Where do you think the government should draw the line between the privacy of its citizens and national security? This has been an ongoing sensitive topic since the attacks on 9/11.
You might remember the heated legal battle last year when the FBI wanted Apple to help break into a suspected terrorist's iPhone. The lawsuit was dropped when the FBI found a way to break into the phone without Apple's assistance. Now, we're learning about hacking techniques that the CIA is allegedly using to spy on people.
How the CIA could be spying on you
What we're talking about is a massive set of documents released by WikiLeaks that expose hacking capabilities of the CIA. There are over 8,700 documents and files that are said to have been taken from CIA headquarters in Langley, Virginia. These documents illustrate several hacking tools and exploits.
The files describe many exploits for both Android and iOS gadgets, although the Android exploits appear to have been more successful. The government allegedly uses these exploits to break into users' gadgets such as computers, smartphones, smart cars and smart TVs. The documents detail secret methods for defeating antivirus tools, encryption and other security measures intended to keep your information private.
It seems that the government is using these practices to extract credentials or browser history. Not only that but they are able to turn your smart TV into a listening device. Click here to read a more in-depth description of how this exploit works and how to stop it from happening to you.
One of the exploits listed in the documents is named "Weeping Angel." Here is a list of things the Weeping Angel exploit can do:
- Extract browser credentials or history
- Extract WPA/Wi-Fi credentials
- Insert Root CA (Covert Action) cert to facilitate MitM of browser, remote access, or Adobe application
- Investigate the Remote Access feature
- Investigate any listening ports and their respective services
- Attempt to override/etc/hosts for blocking Samsung updates without DNS query and iptables
- Add ntpclient update calls to startup scripts to sync implant's system time for accurate audio collection timestamps
What this document release means to you
The government's attempt in finding ways to spy on you is nothing new. As we said earlier, national security has been extra tight trying to prevent terror attacks. However, WikiLeaks releasing these documents opens up another huge can of worms.
Publishing the CIA's entire library of hacking tools, showing all of the ways to do it, opens the door for anyone to use the exploits. Hundreds of thousands of criminals, mischievous kids and hackers from around the world all have the ability to raid any gadget owned by anyone they choose.
This is not good. Handing over hacking tools to everyone in the world is dangerous. WikiLeaks claims to be protecting average people, but it is most definitely not!