設萬維讀者為首頁 廣告服務 聯繫我們 關於萬維
簡體 繁體 手機版
分類廣告
版主:彎刀
萬維讀者網 > 競技沙龍 > 帖子
曝光:奧巴馬政府下的CIA怎樣侵入你的手機的?
送交者: Mayi 2017年03月07日16:38:56 於 [競技沙龍] 發送悄悄話
Photo
An iPhone streamed a Facebook Live feed of the lobby at Trump Tower in November. CreditDrew Angerer/Getty Images 

WikiLeaks on Tuesday released a significant cache of documents that it said came from a high-security network inside the Central Intelligence AgencyWikiLeaks called the documents Vault 7, and they lay out the capabilities of the agency’s global covert hacking program.

What is the C.I.A. program?

By the end of 2016, the C.I.A. program had 5,000 registered users, including government employees and contractors. And they had produced more than a thousand hacking systems. The agency’s arsenal, the documents indicate, included an array of malware ranging from viruses to clandestine “zero day” vulnerabilities in the software of major companies.

The files have circulated among former United States government hackers and contractors in “an unauthorized manner, one of whom provided WikiLeaks with portions of the archive,” WikiLeaks said.

WikiLeaks said it was publishing the documents while redacting and anonymizing some passages, including the names of “tens of thousands” of C.I.A. targets. WikiLeaks said it was not distributing “armed cyberweapons.”

Continue reading the main story

How vulnerable is my smartphone?

The software targeted by the hacking program included the most popular smartphone operating systems: Apple’s iOS and Google’s Android.

The C.I.A. hacking initiative had a “mobile devices branch,” which developed an array of attacks on popular smartphones to infect and extract data, including a user’s location, audio and text messages, and to covertly activate a phone’s camera and microphone.

Apple’s iPhone software, according to the documents, was a particular target, including the development of several “zero day” exploits — a term for attacking coding flaws the company would not have known about.

Though Apple has only 15 percent of the global smartphone market, the intensive C.I.A. effort was probably explained by the “popularity of the iPhone among social, political, diplomatic and business elites.”

Finding these vulnerabilities could in theory allow the spy agency to circumvent the kinds of security that stymied investigators who wanted to gain access to the password-protected iPhone of one of the attackers in the 2015 mass shooting in San Bernardino, Calif.

Google’s Android, the most widely used smartphone operating system, seemed to have received even more attention. By 2016, the C.I.A. had 24 weaponized Android “zero day” software programs.

Did the C.I.A. directly target encryption software?

The C.I.A. focused on smartphone operating systems in large part to intercept messages before they could be encrypted, according to the WikiLeaks documents. So by targeting the phone’s underlying software, the C.I.A. was looking to bypass the encryption of WhatsApp, Signal, Telegram, Weibo and other smartphone communications applications.

Were other kinds of devices targeted?

The C.I.A. also targeted Microsoft’s Windows personal computer software, other internet-connected computers, and home and industrial devices running the Linux operating system, according to the documents.

There was a specific program to penetrate and take control of Samsung smart TVs. The program, code-named Weeping Angel, was intended to convert new digital televisions into “covert microphones.” The malware was developed in cooperation with the British spy agency MI5, according to the documents.

The Weeping Angel program puts the target TV in a “fake off” mode, according to the WikiLeaks documents. Then, with the owner believing the TV is turned off, the set works as a clandestine recording device, picking up conversations in the room and sending them over the internet to a C.I.A. server computer.

And in October 2014, according to the documents, the C.I.A. was exploring technology to penetrate the vehicle control systems of cars. The documents do not detail the goal of the vehicle hacking program, but WikiLeaks speculated that it would “permit the C.I.A. to engage in nearly undetectable assassinations.”

Has encryption software changed how the C.I.A. behaves?

The leaked documents indicate that the broad use of encryption has pushed the C.I.A. to become one of the world’s foremost creators — and buyers — of malware. Much of the cache released by WikiLeaks appears to show how the agency has created or acquired a variety of tools to thwart tough encryption or intercept messages before encryption tools make them useless to the intelligence agency.

What is new about the C.I.A. program?

Using malware to hack into devices ranging from smartphones to webcams has been going on for years. Sometimes the intent is to steal information — like names, addresses and credit-card numbers for identity theft and fraud. Sometimes the goal seems to be to create havoc.

Last year, for example, household and commercial webcams and router computers were taken over and used as launching pads to create so-called denial-of-service attacks that clogged portions of the internet and interrupted service for hours for people in parts of the United States.

But the C.I.A. program seems to have been particularly sophisticated, far-reaching and focused on surveillance. Just how innovative the individual software techniques were will not be known until independent computer security experts and scientists at the companies whose software was probed can examine the malware and tactics involved.

What time period is covered by the documents?

WikiLeaks says the document dump will cover 2013 to 2016. The organization says this is the largest publication of intelligence documents in history.

If the documents are accurate, did the C.I.A. violate commitments made by President Barack Obama?

In 2010, the Obama administration promised to disclose newly discovered vulnerabilities to companies like Apple, Google and Microsoft. But the WikiLeaks documents indicate that the agency found security flaws, kept them secret and then used them for surveillance and intelligence gathering.

Why is it so hard to keep these cyberweapons under wraps?

Unlike nuclear weapons, which can be guarded and protected, cyberweapons are “just computer programs which can be pirated like any other,” WikiLeaks notes. “Since they are entirely comprised of information they can be copied quickly with no marginal cost.”

There is a growing black market dedicated to trading these weapons, and government agencies from around the world will pay well for their discovery.



0%(0)
0%(0)
標 題 (必選項):
內 容 (選填項):
實用資訊
回國機票$360起 | 商務艙省$200 | 全球最佳航空公司出爐:海航獲五星
海外華人福利!在線看陳建斌《三叉戟》熱血歸回 豪情築夢 高清免費看 無地區限制
一周點擊熱帖 更多>>
一周回復熱帖
歷史上的今天:回復熱帖
2016: NBA:魔術vs勇士
2016: 女足贏了,白菜退了,其他的大家補充。
2015: 柴靜太遠,霧霾太複雜。談點眼前簡單的
2015: 俺家後院的冰川景觀
2014: 馬來西亞航空公司370航班在飛往北京的
2014: 打油虞美人 . 殺醫傷護
2013: GNBQCMPY: 春,夏,秋,冬 (2) - 夏
2013: 周老虎: 高尚也難
2012: New York @ San Antonio 8:30pm
2012: 今天總該贏老弱病殘的馬刺隊了吧。現在