Tuesday, March 14, 2017

There is Less to the Wikileaks CIA Disclosures Than You Have Been Lead to Believe

There has been breathless coverage by the media about the CIA data dump by Wikileaks.  There is certainly a big story here.  How did Wikileaks get these classified documents?  Was it an insider? A State Actor?  But much of the coverage about the content of the dump itself is, on closer examination, less impressive than you would have thought had you simply believed Wikileaks own comments about the data dump.

Nicholas Weaver, a senior staff researcher at the International Computer Science Institute, has an interesting post at the Lawfare blog about how the media got duped by Wikileaks into exaggerating the story:
There are two real stories involving the CIA data dump by Wikileaks, neither of which is about the actual documents themselves. The first is that somebody managed to exfiltrate the data from the CIA in the first place, but the second still seems unappreciated:  Wikileaks once again successfully hacked the media, shaping discussions into deliberately deceptive ways. 
How many articles did you read about the CIA “hoarding zero days”, with “24 Android exploits”?  How many breathless pieces about how the “CIA will frame others by recycling their malcode”? That the CIA is “breaking Signal”?  Or that CIA can “spy on you through your Samsung TV”?   
How many of those stories mentioned that most of the Android “zero days” referenced were anything but, instead documentation on old exploits for out of date devices?  Or that the CIA malcode reuse is not about a “false flag” operation but instead lazyefficient programmers taking advantage of existing code?  Or that the “breaking” of Signal is equivalent to saying “I broke Signal” when I look over your shoulder as you type?  Or that the CIA’s TV bug requires physical access?  These critical caveats change the stories completely.
The problem, as Weaver notes is that many journalists don't have the technical background to evaluate Wikileaks claims, and they rushed to print before talking to real experts.  Still, there is good news here:  my Samsung TV is not spying on me.

Read the full post here.

No comments:

Post a Comment