|
Technically, there is absolutely nothing impressive whatsoever, in the archive released yesterday; I went through the entire thing. Relative to the Snowden leaks, the CIA tools look benign. The biggest difference between the two sets of leaks(and subsequent NSA revelations) however, is scale & automation. NSA's tools are built almost entirely by contractors. The 'hacking' tools are integrated with deployment tools, as well as data collection. For example, say I work for the NSA and I want to see Bob's desktop wallpaper. I already have some generic social network information, as well as ISP info on bob, and he has already been assigned a 'selector,' which I use to query Bob's information, which was gathered from all sorts of sources. Assuming I don't already have a RAT or similar installed on Bob's computer, a further step is required. The NSA has many redundant attacks entirely automated, and most of the massively successful attacks, require some sort of MITM attack. Schneier released a video(on October 26th 2016, I think - if not real close to that date,) of some sort of intelligence meeting he spoke at, with just a handful of people, where he claimed he was going to bring something to light that had not previously been revealed anywhere in public. He revealed that the majority of home routers in the U.S.(commonly believed to be the ones provided by ISP, which run a custom Linux distro, with half a dozen internal subnets, mine runs on Arris hardware, has full busy-box, and used to contain a root pivot script that was previously accessible via ssh, on an accidentally unsecured network interface, within an obscure IP range, whos shell login turned out to be the commonly available Arris rolling code('arris pw of the day?'). The embedded Linux running on the device is based on the "RDK project" as is the DVR's and modem/router combos from a variety of other ISP's. Supposedly this is patched(for arris) but I haven't attempted any further investigation since August 2016. I believe the backdoor was simply a poorly designed interface between the router and the technician GUI software.) Sorry for the unnecessary details, but I've already typed it out now. Schneier revealed that these routers(HE never specified which, but said they are everywhere), referred to by the NSA internally as 'diodes'. The diodes are used(automatically) to provide better proximity to other users, not necessarily the target, where the plethora of attacks are then executed from. The initial development costs are immensely greater than those of the CIA's, much easier and cheaper to use, by the lay person, and are more carefully controlled/depend on the system hosted by the NSA. While proximity attacks are not the only method of intrusion/full control, the next best, or perhaps better alternative is Acidfox, which is often delivered via email/browser, and requires user intervention. Clearly the NSA is leaps and bounds ahead of CIA in terms of sophistication, as well as control/oversight, as you can't just walk out the door with an archive containing 75% of their tools(they depend on infrastructure.) The CIA attacks depicted in the Wikileaks archive, almost all require manual intervention, are less reliable, and 'janky' as hell. The CIA has a record of using their tools for less than honorable/legal purposes(which may be further elaborated on, depending on what goes down with the Trump wiretaps,) either way, the CIA hacks seem like a waste of time and money (5000 employees at the consulate in Germany) and redundant. The CIA must be able to utilize the NSA's vastly superior technology/information after receiving a warrant, which makes the motives and means all the more suspicious. Who knows what will come out, but one thing is for certain, there will be a lot more information revealed pertaining to the illegal, unwarranted, for personal gain, sharing of their tools with ex employees and contractors, in the coming weeks. I could go on for ages on this stuff, but I usually just get instantly downvoted, and I'm not providing sources(as it's all from memory[pro memory,] but it's all easily duckduckgo-able [or google.]) There are certainly more sophisticated employees and programs at the CIA(obviously), but I have a feeling that the shindig over in Germany consists mostly of this sort of thing, cheaper, younger, less experienced kids, copy & pasting junk together, customized and deployed on a case by case basis. I also have a feeling that the reasons Obama set that up, is going to be an interesting narrative which we will soon watch unfold. (hint: 7th floor group; aka 'shadow government') P.S. I refuse to go back and grammar check this monstrosity. Edit: Maybe someone can answer this question for me.. So from the Snowden leaks, we know the extent of the NSA toolkits and the requirements which need to be met to utilize them. Now we know some of the CIA's capabilities, and after Apple refused to unlock the San Bernardino Shooter's iPhone, we found out the FBI was playing some sort of politics, by claiming that justice might not be served without Apple's intervention, and proceeded to publicly shame the ethical position Apple took. So why on earth was Obama trying to force Apple's hand in that matter? Soon as Apple said no, the FBI somehow found the single magical person willing and able to defeat the privately enhanced security of the shooter's 5S? Makes no sense to me. |
The most interesting tool I found in the leaks was the bug that jumps airgap to make Nero burn trojaned binaries. If we see more tools like this come out of the woodwork, it shows that the CIA is at least in some ways keeping their teeth sharp.
I believe that the FBI and Obama both played politics for a few reasons, namely:
- Obama and the FBI probably withheld a reasonable amount of information from each other regarding the case
- This was all a charade to bring the topic into the public sphere. It backfired, but the aim was to allow future high-profile cases on which concurrent evidence trails are harder to establish. Once it backfired, Comey came out with a public letter admonishing the American people, comparing us to children. He stated that with Rule 41 coming into effect, the FBI would use its expanded powers to collect information for the following year. They would then use that information in an upcoming "adult conversation" the FBI wishes to have with the public about the future of open, libre encryption.
We should be expecting that "conversation" to take place this year. And I don't expect it to be much of a dialogue so much as a monologue. I expect the FBI to either directly or indirectly (thru Wikileaks, etc) release information that "proves" that backdoored encryption and its inherent reduced security is necessary for public safety. There is a saying we all know and love about the merits of this particular trade-off
I'm certain the FBI always had that contact on standby. They probably received multiple unprompted bids from various hacking companies during the public run of the case. They wanted to flex how much pull they had over a giant like Apple. Even though they seemingly failed, they came out with a huge data point: The American people need further brainwashing and ideological shifting before attempting a full coup over libre encryption in America.
I hope that things make a little more sense now.