Politics

The CIA: Nerds Who Can Ruin Our Lives

Politics Features WikiLeaks
Share Tweet Submit Pin
The CIA: Nerds Who Can Ruin Our Lives

What is privacy today? That’s been an increasingly difficult question to answer as the years roll on and more and more comes out about the extent of post-9/11 government surveillance. Just when it seems we know the full extent of it, something new comes out like the PRISM program and it completely alters our understanding.

Well, here we are again. WikiLeaks just released its cache of CIA documents known as Vault 7. This latest dump by the whistleblower group has led to several disturbing revelations, like the fact President Obama lied when he said the US government was not hoarding “zero day” exploits and the simple truth that basically all modern technology can double as a means of surveillance. The CIA is able to get root (administrator) access to your iOS, Windows, or Android device, install a “rootkit,” and surveil you through your router! However, we also learned something else this time: the cybersecurity experts at the CIA are nerds.

Yes, you heard that right. As it turns out, the people with the capability to learn what brand of underwear you wear are exactly who you’d imagine them to be.

How do we know this? It’s really quite simple. Just look at these project code names:

Weeping Angel

Readers may be familiar with the weeping angels from the popular BBC show Doctor Who. These living statues, which made their first appearance in the now legendary episode “Blink” in the third season of the rebooted series, come to life when you’re not looking, and send you back in time in order to live off of your “potential energy.” Of course, what makes these things truly terrifying/ridiculous is that anything that holds their image becomes one itself.

What readers may not be aware of is the malware bearing its namesake, “Weeping Angel.” Developed by the CIA’s Embedded Devices Branch (EDB) in conjunction with British intelligence, “Weeping Angel” turns Samsung smart TVs into listening devices for the government. By suppressing the television’s LED lights, it can make the display appear as if it is off while keeping the voice control microphone enabled. Weeping Angel can also stream audio and video back to the CIA despite the wifi appearing to be disconnected. However, as Sam Biddle of The Intercept reported, “it’s unclear if this attack could be executed remotely, but the documentation includes reference to in-person infection via a tainted USB drive.”

Whatever the means of transmission, like the weeping angels from the Whoniverse, this program could send people scurrying back to the past because knowledge of its existence is sure to increase demand for earlier technology.

Sandshrew

Readers may also be aware of a certain ground-type first generation Pokemon named Sandshrew. He was super popular in the 90’s.

You know…this little guy

Isn’t he cute?

Well, as it turns out, SandShrew is also the name of an iOS 6 exploit used by the CIA for clandestine purposes. It is what is known as a “sandbox escape,” which is something that—in layman’s terms—interferes with a program, allowing it permission to do something outside the scope of what it should be doing, like accessing different parts of the hard drive.

Sontaran

Sontarans, remember them Another of Doctor Who’s alien races, the Sontarans attempt to conquer Earth using poison gas emitters in cars disguised as a clean-energy system known as “ATMOS.” They’re all clones, and they look like potatoes, but as David Tennant’s Doctor explains, they’re also perfect warriors. Their only weakness is on their back (so they cannot run from battle). Pretty cool right (albeit slightly ugly)?

Well, Sontaran is also the name of a CIA project to figure out vulnerabilities in Linux-based voice over internet protocol (VOIP) technologies. For those who don’t know what a VOIP is, the best example I can give is Skype.

As Postdoctoral Fellow at the Cyber Security Project Trey Herr explained, “Hacking a VOIP system . . . seems like it would be something useful if you wanted to listen in on calls. Especially if it was an open source VOIP system some major manufacturer had placed into a lot of phones.”

Often times, office phones are run off of VOIP services through a central computer—so you can do the math…

Maddening Whispers

This one is perhaps the crème de la crème of nerdy references. Maddening Whispers is actually a spell from the popular MMORPG World of Warcraft.

Incidentally, Maddening Whispers is also the name of “a set of software components that provide beaconing and remote access capabilities to a Vanguard-based device (ET project).”

Although Herr was unfamiliar with the vendor, he did explain that “beaconing is when you set up a digital file to call back to you from another computer. Sounds like this tool would do that and potentially give the operator access to the same system. Remote access would let me do things like copy, move, and send files from your computer while logged in from my desk.”

Other code names include Philosoraptor (meme) and RickyBobby (Talladega Nights). So, while they’re spying on people, at least we know the people at the CIA are consuming the same kind of pop culture we are, right?

Unfortunately, there is no “at least” in this situation. These tools are targeted invasions of privacy, and a serious conversation needs to be had as to whether or not a line has been crossed. Even though the CIA rarely operates domestically, and even if there is reason to suspect an individual of criminal activity, at what point does surveillance become unacceptable? Are there certain places government should unequivocally be forbidden from going?

And there are other issues as well. Let’s say you’re an Indian-born Muslim medical student here for school. You could very easily find yourself on the receiving end of these targeted hacks. In other words, everything about your private life could very easily become known to our intelligence community.

Of course, there’s the fact that if the CIA is capable of these methods, the domestic spy agencies are as well—or soon will be. And with these capabilities comes the potential for abuse which could have a chilling effect on the national dialogue—at least as far as this issue is concerned. After all, the FBI did spy on Dr. Martin Luther King, Jr. Hell, as I write this piece I know the individuals I’m dubbing “nerds” could learn more about me in a day than I ever could about them as a journalist.

On the other hand, the technology now exists to monitor us all remotely. If government can do it, private sector hackers can as well—and in many ways, that is even more troubling. It seems that going forward, nothing is sacred. That is truly scary.

ShareTweetSubmitPinMore