7 Questions about Wikileaks and Vault 7

What happened to Vaults 1–6?

1) Why is the Guardian running interference for the CIA?

As highlighted by The Canary, the Guardian’s coverage of Vault 7 frames this story in terms of embarrassment for the CIA and how the poor intelligence agencies with their multi-billion dollar annual budgets are incapable of stopping the leak of secret documents. In reality, assuming the documents published by Wikileaks are authentic, the CIA has hacking capabilities equal to or greater than the NSA. If they wanted to take down the Wikileaks site, at least within the US, then they could. But then, that’s like saying the Pentagon could have just invaded Cuba and overthrown Castro — having the ability to do something does not necessarily mean they will do it.

2) Why is Snowden endorsing Vault 7?

The hypocrisy of the Guardian in pissing themselves like an over-excited dog over Snowden’s NSA ‘revelations’ but responding very differently to Wikileaks CIA ‘revelations’ poses a problem — are these leaks authentic? If, as I have suggested for a long time, Snowden is still working for US intelligence then why is he endorsing this leak? He always said that he never leaked CIA documents because of the old adage about agents in the field having their identities exposed. But these CIA documents do not appear to contain the name of even a single agent. Nor do many other CIA documents. While I don’t know why Snowden has performed an about-turn and is now chumming up to Wikileaks, this is remarkably two-faced even for a trained spook.

3) Does Vault 7 add anything that we didn’t already know?

I have not read through the several thousand documents released by Wikileaks but so far I haven’t seen anything in the files or in the media coverage that I didn’t already know/assume to be the case. The CIA has massive electronic surveillance capabilities? No shit. They hoard software exploits to help them backdoor operating systems? I’m sure they do. They have the ability to hack iPhones and turn the mics on? WHY THE FUCK DO YOU THINK THEY SELL US ALL THIS CONSUMER ELECTRONICS SHIT TO BEGIN WITH?

4) Why don’t people realise that encryption is useless?

In the wake of the Snowden ‘revelations’ a lot more people started using encryption — for their emails, for text messaging, for their entire operating system, all sorts of fun. Numerous pictures were published of Snowden’s laptop with a TOR sticker on it. Because nothing says ‘genuine whistleblower’ quite like a TOR sticker.

The very best in hacker/whistleblower couture

The problem with this is that it’s only if the NSA/CIA/GCHQ/MI6/FBI etc. are intercepting your email after it has been encrypted and sent that encryption is effective. What the Vault 7 documents confirm is that there’s an easy(ish) way around this for any would-be spy — they just hack the app or software and read your emails or texts as you’re writing them i.e. before they are encrypted and sent. Whatsapp, Signal, Telegram and Weibo have all been compromised

Meanwhile, using encryption is a good way to tell the intelligence agencies that you’re trying to hide something. Whether that’s your dick pics or the fact you’re secretly working for Chinese military intelligence doesn’t make a lot of difference. To be clear: I do not use encryption because no one has ever explained to me any good reason for me to do so. To my mind there is no privacy online, whether you use PGP or not.

5) Are these documents real?

I am not familiar with the CIA’s operations in this area so I have no way of comparing these documents with other similar files or of verifying the information in them. Nor do most journalists and commentators. Wikileaks themselves seem to be saying that they obtained them from a disgruntled CIA employee (possibly an ex-employee) who like Snowden wanted to ‘start a debate’. There won’t be a debate. There’s never a real debate. This story will cease to be reported on in the mainstream media by the end of this week. So either the leaker is an idiot or is hopelessly naive, or that isn’t the reason they leaked the documents.

There is a distinct possibility of this being Snowden version 2.0 — documents that are probably real being leaked deliberately to create a media storm. Unlike many Wikileaks disclosures this story was reported on by the BBC and other top-level mainstream news outlets who have in the past ignored quite a lot of Wikileaks-originated stories.

6) Did the CIA hack the election pretending to be Russia?

Among these files is the detail that the CIA can mask their own hacking by simulating the ‘digital fingerprints’ of other entities. While I’m still not sure that anyone hacked the 2016 US Presidential Election, let alone Russia, or even what ‘hacking the election’ means, the implication is that we should not trust any claim as to who is responsible based on ‘traced back to a Russian server’ and the like. Until they actually present a person in court who says they did it and explains how they did it, we must remain in doubt.

7) What the fuck is former chairman of the House Intel committee Mike Rogers twatting on about?

One of the most ridiculous responses to the leaks came from Mike Rogers, whose facebook page announced:

The Wikileaks releases are serious and concerning for a number of reasons. First, sifting fact from fiction is critical. There will be a lot of noise resulting from this release and the political implications are real.
That the CIA developed and deployed tools to digitally spy on our adversaries overseas should not come as a surprise — that is their core mission: gather intelligence on America’s enemies abroad to inform our nation’s foreign and national security policy.
Second, the disclosure released useful information on tools and exploits that will find their way onto the deep and dark web. Tools and exploits that hackers — nation-state, criminals, and others — will use to hack into networks, steal information, and undermine confidence in the digital economy.
The already frightening cyber threat picture just became a bit scarier.

There are too many lies in this one little status update to bother with but the most crucial is that Rogers is trying to spin this as the CIA developing tools to spy on people overseas. The fact that the country where people buy the most smartphones and smart TVs is the US, and therefore hacking operations against those devices are clearly aimed at the domestic US population, seems to have slipped Rogers’ mind. Consider — this is the man who was responsible for overseeing US intelligence, and here he is deflecting attention away from the CIA’s illegal activities and making excuses for them.

The other thing he gets laughably, humiliatingly wrong is his reference to things leaking onto the ‘deep and dark web’. The Deep Web is a term that simply means data inside databases and in other back-ends of websites that cannot be crawled by search engines. Every blog in the world employs an element of the Deep Web. Anyone who uses Joomla or Wordpress or Paypal or has a social media account is making use of the Deep Web. Clearly, Rogers doesn’t have a fucking clue what he’s talking about. Again, this is the man who used to be in charge of overseeing US intelligence…