In March, Wikileaks published the Vault 7 leaks, a cache of CIA cyberweapons created under the doctrine of "NOBUS" ("No One But Us"), in which security agencies suppress the publication of bugs in widely used software, choosing instead to develop attack-tools that exploit these bugs, on the assumption that no one else will ever discover those bugs and use them to attack the people they're charged with defending.
Though Wikileaks shared the sourcecode for these weapons with a few select tech giants shortly after the initial leak publication, they withheld it from wider publication until now.
The Vault 8 leaks are a trove of sourcecode and analysis of the Vault 7 weapons, presented to "enable investigative journalists, forensic experts and the general public to better identify and understand covert CIA infrastructure components."
Access to this sourcecode will reveal, for example, whether the CIA is recycling existing cyberweapons used by criminals in its tools, whether and how the CIA misdirects attribution for its cyberwarfare operations (for example, by leaving false clues like foreign-language variable names or timestamps from exotic locales), and it provides critical data on the practical realities of NOBUS, allowing researchers to track the rate of independent rediscovery and exploitation of the bugs that the CIA has deliberately left intact on our computers.
Vault 8 [Wikileaks]
In 2014, Quentin Tarantino sued Gawker for publishing a link to a leaked pre-release screener of his movie "The Hateful Eight." The ensuing court-case revealed that the screeners Tarantino's company had released had some forensic "traitor tracing" features to enable them to track down the identities of people who leaked copies.
Ransomware has been around since the late 1980s, but it got a massive shot in the arm when leaked NSA cyberweapons were merged with existing strains of ransomware, with new payment mechanisms that used cryptocurrencies, leading to multiple ransomware epidemics that locked up businesses, hospitals, schools, and more (and then there are the state-level cyberattacks […]
This week, we learned that the notorious Israeli cyber-arms-dealer NSO Group had figured out how hijack your Iphone or Android phone by placing a simple Whatsapp call, an attack that would work even if you don't answer the call.
Kudos to those of us who have chosen a less wasteful third option to “paper or plastic” at the supermarket or club stores. Tote bags are reusable, but they can be a pain to tote around. Here’s an upgrade to that planet-saving measure. The Club Cart Lotus Trolley Bag is that rare tote you’ll want […]
Looking for a career in IT, gaming or software development? In the ever-changing world of the internet, versatility is your biggest asset. In other words, mastering Java might not cut it in an interview if you don’t know C#. However, there’s a bundle that covers the essentials in most any language. The Legendary Learn to […]
Getting a set of cookware that will outlast you is one of those signs you’ve truly grown up. It used to be easy to find durable materials that also cook well, but these days it can be hard to tell what’s quality and what brands are coasting by on a recognizable name. Well, there’s at […]