设万维读者为首页 广告服务 联系我们 关于万维
简体 繁体 手机版
分类广告
版主:弯刀
万维读者网 > 竞技沙龙 > 帖子
曝光:奥巴马政府下的CIA怎样侵入你的手机的?
送交者: Mayi 2017年03月07日16:38:56 于 [竞技沙龙] 发送悄悄话
Photo
An iPhone streamed a Facebook Live feed of the lobby at Trump Tower in November. CreditDrew Angerer/Getty Images 

WikiLeaks on Tuesday released a significant cache of documents that it said came from a high-security network inside the Central Intelligence AgencyWikiLeaks called the documents Vault 7, and they lay out the capabilities of the agency’s global covert hacking program.

What is the C.I.A. program?

By the end of 2016, the C.I.A. program had 5,000 registered users, including government employees and contractors. And they had produced more than a thousand hacking systems. The agency’s arsenal, the documents indicate, included an array of malware ranging from viruses to clandestine “zero day” vulnerabilities in the software of major companies.

The files have circulated among former United States government hackers and contractors in “an unauthorized manner, one of whom provided WikiLeaks with portions of the archive,” WikiLeaks said.

WikiLeaks said it was publishing the documents while redacting and anonymizing some passages, including the names of “tens of thousands” of C.I.A. targets. WikiLeaks said it was not distributing “armed cyberweapons.”

Continue reading the main story

How vulnerable is my smartphone?

The software targeted by the hacking program included the most popular smartphone operating systems: Apple’s iOS and Google’s Android.

The C.I.A. hacking initiative had a “mobile devices branch,” which developed an array of attacks on popular smartphones to infect and extract data, including a user’s location, audio and text messages, and to covertly activate a phone’s camera and microphone.

Apple’s iPhone software, according to the documents, was a particular target, including the development of several “zero day” exploits — a term for attacking coding flaws the company would not have known about.

Though Apple has only 15 percent of the global smartphone market, the intensive C.I.A. effort was probably explained by the “popularity of the iPhone among social, political, diplomatic and business elites.”

Finding these vulnerabilities could in theory allow the spy agency to circumvent the kinds of security that stymied investigators who wanted to gain access to the password-protected iPhone of one of the attackers in the 2015 mass shooting in San Bernardino, Calif.

Google’s Android, the most widely used smartphone operating system, seemed to have received even more attention. By 2016, the C.I.A. had 24 weaponized Android “zero day” software programs.

Did the C.I.A. directly target encryption software?

The C.I.A. focused on smartphone operating systems in large part to intercept messages before they could be encrypted, according to the WikiLeaks documents. So by targeting the phone’s underlying software, the C.I.A. was looking to bypass the encryption of WhatsApp, Signal, Telegram, Weibo and other smartphone communications applications.

Were other kinds of devices targeted?

The C.I.A. also targeted Microsoft’s Windows personal computer software, other internet-connected computers, and home and industrial devices running the Linux operating system, according to the documents.

There was a specific program to penetrate and take control of Samsung smart TVs. The program, code-named Weeping Angel, was intended to convert new digital televisions into “covert microphones.” The malware was developed in cooperation with the British spy agency MI5, according to the documents.

The Weeping Angel program puts the target TV in a “fake off” mode, according to the WikiLeaks documents. Then, with the owner believing the TV is turned off, the set works as a clandestine recording device, picking up conversations in the room and sending them over the internet to a C.I.A. server computer.

And in October 2014, according to the documents, the C.I.A. was exploring technology to penetrate the vehicle control systems of cars. The documents do not detail the goal of the vehicle hacking program, but WikiLeaks speculated that it would “permit the C.I.A. to engage in nearly undetectable assassinations.”

Has encryption software changed how the C.I.A. behaves?

The leaked documents indicate that the broad use of encryption has pushed the C.I.A. to become one of the world’s foremost creators — and buyers — of malware. Much of the cache released by WikiLeaks appears to show how the agency has created or acquired a variety of tools to thwart tough encryption or intercept messages before encryption tools make them useless to the intelligence agency.

What is new about the C.I.A. program?

Using malware to hack into devices ranging from smartphones to webcams has been going on for years. Sometimes the intent is to steal information — like names, addresses and credit-card numbers for identity theft and fraud. Sometimes the goal seems to be to create havoc.

Last year, for example, household and commercial webcams and router computers were taken over and used as launching pads to create so-called denial-of-service attacks that clogged portions of the internet and interrupted service for hours for people in parts of the United States.

But the C.I.A. program seems to have been particularly sophisticated, far-reaching and focused on surveillance. Just how innovative the individual software techniques were will not be known until independent computer security experts and scientists at the companies whose software was probed can examine the malware and tactics involved.

What time period is covered by the documents?

WikiLeaks says the document dump will cover 2013 to 2016. The organization says this is the largest publication of intelligence documents in history.

If the documents are accurate, did the C.I.A. violate commitments made by President Barack Obama?

In 2010, the Obama administration promised to disclose newly discovered vulnerabilities to companies like Apple, Google and Microsoft. But the WikiLeaks documents indicate that the agency found security flaws, kept them secret and then used them for surveillance and intelligence gathering.

Why is it so hard to keep these cyberweapons under wraps?

Unlike nuclear weapons, which can be guarded and protected, cyberweapons are “just computer programs which can be pirated like any other,” WikiLeaks notes. “Since they are entirely comprised of information they can be copied quickly with no marginal cost.”

There is a growing black market dedicated to trading these weapons, and government agencies from around the world will pay well for their discovery.



0%(0)
0%(0)
标 题 (必选项):
内 容 (选填项):
实用资讯
回国机票$360起 | 商务舱省$200 | 全球最佳航空公司出炉:海航获五星
海外华人福利!在线看陈建斌《三叉戟》热血归回 豪情筑梦 高清免费看 无地区限制
一周点击热帖 更多>>
一周回复热帖
历史上的今天:回复热帖
2016: NBA:魔术vs勇士
2016: 女足赢了,白菜退了,其他的大家补充。
2015: 柴静太远,雾霾太复杂。谈点眼前简单的
2015: 俺家后院的冰川景观
2014: 马来西亚航空公司370航班在飞往北京的
2014: 打油虞美人 . 杀医伤护
2013: GNBQCMPY: 春,夏,秋,冬 (2) - 夏
2013: 周老虎: 高尚也难
2012: New York @ San Antonio 8:30pm
2012: 今天总该赢老弱病残的马刺队了吧。现在