russ Cox - it is a highly complex scientific research OS - based on the more Unix than Unix philosophy!

        No, it does not intentionally include back-doors and as far as restrictive goes, it gives you "the end user" fine grained access control over your whole filing system, everything is a file.

        Networking work's completely differently, no viruses, no firewall and encryption is "supposedly" easy to audit!

      2. This post has been deleted by its author

        1. Palpy

          @ pccobbler: I think we speak of different things??

          Or maybe different aspects of the same thing?

          My understanding is that the Intel Management Engine is not an optional download, it is an integral part of modern Intel chipsets. There is an extension -- the Management Engine Bios Extension -- which is open to user configuration. But not the ME itself.

          If I understand what I've read, if you run an Intel machine of recent vintage then the ME is running. It runs whether you use Windows, BSD, Minix, Solaris, or anything else -- because it boots first and is necessary to initialize system clocks and hardware. As well as other critical functions.

          Igor Skochinsky: "Intel Management Engine ('ME') is a dedicated microcontroller embedded in all recent Intel motherboard chipsets. It works independently from the main CPU, can be active even when the rest of the system is powered off, and has a dedicated connection to the network interface for out-of-band networking which bypasses the main CPU and the installed OS."

          From a page in the Libreboot project:

          "ME firmware versions 6.0 and later, which are found on all systems with an Intel Core i3/i5/i7 CPU and a PCH, include 'ME Ignition' firmware that performs some hardware initialization and power management. ... Due to the signature verification, developing free replacement firmware for the ME is basically impossible. The only entity capable of replacing the ME firmware is Intel. ... In summary, the Intel Management Engine and its applications are a backdoor with total access to and control over the rest of the PC. The ME is a threat to freedom, security, and privacy, and the libreboot project strongly recommends avoiding it entirely. Since recent versions of it can't be removed, this means avoiding all recent generations of Intel hardware. " (Emphasis in the original.)

          I know I'm running on about this, but it's quite interesting to my tiny mind.

          It would seem that if NSA / CIA had prevailed upon Intel to put a backdoor in the ME, then many of these leaked hacking tools and techniques are unnecessary. If there were a backdoor, then any Intel machine could be taken over by sending a special instruction to the ME (which has not only its own microcontroller and kernel but its own networking stack, and complete access to the machine's memory and peripherals as well).

          So my first guess is that the ME is not thus backdoored. Because I don't think the NSA / CIA are subtle enough to create and then leak 8700 docs with hacking info. Nor are they crazy enough to release info on device hacking and antivirus amelioration, info which may be quite useful to CIA's advarsaries, whether criminal or nation-state actors.

          1. Anonymous Coward
            Anonymous Coward

            Re: @ pccobbler: I think we speak of different things??

            "So my first guess is that the ME is not thus backdoored. Because I don't think the NSA / CIA are subtle enough to create and then leak 8700 docs with hacking info. Nor are they crazy enough to release info on device hacking and antivirus amelioration, info which may be quite useful to CIA's advarsaries, whether criminal or nation-state actors."

            Except, given that both the CIA and Intel are American, who else could exert enough sovereign pressure to make Intel release a signed spy malware complete with encryption keys so nothing leaves the network stack in any obvious way? The Management Engine runs black-boxed like a good crypto-system, after all. How will anyone be able to know where anything is going, especially if like a smart module it piggybacks on existing traffic instead and uses a different kind of system that doesn't rely on specific destination addresses? It's practically perfect plausible deniability, and only an American sovereign authority can put that kind of pressure on an American firm like Intel.

          2. amanfromMars 1 Silver badge

            @ Palpy Re: @ pccobbler: I think we speak of different things??

            Thanks for all of the juicy inside intel released in that post of yours, Palpy.

            What it reveals to those who would see and foresee the Bigger Pictures in Greater IntelAIgent GamesPlays is more than just extremely helpful whenever able to be enabled and devastatingly subversive.

            Intel Management Engineers may be more incandescent with rage and helplessly furious, though, if they be of the opinion that such remote invisible tailored access operations into multiple systems should be only an exclusive elite executive tool rather than readily available feature to deep and dark shadowy web programmers for Base Source Projects.

            I would also not disagree with you about the NSA/CIA being like headless chickens in such fields as they are not in anyway suitably equipped to deal with. But then pearls before swine would be considered a gratuitous waste in any time zone or field in space.

            The more the Great Game changes IT, the more Sublime InterNetworking Things stay the same with New Players and Novel State and Non State Actors plugging catastrophic vulnerabilities with devastating exploits.

            “The only way to get smarter is by playing a smarter opponent” ….. Fundamentals of Chess 1883

          3. tiggity Silver badge

            Re: @ pccobbler: I think we speak of different things??

            Plenty of people running older Intel (or non intel) hardware though. None of my (home) kit is new enough to have ME! SO other attack methods needed even if ME is fed pwned.

          4. Down not across Silver badge

            Re: @ Palpy: I think we speak of different things??

            From a page in the Libreboot project:

            "ME firmware versions 6.0 and later, which are found on all systems with an Intel Core i3/i5/i7 CPU and a PCH, include 'ME Ignition' firmware that performs some hardware initialization and power management. ... Due to the signature verification, developing free replacement firmware for the ME is basically impossible.

            Since you quote Libreboot (as I have myself done in several posts), don't forget that Intel is not alone. AMD is equally evil with its equivalent PSP.

  22. Anonymous Coward
    Anonymous Coward

    So if they've redacted the actual exploits

    What are they doing with them? I'd love to hear them say "we're sharing them with the OEM so holes still applicable to current versions can be patched, and will make them available later" but since they didn't say that I assume not.

    Simply redacting them without comment could mean anything from waiting a few weeks and releasing them on their site causing potential chaos, to selling them on the black market, to Assange using them to hack into Trump's Twitter to make him tweet "I wear pampers under my suit to control my wiki leaks!"

    1. Adam 1

      Re: So if they've redacted the actual exploits

      I think they should be giving Google at least 90 days before publishing. Only fair.

  23. Anonymous Coward
    Big Brother

    The continuation of the teardown of US government

    "some folks are speculating that the source of the leak could be the Russians, and its true purpose is to derail the CIA for political gain."

    "Journalists covering #Vault7: consider this could be as much about Russia as CIA or WikiLeaks, a continuation of teardown of US government"

    No, it's yet more evidence it's the CIA that's a threat to US democracy. Notice I said 'US democracy' as the US government supposedly works for the people. and the CIA supposedly works for the US government instead of being part of a shadow government. If the US government is going to collapse it won't be anything the Russians do. It'll be mostly self inflicted. Like those people in the security services who concocted the Trump golden shower dossier.

    1. Anonymous Coward
      Anonymous Coward

      Re: The continuation of the teardown of US government

      Journalists are starting to confirm a few elements of that dossier, and reportedly US intelligence agencies have confirmed many of the details that put a specific person in a specific place at a specific time or saying a certain thing over the phone, so the more outlandish stuff like the golden showers becomes a bit less outlandish every day.

  24. Anonymous Coward
    Anonymous Coward

    Anyone know what channels they need to go through to hack a telly?

    1. Stoke the atom furnaces

      "Anyone know what channels they need to go through to hack a telly?"

      Spy-TV of course.

  25. dm_dv
    Devil

    @So if they've redacted

    It doesn't matter what gets Redacted, the guy's in charge of "SECURITY" are pissed, that they've taken years of security research and completely abused it!

    Think....

    A Micro-code sized back-door?

    Now think about the crap slowly creeping into your iCore and PSP chips!

    Much better encryption is coming, the C code is written in plain easy to digest language, it bloody well should be, it was the fore-runner of the Morris worm.

    An the last thing you want is a load of guys who understand Unix and telephone switches and I mean really understand Unix, putting it everywhere and on everything because there all Security extremists... Lol

    See YouTube and get a 9front!

    1. John Brown (no body) Silver badge

      Re: @So if they've redacted

      Sadly, your credibility is ruined by using the writing style of a l33t h4x0r who's learned a few buzzwords born in, oh, maybe 2003?

  26. PhilipN
    Pint

    Rogue Operative

    A good deal of human progress derives from the actions of rogue operatives.

    Cheers, mate!

  27. Anonymous Coward
    Anonymous Coward

    I feel sorry for thosee hackers .....

    They work so hard to keep the upper hand in a "war" to protect their values and way of life.

    Yet, to win that war they have to give up their way of life and forgo their values on a daily basis.

    1. Tom Paine

      Re: I feel sorry for thosee hackers .....

      I feel sorry for thosee hackers .....

      They work so hard to keep the upper hand in a "war" to protect their values and way of life.

      Yet, to win that war they have to give up their way of life and forgo their values on a daily basis.

      Eh? How'd you work that out? is there something in the Constitution that says the US shall not have intelligence agencies or conduct espionage?

  28. Howard Hanek
    Big Brother

    We Forget

    Your mobile phone is a radio operating within a narrow band set by the government.

    Never send an email you don't mind being read by someone else. There are so many intercept points between the sender and receiver that by the very architecture of the internet security can be breached by multiple hackers.

    The government spies because being untrustworthy they suspect everyone else of being untrustworthy.

    1. Anonymous Coward
      Anonymous Coward

      Re: We Forget

      Even if it's encrypted in flight? How would they break it without tipping their own hand and opening the door to getting their own stuff decrypted?

  29. Mikel

    Over here, over here!

    Pay no attention to the thing over there!

  30. veti Silver badge

    I smell a snowjob

    One of the oldest and most basic rules of intel is to pretend that your organisation and powers are much, much greater than they really are. Thus intimidating and discouraging the enemy, maybe preventing them from using effective countermeasures, and increasing the likelihood that they'll choose to co-operate with you.

    Riddle me this: if the spooks can listen in on all of us with such ease, then why are they so fixated on requiring new backdoors in equipment and protocols? Why did the FBI have such a hard time unlocking that iPhone last year?

    Assume that whatever Wikileaks publishes, the CIA wants you to see it. Countermeasures don't have to be perfect: the goal isn't "total invulnerability", it's just "don't be the low-hanging fruit".

    1. Peter2 Silver badge

      Re: I smell a snowjob

      Riddle me this: if the spooks can listen in on all of us with such ease, then why are they so fixated on requiring new backdoors in equipment and protocols? Why did the FBI have such a hard time unlocking that iPhone last year?

      1) Because the people with the access to break it are the NSA/GCHQ.

      2) The above obsessively avoid handing out any information about their operations and capabilities, to the point they won't use intercept transcripts in court, and in cases where they know that weapons etc are being smuggled around they'll phone up the police and tell them to do a "random safety check" on $vehicle and then tell the police to lie about having had a tipoff. (as covered by el reg)

      3) Bearing in mind 1 & 2, what are the chances of these people unlocking the iPhone for use in court for the FBI?

    2. Anonymous Coward
      Anonymous Coward

      Re: I smell a snowjob

      That was one of my first thoughts, that the CIA intentionally leaked this to play up their capabilities. However, this leak paints a picture of a typical bureaucratic organization struggling to keep up with trendy technology. It makes them look second-rate.

      The real culprit here isn't even the CIA, it's the smart-ass developers (in Silicon Valley and the open-source community) flooding the world with shiny, complicated, insecure devices & software. They're making it too easy for the CIA and anyone else to do mass hacking.

      1. Anonymous Coward
        Anonymous Coward

        Re: I smell a snowjob

        Unless it's a false flag operation made to make them LOOK second-rate while in truth they have a working quantum computer in Utah running away decrypting their historical data.

        Falsely stating your capabilities can work BOTH ways. If you claim to be better than you are, you can cow some enemies, while if you claim to be worse, you can lull others into a false sense of security and catch them in their hubris.

  31. Anonymous Coward
    Anonymous Coward

    Mikrotik should be proud

    The professional network equipment maker based in NATO member Latvia apparently had a whole section of the CIA's lab devoted to cracking its router and switch products. Since the Snowden leaks showed industry leader Cisco's products have been pwned by the NSA, it's only natural that Langley would go after upstart Mikrotik. A close look at the docs show a good portion of the equipment are older models that apparently can't be updated to the latest firmware. That seemed odd, until it occurred to me that those new model "cloud routers" are pretty expensive and might have been swapped out for the older kit by the CIA's less idealistic contractors. I mean, if they were willing to steal top secret weaponized government software why would they leave behind a perfectly good advanced Internet router? Recalls the PR bump Lincoln Motors got back in the 80's when crime reports showed their luxury limosines were the top pick of the nation's auto thieves.

  32. This post has been deleted by its author

  33. wolfetone Silver badge

    No One Cares

    Because there's a stupid, stupid rhetoric banded about: "If you have nothing to hide then you have nothing to fear". The general idea that as you know you're not a terrorist you don't mind the state checking everything you do to prove that.

    So all that will happen today is a load of "experts" saying "X government could listen in on your converstations through your smart TV, Amazon Fire Stick, your mobile phone etc", and Joe Public will hear that and first think "Well I don't mind I've nothing to hide" followed by "Well there's billions of people in the world they couldn't possibly be snooping on me" ended by "I don't understand any of this and I don't care enough about it to learn".

    The rest of us who are savvy enough in IT know the risks, the dangers, and the way society is headed. In the UK especially we have lost too much liberty now for it to be stopped. It is, sadly, inevitable that the state spies on us to the point they want to know everything we do. Our political views, and any skeletons in the closet that we'd rather have no one no about just so that if we were become a potent threat the establishment we can be shut up fairly quickly with dirt they've found. And no one is squeaky clean.

  34. Gavin Burnett

    sigh

    Looks like the only way I can write a document in privacy is to get my Amiga 500 out of the attic and fire up workbench.

    That should keep the cylons out.

    The older something is, the more secure it is.

  35. Roj Blake
    Big Brother

    Orwell

    "The instrument (the telescreen, it was called) could be dimmed, but there was no way of shutting it off completely."

    "The telescreen received and transmitted simultaneously."

  36. Potemkine Silver badge

    I can't wait...

    ... for Wikileaks to publish the same information regarding the FSB or the SVR.

    Strangely, Wikileaks seems to target some more than others.

    1. mhenriday
      FAIL

      Re: I can't wait...

      «Strangely, Wikileaks seems to target some more than others.» So, Potemkine, because WikiLeaks doesn't have access to FSB or SVR documents, the work that it does in publishing documents related to the CIA or NSA is suspect ? I appreciate your logic there, but perhaps the quandary could be resolved if you were to contribute a part of your own personal stash of FSB and SVR material to WikiLeaks ?...

      Henri

  37. mhenriday
    Big Brother

    Nailed it !

    «Meanwhile, some folks are speculating that the source of the leak could be the Russians, and its true purpose is to derail the CIA for political gain.» How dare those tools of the dastardly Russians (and/or Chinese, depending upon how the political winds blow in Washington and vassal capitals) besmirch that valiant defender of our civil liberties - not least the 4th Amendment to the US Constitution, the CIA ?!! That is indeed carrying freedom of expression too far !...

    Henri

    1. amanfromMars 1 Silver badge

      Re: Nailed it ! @Henri .... Vive la revolution/l'évolution

      ..., which will be remotely controlled and televisualised

      How intelligent does one have to be in order to work for secretive intelligence services servering to Grand Worshipful Masters of the Expanding and Exploitable Zeroday today? Or are all the really virtually smart folk that future secret intelligence servers need for tomorrow freelancing under the cover of renegade rogue state and non-state actor bodies .... and much more sensibly into the flash crashing of sensitive corrupted perverse systems of SCADA administration, as opposed to aiding and abetting them and thus allowing continuance of the great sub-prime charades that are daily media presented austere reality shows?

      Such is surely the folly of fools thinking themselves smart tools.

  38. Tom Paine

    Nope

    Agents are therefore forced to carry out targeted snooping on individuals' devices, rather than carry out mass blanket surveillance.

    The NSA does SIGINT. Makes sense for them to trawl as much raw comms data as possible for interesting stuff.

    The CIA does HUMINT. By definition, their targets are individual people.

    As Robert "ErrataSec" Graham pointed out, the NSA and CIA have different missions, and use different tools to accomplish them.

    http://blog.erratasec.com/2017/03/some-comments-on-wikileaks-ciavault7.html

  39. Tom Paine

    Derpgasm

    You can always rely on this sort of story to bring the loud-mouth know-nothing types out of the woodwork to explain it all to us. The about of bollocks on Twitter attached to the #vault7 tag... /o\

  40. Fading
    Big Brother

    What has been seen....

    Cannot be unseen....

    Therefore I would like to take this opportunity to extend my apologies to the CIA agents who had the misfortune to hack my smart TV and watch what I do in the comfort of my own home.......

    1. dm_dv
      Angel

      Re: What has been seen....

      Lol, they publish, the hackers - read all - see all an know all and suddenly Hotmail is inaccessible to Millions of user's.. Alien invasion or just co-incidence and today in the budget report, the low hanging fruit called Chancellor of the exchequer says he wants to invest, in disruptive technologies including bio-hacking!

      Read between the line's, "if we invest heavily in disruption say to the tune of 100 million" we can just carry on trying to bull-shit people about no trap-door hidden inside there boxes and blame it all on kids!

      The bit that makes you laugh... They understand enough about the technology to use Linux all over there CIA machines, but little enough to realize that back-door software can be reverse engineered and then don't blame your TV manufacturer if what your looking at on the box isn't quite what you expected!

  41. dm_dv
    Angel

    Ah the Kernel

    The original kernel is vulnerable to input signals that are not at the nominal 1-PPS frequency or are excessively noisy. In the new kernel a frequency discriminator is used to suppress samples that are outside a tolerance range of ±500 PPM. As in the original kernel, a three-stage median filter is used to suppress outlyer time samples and second order time differences are used to suppress outlyer frequency samples. In the new kernel the outlyer thresholds have been changed to 500 ms for time (jitter) adjustments and between 500 PPM and about 2 PPM, depending on the calibration interval, for frequency adjustments.

    While the new design allows for much larger tolerances and is much more resilient to noise and incorrect signal sources, there are specific limits due to the inherent ambiguity of the PPS signal itself when the pulse occurs approximately midway between two adjacent seconds. In order to prevent ambiguity errors, the sum of the maximum time offset and maximum frequency offset, expressed in microseconds over one second, must not exceed 500 ms. In practice with NTP, these limits cannot even be approached, due to the conservative design of the protocol daemon.

    The original kernel modifications average the PPS time over a 64-s interval and average the PPS frequency over intervals that start at 8 s and eventually grow to 256 s. As determined by experiment and simulation, these intervals are too large for typical room temperature quartz oscillators. The design of the new kernel reflects the choice of Allan intercept, which depends on the intrinsic phase noise of the PPS signal and the intrinsic stability of the oscillator.

    As determined by simulation and experiment, an appropriate value for the Allan intercept is 128 s. The time offset is averaged each second with weight factor equal to the reciprocal of this value, while the frequency offset is measured over an interval equal to the same value.

    Outlyer Technologies is an award winning group of passionate professionals focused on revolutionizing the worlds of marketing and advertising.

  42. dm_dv
    Windows

    It's all about the history!

    1969 The Beginning The history of UNIX starts back in 1969, when Ken Thompson, Dennis Ritchie and others started working on the "little-used PDP-7 in a corner" at Bell Labs and what was to become UNIX.

    1971 First Edition It had a assembler for a PDP-11/20, file system, fork(), roff and ed. It was used for text processing of patent documents.

    1973 Fourth Edition It was rewritten in C. This made it portable and changed the history of OS's.

    1975 Sixth Edition UNIX leaves home. Also widely known as Version 6, this is the first to be widely available out side of Bell Labs. The first BSD version (1.x) was derived from V6.

    1979 Seventh Edition It was a "improvement over all preceding and following Unices" [Bourne]. It had C, UUCP and the Bourne shell. It was ported to the VAX and the kernel was more than 40 Kilobytes (K).

    1980 Xenix Microsoft introduces Xenix. 32V and 4BSD introduced.

    1982 System III AT&T's UNIX System Group (USG) release System III, the first public release outside Bell Laboratories. SunOS 1.0 ships. HP-UX introduced. Ultrix-11 Introduced.

    1983 System V Computer Research Group (CRG), UNIX System Group (USG) and a third group merge to become UNIX System Development Lab. AT&T announces UNIX System V, the first supported release. Installed base 45,000.

    1984 4.2BSD University of California at Berkeley releases 4.2BSD, includes TCP/IP, new signals and much more. X/Open formed.

    1984 SVR2 System V Release 2 introduced. At this time there are 100,000 UNIX installations around the world.

    1986 4.3BSD 4.3BSD released, including internet name server. SVID introduced. NFS shipped. AIX announced. Installed base 250,000.

    1987 SVR3 System V Release 3 including STREAMS, TLI, RFS. At this time there are 750,000 UNIX installations around the world. IRIX introduced.

    1988 POSIX.1 published. Open Software Foundation (OSF) and UNIX International (UI) formed. Ultrix 4.2 ships.

    1989 AT&T UNIX Software Operation formed in preparation for spinoff of USL. Motif 1.0 ships.

    1989 SVR4 UNIX System V Release 4 ships, unifying System V, BSD and Xenix. Installed base 1.2 million.

    1990 XPG3 X/Open launches XPG3 Brand. OSF/1 debuts. (Plan 9 from Bell Labs ships.)

    1991 UNIX System Laboratories (USL) becomes a company - majority-owned by AT&T. Linus Torvalds commences Linux development. Solaris 1.0 debuts.

    1992 SVR4.2 USL releases UNIX System V Release 4.2 (Destiny). October - XPG4 Brand launched by X/Open. December 22nd Novell announces intent to acquire USL. Solaris 2.0 ships.

    1993 4.4BSD 4.4BSD the final release from Berkeley. June 16 Novell acquires USL

    Late 1993 SVR4.2MP

    Novell transfers rights to the "UNIX" trademark and the Single UNIX Specification to X/Open. COSE initiative delivers "Spec 1170" to X/Open for fasttrack.

    In December Novell ships SVR4.2MP , the final USL OEM release of System V

    1994 Single UNIX Specification BSD 4.4-Lite eliminated all code claimed to infringe on USL/Novell. As the new owner of the UNIX trademark, X/Open introduces the Single UNIX Specification (formerly Spec 1170), separating the UNIX trademark from any "actual code" stream.

    Plan 9 demonstrated that an integral concept of Unix—that every system interface could be represented as a set of files—could be successfully implemented in a modern distributed system. Some features from Plan 9, like the UTF-8 character encoding of Unicode, have been implemented in other operating systems, although UNSUCCESSFULLY as X11 has no Unicode support!

    1. dm_dv
      Windows

      Re: It's all about the history!

      You should all be using IX not XII

      9 IX 10-1

      10 X 10

      11 XI 10+1

      12 XII 10+1+1

  43. This post has been deleted by its author

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022