WikiLeaks earlier this week revealed how the Central Intelligence Agency has developed the capabilities to spy on people who use Apple iPhones, devices based on the Google Android and Microsoft Windows operating systems, Samsung TVs, and other connected things. A couple days later Julian Assange announced he wants to help the tech community respond to the vulnerabilities the leak highlights.
"We have decided to work with them to give them some exclusive access to the additional technical details we have so fixes can be developed and then pushed out," the WikiLeaks founder and leader said during a press conference on Facebook. "Once this material is effectively disarmed by us we will publish additional details about what has been occurring."
However, Apple and Google have both said they’ve already addressed at least some of those vulnerabilities.
“Apple is deeply committed to safeguarding our customers' privacy and security,” Apple said in a comment issued Tuesday. “The technology built into today's iPhone represents the best data security available to consumers, and we're constantly working to keep it that way. Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system. While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities. We always urge customers to download the latest iOS to make sure they have the most recent security updates.”
Meanwhile, Heather Adkins, Google’s director of information security and privacy, told Recode: "As we’ve reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing, and we will implement any further necessary protections. We've always made security a top priority and we continue to invest in our defenses."
The WikiLeaks report has dominated headlines this week. That’s with good reason, as WikiLeaks says it’s the largest-ever publication of confidential CIA documents. And Assange said what his company has made public is just a small sampling of the information WikiLeaks has on hand.
WikiLeaks in a press release issued Tuesday explained that CIA has malware and hacking tools built by the Engineering Development Group. That’s a team within the Center for Cyber Intelligence, which is a department of the CIA’s Directorate for Digital Innovation.
“The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide,” according to WikiLeaks.
It went on to talk about something called Weeping Angel, which uses smart TVs to listen in on conversations. That attack, it added, was developed by the CIA in cooperation with the United Kingdom's MI5/BTSS.
“After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on,” WikiLeaks said. “In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.”
Meanwhile, WikiLeaks said the CIA's Mobile Devices Branch has developed the ability to hack many smartphones. As a result, those devices can be used to send the CIA that user’s audio and text communications and geolocation details, it indicated.
The CIA also has been working on hacks to vehicle control systems.
