Government Intentionally Creates Digital Vulnerabilities, then Intentionally Leaves Them Open … Leaving Us Exposed and Insecure

George Washington's picture

 

We’ve previously documented that U.S. intelligence agencies are opening us up to hackers, malware and spying by bad guys.

Specifically, American spy agencies have intentionally weakened digital security for many decades. This breaks the functionality of our computers and of the Internet. It reduces functionality and reduces security by – for example – creating backdoors that malicious hackers can get through.

It also causes "incalculable" economic damage.

Yesterday, Wikileaks published leaked CIA documents which show how bad the problem is …

The Independent reports:

CIA had “lost control of its arsenal” … That included a range of software and exploits that if real could allow unparalleled control of computers around the world.

 

***

 

It includes software that could allow people to take control of the most popular consumer electronics products used today, claimed WikiLeaks.

 

“‘Year Zero’ introduces the scope and direction of the CIA’s global covert hacking program, its malware arsenal and dozens of “zero day” weaponized exploits against a wide range of U.S. and European company products, include Apple’s iPhone, Google’s Android and Microsoft’s Windows and even Samsung TVs, which are turned into covert microphones,” the organisation said in a release.

Edward Snowden comments:

If you’re writing about the CIA/@ story, here’s the big deal: first public evidence USG secretly paying to keep US software unsafe.

 


What makes this look real?
Program & office names, such as the JQJ (IOC) crypt series, are real. Only a cleared insider could know them.


If you're writing about the CIA/@Wikileaks story, here's the big deal: first public evidence USG secretly paying to keep US software unsafe. pic.twitter.com/kYi0NC2mOp


View image on Twitter

 

The CIA reports show the USG developing vulnerabilities in US products, then intentionally keeping the holes open. Reckless beyond words.

 


If you're writing about the CIA/@Wikileaks story, here's the big deal: first public evidence USG secretly paying to keep US software unsafe. pic.twitter.com/kYi0NC2mOp


The CIA reports show the USG developing vulnerabilities in US products, then intentionally keeping the holes open. Reckless beyond words.

 

Why is this dangerous? Because until closed, any hacker can use the security hole the CIA left open to break into any iPhone in the world.

 


Why is this dangerous? Because until closed, any hacker can use the security hole the CIA left open to break into any iPhone in the world. https://twitter.com/Snowden/status/839171129331830784 

 

 

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
aardvarkk's picture

You know, this leak might actually be a really great thing.  Up until now, everybody just sort of adopted Apple or MS or Google by default.  There used to be a wealth of OSes out there to choose from and they all got consolidated into a very few.  The USG then was able to make deals with those to leave back doors open and so forth.

But now with this bullshit blown wide open, people have a real reason to go back to smaller players in the market.  This is a major reason to look at something like Ubuntu or other variants of Linux, and it's a major motivation for developers to come up with new stuff that is untainted by .gov.  Interesting opening for the right type of entrepreneur to get into the game.

This also suggests that security will vault way ahead of convenience or features as a priority for buying.  Interesting times.

JailBanksters's picture

The only way to keep you safe from Terrorist is to have all your electronic devices insure to hackers.

Unfortunately this argument does not work for the Military.

BuckWild's picture

One item I think eveyone is forgetting about. If your in one of the Nations that the CIA has done this to. Do you want to let any American travel to your country, knowing full well that they might be a CIA spy arriving to hack and infect your secure systems?

VWAndy's picture

 You might be able to stop some punks doing kids stuff. But against the intell gang? Fat chance. We are talking overlapping redundancy. They might have to my count six open mics right here in my front room now.

Chupacabra-322's picture

The National Security Elimination Act of 2017.

Well over do.

The Deep State comprises of the following Criminal Entites as per Kevin Shipp Former CIA Officer Anti-Terrorism Specialist.

CIA
NSA
DOJ
FBI
DHS
DOD
DOS
IRS
EPA
NOAA
NWS

Effective immediately defund, Eliminate & Supeona it's Agents, Officials & Dept. Heads. in regard to the Mass Surveillance Global Espionage Spying network & monitoring of a President Elect by aforementioned Agencies & former President Obama, AG Lynch & James Clapper.

BuckWild's picture

It is said there are 19 intel agencies shouldnt we get rid of all of them?

VWAndy's picture

 No disbanding them until we see all the files. Then we hang um high.

SHRAGS's picture

For fellow linux users, the switch to systemd and the security holes introduced by develoopers alonmg the way by Red Hat has been well documented by Ignorant Guru https://igurublog.wordpress.com/?s=systemd .  Who is a large contracter to the NSA? Red Hat of course.

Poul Henning-Kamp also gives an excellent general overview of how software and protocols have been deliberately weakened over the last 30 years or so: NSA operation ORCHESTRA Annual Status Report https://youtu.be/fwcl17Q0bpk - slidepack http://phk.freebsd.dk/_downloads/FOSDEM_2014.pdf

 Compiler attacks to add back doors were demonstrated back in the 70's by Ken Thompson  Reflections on Trusting Trust https://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html

Bottom line, every piece of software & network protocol are deliberatley defective by design.  There is no such thing as "safe computing", and the truth be told, there probably never was.

DuneCreature's picture

Thanks for the links, SHRAGS.

Stuff I have suspected for a while now.

Billions and billions of free money buys Ass Wipes Inc a lot of 'friends'.

Live Hard, Lizards Need Love Too, Die Free

~ DC v5.0

GreatUncle's picture

Don't trust any digital communications anymore ... toooooooooo risky!

Until the manufacturers start using open source so it can be scrutinised it is going to stay that way too.

SHRAGS's picture

Open source won't save you, see below

DelusionalGrandeur's picture

Is there a recent word limit on articles? I mean come on....

roadhazard's picture

Trump will fix that....

ALANBEEKMAN's picture

I can only hope that 'draining the swamp'

includes these asswipes at the Central

Incompetance Agency.

FoggyWorld's picture

Doesn't look that way.   Neither he nor Hillary were asked at any debate about the weak security systems and their intrusion on ordinary citizens' lives.  

So last weekend Trump was upset because he found out that he was tapped.   No mention has been made at all by this Administration of cleaning up this part of the swamp.   it's all about him and we have to let him know that we count, too, and want this snooping to end.

DuneCreature's picture

Don't forget they can plant things on your devices too.

I have dealt with 'planted digital evidence' four times in the last ten years. .... In each instance no one could figure out how the items got onto their drives. ...... We knew but we didn't. .... We know now.

Live Hard, What Goes Out Can Come In Too, Beware, Die Free

~ DC v5.0

Chupacabra-322's picture

@ Dune,

Exactly! William Binney has been interviewed & explains the technique of "Parallel Construction."

A very effective tool used to Neutralize an adversary. Very effective when complete Elimination of said target is unrealistic or not worth pursuing. Perception though deception is rather useful to these Scum Fuck Spooks.

DuneCreature's picture

Have you seen the shirt pocket sized Sting Ray device?

Well, it does a LOT more than intercept and record (Auto records a BUNCH of numbers). It can save shit to a connected phone drive, all under the radar. .....

What does that mean? ..That means any state trooper sitting on the side of the highway can spot your daughter or wife going down the highway yakking on her phone and 'stealth call' her phone back up, right during her phone conversation, and plant his dick pics on her phone drive with the text message that says "Here's my pic and my number, give me a call we need to get together or I tell your dad what's on your phone. Oh, BTW I'm a cop, so if you report this you will be laughed at, so don't." ... It can probably make that message auto delete too.

That function of Ray will never be abused, of course.

Live Hard, I Hope I Didn't Just Give Barney Any New Ideas, Die Free

~ DC v5.0

WillyGroper's picture

make you a nice carrying case with aluminum screen wire & put it in a tin.

VWAndy's picture

 Having your business phone sending the dissconected message is pretty slick. Most people would never know.

PoasterToaster's picture
PoasterToaster (not verified) Mar 8, 2017 2:54 PM

This is their idea of job security.

Buck Johnson's picture

And hackers have been taking advantage of this for years.  The US govt. think that others can't figure out thes exploits and/or be more intelligent than them, wrong.  And you know that somewhere on the darknet (I want to find it if possible but I wouldn't know  where) someone has a copy of all the NSA's devices and then some software wise that is available.  Essentially that makes that hacker into the NSA by himself. 

FoggyWorld's picture

And so have the manufacturers and telcos who have just gone along for the ride.

PurpleNIRPle's picture
PurpleNIRPle (not verified) Mar 8, 2017 2:45 PM

WIKILEAKS VAULT 7 IS THE PROOF DONALD TRUMP HAS THAT HE WAS WIRETAPPED:

 

https://www.youtube.com/watch?v=RVp1xT78PUY&index=16&list=PLz5bXc3GZwmzP...

Dabooda's picture

The CIA can not only hack into anything -- they can download any "evidence" they want onto your phone or computer.  Child pornography, national secrets, you name it.  Then they can blackmail you, threatening prosecution for whatever crap they have planted, then "found" on your computer.    They can also "spoof" the source of such downloads -- for instance, if they want to "prove" that something on your computer (or Donald Trump's computer) came from a "Russian source"  -- they can spoof the IP address of a Russian source.

The take-away:  no digital evidence the CIA or NSA produces on any subject whatsoever can be trusted.  No digital evidence should be acceptable in any case where the government has an interest, because they have the complete ability to fabricate and implant any evidence on any iphone or computer.  And worse:  they have intentionally created these digital vulnerabilities and pushed them onto the whole world via Microsoft and Google.     Government has long been at war with liberty, claiming that we need to give up liberty to be secure.  Now we learn that they have been deliberately sabotaging our security, in order to augment their own power.  Time to shut down the CIA and all the other spy agencies.  They're not keeping us free OR secure, and they're doing it deliberately.  Their main function nowadays seems to be lying us into wars against countries that never attacked us, and had no plans to do so.