- Apr 21, 2016
- 4,370
Google claims that it has already fixed many of the vulnerabilities discussed in the WikiLeaks Vault 7 revelations regarding the extensive hacking capabilities of the CIA.
According to the huge file dump from WikiLeaks, in which alleged CIA documents containing lists of vulnerabilities in popular tech products, including Google's Android and Apple's iOS, CIA's hackers discovered zero-day vulnerabilities, exploited them, and managed to get into targeted phones, bypassing encryption settings set into various messaging apps and so on.
"As we've reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing, and we will implement any further necessary protections. We've always made security a top priority, and we continue to invest in our defenses," came Google's statement via Heather Adkins, director of information security and privacy.
Given Google's statement, we can assume that some of the bugs the CIA is exploiting haven't been fixed or Google has no idea what they are, and that's normal. In fact, it's because of instances such as this one that Google and other companies have demanded that the intelligence agencies of the United States immediately report zero-day vulnerabilities they discover. Keeping them locked up and exploiting them for their own game puts millions upon millions of people at risk. After all, if one hacker managed to find the security hole, others may as well, others that have even more nefarious purposes.
Read more: Google: We've Already Fixed Most Bugs Exposed in WikiLeaks' Vault 7 Files
According to the huge file dump from WikiLeaks, in which alleged CIA documents containing lists of vulnerabilities in popular tech products, including Google's Android and Apple's iOS, CIA's hackers discovered zero-day vulnerabilities, exploited them, and managed to get into targeted phones, bypassing encryption settings set into various messaging apps and so on.
"As we've reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing, and we will implement any further necessary protections. We've always made security a top priority, and we continue to invest in our defenses," came Google's statement via Heather Adkins, director of information security and privacy.
Given Google's statement, we can assume that some of the bugs the CIA is exploiting haven't been fixed or Google has no idea what they are, and that's normal. In fact, it's because of instances such as this one that Google and other companies have demanded that the intelligence agencies of the United States immediately report zero-day vulnerabilities they discover. Keeping them locked up and exploiting them for their own game puts millions upon millions of people at risk. After all, if one hacker managed to find the security hole, others may as well, others that have even more nefarious purposes.
Read more: Google: We've Already Fixed Most Bugs Exposed in WikiLeaks' Vault 7 Files
