WikiLeaks
Part
4 - CIA 'hoarded' vulnerabilities ("zero days")
In the wake
of Edward Snowden's leaks about the NSA, the U.S. technology industry
secured a commitment from the Obama administration that the executive
would disclose on an ongoing basis — rather than hoard — serious
vulnerabilities, exploits, bugs or "zero days" to Apple,
Google, Microsoft, and other US-based manufacturers.
Serious
vulnerabilities not disclosed to the manufacturers places huge
swathes of the population and critical infrastructure at risk to
foreign intelligence or cyber criminals who independently discover or
hear rumors of the vulnerability. If the CIA can discover such
vulnerabilities so can others.
The U.S.
government's commitment to the Vulnerabilities Equities Process came
after significant lobbying by US technology companies, who risk
losing their share of the global market over real and perceived
hidden vulnerabilities. The government stated that it would disclose
all pervasive vulnerabilities discovered after 2010 on an ongoing
basis.
"Year
Zero" documents show that the CIA breached the Obama
administration's commitments. Many of the vulnerabilities used in the
CIA's cyber arsenal are pervasive and some may already have been
found by rival intelligence agencies or cyber criminals.
As an
example, specific CIA malware revealed in "Year Zero" is
able to penetrate, infest and control both the Android phone and
iPhone software that runs or has run presidential Twitter accounts.
The CIA attacks this software by using undisclosed security
vulnerabilities ("zero days") possessed by the CIA but if
the CIA can hack these phones then so can everyone else who has
obtained or discovered the vulnerability. As long as the CIA keeps
these vulnerabilities concealed from Apple and Google (who make the
phones) they will not be fixed, and the phones will remain hackable.
The same
vulnerabilities exist for the population at large, including the U.S.
Cabinet, Congress, top CEOs, system administrators, security officers
and engineers. By hiding these security flaws from manufacturers like
Apple and Google the CIA ensures that it can hack everyone &mdsh;
at the expense of leaving everyone hackable.
Source
and links:
Perhaps this isn't the correct variant to spy on the girl. But I don’t see another way out. So I downloaded the software keylogger https://hackaphone.net/ . And it allows me to keep track of her correspondence in sms, call .... There are many details that I found isn’t so pleasant for me.
ReplyDelete