MWC: What device highlights did you miss?

So, early last week I predicted that...

How Wireless Will Pave the Path to Neobank Profitability

I'm delighted to bring you an opinion...

An end of an era: Vodafone UK turns off 3G services

I thought it was worthwhile highlighting this...

Vault 7 – New CIA leak demonstrates need for first-party security

As I have mentioned several times in the past, security is of the utmost priority in the digital age. Protecting ourselves against cyber-attacks is vital. However, these attacks are not always obvious. In fact, sometimes they come from places you’d least expect.

On Tuesday, WikiLeaks released a huge bundle of documents which allegedly detail hacking tools and exploits for virtually every major software platform, including iOS and Android. The first batch of documents was codenamed Year Zero whereas the leak as a whole has been dubbed Vault 7 by WikiLeaks.

Though the CIA has neither confirmed nor denied the authenticity of the documents, they do seem to be real. They come in many different forms, including instructions and simple descriptions. The gist of Vault 7 is that the CIA, along with other intelligence agencies, have found ways to circumvent protection measures in major software platforms.

In the iOS and Android documents, a variety of security issues are disclosed. The CIA lists a number of different vulnerabilities and how they managed to exploit them. Using such exploits, the agency was apparently able to bypass encryption measures in apps such as Signal, Telegram, and WhatsApp by collecting data traffic before any type of encryption had been applied.

Exploits for other platforms are also discussed in detail. For example, a Samsung Smart TV was essentially turned into an audio bug in an MI5 project called “Weeping Angel”. Numerous other hacks are explained in detail, providing a wealth of information to Vault 7’s intended readers.

For their part, Google, Apple, and others have maintained that these exploits have all been fixed. In addition to that, all tech companies have once again attempted to remind the world that security is at the top of their priority list. These statements, along with the documents themselves, should all be taken with a grain of salt.

The point to make here, however, is that first-party security is vital. Even if Apple, Google, Microsoft, Samsung, and all the other companies involved in these exploits had their users’ best interests at heart, they often fail to protect them.

In the present day, maintaining one’s privacy and security is seemingly impossible. The choice seems to boil down to whether you wish to use digital services or remain anonymous; the two are seemingly exclusive.

On Wednesday, FBI Director James Comey said something very interesting: “There is no such thing as absolute privacy in America”. To put things in context, Comey was talking about “appropriate circumstances” where a judge, for instance, can dictate the release of private communications.

Though Comey later added that Americans indeed value privacy and that they should have a “reasonable expectation of privacy in [their] homes, in [their] cars, in [their] devices”, such comments should always be measured against the political climate that has surrounded privacy not just with President Trump’s administration but also before that.

Vault 7 is only the latest in a long series of revelations that intelligence agencies and other governmental institutions will practically stop at nothing to obtain information. With tech companies collecting more and more data, and the digital world becoming increasingly transparent on only one part of the scale, how can private citizens remain, well, private?

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recently Published

MWC: What device highlights did you miss?

So, early last week I predicted that next to nothing from Mobile World Congress would break through into the mainstream media. I was right,...

How Wireless Will Pave the Path to Neobank Profitability

I'm delighted to bring you an opinion piece from Rafa Plantier at Gigs.com. I think it's particularly relevant given the recent eSIM news from...

An end of an era: Vodafone UK turns off 3G services

I thought it was worthwhile highlighting this one from the Vodafone UK team. For so long - for what feels like years, seeing the...

Mobile World Congress: Did the mainstream media notice?

I resolved this year to make sure I wrote something - anything - about Mobile World Congress, the huge mobile industry trade show taking...

NordVPN: Thanks again, Revolut

When I upgraded to Revolut's Ultra offering, I did so with a strong focus on the Financial Times digital subscription which normally retails at...

Revolut’s Roaming eSIM: 1 week later

This week I have been using Revolut's new eSIM capability whilst I was in Sweden for Stockholm FinTech Week. I'm an Ultra subscriber so...