Wikileaks Vault7

[caf]

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner.

And this is the reason I have a problem with it.

 

[The Human Q-Tip]

And this is the reason I have a problem with it.

The problem is that the other side is going to do it anyway. I don't see eliminating our cyber capability as being a viable option, but we absolutely have to apply the same security considerations to that info that we apply to our nukes. You leak it, you go to jail for a very long time.

 

[caf]

The problem is that the other side is going to do it anyway. I don't see eliminating our cyber capability as being a viable option, but we absolutely have to apply the same security considerations to that info that we apply to our nukes. You leak it, you go to jail for a very long time.

Who is the other side though?

Recently General Flynn had a private conversation leaked to the press with the sole intention of dragging his name through the mud and forcing him to resign. This type of stuff is being weaponized domestically for purely partisan motives.

 

[The Human Q-Tip]

Who is the other side though?

Russia, China, North Korea, Iran, etc...

Recently General Flynn had a private conversation leaked to the press with the sole intention of dragging his name through the mud and forcing him to resign. This type of stuff is being weaponized domestically for purely partisan motives.

I know. That's exactly why people who leak or use this information other than for its intended purpose need to go to jail.

And again, I'm not advocating covering up misdeeds. But there are legitimate avenues to raise issues of concern, and the NYT is not one of them.

 

[-Akronite-]

And again, I'm not advocating covering up misdeeds. But there are legitimate avenues to raise issues of concern, and the NYT is not one of them.

The proper channels tend to have a way of blocking real change, no? What if someone voices a complaint and then, when the wrongdoing continues, they go to the press. They would know who did it immediately, right? I find the whole issue complex and have a difficult time taking a hard stance on whisteblowers, leakers, and hackers. Other than getting an asshat elected (not worth it but that's not a discussion for this thread), I am glad corruption was exposed in the DNC, for instance. And I'd say taking something to the American press is better than dumping to WikiLeaks and whatever their ulterior motives are.



So are they saying the CIA is misleading the DNC leaks with Russian fingerprints? Or that the CIA is using Russian fingerprints to shift blame for the destabilization of other countries/elections?

Or is this just general "shady" stuff that allows people to throw up their hands and say "we can't know for sure?" And is there verification for the validity of what's being claimed outside of it being WikiLeaks?

 

[The Human Q-Tip]

The proper channels tend to have a way of blocking real change, no?

Upon what is that based? Snowden didn't even try going to Congress first. Or to the IG, or to anyone else. It's tough to say change was "blocked" when he didn't even attempt it.

What if someone voices a complaint and then, when the wrongdoing continues, they go to the press. They would know who did it immediately, right?

Right, but the problem is there may be a shitload of collateral damage, including people getting killed. I'm not saying that going to the press is always wrong. I'm saying that going to them with dangerous information without first trying to report it to someone in Congress not aligned with a particular Administration is wrong.

So are they saying the CIA is misleading the DNC leaks with Russian fingerprints? Or that the CIA is using Russian fingerprints to shift blame for the destabilization of other countries/elections? Or is this just general "shady" stuff that allows people to throw up their hands and say "we can't know for sure?" And is there verification for the validity of what's being claimed outside of it being WikiLeaks?

Who the hell knows at this point....

 

[caf]

Russia, China, North Korea, Iran, etc...



I know. That's exactly why people who leak or use this information other than for its intended purpose need to go to jail.

And again, I'm not advocating covering up misdeeds. But there are legitimate avenues to raise issues of concern, and the NYT is not one of them.

I think your trust in the government is too high.

"Absolute power corrupts absolutely."

And that's what this is.

 

[The Human Q-Tip]

I think your trust in the government is too high.

"Absolute power corrupts absolutely." And that's what this is.

Okay -- so do you think that the people who dump things like this should be prosecuted, or not?

 

[CommD]

What is suprising is that anyone is still suprised...or shocked.

Blissful ignorance, where have you gone?

 

[caf]

Okay -- so do you think that the people who dump things like this should be prosecuted, or not?

I say not. There's no other realistic avenue to expose this information to the public.

I know you say the leakers should voice their concerns to their superiors. But these superiors have compromising information on them and the technological abilities to make their smart cars drive themselves off the road.

So who in their right mind would voice their concerns to their superiors?

 

[gourimoko]

One of the things exposed here is that the CIA found software vulnerabilities and instead of reporting the vulnerabilities to the OEM... Chose to exploit them.

That is something I just cannot get behind.

Why?

1) Software developers/publishers are not always responsive and often ask for unreasonable periods of time to not disclose exploits.
2) It's not the CIA's job to provide solutions to software developers/publishers that have security vulnerabilities in their software.
3) Almost all software has security vulnerabilities of varying severity.

The CIA's cyberterrorism and cyberwarfare sections are purposed with knowing how to exploit these attack surfaces. And it's important to note that the more you know the more capable you are of of utilizing flaws in foreign systems to your own advantage.

 

[The Human Q-Tip]

I say not. There's no other realistic avenue to expose this information to the public.

I know you say the leakers should voice their concerns to their superiors. But these superiors have compromising information on them and the technological abilities to make their smart cars drive themselves off the road. So who in their right mind would voice their concerns to their superiors?

Anyone who isn't paranoid, and who doesn't want to see innocent people hurt by information dumps that contain classified information. People died because of what Snowden did.

You've also ignored that there is the very clear option to go completely around their superiors, and go to a member of Congress from a party different from the one that controls the White House. Why isn't that a viable option?

And finally...I'm kind of in awe that you're lamenting how horrible all this damaging cyber warfare program/techniques are, but don't think the person who released them should be prosecuted. That's like giving a pass to someone who releases a biological weapon into the general population.

 

[CleveRocks]

If they signed an agreement not to divulge, then, yes they goto jail. But more likely, some dufus left his/her computer or a thumb drive out in the open..

Which is the problem with weaponizing viruses.. you need careful handling to control leaks. This is not that hard to manage.. who ever is in charge of security is an idiot..

 

[Tornicade]

I say not. There's no other realistic avenue to expose this information to the public.

I know you say the leakers should voice their concerns to their superiors. But these superiors have compromising information on them and the technological abilities to make their smart cars drive themselves off the road.

So who in their right mind would voice their concerns to their superiors?

the real question with whistelblowers is how long their concerns were ignored. internally

 

[The Human Q-Tip]

It's important to understand that this dump contains not only the fact that the CIA had this capability, but also the actual code that they used. Think about what that means.

1) WikiLeaks (and the leaker) have now given other governments, and generic hackers/thieves/bad guys/perverts, etc., the ability to do exactly what some folks are saying they don't want the CIA to do. It greatly multiplies the number of people who may invade our privacy, and makes all of us much less secure.

2) The average person lacks the ability to use this information to protect themselves. So, for most of us, this dump doesn't even have the offsetting advantage of making us even a little bit more secure.

3) Opposing governments and other sophisticated organizations (like some terrorist organizations) do have a greater ability to use this dump to protect themselves and/or modify their behaviors, to make effective surveillance less likely. In other words, this makes it much more difficult for our own government to get useful, actionable intelligence regarding bad people who actually mean to do us harm. For all we know, it may be the equivalent of telling the Nazis about Ultra, or the Japanese about Magic.

I cannot fathom the argument that this dump, and the person/people responsible for it, are actually a good thing.