Home Invites Members Groups Events Careers Videos News Photos Blogs Polls Singles Forums Chat
Home > Blogs > Post Content

CIA 'hoarded' vulnerabilities ("zero days") (174 hits)

In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers.

Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others.

The U.S. government's commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities. The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.

"Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.

As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.

The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable.

https://wikileaks.org/ciav7p1/
Posted By: Steve Williams
Thursday, March 9th 2017 at 9:25AM
You can also click here to view all posts by this author...

Report obscenity | post comment
Share |
Please Login To Post Comments...
Email:
Password:

 
Do you hear anyone talking about the CIA withholding data on security vulnerabilities that make America's citizens less secure? Where is Rachel when you need her???
Friday, March 10th 2017 at 9:44AM
Steve Williams
More From This Author
Earth 2
Long Live the Republic
Former DNC Chair Donna Brazile has message for those who want her to 'shut up'
Inside Hillary Clinton’s Secret Takeover of the DNC
Trump Trolls Press When Kids Visit Oval Office
The Missing Hard Drive
DOJ says informant can speak to Congress on Uranium One
Reporting on Las Vegas, Pixel by Pixel
Forward This Blog Entry!
Blogs Home

(Advertise Here)
Who's Online
>> more | invite 
Black America Resources
100 Black Men of America
www.100blackmen.org

Black America's Political Action Committee (BAMPAC)
www.bampac.org

Black America Study
www.blackamericastudy.com

Black America Web
www.blackamericaweb.com

CNN Black In America Special
www.cnn.com/blackinamerica

NUL State of Black America Report
www.nul.org

Most Popular Bloggers
deacon ron gray has logged 585268 blog subscribers!
siebra muhammad has logged 146082 blog subscribers!
elynor moss has logged 112344 blog subscribers!
tanisha laverne grant has logged 60340 blog subscribers!
miisrael bride has logged 48497 blog subscribers!
>> more | add 
Latest Jobs
CERT ONCOLOGY ABSTRACTOR with Premier Health in Dayton, OH.
Office Services Assistant (P/T) - Orange County Regional Campus with Azusa Pacific University in Azusa, CA.
Manager - Dining Services (S1006) with Azusa Pacific University in Azusa, CA.
Program Representative - San Diego Regional Campus with Azusa Pacific University in Azusa, CA.
Faculty, School Counseling and School Psychology (F210) with Azusa Pacific University in Azusa, CA.
>> more | add