- Jan 26, 2016
- 150
They were most likely being satirical (considering he is wearing a tin foil hat), but many things they have talked about for years are now coming to fruition.
Last edited:
Vault 7 wikileaks docs hint cia could bypass 21 security products
- Thread starter Solarquest
- Start date
Nonsense is a real problem in that it gets turned into fear-mongering. It becomes an irrational IT security paranoia that further feeds the nonsense.
Last edited by a moderator:
Agreed. I think people need to keep in mind that this Vault 7 stuff pretty much only consists of highly targeted surveillance techniques, not the mass surveillance the NSA is credited for. The CIA aren't turning every smart TV on the planet into a bug and they're not actively using this stuff on the general population.
These exploits and bypasses don't come cheap and they aren't going to waste them on someone who torrented a Game of Thrones episode that one time. If you're not part of some scary criminal organisation (gang, cartel, terrorist organisation, etc.), a highly sought after criminal or a spook from an enemy nation state I doubt anybody has much to fear from any of this.
- Jan 26, 2016
- 150
My mistake I should have said alleged since I haven't been able to go through all 7800+ pages personally of only 1% (WikiLeaks on Twitter) of all documents WL currently has, but the majority of Windows hacks are currently labeled as "secret" at the moment: CIA hacking tools targeting Windows
But considering Kim Dotcom and Julian Assange are boys this has some credibility and maybe he knows something that might not have been released yet (as he has been proven correct on prior predictions..not trying to get political but he said early in 2016“Julian Assange is going to be Hillary Clinton’s worst nightmare.”):
Kim Dotcom on Twitter
- Oct 1, 2015
- 183
Why wouldn't it be safe? It isn't pushing out malware. Intelligence agencies monitor who visits it apparently but I don't know why anyone would care about that.
- Jan 26, 2016
- 150
I don't have time to find it now as I need to go to sleep, but the vast majority if not all of hacking techniques/exploits have not been released and are marked "secret" until further notice. These are just basic overviews.
Probably for the best. Wouldn't want this stuff to fall into the hands of blackhats.
- Nov 19, 2014
- 2,350
Luckily i found this video that shows you how to detect if you are vulnerable.
- Jan 26, 2016
- 150
Unfortunately it already has: The CIA just lost control of its hacking arsenal. Here’s what you need to know.
- Jan 26, 2016
- 150
- Apr 13, 2013
- 3,224
In an attempt to cut down any paranoia please consider the following (I can only speak to a certain Government, but I'm sure all are pretty much the same):
1). The Government itself is not in the business of finding exploits. These are acquired from 3rd party companies. Although such an acquisition may be done for a single product ("Hey, you guys wanna buy a backdoor for Product X"), primarily there are contracts in place that whatever new exploit the Contractor finds will be given to the Client pursuant to that contract. So just because the Client will have an exploit for Meghan's Magic AV does not mean that they ever wanted it or will ever use it.
2). Every time some exploit is used will increase the chance of discovery. So such attacks will be used both rarely and expeditiously against a high profile targets that constitute a Clear and Present danger. No one cares about the typical user (so all your selfies and pirated mp3's are safe).
3). In order to use such stuff effectively one must first be aware on the specific software that exists on the Target's system to be exploited (it's not like a package of 10 or 20 will be shotgunned out hoping that one will stick!); so other things must be in place before use.
4). Blackhats already have things that are far cheaper and easier to code that will yield a breach- Scriptors coded by some pre-pubescent BH wannabe that can scrape data for financial gain already exist.
5). Those that will gleefully toss a bomb into the Club where you and your friends go must be laughing their asses off about this.
1). The Government itself is not in the business of finding exploits. These are acquired from 3rd party companies. Although such an acquisition may be done for a single product ("Hey, you guys wanna buy a backdoor for Product X"), primarily there are contracts in place that whatever new exploit the Contractor finds will be given to the Client pursuant to that contract. So just because the Client will have an exploit for Meghan's Magic AV does not mean that they ever wanted it or will ever use it.
2). Every time some exploit is used will increase the chance of discovery. So such attacks will be used both rarely and expeditiously against a high profile targets that constitute a Clear and Present danger. No one cares about the typical user (so all your selfies and pirated mp3's are safe).
3). In order to use such stuff effectively one must first be aware on the specific software that exists on the Target's system to be exploited (it's not like a package of 10 or 20 will be shotgunned out hoping that one will stick!); so other things must be in place before use.
4). Blackhats already have things that are far cheaper and easier to code that will yield a breach- Scriptors coded by some pre-pubescent BH wannabe that can scrape data for financial gain already exist.
5). Those that will gleefully toss a bomb into the Club where you and your friends go must be laughing their asses off about this.
- Mar 9, 2017
- 50
Guys in ESET you can change advanced settings to detect "most" of those exploits.. Using and configuring HIPS interactive mode too. And blocking USB devices by default. Requiring pw in eset. Not using admin on Windows. Though some will hurt the performance of the PC if its slow. Another reason why I switched back to eset from bitdefender. Also using ANTI EXECUTABLE to lock PC should mitigate a lot of these. The government uses them.
- Feb 13, 2017
- 1,486
If you are afraid for your safety, it is more likely to suffer an attack of phishing or ransomware, or responding to a mail address of an nigerian man that offers you a large sum of money.
Surely a positive consequence of the revelations is that now, the companies that produce hardware and software know about these flaws kept hidden, and maybe correcting them.
At the same time, the publication of documents by Wikileaks has revealed a security issue in general: is it right that a government discovered secret security flaws in consumer products taking advantage of them, instead of informing the manufacturers and to correct them ? It is true that knowing these flaws confers an advantage in the fight against terrorism and in counter-espionage, but at the same time this compromises the safety of citizens and infrastructure that the government is obliged to protect.
Surely a positive consequence of the revelations is that now, the companies that produce hardware and software know about these flaws kept hidden, and maybe correcting them.
At the same time, the publication of documents by Wikileaks has revealed a security issue in general: is it right that a government discovered secret security flaws in consumer products taking advantage of them, instead of informing the manufacturers and to correct them ? It is true that knowing these flaws confers an advantage in the fight against terrorism and in counter-espionage, but at the same time this compromises the safety of citizens and infrastructure that the government is obliged to protect.
Yes it is in my point of view. Not the job of any intel agency to warn the manufacturers about vulnerabilities (especially if the vendor is a foreign one), their job is to use those flaws as a mean to get infos.
Intelligence agencies have to keep the methods they use to get their informations secret, if not what the point of having intelligence? let them google for it...?
Just read this article ; News from The Associated Press WHAT THE CIA THINKS OF YOUR ANTI-VIRUS PROGRAM
Like I said in the other thread this just makes multi-layered security a necessity.
Good news is Julian Assange Says WikiLeaks Will Share CIA Code With Tech Companies
It looks like the the tech companies will be able to fix these vulnerabilities.
Like I said in the other thread this just makes multi-layered security a necessity.
Good news is Julian Assange Says WikiLeaks Will Share CIA Code With Tech Companies
It looks like the the tech companies will be able to fix these vulnerabilities.
Last edited:
Similar threads
