Okay, so maybe Big Brother is watching you.
It turns out that even apps like WhatsApp, Signal, Confide, and Telegram, which are all seen as strong for privacy and encryption, are vulnerable to hacking. In a disturbing new revelation, we are learning that hackers may have the capability of capturing audio and messaging date before the encryption takes place.
Can you hear me now? (Yes.)
In what may become the largest release of top-secret CIA information, WikiLeaks just released 8,761 documents and files that detail the agency’s extensive hacking tools. This initial data dump, referred to as Year Zero, is the first installment in what is being nicknamed Vault 7. If WikiLeaks’ assertions are Vault 7 are correct, the release would be a greater amount of information than gleaned from Edward Snowden.
While the CIA has not confirmed Vault 7’s authenticity, it has not currently issued a denial of its veracity. We also do not know if the stockpile derived from a former CIA employee or contractor, it whether Vault 7 itself derives from hacking by a foreign government.
WikiLeaks has released less than 1% of its #Vault7 series in its part one publication yesterday ‘Year Zero’.
— WikiLeaks (@wikileaks) March 8, 2017
Vault 7 is showing us just how vulnerable we are to hacking.
The long-term ramification from this latest WikiLeaks revelation could be an erosion of faith that our popular tech tools are secure. Whether it be using an iPhone or watching a show on a smart tv, we may become more skeptical that our tools are not being used against us.
There has been a low-running tension between consumers, the government, and the tech industry. Each group has their own interests, and they are often at odds.
The general public has a desire not to be hacked, and the government has a desire for hackable tech. The tech industry has a desire to make money, which typically involves ensuring consumers that their products will not be hacked.
Imagine a world where the actual CIA spends its time figuring out how to spy on you through your TV. That’s today. https://t.co/dQHBrsyIoI
— Edward Snowden (@Snowden) March 7, 2017
This initial release by WikiLeaks showcases the tremendous amount of resources that the CIA has put into ensuring that our popular devices, whether they be Android or Apple, have certain back-door vulnerabilities. While it is generally understood that the government works with major tech companies to notify the company when a vulnerability has been found, this data dump by WikiLeaks implies that the CIA is not only not telling companies about vulnerabilities, but has also been actively pursuing to find and purchase additional flaws.
“Governments should be safeguarding the digital privacy and security of their citizens, but these alleged actions by the CIA do just the opposite. Weaponising everyday products such as TVs and smartphones – and failing to disclose vulnerabilities to manufacturers – is dangerous and short-sighted.” -Craig Fagan, policy director for the World Wide Web Foundation (speaking to the BBC)
The problem, of course, is what happens when bad actors exploit vulnerability flaws? The initial release of Vault 7 (Year One) seems to represent a playbook of sorts. That playbook is now out of the proverbial locker room.
“Those vulnerabilities will be exploited not just by our security agencies, but by hackers and governments around the world. Patching security holes immediately, not stockpiling them, is the best way to make everyone’s digital life safer.”-Ben Wizner, director of the American Civil Liberties Union’s Speech, Privacy, and Technology Project, speaking to The New York Times
While companies like Apple are already asserted that they have patched the problems listed in WikiLeaks, it is our faith that our products are secure that may be more difficult to fix.