10-03-2017, 02:00 PM
Edward Snowden recently Tweeted suggesting that only a "cleared insider" could've leaked the Vault 7 dump HERE. This is important because the Russian meme is already being directed against Wikileaks publication also.
Quote:Source
- AUTHOR: ANDY GREENBERG.ANDY GREENBERG SECURITY
- DATE OF PUBLICATION: 03.08.17.03.08.17
- TIME OF PUBLICATION: 9:59 AM.9:59 AM
HOW THE CIA'S HACKING HOARD MAKES EVERYONE LESS SECURE
WIREDWHEN WIKILEAKS YESTERDAY released a trove of documentspurporting to show how the CIA hacks everything from smartphones to PCs to smart televisions, the agency's already shadowy reputation gained a new dimension. But if you're an average American, rather than Edward Snowden or an ISIS jihadi, the real danger clarified by that leak wasn't that someone in Langley is watching you through your hotel room's TV. It's the rest of the hacker world that the CIA has inadvertently empowered.
As security researchers and policy analysts dig through the latest WikiLeaks documents, the sheer number of hacking tools the CIA has apparently hoarded for exploiting zero-day vulnerabilitiessecret inroads that tech firms haven't patchedstands out most. If the US intelligence community knows about them, that leaves open the possibility that criminal and foreign state hackers do as well.
Its broad zero-day stash, then, strongly suggests that the CIAalong with other intelligence agencieshas long allowed Americans to remain vulnerable to those same attacks. Now that those hacking secrets are public, potentially along with enough details to replicate them, the danger of the feds leaving major security flaws unfixed only escalates.
"If the CIA can use it, so can the Russians, or the Chinese or organized crime," says Kevin Bankston, the director of the New America Foundation's Open Technology Institute. "The lesson here, first off, is that stockpiling a bunch of vulnerabilities is bad for cybersecurity. And two, it means they're likely going to get leaked by someone."
A World of Hacks
It's no surprise, of course, that one of America's most well-resourced spy agencies can hack its foreign adversaries. The shock, says Johns Hopkins cryptographer Matt Green, comes instead from the sudden spill of those hacking tools onto the web. "In the same way the military would probably have one technique for killing every single tank in an enemy's arsenal, you would expect the CIA to collect the same thing," says Green. "What's different is that we're seeing them out in public."
In fact, WikiLeaks wrote in a note accompanying its Tuesday release that "the archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner." That raises the possibility the full document set, along with actual exploit details or code, may have fallen into the hands of hackers long before it was published in part by WikiLeaks.
INSIDE VAULT 7
- [URL="https://www.wired.com/2017/03/wikileaks-cia-hacks-dump/"][COLOR=rgba(0, 0, 0, 0.6)]LILY HAY NEWMAN[/COLOR]
WikiLeaks Just Dumped a Mega-Trove of CIA Hacking Secrets
[/URL]
- [URL="https://www.wired.com/2017/03/cia-can-hack-phone-pc-tv-says-wikileaks/"][COLOR=rgba(0, 0, 0, 0.6)]ANDY GREENBERG[/COLOR]
How the CIA Can Hack Your Phone, PC, and TV (Says WikiLeaks)
[/URL]
- [URL="https://www.wired.com/2017/03/wikileaks-cia-dump-gives-russian-hacking-deniers-perfect-ammo/"][COLOR=rgba(0, 0, 0, 0.6)]ISSIE LAPOWSKY AND LILY HAY NEWMAN[/COLOR]
WikiLeaks CIA Dump Gives Russian Hacking Deniers the Perfect Ammo
[/URL]
- [URL="https://www.wired.com/2017/03/wikileaks-cia-hack-signal-encrypted-chat-apps/"][COLOR=rgba(0, 0, 0, 0.6)]BRIAN BARRETT[/COLOR]
Don't Let WikiLeaks Scare You Off of Signal and Other Encrypted Chat Apps
[/URL]
The WikiLeaks CIA cache, which the group calls Vault 7, most explicitly details the agency's hacking capabilities for smartphones. It lists more than a dozen exploits that affect iOS, and two dozen that threaten Android phones with varying degrees of penetration. The CIA appears to have gleaned some of those exploits from public research, and most are likely no longer zero days, given that the documents date back to as early as 2013 and only as late as the beginning of 2016. "Our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS," an Apple spokesperson writes. Google has yet to respond to WIRED's request for comment.
But during those years, at least, the CIA appears to have kept the security flaws those techniques exploited secret. And the sheer number of those exploits suggests violations of the Vulnerabilities Equities Process, which the Obama administration created in 2010 to compel law enforcement and intelligence agencies to help fix those flaws, rather than exploit them whenever possible.
"Did CIA submit these exploits to the Vulnerabilities Equities Process?" asks Jason Healey, a director at the Atlantic Council who's tracked the VEP closely. "If not, you can say that either the process is out of control or they're subverting the president's priorities."
Selective Disclosure
The man most closely responsible for that vulnerability disclosure policy argues that the second of those two possibilities, at least, isn't the case. Former White House cybersecurity coordinator Michael Daniel, who led cybersecurity policy for the Obama presidency and oversaw a revamp of the VEP in 2014, says that "all of the agencies that were participating in the VEP were doing so in good faith." Daniels declined to comment specifically on the WikiLeaks release or the CIA's exploit collection, but said that even now he doesn't believe anyone was hiding hacking capabilities from the White House. "I felt like everyone was engaged in the process in the right way," he says.
But that hardly means the CIA reported their exploits to Apple and Google to help secure their software, Daniel admits. While he argues that in some cases the CIA's exploits may have targeted users who simply didn't update their software with available patches, he says that other times the White House may have prioritized the CIA's hacking capability over securing software used by millions.
"The default position is that the government will disclose, but that doesn't mean that will happen on every occasion," says Daniel. "The point of having a process is that there are times when the benefit to intelligence and law enforcement to exploit that flaw outweighs the risk of retaining that flaw inside the government. We were clear there were times when we did choose not to disclose a vulnerability to a vendor."
Balancing the needs of a critical intelligence agency with the digital security of the rest of the world isn't easy. But the US intelligence community's hacking techniques leakingnot once, but at least twice now after hackers known as the Shadow Brokers breached an NSA server and published reams of NSA code last Augustmeans that the balance needs to be reconsidered, says New American Foundation's Bankston. "All of these vulnerabilities were in iPhones and Android phones that hundreds of millions of people used if not billions," he says. "That has serious cybersecurity implications."
It's still unclear whether the Trump administration will continue the previous White House's Vulnerabilities Equities Process, or how it will address the question of government hacking versus civilian security. But the Atlantic Council's Healey argues that the CIA leak shows that the question needs a harder look than ever.
"The deal we make in a democracy is that we understand we need military and intelligence services. But we want want oversight in the executive branch and across the three branches of government," he says. "If the CIA says we're suppose to do this, but we're just not going to,' or we're going to do it just enough that the White House thinks we are,' that starts to eat away at the fundamental oversight for which we have elected officials."
David Guyatt Wrote:That the Vault 7 release is only 1% so far boggles the mind given the content thus far. It seems that Assange and Wikileaks weren't joking when they chose the JFK phrase for their password Splinter Into A Thousand Pieces And Scatter Into The Winds.
Also based on what Wikileaks said about why the individual leaked this material it now seems reasonably clear that there are a number of serving and former Intelligence Community officials who have decided to combat the the US security state, which they consider is now operating against the interests of the US Constitution and are illegal.
In a recent interview on Fox Hannity show (below) two former IC types (William Binney and Col. Tony Schaffer) both indicated that "former members of the NSA, retired intelligence guys", using the "malware" that had "Russian fingerprints" on it hacked the DNC and gave it to Wikileaks (thus confirming what former UK former Ambassador Craig Murray has said). Shaffer also added that the DNC and the democrats knew this but pushed the Russian did it story. He added that he has no proof but this is what he's heard and the reason for this was that "concerned Americans were fed up with Clinton doing things... got in there and gave it to Wikileaks". Binney agrees.
Now we have this second release from a "cleared insider" that is designed to shatter the CIA into a thousand pieces, and I don't suppose it's pushing the envelope to say that there is continuing warfare between "concerned Americans" in the CIA and the IC who are intent on bringing the the CIA and other IC entities to heel over their excesses -- presumably in the domestic political arena. William Binney also adds an important observation. The CIA hacking tools are no longer secure, other hackers have accessed them, and yet the CIA did nothing about fixing this leaving everyone everywhere openly vulnerable. And the kicker is that the CIA then asks for more money for cyber security. Binney is suggesting this is an outright scam.
Quote:US Intel Vets Dispute Russia Hacking ClaimsSource
December 12, 2016
As the hysteria about Russia's alleged interference in the U.S. election grows, a key mystery is why U.S. intelligence would rely on "circumstantial evidence" when it has the capability for hard evidence, say U.S. intelligence veterans.
Veteran Intelligence Professionals for Sanity
MEMORANDUM
Allegations of Hacking Election Are Baseless
A New York Times report on Monday alluding to "overwhelming circumstantial evidence" leading the CIA to believe that Russian President Vladimir Putin "deployed computer hackers with the goal of tipping the election to Donald J. Trump" is, sadly, evidence-free. This is no surprise, because harder evidence of a technical nature points to an inside leak, not hacking by Russians or anyone else.
Seal of the National Security Agency
Seal of the National Security Agency
Monday's Washington Post reports that Sen. James Lankford, R-Oklahoma, a member of the Senate Intelligence Committee, has joined other senators in calling for a bipartisan investigation of suspected cyber-intrusion by Russia. Reading our short memo could save the Senate from endemic partisanship, expense and unnecessary delay.
In what follows, we draw on decades of senior-level experience with emphasis on cyber-intelligence and security to cut through uninformed, largely partisan fog. Far from hiding behind anonymity, we are proud to speak out with the hope of gaining an audience appropriate to what we merit given our long labors in government and other areas of technology. And corny though it may sound these days, our ethos as intelligence professionals remains, simply, to tell it like it is without fear or favor.
We have gone through the various claims about hacking. For us, it is child's play to dismiss them. The email disclosures in question are the result of a leak, not a hack. Here's the difference between leaking and hacking:
Leak: When someone physically takes data out of an organization and gives it to some other person or organization, as Edward Snowden and Chelsea Manning did.
Hack: When someone in a remote location electronically penetrates operating systems, firewalls or any other cyber-protection system and then extracts data.
All signs point to leaking, not hacking. If hacking were involved, the National Security Agency would know it and know both sender and recipient.
In short, since leaking requires physically removing data on a thumb drive, for example the only way such data can be copied and removed, with no electronic trace of what has left the server, is via a physical storage device.
Awesome Technical Capabilities
Again, NSA is able to identify both the sender and recipient when hacking is involved. Thanks largely to the material released by Edward Snowden, we can provide a full picture of NSA's extensive domestic data-collection network including Upstream programs like Fairview, Stormbrew and Blarney. These include at least 30 companies in the U.S. operating the fiber networks that carry the Public Switched Telephone Network as well as the World Wide Web. This gives NSA unparalleled access to data flowing within the U.S. and data going out to the rest of the world, as well as data transiting the U.S.
Former National Security Agency contractor Edward Snowden. (Photo credit: The Guardian)
Former National Security Agency contractor Edward Snowden. (Photo credit: The Guardian)
In other words, any data that is passed from the servers of the Democratic National Committee (DNC) or of Hillary Rodham Clinton (HRC) or any other server in the U.S. is collected by the NSA. These data transfers carry destination addresses in what are called packets, which enable the transfer to be traced and followed through the network.
Packets: Emails being passed across the World Wide Web are broken down into smaller segments called packets. These packets are passed into the network to be delivered to a recipient. This means the packets need to be reassembled at the receiving end.
To accomplish this, all the packets that form a message are assigned an identifying number that enables the receiving end to collect them for reassembly. Moreover, each packet carries the originator and ultimate receiver Internet protocol number (either IPV4 or IPV6) that enables the network to route data.
When email packets leave the U.S., the other "Five Eyes" countries (the U.K., Canada, Australia, and New Zealand) and the seven or eight additional countries participating with the U.S. in bulk-collection of everything on the planet would also have a record of where those email packets went after leaving the U.S.
These collection resources are extensive [see attached NSA slides 1, 2, 3, 4, 5]; they include hundreds of trace route programs that trace the path of packets going across the network and tens of thousands of hardware and software implants in switches and servers that manage the network. Any emails being extracted from one server going to another would be, at least in part, recognizable and traceable by all these resources.
The bottom line is that the NSA would know where and how any "hacked" emails from the DNC, HRC or any other servers were routed through the network. This process can sometimes require a closer look into the routing to sort out intermediate clients, but in the end sender and recipient can be traced across the network.
The various ways in which usually anonymous spokespeople for U.S. intelligence agencies are equivocating saying things like "our best guess" or "our opinion" or "our estimate" etc. shows that the emails alleged to have been "hacked" cannot be traced across the network. Given NSA's extensive trace capability, we conclude that DNC and HRC servers alleged to have been hacked were, in fact, not hacked.
The evidence that should be there is absent; otherwise, it would surely be brought forward, since this could be done without any danger to sources and methods. Thus, we conclude that the emails were leaked by an insider as was the case with Edward Snowden and Chelsea Manning. Such an insider could be anyone in a government department or agency with access to NSA databases, or perhaps someone within the DNC.
As for the comments to the media as to what the CIA believes, the reality is that CIA is almost totally dependent on NSA for ground truth in the communications arena. Thus, it remains something of a mystery why the media is being fed strange stories about hacking that have no basis in fact. In sum, given what we know of NSA's existing capabilities, it beggars belief that NSA would be unable to identify anyone Russian or not attempting to interfere in a U.S. election by hacking.
For the Steering Group, Veteran Intelligence Professionals for Sanity (VIPS)
William Binney, former Technical Director, World Geopolitical & Military Analysis, NSA; co-founder, SIGINT Automation Research Center (ret.)
Mike Gravel, former Adjutant, top secret control officer, Communications Intelligence Service; special agent of the Counter Intelligence Corps and former United States Senator
Larry Johnson, former CIA Intelligence Officer & former State Department Counter-Terrorism Official
Ray McGovern, former US Army infantry/intelligence officer & CIA analyst (ret.)
Elizabeth Murray, Deputy National Intelligence Officer for Middle East, CIA (ret.)
Kirk Wiebe, former Senior Analyst, SIGINT Automation Research Center, NSA (ret.)
David Guyatt Wrote:Ray McGovern has posted the below video on his Facebook page with the following introduction:
"Larry has several reliable sources with excellent access. He was correct on the false-flag sarin gas attack outside Damascus on August 21, 2013 (aimed at mousetrapping Obama into doing "shock and awe" against Syria). He is correct here, as well. Small wonder the Fawning Corporate Media avoid him, and others of us VIPS, like the bubonic plague."
What Larry Johnson says is that Britain's GCHQ had access to Trump's electronic output and shared this with certain officials in the US IC. THis is nothing new. There has been an arrangement going back decades where the UK taps (although that is the incorrect technical method) US citizens phones etc., and the US NSA reciprocates by tapping (sic) UK citizens. This forms part of the Five Eyes intelligence sharing agreement.