Archives March 2017

The most striking thing about the WikiLeaks CIA data dump is how little most people cared

“On March 7, the US awoke to a fresh cache of internal CIA documents posted on WikiLeaks. They detail the spy organization’s playbook for cracking digital communications.

Snowden’s NSA revelations sent shockwaves around the world. Despite WikiLeaks’ best efforts at theatrics—distributing an encrypted folder and tweeting the password “SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds”—the Vault 7 leak has elicited little more than a shrug from the media and the public, even if the spooks are seriously worried. Maybe it’s because we already assume the government can listen to everything.”

Google’s crowd-sourced CAPTCHA “intelligence” turning invisible

We train the machine so well, and it’s use so ubiquitous, that it can become invisible: Google is making CAPTCHAs invisible using “a combination of machine learning and advanced risk analysis that adapts to new and emerging threats,” Ars Technica reports. Emphasis added.

“The old reCAPTCHA system was pretty easy — just a simple “I’m not a robot” checkbox would get people through your sign-up page. The new version is even simpler, and it doesn’t use a challenge or checkbox. It works invisibly in the background, somehow, to identify bots from humans.

When sites switch over to the invisible CAPTCHA system, most users won’t see CAPTCHAs at all, not even the “I’m not a robot” checkbox. If you are flagged as “suspicious” by the system, then it will display the usual challenges.

reCAPTCHA was bought by Google in 2009 and was used to put unsuspecting website users to work for Google. Some CAPTCHA systems create arbitrary problems for users to solve, but older reCAPTCHA challenges actually used problems Google’s computers needed to solve but couldn’t. Google digitizes millions of books, but sometimes the OCR (optical character recognition) software can’t recognize a word, so that word is sent into the reCAPTCHA system for solving by humans. If you’ve ever solved a reCAPTCHA that looks like a set of numbers, those were from Google’s camera-covered Street View cars, which whizz down the streets and identify house numbers. If the OCR software couldn’t figure out a house number, that number was made into a CAPTCHA for solving by humans. The grid of pictures that would ask you to “select all the cats” was used to train computer image recognition algorithms.”

WikiLeaks reveals CIA’s secret hacking tools and spy operations

“WikiLeaks has unleashed a treasure trove of data to the internet, exposing information about the CIA’s arsenal of hacking tools. Code-named Vault 7, the first data is due to be released in serialized form, starting off with “Year Zero” as part one. A cache of over 8,500 documents and files has been made available via BitTorrent in an encrypted archive. Password to the files is:

SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds

The documents reveal that the CIA worked with MI5 in the UK to infect Samsung smart TVs so their microphones could be turned on at will. Investigations were carried out into gaining control of modern cars and trucks, and there is even a specialized division of the CIA focused on accessing, controlling and exploiting iPhones and iPads. This and Android zero days enables the CIA to “to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the “smart” phones that they run on and collecting audio and message traffic before encryption is applied.”