×
Search TQA Weekly
×
Log into your TQA Weekly

Vault 7 Exposed

The CIA's list of vulnerabilities is leaked

Steve Smith talks about the Vault 7 document leaks, and what it means for you.

Episode #7-28 released on March 11, 2017

This week the entire world learned of the CIA's Vault 7 documents released by WikiLeaks. And, while it would take anyone, including myself, a while to read through everything available, I'd like to take a moment to remind people of the cost of privacy, even when you believe the government is doing its job.

The CIA was aware of thousands of vulnerabilities to our everyday devices including any connected device we currently use. Some of which were purchased on the black market, and other government agencies. The massive collection of related tools makes it possible for anyone to gain access to your life. In the hands of a well-meaning government, if that even exists, these tools could allow government officials the ability to detect crimes while they occur, or gain Intel before or after these crimes would occur. However, I subscribe to the logic used by Apple, if a master key is created for anything, even in the safest of hands, it will be leaked, and used by malicious users, as well. This leak only proves this.

What does this mean and why do these vulnerabilities exist? Speaking as a programmer myself, programming isn't necessarily an easy thing to do. Specifically, because of typos, broken logic, backdoors meant for testing forgotten left open, intentional backdoors meant for the good guys, security policies, etc. Even features can be manipulated into being used as a vulnerability. Bugs in programs will continually exist until we change the way we make programming languages, and compilers. And, people will always find ways to exploit the bugs in the code.

This means you can never truly trust your devices. Now, why should you be worried about governments and criminals getting in? Well, like anyone worth their salt will tell you, criminals can gain access to your data by exploiting vulnerabilities. Steal your identity, documents, photos, access bank accounts, blackmail you, etc. Governments can generate a case against its own people by collecting and charging someone of several minor offenses that would never lead you to a court trial by themselves, but as a collection put you away for a long time. This can be used as a deterrent allowing governments a means to control its people. The exact opposite of what a society would expect of a government they voted it.

As an extra note, the CIA has indicated that the list of tools was not used against its own people. Which does not mean it did not scan non-Americans within the country, or individuals or groups outside the country. This makes it a world problem, not just an American issue. There is a lot of arrogance coming out of United States, and many other countries right now, especially if that government thinks it is ok to spy on its own people.

It has, also, been announced by WikiLeaks, that the tools used by the CIA and other groups will be made available to tech companies to fix the vulnerabilities being used against unaware people around the world.

Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net

Sources & Resources