Jump to content
Not connected, Your IP: 216.73.216.47

Recommended Posts

I suggest we all take a very strong look at what has been released in this vault, and any information to follow it.

 

http://heavy.com/news/2017/03/wikileaks-vault-7-vault7-file-download-clinton-obama-trump-assange-what-is/

 

https://wikileaks.org/ciav7p1/

 

https://twitter.com/wikileaks/status/838910359994056704

 

It's going to get good ladies and gentlemen

 

Please post any thoughts/discoveries etc. down bellow

 

PS: If you download the file, it may be unlocked in 7zip with the passphrase "SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds" Without quotations.

 

Final.gif

Share this post


Link to post

Technically it seems rather easy to detect abnormal operating system or driver code or app code and capture a trace of its execution. And then reverse engineer to analyse the algorithms.

So it seems reasonable to expect that these sort of "agents" can be detected and captured by other national security agencies in Russia, China, India, UK etc, and that they can honeypot and "pirate" from each other.

In addition, "white hat" commercial security staff may find these things, and be tempted by a big money deal on the "dark market". As well as the usual "russian hacker" gangs after new tricks.

A cocaine import/distro gang in Sydney was busted by an undercover agent, but in court evidence they only discussed "business" by all stripping down to swimming briefs and swimming out into the harbor to avoid "bugs".

Share this post


Link to post

One thing that particularly concerns me, is that this dump has proven for a fact that every operating system we currently know of is compromised.

 

The list included Windows, Linux, OSX, Android and iOS.

 

It would be safe to assume most if not all variations of these operating systems, including those deriving from Linux are also compromised in some way.

 

So it leaves the question, if they are all compromised, and every Anti-Virus program is bypassed, then how can we protect ourselves?

 

It will cease to matter if you are using a VPN or Tor if every machine is simply compromised at its core.

 

Would it be too unthinkable to hope that the same forces that gave us Tor and VPN's would act to provide us with secure operating systems? TAILS and Qubes already exist, although i have difficulty believing they are sufficient given the latest revelations.

 

One other thing that should be mentioned is that while we have alternatives for PC's, no alternative more secure OS options currently exist to my knowledge for Android and iOS devices, and their vulnerability is even more critical given their portability and access to information.

 

I for one am infuriated that these organizations have been developing these tools and exploits. If the CIA and FBI and NSA should be doing anything, it's making American cyber infrastructure for both private and government uses more secure than ever before, not more vulnerable. By weakening us, they have weakened themselves in their never ending lust for a 1984 Orwellian future where they could have complete control.

 

In their supposed effort to strengthen the fight on terrorism, they have brittled the American digital backbone, which is becoming evermore critical to maintaining our way of life.

Share this post


Link to post

I normally use GNU/Linux in a read-only pendrive. If I am hacked while I´m using it, when I reboot I should be hacked again and again. I think it´s better this way, and of course using AirVPN+Tor with it. Or use Tails.

Share this post


Link to post

I normally use GNU/Linux in a read-only pendrive. If I am hacked while I´m using it, when I reboot I should be hacked again and again. I think it´s better this way, and of course using AirVPN+Tor with it. Or use Tails.

Its becoming increasingly apparent that such a setup is required to maintain any form of privacy and security. I have already played with the idea of switching to Linux, but these reports have proven that it simply will not suffice.

 

It would seem a read-only setup with AIRVPN and/or Tor may be one of the only feasible methods to stay safe with this level of system exploitation and surveillance.

Share this post


Link to post

I have no interest in leaked documents. They can and half the time are in fact false. So I have but one single question.

 

What part of Linux is compromised? If you cannot answer this, then I would say the odds are against it being truly compromised.

 

And Linux as a whole? I would plainly laugh if anyone claimed that. There are hundreds of *Active* distributions of Linux right now. Not to mention the fact that pretty much each and every piece of software in most of them can be swapped out for another, and that upwards of 99% is open sourced.

 

I am surprised Apple is not throwing a raging hissy fit right now. They like to pretend that iOS is perfectly safe in absolutely every situation, even as bugs are discovered.

 

Windows on the other hand has no concern. It was never secure, and they still have a crazy market share.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

So far the Linux documents only mention Linux in the context of Android, Embedded routers (Mikrotik), Smart cars, Smart TVs (Samsung).

All those documents are available, the documents about a desktop Linux, which they call DanceFloor, are not (yet?) released.

Linux as a whole is not an existing term - since Linux is a LEGO for building gazillions of systems.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

"desktop Linux ... DanceFloor, are not (yet?) released."

Or common server deployments for web server, database server, authentication server, ...

Unlike desktop interactive usage, as well of the scope and sensitivity of "more secured" data, here processes are long running under a single uid, and often have additional privileges to access other internal resources.

So vast potential impact if operational exploits are released (Julian Assange could ask for a loan of Airforce One to fly him to wherever with the OrangeATang as hostage in the Bourne franchise version)

One case study of Linux vulnerability would be the Heartbleed bug, the last I can remember was an exploit in a little used image format that was in many distros, but could be attacked with email/message attachments or malicious website url or malvertisment.

So separate issues for kernel vs configured libraries vs available executables.

Share this post


Link to post

Yeah. OpenSSL was patched to fix that little gem within a few days of the bug being reported.

 

I do not think any part of Linux is a real risk, unless you install and use spyware like Google Chrome.

 

Stick to safe and reliable stuff and you have no fear. (And by "safe and reliable" I mean nothing at all on Windows.)


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

"desktop Linux ... DanceFloor, are not (yet?) released."

Or common server deployments for web server, database server, authentication server, ...

Unlike desktop interactive usage, as well of the scope and sensitivity of "more secured" data, here processes are long running under a single uid, and often have additional privileges to access other internal resources.

So vast potential impact if operational exploits are released (Julian Assange could ask for a loan of Airforce One to fly him to wherever with the OrangeATang as hostage in the Bourne franchise version)

One case study of Linux vulnerability would be the Heartbleed bug, the last I can remember was an exploit in a little used image format that was in many distros, but could be attacked with email/message attachments or malicious website url or malvertisment.

So separate issues for kernel vs configured libraries vs available executables.

 

You will be surprised but thats not what CIA are after mainly, Big data and collections are NSA.

CIA are after individuals, that's why you will see this remarkable "person" based tool base in their arsenal rather than NSA's mass collection.

Servers and other things they will get with the shared cooperation plan anyway. So Linux servers are "safe" from CIA. Safe in terms of NSA will

get them first, don't get this statement wrong.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

How does this relate to VPN's specifically?  Odds are, they have a tool to penetrate these?  I have only briefly perused the documents so far and have seen nothing relating specifically to the use of VPNs by individuals.  ( It's probably a safe bet to assume they have little to no interest in persons using VPNs for protection while bittorrenting or streaming pirate media - but, then again, these agencies see people as tools.  The purpose of mass surveillance in my opinion is to have something on everyone, to have as many persons as possible in ones "backpocket" so to speak, as possible. )

 

 

Share this post


Link to post

What part of Linux is compromised? If you cannot answer this, then I would say the odds are against it being truly compromised.

 

I wouldn´t be surprised if it´s the kernel (linux) itself and it wouldn´t be the first time.

Share this post


Link to post

I am not up to speed on hardened Linux kernels with hardware support, but the "classic" Unix/Linux ran drivers for peripherals in a general kernel space memory map and privilege level. So closed source drivers and privileged utilities which are still complained about with nVidia graphics for example, along with refusal to document hardware/firmware for alternative opensource, are a threat.

Was not there a "bust" of a US vendor of disk drives with a backdoor in the firmware of the device controller, outside the actual cpu address space ? As I remember it was installed only on exports so the TLA did not fall foul of US legal protections, or so they said.

There are also denied rumors of hidden corners of recent Intel cpus that can do special things for special purposes.

 

As for VPN servers, they are rather just fancy routers running OpenVPN and some remote admin functions. In my mind they could just boot from readonly DVD-R, with a ramfs and so no persistent disk (and no logs, and nothing to seize), and no graphics XTerminal or usb requirement. Very limited "attack surface".

OpenVPN is programmed in C, and the system dependency apis are limited, so may actually run or be forked for non-Linux (posix) kernels such as "secure" QNX or others.

Time to watch the NRL football, others can wage war for the 21st century.                                           

Share this post


Link to post

I have no interest in leaked documents. They can and half the time are in fact false. So I have but one single question.

 

What part of Linux is compromised? If you cannot answer this, then I would say the odds are against it being truly compromised.

 

And Linux as a whole? I would plainly laugh if anyone claimed that. There are hundreds of *Active* distributions of Linux right now. Not to mention the fact that pretty much each and every piece of software in most of them can be swapped out for another, and that upwards of 99% is open sourced.

 

I am surprised Apple is not throwing a raging hissy fit right now. They like to pretend that iOS is perfectly safe in absolutely every situation, even as bugs are discovered.

 

Windows on the other hand has no concern. It was never secure, and they still have a crazy market share.

 

To be fair, we don't know what "part" of Linux is compromised. The fact that any of it is compromised should at least raise an eyebrow

 

Vault 7 seems to indicate that the CIA does know what "parts" of Linux are compromised, the mere fact that we don't leaves us at a disadvantage. 

Share this post


Link to post

Technically it seems rather easy to detect abnormal operating system or driver code or app code and capture a trace of its execution. [...]

 

what about an OS like the RTOS on mobiles that runs the radio(s) (baseband)? apparently the glaring problems here are that a) it's a secret, proprietary mess that is essentially designed to be insecure (back-doored) and the baseband processor is the master while the CPU running Android (or whatever) is the slave and c) they're both sharing the same memory

 

I have no interest in leaked documents. They can and half the time are in fact false. So I have but one single question.

 

What part of Linux is compromised? If you cannot answer this, then I would say the odds are against it being truly compromised.

 

[...]

 

this is Wikileaks, not 'prisonplanet.com' - not to say the leak isnecessarily genuine , but i'm reasonably certain the vetting process is orders of magnitude higher than most any other org

 

as for what part of Linux is compromised, i would posit that it doesn't matter whether it's compromised or not when it's running on proprietary hardware with proprietary firmware, be it a PC, mobile, toaster, etc.

 

if you research the current mobile situation, you'll quickly find that it's a very insecure, bug-filled, exploitable mess and there's very little, if anything, end users can do about it - you can harden Android or run Replicant or whatever OS you wish and it's still very mush open to attack because of the baseband and the shared RAM, so even if the OS was perfect going in (and Linux surely isn't), it's still easily compromised at a later time

 

there is no security

 

there is no privacy

 

"encryption is useless" - that was told to me by a guy with, as i recall, a crypto clearance who formerly worked for the government either directly or as a contractor - obviously encryption isn't useless, depending on who you're trying to protect yourself against, but he was referring to government and, i assume, the "intelligence" community

 

years ago i started researching how Windows stores and hides personal data and the risks and the why of it - i was put in contact with a computer forensic LEO and we exchanged a number of emails during which i gained a certain amount of his trust which led me to my final question: could LE access a Windows box remotely even if it wasn't trojened? his answer: "what do you think?" - that was in the Win 98 days - he cut off communication after that

 

also read a personal story about a guy with a ThinkPad (don't recall if it was IBM or Lenovo) who said LE came to his home when he wasn't there and, without removing his HDD or powering on the machine, spun-up the drive and took whatever they wanted - i believe he said they used one of the external ports to do this

 

until there is open hardware and infrastructure to go with the open software, there are only illusions of security

Share this post


Link to post

open hardware and infrastructure

 

This. We can have all the open source software and operating systems in the world, but if the men in black have all consumer hardware and infrastructure tailored to them so that they may do as they please with our technology, its all for naught. 

 

We need computer hardware and infrastructure built with the same level of dedication and transparency that goes into projects such as VPN's and Tor. 

 

I don't know how it can be done, but i do believe that it should be done. 

Share this post


Link to post

So what do governments (executive, police, military, ...) and large corporations do about internet insecurity ? The US TLAs seem to have a free hand to spy outside the USA and US corporations for "economic benefits" as explicit policy (and to justify bigger budgets, and offer "insider deals" for "donors"). And one could expect China to do more. I do not follow infosec professional insider forums, etc but they have to justify their consultancy fees and survive third party security audits, etc. Airbus has to compete with Boeing, Siemens with GE, Toyota with GM, Ericcson with Huawei, ...

Share this post


Link to post

http://alexanderhiggins.com/new-intel-cpus-come-powerful-built-secret-hidden-backdoor/

 

Even with all the other things we can do software wise, its hard to get around something like this.

 

Well, its nice to know that they are calling it a "Management Engine" rather than a backdoor

 

Kind of like saying something unexpectedly disassembled rather than calling it what it is, blowing up. 

 

For the record, i don't want anyone "Managing" my computer other than myself, i don't care who it is. I would say I'm safer since i use AMD, but i already know there is probably a document out there similar to this one that would say otherwise. 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...