-
The boarding pass thing is funny. I can't believe how many people I see telling all and sundry they are away from their house for a while etc
The other good one is the use of your normal email address as your apple or google id. All someone has to do is use the email address you freely hand out and crack your probably weak password and they can track your whereabouts because you probably also have location tracking on.
All those people concerned about their samsung tv are carrying and allowing a personal tracking device on their person. -
Yeah, the huge celebrity photo leak (The Fappening) wasn't amazing hacking, it was a guy digitally watching celebs till he could guess their email address & then just trying out obvious passwords till he got it right. That was all it took. Read Scarlett Johansens tweets for a week, see she bleats on about her dog "Scruffy", login to her icloud using a password of scruffy, Ilovescruffy, scruffy123 till you are in.
And then for good measure try her Amazon, iTunes, Facebook & Instagram accounts too because they are probably all the same fricking password
-
@gollum said in Wikileaks CIA releases.......:
Yeah, the huge celebrity photo leak (The Fappening) wasn't amazing hacking, it was a guy digitally watching celebs till he could guess their email address & then just trying out obvious passwords till he got it right. That was all it took. Read Scarlett Johansens tweets for a week, see she bleats on about her dog "Scruffy", login to her icloud using a password of scruffy, Ilovescruffy, scruffy123 till you are in.
And then for good measure try her Amazon, iTunes, Facebook & Instagram accounts too because they are probably all the same fricking password
We all do owe the man a debt of gratitude as well. Guessing that Kate Upton's password was 'spoodgeonmyback' was genius.
-
But members of the security community have dismissed Assange’s hyperbole around the CIA files – collectively nicknamed “Vault 7” – which he described as “exceptional from a political, legal and forensic perspective”. Ryan Kalember, SVP of Cybersecurity Strategy at Proofpoint, disagreed. “There’s nothing earth-shattering,” he said, pointing out that many of the operating systems mentioned in the documents are quite old and have already been updated.
“It seems like the CIA was doing the same stuff cybersecurity researchers do, which is compile lists of vulnerabilities and try to figure out which ones are being exploited in the wild and which ones could be.” It’s not clear at this point how many, if any, of the vulnerabilities are genuine “zero-days” – those not yet known to vendors, named after the number of days they have to fix them.
Kalember said that the so-called Weeping Angel hack, which uses malware to spy on Samsung smart TVs, has been shown at security conferences for a couple of years and requires physical access to the device.
“The CIA should be embarrassed that they lost control of this cache, but they should also be embarrassed if this is their level of technical sophistication,” said another another security researcher, who did not want to be named. “What they have is pretty unimpressive.” Both said that the vulnerabilities detailed in the documents are likely to have already been patched by the companies. Apple and Google have both publicly stated this is the case.
There could be more to come, however: Assange has emphasized that the data trove released on Tuesday is only a portion of the total leaked information WikiLeaks holds. “The fact that Julian Assange is offering to selectively disclose vulnerability information to affected companies is better than revealing it to all and sundry, but it depends on the veracity, accuracy and currency of that information,” said BullGuard CEO Paul Lipman.
“I don’t think WikiLeaks is the first stop for tech companies looking to solve vulnerabilities,” he added. How do the CIA files compare to the revelations contained in the NSA leaks from whistleblower Edward Snowden? “It’s apples and oranges,” said Kalember. “The Snowden leaks were not only technically interesting but contained a lot of novel stuff that was not known at all.”
He said that with Vault 7, he and other members of the cybersecurity community have spent a lot of time “laughing about funny things on the CIA’s intranet” (like this collection of emoticons) rather than “debating anything interesting from a tech perspective”.
Some researchers were skeptical of WikiLeaks’ motives, pointing to apparent ties between the whistleblowing organization and Russia – despite Assange’s denial. “Everything they have done over the last few months suggests they are operating as a front for a different leaker [Russia],” said Kalember. He said that the possible Russian ties as well as WikiLeaks’ track record of publishing identifying information about people (known as ‘doxxing’ ) – including millions of women in Turkey – and threats to make an online database of all verified users on Twitter – has diminished confidence in the organization.
“No-one in the information security community really trusts him and his motives,” he said. At the press conference, Assange attempted to counter accusations that he or WikiLeaks had ties to Russian intelligence agencies, describing his operation as “a neutral, digital Switzerland”. The WikiLeaks’ promotion of the CIA files has placed emphasis on a group at the agency called Umbrage, which collects a library of attack techniques produced in other states including, the press release stated, the Russian Federation.
“With Ubrage and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the ‘fingerprints’ of the groups that the attack techniques were stolen from,” WikiLeaks said. This could be interpreted as an attempt by WikiLeaks to undermine the attribution of the DNC hack to the Russians – something that the international security community almost unanimously agrees on.
“They place a lot of emphasis on the fact that the CIA could be using malware to achieve its ends and leave trails that point to people in different directions. Everybody does this, but it’s not going to genuinely undermine proper attribution,” he said. That hasn’t stopped conservative media figures from embracing the conspiracy theory, amplified by a flood of Twitter bots spouting memes and a similar narrative.
“I think at this point Assange is effectively acting in the service of the Russian government, whether intentionally or not,” said Kalember.
-
The biggest disappointment I have with Assange is that he has totally destoyed any shred of belief I had in the Hollywood version of the USA govt machine. He should been assassinated years ago..
-
@jegga said in Wikileaks CIA releases.......:
@gollum said in Wikileaks CIA releases.......:
When do they start releases hacks that make the Russians look bad? Oh.. yeah..
I am amazed how many people think a Russian proxy tossing information out is awesome.
Its bizarre that people think this weirdos behaviour is somehow constructive and most of the time his "revelations " are a let down or obvious to most people anyway. And like you said its completely one way, if he's as awesome as he thinks he is when it comes to hacking surely he can get past Russias cyber security? It seems more likely they've been drip feeding him stuff for years knowing that the narcissistic douche would happily take credit for it.
Since the election there's been a weird change in attitudes to Assange and wikileaks , he was a hero to leftards but now rwnjs like Sarah Palin are saying this about him.
Also he might be banging Pamela Anderson.
If the American government doesn't get him the hepatitis will...
-
@aucklandwarlord he's not a fan of safe sex apparently, so here's hoping.
-
Yes and no. The issue with Assange is its hard to target him & not target the New York Times, Washpo etc.
So now that is not an issue as a criminal DOJ case against the NYT is actually excellent. And it will lose in constitutional grounds (it wont even be close) but that wont matter because enough people will buy that the NYT & co are fake news & traitors.
The only interesting bit will be how many people in the DOJ resign in protest / get fired. And if Sessions is brought up on charges as a result.. It'll take a while, I imagine till at least the mid-terms.
Here's the key quote -
"Never in the history of this country has a publisher been prosecuted for presenting truthful information to the public," Wizner told CNN. "Any prosecution of WikiLeaks for publishing government secrets would set a dangerous precedent that the Trump administration would surely use to target other news organizations."
-
@gollum said in Wikileaks CIA releases.......:
Sets it up REALLY nicely to sue Washpo, NYT, CNN etc over all leaks coming out re Russia.
It'll never fly constitutionally but it'll look solid to the base.
I'm still a bit confused though. I think it is very unlikely and undesirable to sue a publication over the truth (or to try and prove or disprove what is the truth).
What can be done is to target the means of obtaining the information. For the WP etc they didn't play an active role but they believe they have evidence that Assange did.
State secrets stop being secret when they come out in public and you can't prosecute people for repeating them. What you can do is get someone for obtaining those secrets or mis-using them. -
Yeah, Assange is an easier one as I bet he has actively requested people to comit a crime, Washpo & NYT would never do that.
But they would take the leak if offered. Which is totally legal. But that distinction will only matter in court. The story will be DOJ prosecute Washpo & NYT & Assange over treasonous leaks. Assange goes down, Washpo & NYT are fully cleared but the message out is "anything they found was done via treason, ignore it"
If you are trying to discredit the info & can't, discredit the source. And you don't even have to win. Especially if you've already to a degree discredited the courts.
-
@gollum said in Wikileaks CIA releases.......:
Yeah, Assange is an easier one as I bet he has actively requested people to comit a crime, Washpo & NYT would never do that.
But they would take the leak if offered. Which is totally legal. But that distinction will only matter in court. The story will be DOJ prosecute Washpo & NYT & Assange over treasonous leaks. Assange goes down, Washpo & NYT are fully cleared but the message out is "anything they found was done via treason, ignore it"
If you are trying to discredit the info & can't, discredit the source. And you don't even have to win. Especially if you've already to a degree discredited the courts.
Taking the media outlets to court involves discussing the content of the leaks in detail. No one wants to give that stuff more oxygen, especially if you know you won't win.
However info is gained, if it is true then it is true. Telling people to ignore a fact because it was illegally obtained won't stop anyone.
Facilitating the illegal act is a different kettle of fish and should be chased home all the way. -
Rationally I agree, but I still think if & when NYT & Washpo publish they will try to discredit by suing over the leak. the detail will be out, it'll be front page of the NYT & the lead on CNN. They have been pushing that the leak is "the real story" for over a month. This is just the next phase.
And they are not really trying to convince you or I. Nor a judge. They are targetting 40% of the US public. And I think its a good strategy to do that.
-
@gollum said in Wikileaks CIA releases.......:
Yeah, Assange is an easier one as I bet he has actively requested people to comit a crime, Washpo & NYT would never do that.
But they would take the leak if offered. Which is totally legal. But that distinction will only matter in court. The story will be DOJ prosecute Washpo & NYT & Assange over treasonous leaks. Assange goes down, Washpo & NYT are fully cleared but the message out is "anything they found was done via treason, ignore it"
If you are trying to discredit the info & can't, discredit the source. And you don't even have to win. Especially if you've already to a degree discredited the courts.
Assange can't be tried for treason as he's not a US citizen. Espionage maybe, any number of criminal conspiracy or theft charges, but you can't commit treason against a country you're not a citizen of.
Wikileaks CIA releases.......