Home | About | Donate

Is the Vault 7 Source a Whistleblower?


#1

Is the Vault 7 Source a Whistleblower?

Jesselyn Radack

It is the leakiest of times in the Executive Branch. Last week, Wikileaks published a massive and, by all accounts genuine, trove of documents revealing that the CIA has been stockpiling, and lost control of, hacking tools it uses against targets. Particularly noteworthy were the revelations that the CIA developed a tool to hack Samsung TVs and turn them into recording devices and that the CIA worked to infiltrate both Apple and Google smart phone operating systems since it could not break encryption.


#2

Is this for real?????I guess people who have a microwave deserve to be spied on???Are we being played?????

The pentagon and cia are getting permission to drop drones around the world without approval from the president(never mind that the president shouldn't have this power)and we are being told something most people already expect----that the government is watching us-----this is news????

They can hack the cia but not irs----strange??????


#3

What I read, is that an insider, an intel person, is suspected of leaking all this. Government subcontractors were improperly carrying these powerful tools around on flashdrives and somebody decided to leak them to wikileaks, so now they are loose on the internet.

Julian Assange and Snowden believe this is real, so I do too. The interesting thing is that some of them have Russian fingerprints, but are clearly from us. That infers maybe the Russian hacking the election story was a fraud by the Obama Administration to discredit Trump.

This thing may turn out to be bigger than Watergate!

But one thing is clear to me: It was a grave mistake to allow SAIC and other private subcontractors like Booze Allen Hamilton to have spying access to high-level government people like former Senator Obama when he was in Chicago. Sets the stage for blackmail later.

Source of that was NSA agent Russel Tice in 2005 and again in 2013.


#4

So, in your mind, leaking them to wikileaks means they're now "loose on the internet."

This would mean that WL posted them somewhere. Do you have any evidence of that?

Of course not.

This kind of fuzzy, inaccurate thinking is an epidemic now. Logical fallacies, misguided assumptions, claims without evidence. We are sinking into a cesspool of stupidity.


#5

TJ says:
No, labornvain, your assumption that only wikileaks proliferates malware and viruses is incorrect. The very use of these infecting tools by moron subcontractors puts them loose on the net in the hands of criminals. Note the very last sentence in this excerpt by zerohedge (I put it in bold emphisis so you can find it.)

WikiLeaks has published what it claims is the largest ever release of confidential documents on the CIA. It includes more than 8,000 documents as part of ‘Vault 7’, a series of leaks on the agency, which have allegedly emerged from the CIA's Center For Cyber Intelligence in Langley, and which can be seen on the org chart below, which Wikileaks also released:

A total of 8,761 documents have been published as part of ‘Year Zero’, the first in a series of leaks the whistleblower organization has dubbed ‘Vault 7.’ WikiLeaks said that ‘Year Zero’ revealed details of the CIA’s “global covert hacking program,” including “weaponized exploits” used against company products including “Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.”

WikiLeaks tweeted the leak, which it claims came from a network inside the CIA’s Center for Cyber Intelligence in Langley, Virginia.

Among the more notable disclosures which, if confirmed, "would rock the technology world", the CIA had managed to bypass encryption on popular phone and messaging services such as Signal, WhatsApp and Telegram. According to the statement from WikiLeaks, government hackers can penetrate Android phones and collect “audio and message traffic before encryption is applied.”

Another profound revelation is that the CIA can engage in "false flag" cyberattacks which portray Russia as the assailant. Discussing the CIA's Remote Devices Branch's UMBRAGE group, Wikileaks' source notes that it "collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.

"With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from. UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques."

As Kim Dotcom summarizes this finding, "CIA uses techniques to make cyber attacks look like they originated from enemy state. It turns DNC/Russia hack allegation by CIA into a JOKE"

But perhaps what is most notable is the purported emergence of another Snowden-type whistleblower: the source of the information told WikiLeaks in a statement that they wish to initiate a public debate about the “security, creation, use, proliferation and democratic control of cyberweapons.” Policy questions that should be debated in public include “whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency,” WikiLeaks claims the source said.

The FAQ section of the release, shown below, provides further details on the extent of the leak, which was “obtained recently and covers through 2016”. The time period covered in the latest leak is between the years 2013 and 2016, according to the CIA timestamps on the documents themselves. Secondly, WikiLeaks has asserted that it has not mined the entire leak and has only verified it, asking that journalists and activists do the leg work.

Among the various techniques profiled by WikiLeaks is “Weeping Angel”, developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones. After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

As Kim Dotcom chimed in on Twitter, "CIA turns Smart TVs, iPhones, gaming consoles and many other consumer gadgets into open microphones" and added " CIA turned every Microsoft Windows PC in the world into spyware. Can activate backdoors on demand, including via Windows update"

Dotcom also added that "Obama accused Russia of cyberattacks while his CIA turned all internet enabled consumer electronics in Russia into listening devices. Wow!"

Julian Assange, WikiLeaks editor stated that "There is an extreme proliferation risk in the development of cyber 'weapons'. Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of "Year Zero" goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

Key Highlights from the Vault 7 release so far:

"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.
Wikileaks claims that the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook.
The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

So sir, it would seem that you have the market cornered on cesspool stupidity.


#6

That was what you said: "so". This is the same as saying they are loose on the internet BECAUSE they were leaked to Wikileaks.

I didn't need to assume anything. I responded to your claim and pointed out that it was incorrect.

Then, I commented on the epidemic of illogical thinking and you responded with more illogical thinking.

I can't speak to whether "moron contractors" may or may not have been proliferating malware on the internet. But I can safely say that Wikileaks has not. And that's what you said:

"somebody decided to leak them to wikileaks, so now they are loose on the internet."

Now, maybe you misspoke. But that phrase clearly implicates WL in setting Vault7 malware "loose on the internet."

Admit it and move on.


#7

No, you can't take just half my sentence and project a different meaning to it. The whole sentence is:

Government subcontractors were improperly carrying these powerful tools around on flashdrives and somebody decided to leak them to wikileaks, so now they are loose on the internet.

The subject is Government subcontractors. While I agree I could have been clearer (by saying "Wikileaks published the names of the malware", this statement of mine is still true. Wikileaks is alerting criminals of the keyword names although wikileaks is neither to blame for the leak nor the proliferation of this malware. Intel Subcontractors, which is the subject of that sentence, were responsible for weakening the internet and netcitizen's security.

For example, the spying tool named "Weeping Angel" may not have been known to members of organized crime, but now they know what to scour source code for! That is the problem with publishing a leak like this. Hopefully, "White Hat" hackers will neutralize it before that happens on a wide-scale basis. That's obviously the intent by Julian Assange (the good guy in this story.)

I see how you could have misinterpreted the sentence since you read things literally and devoid of understanding. If you had a background in computer science, you would not jump to the illogical conclusion that I meant "Wikileaks posted them somewhere." The truth is that they were already out there, but unknown to most.

The fact that you resort to name-calling and fail basic logic instead of politely asking for clarification tells me a lot about you. Maybe you belong on youtube comments or something.