WikiLeaks says it releases files on CIA cyber spying tools

WASHINGTON (Reuters) – Anti-secrecy group WikiLeaks on Tuesday published what it said were thousands of pages of internal CIA discussions about hacking techniques used over several years, renewing concerns about the security of consumer electronics and embarrassing yet another U.S. intelligence agency.

Nintendo wins a key case against a 3DS modchip seller

Nintendo is no stranger to cracking down on companies that sell tools enabling pirated games on its consoles. However, its latest victory might be more important than most. The company has won a copyright case in Canada that accused Go Cyber Shopping…

‘Trumpcare’: dead on arrival?

Got a minute? House bill to replace Obamacare hits wall of resistance from Republicans … but Trump calls it ‘wonderful’ … and everything else today in US politics. By Tom McCarthy

10.06pm GMT

“Obamacare Lite”, “bad policy”, and a “warmed-over substitute” – those were just some of the early reviews from conservative groups for a House GOP plan to repeal and replace Barack Obama’s healthcare law.

Lukewarm reception

10.05pm GMT

Republican politicians held a news conference to reject the bill and call for a straight repeal of Obamacare instead. That set up a clash with Donald Trump, who called the bill “wonderful” and said: “I’m proud to support the replacement plan.”

Read about the bill

Continue reading…

The CIA Didn’t Break Signal or WhatsApp, Despite What You’ve Heard

There’s been one particularly misleading claim repeated throughout coverage of CIA documents released by WikiLeaks today: That the agency’s in-house hackers “bypassed” the encryption used by popular secure-chat software like Signal and WhatsApp.

By specifically mentioning these apps, news outlets implied that the agency has a means of getting through the protections built into the chat systems. It doesn’t. Instead, it has the ability, in some cases, to take control of entire phones; accessing encrypted chats is simply one of many security implication of this. Wikileaks’ own analysis of the documents at least briefly acknowledges this, stating that CIA “techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the ‘smart’ phones that they run on and collecting audio and message traffic before encryption is applied.”

The claim was then taken out of what little context WikiLeaks provided and repeated by widely read outlets like the New York Times:

the Boston Globe:

Mashable:

and this AP reporter retweeted by the AP itself:

Contrary to the clear implication from these journalists and news sources, the documents WikiLeaks published do not appear to show any attack specific Signal or WhatsApp, but rather a means of hijacking your entire phone, which would of course “bypass” encrypted chat apps because it thwart virtually all other security systems on the device, granting total remote access to the CIA.

The Wikileaks dump also includes information about CIA malware that can hack, and remotely spy on and control, computers running Windows, macOS, and Linux. Which means that it’s also true that the CIA can bypass PGP email encryption on your computer. And the CIA can bypass your VPN. And the CIA can see everything you’re doing in Tor Browser. All of these things can be inferred by the documents, but that doesn’t mean using PGP, VPNs, or Tor Browser isn’t safe. Basically, if the CIA can hack a device and gain full control of it — whether it’s a smartphone, a laptop, or a TV with a microphone — they can spy on everything that happens on that device. Saying Signal is bypassed because the CIA has control of the entire device Signal is installed on is akin to saying the diary you keep in your bedside table is vulnerable because the CIA has the ability to break into your house. It’s true, technically, but not exactly a revelation, and odd to fixate on to the exclusion of other vulnerable items.

To its credit, the Times deleted its tweet and changed the language it used in its article, but there’s probably going to be some lingering damage in the form of people now under the impression that using Signal or WhatsApp could make them less safe, when the reverse is true.

It of course remains possible (as it always has and always will) that the CIA has cracked the encryption of Signal, WhatsApp, or any other piece of software. But WikiLeaks hasn’t provided any evidence of that here today.

The post The CIA Didn’t Break Signal or WhatsApp, Despite What You’ve Heard appeared first on The Intercept.

An Instagrammer’s guide to starting uni

Starting university is a big step – new friends, new challenges, and figuring out just how much coffee it takes to fuel an all night study session! It also means paying close attention to your finances. Whether you’re moving out of home, buying new text books, or just trying to budget for your daily flat white, there’s a lot of things to think about when it comes to managing your income. Instagrammer Jessica O’Connell (@jessicalauren) shows us how she keeps her university balances in check.

Continue reading…