NSA GitHub – Are they really being transparent

Earlier this week it came to light that the NSA (National Security Agency) had created a GitHub account, and realises some programs on the platform.  This bring up a number of questions, firstly are they really trying to be that transparent or is it a novel way to try and win back the trust of the public.
Thankfully the source code for all of the application is available so it is possible to see what is going on within them, as a major concern of mine would be the potential back doors or snooping application like this could do to e user if they where not able to actually see what was going on…

But this does still beg the question as to why they have realised it, now it is not uncommon for application and other such items to trickle down the pipe line to the more “consumer” market eventually but after the vault 7 leaks a few month ago it is possible to see that they have so many more application with much more malicious uses than the few that eye have realised for the public. So there is the potential they they have realsed stuff that is out dated to them or that they don’t feel will be to compromising to all if their activitys.

CIA Hacking: Apple

There has recently been a lot of ‘Data Dumped’ regarding the CIA having hacking tools that target vulnerability in Apple devices. In an article posted by the BBC it suggest that the CIA have been hacking into devices from some of the biggest manufactures and tech companies such as Apple, Samsung and Microsoft.

This all came to light after Wikileaks release a huge amount of documentation that talks about and explains the CIA’s hacking tools.  Wikileaks states that there is an entire division within the CIA that is targeting mobile devices. This is allegedly the CIA’s Mobile development Branch. This branch has reportedly been developing malware to target Apple iPhone and iPads, it then goes onto state how the CIA has a number of local and remote “zero days” exploits that it has either developed its self or has received from another cyber security agency such as GCHQ. There is also speculation that they have purchased some of these exploits from a private companies and contracts that focus on finding vulnerability or zero day faults and then selling them for a profit.

In my opinion the fact that the CIA has been hording vulnerability on devices such as iPhones and iPads doesn’t come as a surprise, if you look back to the ‘San Bernardino‘ case from last year in which apple refused to give up the password to a phone that was connected to that case. This was huge news at the time because apple told the FBI it would not help them, and a lot of companies jumped on the band wagon and supported apple. But eventually a Israeli company sold the FBI and application that would allow them to gain access to the device. So people shouldn’t be surprised when this sort of things happens, my argument would be if a private company can develop tools to compromise an iPhone then the US Government and all of its many resources will be able to achieve the same thing. Granted the iPhone password cracking is slightly different to potential monitoring and recording on a mass scale, but even if there where to have recorded all of the convocations and retrieved as much data as they possibly could from all of the devices they infected. You have to consider the fact that around 15% of the population use IOS devices that would be an extreme amount of data to processes. I would also speculate that 99% of people would have nothing to worry about because unless you were targeted directly then you would just be a possible compromised device and nothing more to the CIA.

If this all interest you i would suggest you read into it more on the Wikileaks site its self. They are  calling this data dump ‘Vault 7‘ so feel free to browse that at your own leisure but there are thousand of pages and documents in this dump.