[willstrafach]

Similar to the first "Vault 7" release, this is guidance related to spy tools. No mass surveillance or anything which appears to be unjust. These all require close-access exploitation, they are not remote, in fact most of the guidance specifically relates to these being designed for devices which are to be gifted to the targets.

[rfrank]

Yeah, that cache of zero days and all those DLLs aren't for mass surveillance. Ok. That's super duper believable.

[willstrafach]

I do not understand your response. You have not refuted my comment at all.

By design, a zero day cannot be reasonably used for mass surveillance. Every endpoint targeted increases the chance of discovery. This is how many would probably prefer to see a spy agency be operating; Focus on their specific targets instead of dragnet surveillance.

As for this specific release, it requires physical access (and a very outdated OS).

[rfrank]

Why should I believe the CIA isn't using its "targeted" tools on say, American ISPs or carriers, giving them access to a dragnet level of data through a single "targeted" attack? The CIA is not staffed by reasonable people, and I have 0 reason to trust they operate in good faith or with the best interest of anyone but their own organization in mind. Which they like to demonstrate by being consistently Caught In the Act influencing foreign elections, trafficking drugs, etc. Any tool they have will be abused.

[willstrafach]

I definitely am not trying to make you believe anything, nor am I defending any past actions of the CIA (I don't know enough about all that to have an opinion). My comment is only based on my own review of all documents released so far in Vault 7. All indications show that these tools are made for use on specific targets, applied on devices by a human operator or asset.

[rfrank]

It's very clear we have different ideological opinions on the actions of the CIA. The actions of US intelligence agencies over the last decade (at least) is absolutely disgusting.

[rfrank]

Replying here because I can't on your post.

If the CIA is able to use those zero days on systems which provide them access to larger sets of information, then what you're saying is objectively wrong.

https://www.sbir.gov/sbirsearch/detail/1203207. Like I said, differently ideology.

[willstrafach]

That may be the case. I was only replying to "that cache of zero days and all those DLLs aren't for mass surveillance" from your comment, again, due to the fact that zero days cannot be reasonably used for mass surveillance as it would drastically shorten their lifetime.

[mimi89999]

Infection of device on a supply chain isn't? Many people that aren't suspected of anything could end up with a backdoored device.

[willstrafach]

That is a very fair point, but I think WikiLeaks actually misunderstood that. I assume you are referencing this:

> Also included in this release is the manual for the CIA's "NightSkies 1.2" a "beacon/loader/implant tool" for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.

It seems that WikiLeaks has misunderstood the meaning of "factory fresh" in the manual. This simply means it is a new device. If you look at all the source documents, it appears that NightSkies was built under the user requirement that a CIA agent is in a position to gift a device to their target, pre-infected. Regardless of how one might feel about that practice, I think it is a big difference with regards to the "supply chain" phrasing because they mistakenly indicate that the infection would literally occur at the factory, and that is definitely not indicated in any of the documents.