WikiLeaks Will Hand CIA Secrets to Tech Companies: Assange

The CIA’s internal security personnel, who apparently had not told the Federal Bureau of Investigation, were pursuing the matter, but the scope and severity of the problem was unclear until WikiLeaks posted online the roughly 9,000 documents on Tuesday, these individuals said.

WikiLeaks will hand over details of hacking secrets used by the Central Intelligence Agency to technology companies to allow them to find software flaws and fix them, founder Julian Assange has said. “We do not comment on the authenticity or content of purported intelligence documents”, said Heather Fritz Horniak, a CIA spokesperson.

Upon their release, WikiLeaks said that part one of the documents “already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks“. While Apple said its latest iPhone operating software patched numerous flaws identified in the leak, tech companies in the Silicon Valley and elsewhere have to scramble to fix any remaining cracks and reassure skittish customers.

Google, too, said it will “implement any further necessary protections” and that its analysis is ongoing. But while the iPhone manufacturer has quickly indicated that it has fixed “many” of the vulnerabilities, Microsoft and Samsung have merely said they are looking into the issues raised. “Android experts have said the same regarding android devices on the latest firmware as well, which is interesting as it demonstrates that Android (again, on latest firmware) can be decently secure just like iOS”.

“Vague descriptions of bugs is no more worrisome than the fact they know any software has unknown vulnerabilities”, he said, adding that Google was “in no worse position than they were a week ago”. Check Point’s head of mobile security Michael Shaulov spoke to the site, and he says that Google has plenty of work to do if they hope to patch the holes that have been uncovered.

Apple also said its latest iOS version is protected from most of the CIA’s exploits.

“Year Zero”, Wikileaks writes, “introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits” against vulnerabilities in smartphones, computers, and Samsung smart TVs.

According to two anonymous United States officials with knowledge about the matter, USA intelligence and law enforcement officials have known about a security breach at the CIA since late 2016, Reuters reported.

Linux, the open-source operating system, was also listed in the cache of documents.

These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database, WikiLeaks said explaining the method of the U.S. intelligence agency’s operations.

The leaked documents should give the firms enough information to find vulnerabilities, Litan said.

Cindy Cohn, an attorney and executive director at the Electronic Frontier Foundation said using US law to penalize vendors would be a “gross misuse”.

As FBI Director James Comey said Wednesday, “There is no such thing as absolute privacy in America”. WikiLeaks own press release doesn’t say so, either, but their wording (and the tweet they sent out to accompany it) certainly wasn’t chosen to avoid that confusion.