CIA Leaks Unsurprisingly Show The Internet Of Broken Things Is A Spy's Best Friend

from the watching-you-watching-me dept

So if you’ve spent any amount of time around here, you probably already know that the security and privacy standards surrounding the internet of (broken) things sit somewhere between high comedy and dogshit. Whether it’s your refrigerator leaking your gmail credentials or your children’s toys leaking kids’ conversations, putting a microphone and camera on everything that isn’t nailed down — then connecting those devices to the internet without thinking about security and privacy — hasn’t been quite the revolution we were promised.

Obviously for the NSA and CIA, the internet of broken things is a field day, and the fact that the intelligence community would exploit this paper-mache grade security should surprise nobody. In fact, James Clapper made it abundantly clear last year that the internet of not-so-smart things was a massive target for surveillance:

“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,? Clapper said.”

As Mike already noted, most of what’s contained in this week’s Wikileaks Vault 7 CIA Document Dump isn’t all that surprising. It includes stockpiled Android and iOS vulnerabilities, revelations that the US government covertly pays to keep US software unsafe and vulnerable (long suspected, now proven), and the fact that the government routinely exploits weak security in the Internet of Things to spy on targets. That includes turning Samsung “smart” televisions, long in the news for poor security and privacy violations, as an on-demand spying apparatus.

The documents highlight a CIA program named “Weeping Angel,” which allows a CIA hacker to use the Samsung smart TV’s microphone to listen in on a target, while the television appears to be off (aka a “fake off mode”). The documents only detail one TV model (the Samsung F8000), and seem to indicate that at least this particular exploit required someone to use an infected USB drive on the television in question:

Given the all-too-frequent lack of encryption (or hey, much security at all when it comes to collecting and transmitting data), it’s still reasonable to surmise that a remote attack is perfectly possible on a laundry list of IoT devices, including televisions. Also, as the Intercept notes, given the problems we’ve repeatedly documented with smart televisions, it would be naive to think other sets aren’t impacted:

“Security and cryptography researcher Kenneth White told The Intercept that smart TVs are ?historically a pretty easy target? and ?a pretty great attack platform,? given that TVs are typically located in a living room or bedroom.? White added that ?there is zero chance the [CIA has] only targeted Samsung. It?s just too easy to mod other embedded OSes? found in the smart TVs sold by every other manufacturer.”

Again, not particularly surprising for a tech segment repeatedly facing lawsuits for failing to disclose that TVs collect user data, or scandals involving sending this collected data unencrypted over the internet. In 2015, Samsung was forced to issue a lengthy mea culpa after users actually bothered to read the company’s privacy policy, revealing that user TVs were watching them watching it. Samsung assured users the company takes “consumer privacy very seriously and our products are designed with privacy in mind,” a FAQ also reassuring users that if there’s no notification, your TV isn’t listening:

How do I know it?s listening or not?

  • If the TV?s voice recognition feature is turned on for a command, an icon of a microphone will appear on the screen.
  • If no icon appears on the screen, the voice recognition feature is off.”
  • Apparently not. Again, this might be less of a threat if TV vendors actually took user privacy seriously, utilized system settings that made device functionality transparent, or made it easy to disable functionality of dubious value on demand. But like the rest of the Internet of Things industry, companies were so hyped to use connectivity to hoover up private user data non-transparently, their ethical apathy left the door wide open to intruders (state sponsored or otherwise).

    But hey, know that the intelligence community doesn’t think you should be worried. Ex-CIA Director Gen. Michael Hayden went on The Late Show with Steven Colbert to insist that the CIA certainly doesn’t use smart TVs to spy on people (something he called a “wonderful capability”), and certainly not to spy on American citizens:

    Feel better?

    Filed Under: , , , ,
    Companies: samsung

    Rate this comment as insightful
    Rate this comment as funny
    You have rated this comment as insightful
    You have rated this comment as funny
    Flag this comment as abusive/trolling/spam
    You have flagged this comment
    The first word has already been claimed
    The last word has already been claimed
    Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

    Comments on “CIA Leaks Unsurprisingly Show The Internet Of Broken Things Is A Spy's Best Friend”

    Subscribe: RSS Leave a comment
    Anonymous Coward says:

    Re: Re: Re:

    The power of entrenched intelligence bureaucracy absolutely exists. Any regular reader of Techdirt knows this.

    If you want to say that the Trump administration twists the meaning of the term deep state like they do of fake news and hurl it at their political opponents that’s a valid argument.

    But to dismiss it entirely and say the phrase should never be used hurts public discourse.

    Anonymous Coward says:

    Re: Re: Re: Re:

    TBH, I don’t think Trump is quite the buffoon many make him out to be.

    For instance, based on articles in several MSM news organizations, Trump communications were intercepted between his camp and the Russians.

    So he tweets about being tapped and the same organizations are claiming that Trump was monitored, that he’s making it all up with no proof.
    They play semantic games like focusing on specific words like “Tapped”, etc.. and ask the former POTUS if he ORDERED the tap, not if he was aware of it.
    Clapper denying anything is a joke, as we know he will lie through his teeth under oath.

    I think it was a pretty brilliant move with the tweets because it forces his detractors to put up or shut up.
    You can’t claim you have evidence of collusion (yet to be seen) and then deny there was any spying.

    I am no Trump fan, more of a small government, libertarian, but if you can look past the rabid hatred from either side for the other, it’s pretty interesting to watch. Kind of like watching a movie that makes no attempt to obscure it’s intent or plot. Just good old fashioned entertainment.

    Anonymous Coward says:

    Re: Re: Re:4 Re:

    See the January 19 and 20 editions of The New York Times. Front page stories saying Trump was wiretapped.

    Yeah, except that isn’t at all what that story says. Unless, of course, you’re saying that Trump is actually Russian and thus monitoring the Russians is the same thing as tapping Trump.

    There are many other examples.

    So you’ve got many more lies up your sleeve, huh? I expected nothing less.

    Anonymous Coward says:

    But you don't mind Google with its thermostat division?

    Google is a spy’s commercial front. — It’s nailed down that the CIA funded Google’s start.

    [I bet this one never appears. Kritisch von Google ist verboten! Techdirt usually diappears or long delays my comments. You wouldn’t know if I didn’t tell you, right? And you never see it denied by Techdirt; the only response is fanboys try to justify censoring.] [Of course, by saying it won’t appear, I’m trying to get them to prove me wrong! It’s a game. This will go in about 1215 pacific.]

    Stephen T. Stone (profile) says:

    Re: But you don't mind Google with its thermostat division?

    Even if Techdirt moderators are "pre-censoring" your comments, all you can do is whine about it. You cannot legally force Techdirt to accept your comments; if you believe otherwise, please point to the law that guarantees you the use of someone else’s platform against their will.

    Uriel-238 (profile) says:

    So what we got from the Vault 7 CIA Document Dump...

    Was pretty much the biggest day-zero exploit warning EVAR!

    It’s an embarrassment for the CIA that they got hacked. It’s an embarrassment for those OS systems exploited that they were able to be hacked.

    Now all we need is for our OS engineers to clean their backyards…thereby cleaning ours.

    All in all this is one of those things that could make things stronger, if we weren’t all so distracted looking at shiny balls of foil.

    Uriel-238 (profile) says:

    Re: Re: create an unhackable OS...

    I really do, don’t I?

    I’m pretty sure that while we couldn’t make one that was completely unhackable (Kurt Gödel had a thing or to to say about that) there’s a difference between the degree of open and exploitable we have now (which was cultured, with companies getting paid to intentionally delay zero-day alerts and fixes) and a system where exploits are short lived, once detected.

    We don’t need a system that’s completely invulnerable. We need a system that is invulnerable enough that it’s expensive for the CIA to penetrate it and they’re limited to attacks on persons of extreme interest.

    Then the bear rule applies: so long as there are more dangerous (more appealing) targets than ourselves, we need not worry about CIA attacks due to (say) mere dissent.

    Anonymous Coward says:

    All this shit is just another fucking can of worms, once you open the box……..

    Its the same mentality that brought the mass production of highly destructive weapons……..we’ve learned nothing

    War criminals does’nt quite cut it, they’ve gone beyond it, and no signs of stopping………i hate to think what 10 years of this is gonna look like…………maybe we get lucky and someone with an iota of sense gets behind the wheel, and turns this bus around, away from that looming giant fucking crater……i mean, its pretty fucking hard to miss……i mean….COME ON!……..its a giant fucking crater

    Uriel-238 (profile) says:

    Re: Distraction by Trump

    The chaos around the White House serves as a continuous whirlpool of distractions, within which Trump’s agenda gets served, except that this chaos seems to extend to the WH staff. I think only Trump is used to working as if every day was take-out-the-trash day, and I think he’s used to not really getting all that much done in such a maelstrom.

    It’s possible that the leak release was timed to correspond with other events, but it will be hard to say until we see how they interact.

    The investigation of the White House administration and its interactions with Putin and the Russian administration is going to continue, and I suspect it will be slowed more by GOP obstructionism than by news distractions.

    More distressing is that the CIA can be hacked like this at all. If documents regarding their tools are inadequately secured, what else is already in malicious hands?

    Uriel-238 (profile) says:

    Re: "Least Untruthful Response"

    The White House has made so many claims since Trump’s administration that have been verifiably counterfactual, I think Trump, and anyone from whom he commands total loyalty (e.g. Spicer, Conway) are the least truthful source. Of course, Trump has shown to have almost no grip on reality, so the White House may just be very, very, very inaccurate.

    Considering how post-Snowden, US government scared away a whole lot of viable hackers from state employment, it’s very possible Russia has a stronger cyberwarfare sector than the US, even though the US has three agencies at least (FBI, CIA, NSA) that engage in cyberwarfare practices. Sadly, despite DHS’ efforts to get them to play nice with each other, they really don’t

    So by your (spurious) logic, Putin would be the least trustworthy, having at his hands the most hacking resources.

    Still, all that aside, Trump super keen to get cuddly with Russia, which is really contrary to US policy since Putin’s been a total authoritarian and expansionist ass. Remember they’re still in Crimea which they’ve annexed by force. It’s that (and not Putin’s record of assassinating a gagillion dissentors) that has the US State Department (and Europe, and the UN) sore at the Russian administration.

    Speaking of convenient, it is very convenient that the US has been reduced to a floundering buffoon. When Putin’s army rolls into Estonia, Trump is going to be completely beside himself rather than organize a measured military response.

    Or are you thinking Estonia and most of Eastern Europe is not your problem?

    Maybe we’ll get lucky and Mattis will handle it while Trump’s staffers distract him from the telly.

    Digitari says:

    Re: Re: "Least Untruthful Response"

    It’s Good that the world thinks the USA is “floundering bufoons”, and with “madman” Trump in the Whitehouse, they won’t try any crap because they think he just might push the button.
    (My nephew works for the NSA, I have not seen nor spoken to him in the last decade since he has had the job, I do, however, trust him)

    With the last 8 years of “The droner in Chief,” the USA really cannot cast many aspersions.

    Uriel-238 (profile) says:

    Re: Re: Re: "Least Untruthful Response"

    If by droner in Chief you mean to imply you disapprove of Obama’s drone-strike programs in Afghanistan and Pakistan, I wholeheartedly agree.

    It’s also a continuation of Bush’s use of targeted killings in the war on terror, just with drones instead of Private Security Contractors. Same massacres, not as close-up-and-personal.

    Targeted Killings has been a US policy since we ceased using assassination as a military tactic, since it becomes too easy to use assassination for political or personal targets rather than military ones. The only problem is targeted killing has (almost) all of the same problems as assassination and then all of the problems of terror attacks. TKs targeting a guy just with bombs (or death squads) rather than a single sniper or ninja. And it leads to more civilian deaths.

    So I’m right there with you regarding our CIA drone strike programs.

    But calling Obama the Droner In Chief doesn’t really contrast him to Trump (who’s eager to continue drone-strikes, if not open new programs) and is way on board with extrajudicial detention and interrogation (e.g. capture and torture without due process) or really all of the war atrocities of Iraqi Freedom. Trump is keen to be the New Holocaust president.

    Regarding the thermonuclear problem, Trump is not the same madman that Nixon was, who was essentially playing good cop / bad cop alongside Kissinger to secure Strategic Arms Limitation Treaties (and put the fear of God into Ho Chi Minh).

    Trump with the US thermonuclear arsenal, in contrast, is closer to giving nukes to Caligula. We’re less likely to see a nuclear attack on Russia, given Trump’s irrational fondness of Putin (and the threat of severe retaliation). But he may well nuke Iran for the fun of it. Or Mexico. Or California. Because he’s a real madman who has shown evidence of a severe disconnect regarding action and consequences.

    Regardless, Trump’s insanity will only move forward Putin’s expansionist ambitions, not slow them.

    And yes, the world trembles at the might of Trump the madman, knowing that any of us could be targets based on his whimsy and what he reads in Breitbart or Fox News.

    That’s a state of destabilization and it’s only a good thing in political thrillers, not IRL.

    Uriel-238 (profile) says:

    Re: Re: Re:3 Targeted Killings

    I thought it was implicit, but it’s good to make things clear.

    An assassination involves a precise hit, say a sniper shot, or a spy with a gun or poisoned tea. Ideally there are no other casualties than the target.

    Targeted killing involves dropping a bomb or other large anti-personnel ordinance at the location where the target is allegedly on site. Bush would send in private security contractors as death squads to cleanse a zone of anyone alive.

    Obama’s method during his administration was to use drone strikes, at least in Afghanistan and Pakistan. The CIA drone strike program in Afghanistan averaged 500 strikes a year at its nadir, but is tapering off. Meanwhile the Pakistan program is still accelerating.

    The difference between Assassinations and Targeted Killings is semantic. Assassinations are associated with political targets rather than military and are not considered ethical and involve a lot of blowback. But since a targeted killing technically targets not a person but the location, it allows for plausible deniability, and a strike can be called a success even if the intended target escapes.

    Really, one could write some good Catch-22-style military satire about targeted killings, given how somehow doing a hit with massive civilian casualties is less embarrassing to an industrialized state than doing the same hit with no casualties, because of how the mission is defined.

    Uriel-238 (profile) says:

    Re: Re: Re: Regarding your nephew

    You may trust your nephew to do some semblance of the right thing at the NSA but I don’t. I expect that he passes around uncovered private cheesecake photos much like the rest of the NSA interns. That’s common practice according to Snowden, and been regarded as an accepted perk of spying assignments in espionage and law enforcement since the 50s. Even the TSA hands around particularly notable nude-scans for intra-office entertainment.

    I also expect he’d do his duty and report on people who’s forth-amendment rights were just bypassed by a secret court, even if their crimes have nothing to do with whatever terror assignment is on. At this point it’s accepted policy within the NSA to report uncovered suspect activity (and large amounts of seize-worthy assets) to local law enforcement.

    I’m sure your nephew is a good little soldier.

    drwho28 (profile) says:

    names of programs

    I think that the intelligence community should continue naming their covert spy programs after various dr who villains. it will make them easier to hate as long as they continue to name them things like “weeping angels”. nothing makes you more angry than associating spy programs with those beings who took our favorite whovian companions.

    K says:


    CIA, which actually stands for central idiot agency, is comprised [mostly] of, not all, reject Maxwell Smarts of television’s spy spoof, also comprised of mostly idiot spies.

    I will however, make one distinction: is that least Maxwell Smart was a kind soul.

    The CIA is mostly filled with demonic serial killing, child killing, child torturing pedophiles.

    Some day soon, they will all be held accountable for each and every filthy and diabolical action they’ve taken against each and every child

    and all others they’ve tortured and murdered. But the CIA=anyone who is doing absolutely nothing about this damnable issue and who can. Includes anyone the world over as well.


    jaquer0 (profile) says:

    Camera and mic should be physically removable

    The only way cameras and mics can be considered secure is if they are physically removable, i.e., if they are an add-on module. Promises by the companies that their security is better are worthless, since they a) may get to the TV (or whatever) and break the protection before the consumer gets it or b) Hack it once in consumer’s possession. Settings and even physical switches are worse than useless, as they can be bypassed. Physical removal is the only way.

    Not allowing the TV to connect to the Internet would lead to many limitations in functionality that consumers are unlikely to accept.

    Uriel-238 (profile) says:

    Re: Really, no one?

    In corporate US, TV watches you.

    I don’t think we take seriously the notion that we’re a democracy anymore. Some people have been corrected on these forums America is a republic

    According to the Oxford study, it’s behaved mostly as a corporate oligarchy since the early 20th century. And the rate of corruption is still a net positive, so that government agencies increasingly follow the will of corporate interests rather than public interests.

    In the failed democracy, the United States of America, TV watches you. (As do all our appliances and devices.)

    Add Your Comment

    Your email address will not be published. Required fields are marked *

    Have a Techdirt Account? Sign in now. Want one? Register here

    Comment Options:

    Make this the or (get credits or sign in to see balance) what's this?

    What's this?

    Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

    Follow Techdirt

    Techdirt Daily Newsletter

    Techdirt Deals
    Techdirt Insider Discord
    The latest chatter on the Techdirt Insider Discord channel...