The WikiLeaks project on March 7 published an array and 8761 documents called Vault 7. This is a leak from the base of the Central Intelligence Agency, which was provided by one of the organization's employees. The documents say that the CIA uses a zero-day vulnerability to penetrate users' devices and receive various kinds of data: messages, audio, camera photos, etc. In addition, it turned out that the CIA learned to read more and messages from the secure Signal and Telegram. Representatives of messengers could explain that the reason is not in them.
The issue of privacy is one of the most urgent for today. After the publication of secret documents by Edward Snowden in 2013 it became known that the US special services actively monitor their (and not only) citizens using mobile operators and spyware. The only way to protect these data is encryption. On this messenger Telegram, Pavel Durov even built his marketing promotion strategy. Snowden himself for communication recommends using the Signal messager with a sufficiently powerful encryption algorithm.
After the publication of the WikiLeaks documents it became known that the special services had learned to read the messages sent with the help of these messengers. However, the fault of the services themselves is not here.
CIA employees hack the entire operating system - whether it's iOS, Android or macOS - accessing all the functions of the device. Including, they can read messages in Telegram and Signal even before sending and encrypting the text itself. Therefore, the messengers themselves are also reliable, another thing is that they can crack the smartphone on which they are installed. Durov even gave a good analogy: "Imagine that your application is a lock. A smartphone is a high mountain. But if this mountain is an active volcano, no engineering skill will help to save it. "
In total there are 24 vulnerabilities in Android and 14 in iOS. In addition, the CIA can hack Windows, Linux and macOS. Stand alone are smart TVs from Samsung. Voice control, after hacking, is used in them as a permanent microphone, recording all the dialogue of the owner of the device.
After the discovery of security problems, CIA representatives did not report them to companies. Although back in 2010, Barack Obama insisted that intelligence officials should do this. However, as Apple's employees say, most of the vulnerabilities in iOS were closed in previous mobile operating system updates. The rest was promised to be modified in the next updates of the system. With the same message, but with a delay of almost a day, the representatives of Google spoke. According to them, almost all the security holes in Android are also eliminated. Neither Apple nor Google are reporting the exact number of closed vulnerabilities: "almost everything" is not all. Samsung has not made any statements yet.
So, what is next?
If we return to Durov's analogy, then there is a solution. At the moment, our smartphone is still not a volcano. It is rather a mountain with secret tunnels that lead to the castle. The documents of the CIA are a map. The task of Apple and Google - to find these secret passages before and close them. What the companies partially get, and now they also got this "card" in hand, which should speed up the process. In addition, the founder of Telegram offers a small scheme of actions how to protect oneself from espionage:
Do not use jailbroken devices unless you are sure of their security.
Do not install applications from unknown sources.
Always update the operating system to the latest version.
Choose companies that provide device support on a long-term basis.
Gadgets that are not supported have less protection.
Recall, not so long ago, we managed to find a large-scale cyber-espionage operation against Ukraine. Then the wiretapping took place through the hacking of the microphone on the computers.
Wow, this is really informative. Thank you!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit