WikiLeaks’ lawyers sharply criticize Laura Poitras’ documentary Risk

The lawyers—Margaret Ratner Kunstler (widow of radical lawyer William Kunstler), Deborah Hrbek, Renata Avila and Melinda Taylor—explain they are speaking out because they believe Risk “places our clients in legal jeopardy.” Poitras’ documentary, they argue, “serves to undermine WikiLeaks just as the Trump administration has announced that it intends to prosecute its journalists, editors and associates.” The most logical conclusion to draw is that Poitras, under pressure from the pro-Democratic Party and left-feminist circles in which she travels, has accommodated herself to the anti-WikiLeaks campaign.

— source

The WikiLeaks revelations and the crimes of US imperialism

With increasing frequency, aggressive foreign policy moves by Washington have been palmed off by the media and political establishment as defensive responses to “hacking” and “cyber-espionage” by US imperialism’s geopolitical adversaries: Russia and China.

For months, news programs have been dominated by hysterical allegations that Russia “hacked” the Democratic National Committee in order to subvert the 2016 election. As the print and broadcast media were engaged in feverish denunciations of Russia, the US and its NATO allies moved thousands of troops and hundreds of tanks to the Russian border.

Not content to allege interference only in the American election, the US media and its international surrogates have alleged Russian meddling in elections in France, Germany and other far-flung countries. Prior to the current furor over Russian “hacking” of the election, the Obama administration used allegations of “hacking” and “intellectual property theft” to justify the trade sanctions and military escalation against China that accompanied its “pivot to Asia.”

Whenever the State Department, the CIA or unnamed “intelligence officials” proclaim another alleged “cyber” provocation by Washington’s geopolitical rivals, news anchors breathlessly regurgitate the allegations as fact, accompanying them with potted infographics and footage of masked men in darkened rooms aggressively typing away at computer keyboards.

But the official narrative of a benevolent and well-intentioned US government coming under attack from hordes of Russian and Chinese hackers, spies and “internet trolls” was upended Tuesday with the publication by WikiLeaks of some 9,000 documents showing the methods used by the Central Intelligence Agency to carry out criminal cyber-espionage, exploitation, hacking and disinformation operations all over the world.

The documents reveal that the CIA possesses the ability to exploit and control any internet-connected device, including mobile phones and “smart” televisions. These tools, employed by an army of 5,000 CIA hackers, give the agency the means to spy on virtually anyone, whether inside or outside the United States, including foreign governments, “friend” and foe alike, as well as international organizations such as the United Nations.

The WikiLeaks documents expose the United States as the world’s greatest “rogue state” and “cyber criminal.” The monstrous US espionage network, paid for with hundreds of billions in tax dollars, uses diplomatic posts to hide its activities from its “allies,” spies on world leaders, organizes kidnappings and assassinations and aims to influence or overturn elections all over the world.

On Tuesday, former CIA director Michael Hayden replied to the revelations by boasting, “But there are people out there that you want us to spy on. You want us to have the ability to actually turn on that listening device inside the TV to learn that person’s intentions.”

One can only imagine the howls of indignation such statements would evoke in the American press if they were uttered by a former Russian spymaster. In his comments, Hayden barely attempts to cover up the fact that the United States runs a spying and political disruption operation the likes of which Russian President Vladimir Putin or Chinese President Xi Jinping could only dream of.

The WikiLeaks documents show that the United States seeks to cover up its illicit operations by planting false flags indicating that its geopolitical adversaries, including Russia and China, bear responsibility for its crimes.

Cybersecurity expert Robert Graham noted in a blog post, for example, that “one anti-virus researcher has told me that a virus they once suspected came from the Russians or Chinese can now be attributed to the CIA, as it matches the description perfectly to something in the leak.”

The revelations have already begun to reverberate around the world. German Foreign Ministry spokesman Sebastian Fischer said Wednesday that Berlin was taking the revelations “very seriously,” adding, “issues of this kind emerge again and again.” Meanwhile Germany’s chief prosecutor has announced an investigation into the contents of the documents, with a spokesperson telling Reuters, “We will initiate an investigation if we see evidence of concrete criminal acts or specific perpetrators…We’re looking at it very carefully.”

The documents expose the CIA’s use of the US consulate in Frankfurt, Germany as a base for its spying and cyber operations throughout Europe, employing a network of intelligence personnel including CIA agents, NSA spies, military secret service personnel and US Department of Homeland Security employees. Many of these operatives were provided with cover identities and diplomatic passports in order to hide their operations from the German and European governments.

Wednesday’s rebuke by the German government followed the revelations in 2013 by Edward Snowden that “unknown members of the US intelligence services spied on the mobile phone of Chancellor Angela Merkel,” as Germany’s top prosecutor put it in 2015.

The US media, true to its function as a propaganda arm of the CIA and other intelligence agencies, immediately sprang into action to minimize the significance of the revelations and to accuse Russia, entirely without substantiation, of having released the documents in an effort to subvert US interests.

NPR quoted favorably the statements of Hayden, who declared, “I can tell you that these tools would not be used against an American,” while the Washington Post quoted a bevy of security experts who said there is nothing to worry about in the documents. It favorably cited one such “expert,” Jan Dawson, who declared, “For the vast majority of us, this does not apply to us at all … There’s no need to worry for any normal law-abiding citizen.”

Such absurd statements, made about a security apparatus that was proven by Snowden’s revelations to have spied on the private communications of millions of Americans, and then lied about it to the public and Congress, were taken as good coin by the US media.

Just one day after the WikiLeaks revelations, the media spin machine was already busy portraying them as part of a Russian conspiracy against the United States, and indicting WikiLeaks for acting as an agent of foreign powers. “Could Russia have hacked the CIA?” asked NBC’s evening news program on Wednesday, while another segment was titled “Could there be a [Russian] mole inside the CIA?”

The types of spying and disruption mechanisms revealed in the documents constitute a key instrument US foreign policy, which works to subvert the democratic rights of people all over the planet in the interest of US imperialism. No methods, whether spying, hacking, blackmail, murder, torture, or, when need be, bombings and invasion, are off the table.

Andre Damon

— source

WikiLeaks Dump Shows CIA Could Turn Smart TVs into Listening Devices

It’s difficult to buy a new TV that doesn’t come with a suite of (generally mediocre) “smart” software, giving your home theater some of the functions typically found in phones and tablets. But bringing these extra features into your living room means bringing a microphone, too — a fact the CIA is exploiting, according to a new trove of documents released today by WikiLeaks.

According to documents inside the cache, a CIA program named “Weeping Angel” provided the agency’s hackers with access to Samsung Smart TVs, allowing a television’s built-in voice control microphone to be remotely enabled while keeping the appearance that the TV itself was switched off, called “Fake-Off mode.” Although the display would be switched off, and LED indicator lights would be suppressed, the hardware inside the television would continue to operate, unbeknownst to the owner. The method, co-developed with British intelligence, required implanting a given TV with malware—it’s unclear if this attack could be executed remotely, but the documentation includes reference to in-person infection via a tainted USB drive. Once the malware was inside the TV, it could relay recorded audio data to a third party (presumably a server controlled by the CIA) through the included network connection.

WikiLeaks said its cache included more than 8,000 documents originating from within the CIA and came via a source, who the group did not identify, who was concerned that the agency’s “hacking capabilities exceed its mandated powers,” and who wanted to “initiate a public debate” about the proliferation of cyberweapons. WikiLeaks said the documents also showed extensive hacking of smartphones, including Apple’s iPhones; a large library of allegedly serious computer attacks that were not reported to tech companies like Apple, Google, and Microsoft; malware from hacker groups and other nation-states, including, WikiLeaks said, Russia, that could be used to hide the agency’s involvement in cyberattacks; and the growth of a substantial hacking division within the CIA, known as the Center for Cyber Intelligence, bringing the agency further into the sort of cyberwarfare traditionally practiced by its rival the National Security Agency.

The smart TV breach is just the latest example of a security problem emerging from the so-called “Internet of Things,” the increasingly large catalog of consumer products that include (or require) an internet connection for contrived “smart” functionality. Last year, the Guardian reported that Director of National Intelligence James Clapper told the Senate that breaching smart devices was a priority for American spies: “In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.”

Security and cryptography researcher Kenneth White told The Intercept that smart TVs are “historically a pretty easy target” and “a pretty great attack platform,” given that TVs are typically located in a living room or bedroom.” White added that “there is zero chance the [CIA has] only targeted Samsung. It’s just too easy to mod other embedded OSes” found in the smart TVs sold by every other manufacturer.

This new WikiLeaks dump contains no apparent information about who exactly was targeted by Weeping Angel, or when. It’s also unclear how many models of Samsung TVs were vulnerable to Weeping Angel — the CIA documents published by WikiLeaks only mention one model, the F8000 (albeit a very popular and well-reviewed model: Engadget described it as “the best smart TV system you’ll find anywhere.”) After privacy concerns about Samsung’s TV voice recognition feature spread in 2015, the company released an FAQ meant to soothe worried consumers. Addressing the question of “How do I know it’s listening or not?,” Samsung assured users that “If the TV’s voice recognition feature is turned on for a command, an icon of a microphone will appear on the screen,” but “if no icon appears on the screen, the voice recognition feature is off.”

This assurance about displayed icons is of course worth nothing if the CIA has hijacked the TV. What Samsung seems to have taken for granted was that the company, and its customers, could fully control the operation of its televisions. As the CIA’s Fake-Off exploit shows, the company’s assurances to consumers that a TV’s voice recognition controls would operate in a transparent manner do not hold true once spies and (potentially other hackers) get involved.

Samsung did not immediately return a request for comment. A CIA spokesperson replied “We do not comment on the authenticity or content of purported intelligence documents.”

— source by Sam Biddle

WikiLeaks revelations raise new questions about the death of journalist Michael Hastings

One of the 8,761 internal CIA documents leaked by WikiLeaks on Tuesday reveals that the agency’s Center for Cyber Intelligence has been exploring methods to hack into vehicle systems since at least 2014. As WikiLeaks noted in its release accompanying the documents, “The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.”

While the anti-secrecy organization makes no specific charges in this regard, this information raises new troubling questions about the car crash that killed journalist Michael Hastings in June of 2013.

Hastings, who was 33 when he died, was the Rolling Stone reporter who wrote an article in 2010 that led to the removal of General Stanley McChrystal from his post as ranking US commanding officer in Afghanistan. Hastings perished at around 4:30 a.m. after losing control of his car and crashing into a tree while traveling at about 100 mph.

At the time of his death, Hastings was investigating another major figure within the Obama administration’s military and intelligence apparatus, then-CIA Director John Brennan. At the time, police declared that there was no “foul play” involved in the accident. Before the accident, however, Hastings had informed his colleagues that he was under government surveillance. He also suspected that his own vehicle had been tampered with, having asked a neighbor to lend him a car.

What the WikiLeaks documents show is that Hastings’ suspicions about his vehicle could very well have been justified. Meeting notes dated October 2014 show that the CIA has a division known as the Embedded Development Branch which lists “potential mission areas,” such as software and networking devices, as targets for hacking. One of the targets listed is “vehicle systems (e.g., VSEP),” likely referring to the embedded computer systems that play a major role in the operation of modern cars (though the acronym is not spelled out).

Embedded systems are computers designed and built to solve only a few specific problems. They are not designed to take human input, but rather are a combination of hardware and software that is designed to do a specific task as a permanent part of a larger system, such as traffic lights, airplane controls or assembly lines in a factory. While in general the software of embedded systems is hard to change by design, the CIA memo indicates that gaining the ability to control many types of these computers is one of the goals of the agency.

One piece of software in embedded systems specifically mentioned by the CIA memo is the operating system QNX, which the memo states is a “big player in VSEP.” Indeed, according to QNX Software Systems Limited, the software has been deployed in more than 50 million vehicles across at least 14 different brands, more than 50 percent of the market share of modern cars.

While QNX is generally advertised as an infotainment system—regulating things such as Bluetooth connectivity, GPS, and music—it has been increasingly used to operate more critical systems of the car, such as the safety and navigation systems, which include things like power steering and acceleration. Thus, if a person or an agency were able to hack a car equipped with QNX, it is possible that they could force the car to crash by disabling brakes, causing uncontrolled acceleration and depriving a driver of steering. And since recovering software commands after the hardware has caught on fire is difficult at best, such hacks would be very hard to detect.

Though there is not a clear indication that the CIA developed these tools beyond the “potential” for them to exist, one tool mentioned in the memo, “Weeping Angel,” has been developed and deployed. Weeping Angel is designed to infest smart TVs and transform them into microphones that covertly record nearby conversations and send what was said back to the CIA. No doubt other tools in the list of hacks wanted by the agency have also been developed.

Moreover, if the CIA has developed the ability to hack the QNX operating system, it would give it control over more than just automobiles. In January, the company announced a new version of its software that is available for tasks that involve “surgical robots, industrial controllers and high-speed trains,” raising the potential for sabotage on an international scale.

Going further, it would apparently also be possible for the CIA to attack a car (or a factory, or a train) and make it seem as if another country did it. Part of the WikiLeaks revelations include a program known as “Umbrage,” which is a library of cyberattack techniques developed in other countries, including Russia. If one of these is designed to attack embedded systems, or if the CIA can make it look as if their code was developed in another country, the next time that a journalist investigating the CIA dies in a car crash, it might be claimed that it was the “Chinese” or the “Russians” who did it.

— source by Bryan Dyne

CIA’s New “Digital Innovation” Division Can’t Seem to Keep Its Own Secrets

Two years ago, John Brennan, who was then director of the Central Intelligence Agency under President Obama, announced a far-reaching and controversial reorganization of the CIA. Before, most agency employees were assigned to one of four “directorates.” The Directorate of Operations, the agency’s eyes and ears, handled espionage in the field. The Directorate of Intelligence was the brains, processing and synthesizing raw intelligence, then writing it up into “assessments” and “estimates,” which percolated all the way up to the Oval Office. The Directorate of Science and Technology made the gear. The Directorate of Support managed the back office and kept the ships running on time.

Brennan’s reorganization added a brand-new Directorate of Digital Innovation, or DDI. Officially, the new directorate was responsible for “the integration of our digital and cyber capabilities.” This meant retrofitting the CIA for cyberwar, where victory depends on hacking other peoples’ secrets and protecting your own. Now, with the “Vault 7” release from WikiLeaks, it looks as though the youngest wing of the CIA is surprisingly porous. While it remains to be seen exactly what the rest of “Vault 7” will bring, the first batch of files appear to come almost exclusively from within the new directorate.

Of course, has CIA long engaged in cyber-espionage. Before Brennan established a new digital directorate, offensive cyber operations were undertaken by the CIA’s Information Operations Center. One of the Vault 7 files, called “Fine Dining,” gives a detailed overview of how the CIA’s cyber capabilities support operations in the field. Spies could request support to digitally surveil everyone from foreign governments to system administrators to their own “assets” or sources, even if their contact with the target was less than one minute long.

Unlike the Snowden disclosures, the initial Vault 7 release does not have much to say about exactly who the CIA was targeting and whether it have engaged in domestic spying. The techniques described in the files—surreptitiously implanted malware, hoarded “zero day” attacks,” and eavesdropping to smart TVs—are advanced but not mind-blowing. What is more surprising is how an agency charged with protecting the nation’s secrets apparently failed to keep track of its own. Vault 7 figures to be the most serious public breach of CIA secrecy since 1969, when case officer Philip Agee resigned and wrote a firsthand exposé on covert CIA activities in Latin America.

Last summer, the new directorate’s deputy director told Bloomberg that a “well-meaning but incompetent insider” is at fault for cyber breaches. That the WikiLeaks documents would come from within the new DDI is especially embarrassing for Brennan, who served as Obama’s White House counter-terrorism advisor during years when the administration pursued multiple investigations into journalists and their sources. Even as Brennan was publicly blaming Edward Snowden for the 2015 Paris attacks, he appears to have had some trouble mopping up the leaks in his own house. According to WikiLeaks, the CIA’s “hacking arsenal” was “circulated among former U.S. government hackers and contractors in an unauthorized manner.” While it is possible that the unauthorized circulation occurred after Brennan’s departure, in January 2017, the documents themselves date from 2013 to 2016, years when Brennan was pushing through his internal overhaul.

In November, Reuters published a long report on Brennan’s re-organization plan, which concluded the plan would involve “weakening the role of the Directorate of Operations.” The CIA has long had internal friction between Operations and Analysis. The Intercept reported in November last year that Trump’s national security team is considering reversing Brennan’s reforms. The most controversial part of Brennan’s re-organization is the creation of ten new “mission centers,” based around individual issues and regions, that brought analysts and career case officers together on a single staff. Some in Operations saw Brennan as representative of perceived defects in the analyst culture—data-driven, risk-adverse, with an increasing bias for signals intelligence over on-the-ground human sources.

A former CIA employee from the directorate of operations, who asked not be named because of the classified nature of their work, said many inside the agency were critical of Brennan’s reforms. “The joke we’d tell about Brennan was that big ops carry big risk, little ops carry little risk, and no ops carry no risk,” they said.

— source by Mattathias Schwartz