Your browser does not support the HTML5 canvas tag.

15 March, 2017

US government bought control over software privacy vulnerabilities

The CIA’s vast database of software vulnerabilities has not only been putting the cyber security of millions of Americans at risk for years, it has also cost American taxpayers millions of dollars, as the agency has had to pay for a monopoly on the vulnerabilities. Considering that the CIA lost control of this database over a year ago, those dollars have essentially been wasted.

Part 1

The past week has not been a good one for the CIA. Ever since Wikileaks published a trove of documents exposing the agency’s ability to hack everything from smartphones to smart televisions to PCs, the CIA has been on the defensive, framing its shady behavior as necessary for protecting national security.

Despite the oft-used excuse of “national security” to justify a reduction in constitutionally-guaranteed civil liberties, the fact remains that the CIA – as Wikileaks has revealed – is able to hack any device that is Internet-enabled, meaning no one is safe from the prying eyes of the government’s ever-expanding surveillance state.

In addition to revealing the CIA’s hacking capabilities, the documents – nicknamed “Vault 7” by Wikileaks – also exposed the agency’s hoarding of software vulnerabilities in smartphones and other devices. These vulnerabilities, specifically those known as “zero-day” exploits, were amassed by U.S. intelligence agencies not for the purpose of fixing them, but in order to intentionally keep them open for the purpose of undisclosed surveillance.

These vulnerabilities were hidden from both technology manufacturers and consumers alike. It remains unknown how long the CIA allowed technology used by millions of Americans to remain vulnerable after the agency became aware of their existence.

And the controversy doesn’t end there. The “Vault 7” release also officially confirmed that the CIA is spending millions of dollars to have monopolistic control over these exploits, paying up to 1.5 million dollars (or perhaps more) per exploit. Even worse, the CIA – according to Wikileaks – recently lost control of its vast arsenal of hacking tools and exploits, meaning the large amount of money spent to control them was essentially wasted on an effort that has now made the entire world significantly more vulnerable and less secure.

Source and links:

No comments:

Post a Comment