Topic: Wikileaks
Wikileaks Could Still Release CIA Hacking Tool Code – USA Today (Mar 8, 2017)
Though the CIA leaks from Wikileaks earlier this week are worrisome in their scope and bad news for the vendors whose devices and platforms have been compromised, there’s at least some comfort in the knowledge that these tools have at least theoretically been subject to due process in the past. However, Wikileaks claims that it has the code for the hacking tools themselves and is debating releasing that code, which would make it available to any hacker who wanted to use it, dramatically increasing the potential for misuse for hacking regular individuals. Again, Apple has said (and Google also confirmed this evening finally) that most of the vulnerabilities have already been patched in recent versions of their respective software, so that should be some defense. But as I’ve said already this week, what a vindication of Apple’s refusal to cooperate with the FBI a year ago over hacking an iPhone.
via USA Today
No, WikiLeaks Didn’t Just Reveal That The Government Has Access To Your Secure Messaging Apps – BuzzFeed (Mar 7, 2017)
This is one of those stories where lots of publications are rushing to publish the most frightening headline without doing their reporting first, so kudos for BuzzFeed here for debunking right away one of the big tropes that’s doing the rounds. There’s nothing about secure messaging apps being compromised in the documents – rather, devices have allegedly been compromised, and of course once a device is compromised everything on it is too. However, even those claims of devices being broadly compromised are being disputed by some security experts – see here, for example. And Business Insider also argues that those on the latest version of iOS (79% on iOS 10 and another 16% on iOS 9) are safe from all the exploits listed. I suspect there will be lots more to come here, and as usual being on the latest version of Android is a lot harder than on iOS so the same protections don’t necessarily apply, but everyone should be trying to understand first, publish second when it comes to this data dump. And of course all this just reinforces arguments Apple and others have made about not trusting the government with back doors for encryption and the like.
via BuzzFeed