WikiLeaks Reveals The CIA Hacked Into iPhones, Android phones And Samsung TVs
The future is coming, just as Sci-Fi novels said it would.
Last week Wikileaks dropped a dossier of documents pertaining to some surveillance programs running within the CIA. The documents provided some shocking insights — the most shocking of them pertained to surveillance through Samsung Smart TVs. Other devices also mentioned were Apple’s iPhones and Google’s Android phones.
While in the world after Snowden, revelation of such information is not the most unexpected thing to happen, yet this incident does raise a lot of concerns at the same time.
The documents, dating from 2013 all the way to 2016, describe the agency’s abilities to use software flaws to hack into and control devices like the iPhone, Android, and Samsung TVs, along with Skype, Wi-Fi networks, and antivirus programs.
The document dump also shows that the CIA possesses the ability to hack into devices and remotely activate cameras, microphones and even the GPS, to keep tabs on a person’s location and… their surroundings.
Per these documents, the technology that the CIA is said to possess allows them unprecedented access to the compromised devices, almost as if they had a clone of the device with them.
It gets worse.
This access even compromises private messaging conducted via apps like Signal, WhatsApp, Telegram, Weibo and Confide by hacking the smartphones underlying the apps, to collect messaging and audio data before encryption is applied.
It is then, not any particular messaging service or application on the phone that these programs seem to be attacking, instead they’re attacking the underlying operating system on which the phone runs.
“These are not hacks against those apps, but hacks against the underlying operating systems”, said security technologist Bruce Schneier.
The sentiment was echoed on Twitter by Edward Snowden, infamous for his NSA leaks of a similar kind back in 2013. Now known as the Snowden Leak, the leaks reported on mass surveillance programs run by the NSA.
While the information revealed in both the cases is alarming, it is important to note that these two leaks differ significantly. The primary distinction between the two is that Snowden’s leaks revealed mass surveillance techniques that could be used to keep tabs on anyone and everyone at the same time. On the other hand, the recent leak reveals the existence of tools for individual surveillance, that have to be applied to specific people.
One of the programs revealed is called Weeping Angel. This program in particular, has raised many questions and concerns, due to two reasons.
First, it came into existence as a result of a collaborative effort between United States’ CIA, and the United Kingdom’s intelligence service MI6.
Second, it revealed what had not yet been considered a verified legitimate concern — while the use of smartphones and laptops for surveillance is something that has been suspected for years and has been proven many times over, but this leak revealed that programs exists that can leverage devices as innocuous as Smart TVs and use them for surveillance.
The hack employed by the CIA allows them to put a Smart TV on what they call a ‘fake off’ mode. Doing that makes it appear as though the TV is off, while at the same time, the microphone on the television could be used to record audio babble and conversations happening around the TV even in this dormant state.
What is unsettling is that this is precisely what conspiracy theorists have been warning us about for years now — the idea of a Smart TV being turned into something one can listen through comes directly from George Orwell’s 1984. A lot of 1984’s readers’ skin crawled at the prospect, but what allowed them to subsequently sleep at night was the belief that this “power” would stay exactly there — in a fictional pondering.
There were some people though who did stay with this conspiracy theory, but most of us never took those guys seriously.
But with this leak, one can no longer be sure how much of Orwell’s forecast was fictional latitude and how much was a prophecy. Now, the conspiracy theorists’ words are searing through peoples mind, scaring them with the new reality.
Add to this, the fact that Samsung, in their Terms and Conditions, states: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition”.
Soon after this revelation was discovered in the Samsung policy, they changed it, making a public statement saying that their Smart TVs do not record any conversation. But this obviously leads one to ask: What exactly are you up to Samsung?
There’s somewhat of a saving grace that I should point out right now, to restore some calm in your mind — even though the possibility of a Smart TV being used for surveillance is now very real and very dangerous, this particular program has not yet achieved the expertise needed.
The mole that feeds this program needs to be installed on the specific TV via a USB drive, and it can be disabled simply by unplugging the TV set. That makes it unsuitable for mass surveillance, which is the scenario that we have all been concerned about. For surveillance of particular people though, the “hackers” have hit quite a jackpot.
So, unless you suspect you’d be on the CIA’s list of people to monitor, you’re kind of safe, for the moment, at least.
The companies involved, when contacted, emphasized consumer security and privacy, but confirmed little else.
Apple said that it had already fixed a few of the issues mentioned in the documents via the latest OS updates, and Samsung and Microsoft, both said that they were looking into the reports.
There has yet been no evidence that these tools were actually used. What the documents assert is that the CIA has the technology to execute the kind of surveillance the documents detailed.
Predictably, the Central Intelligence Agency has refused to confirm the authenticity of the documents.
A question however still persists: how dangerous are these existing vulnerabilities in our gadgets, and should agencies like CIA be allowed to use them?
Privacy advocates and those concerned with security would certainly have a lot to say.
As Chip-Monks, I’d say just two things: don’t let others handle your devices (no matter how innocent the need) and do not fall for “free” apps especially from unknown/small-time developers, to the degree possible. There will need to be more stringent measures you need to take, but that’s meat for another article.
Originally published at Chip-Monks.
