Home Invites Members Groups Events Careers Videos News Photos Blogs Polls Singles Forums Chat
Home > Blogs > Post Content

CIA 'hoarded' vulnerabilities ("zero days") (450 hits)


In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers.

Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.

The U.S. government's commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities. The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.

"Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.

As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.

The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable.

https://wikileaks.org/ciav7p1/
Posted By: Steve Williams
Thursday, March 9th 2017 at 9:25AM
You can also click here to view all posts by this author...

Report obscenity | post comment
Share |
Please Login To Post Comments...
Email:
Password:

 
Do you hear anyone talking about the CIA withholding data on security vulnerabilities that make America's citizens less secure? Where is Rachel when you need her???
Friday, March 10th 2017 at 9:44AM
Steve Williams
More From This Author
LETTERS TO TRUMP
Why was the public not told when they were discovered in November?
McCarthy thanks Trump after House speaker vote: 'He was with me from the beginning'
Donald Trump's 'Digital Trading Cards' Sold Out In One Day — Netting $4.4 Million
AFPAC II (2021) Nick Fuentes Full Speech
Ousted Twitter counsel Jim Baker vetted 'Twitter Files' without Elon Musk's knowledge, Matt Taibbi reveals
Herschel Walker Interview at First Baptist Atlanta
Nick Fuentes is not a White Supremacist
Forward This Blog Entry!
Blogs Home

(Advertise Here)
Who's Online
>> more | invite 
Black America Resources
100 Black Men of America
www.100blackmen.org

Black America's Political Action Committee (BAMPAC)
www.bampac.org

Black America Study
www.blackamericastudy.com

Black America Web
www.blackamericaweb.com

CNN Black In America Special
www.cnn.com/blackinamerica

NUL State of Black America Report
www.nul.org

Most Popular Bloggers
agnes levine has logged 69320 blog subscribers!
dea. ron gray sr. has logged 60715 blog subscribers!
tanisha grant has logged 27429 blog subscribers!
rickey johnson has logged 6984 blog subscribers!
minister jazz' thomas-jones has logged 5986 blog subscribers!
>> more | add 
Latest Jobs
Border Patrol Agent Entry Level Recruitment Webinar April 3 with U.S. Customs and Border Protection (CBP) in NATIONWIDE, TX.
Business Solutions Manager – Sales & Recruiting with Roth Staffing Companies in San Diego, CA.
Business Systems Analyst with OWASA in Carrboro, NC.
Data Analyst - IT Business Tech & Systems with Azusa Pacific University in Azusa, California, CA.
Health & Life Sciences Fellow- Women's Health with Gates Ventures in Seattle, WA.
>> more | add