Wikileaks dump shows CIA could turn smart TVs into listening devices

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: Dewayne Hendricks <dewayne () warpspeed com>
> Date: March 7, 2017 at 2:46:18 PM EST
> To: Multiple recipients of Dewayne-Net <dewayne-net () warpspeed com>
> Subject: [Dewayne-Net] Wikileaks dump shows CIA could turn smart TVs into listening devices
> Reply-To: dewayne-net () warpspeed com
>
> Wikileaks dump shows CIA could turn smart TVs into listening devices
> By Sam Biddle
> Mar 7 2017
> <https://theintercept.com/2017/03/07/wikileaks-dump-shows-cia-could-turn-smart-tvs-into-listening-devices/>
>
> It’s difficult to buy a new TV that doesn’t come with a suite of (generally mediocre) “smart” software, giving your 
> home theater some of the functions typically found in phones and tablets. But bringing these extra features into your 
> living room means bringing a microphone, too — a fact the CIA is exploiting, according to a new trove of documents 
> released today by Wikileaks.
>
> According to documents inside the cache, a CIA program named “Weeping Angel” provided the agency’s hackers with 
> access to Samsung Smart TVs, allowing a television’s built-in voice control microphone to be remotely enabled while 
> keeping the appearance that the TV itself was switched off, called “Fake-Off mode.” Although the display would be 
> switched off, and LED indicator lights would be suppressed, the hardware inside the television would continue to 
> operate, unbeknownst to the owner. The method, co-developed with British intelligence, required implanting a given TV 
> with malware—it’s unclear if this attack could be executed remotely, but the documentation includes reference to 
> in-person infection via a tainted USB drive. Once the malware was inside the TV, it could relay recorded audio data 
> to a third party (presumably a server controlled by the CIA) through the included network connection.
>
> Wikileaks said its cache included more than 8,000 documents originating from within the CIA and came via a source, 
> who the group did not identify, who was concerned that the agency’s “hacking capabilities exceed its mandated 
> powers,” and who wanted to “initiate a public debate” about the proliferation of cyberweapons. Wikileaks said the 
> documents also showed extensive hacking of smartphones, including Apple’s iPhones; a large library of allegedly 
> serious computer attacks that were not reported to tech companies like Apple, Google, and Microsoft; malware from 
> hacker groups and other nation-states, including, Wikileaks said, Russia, that could be used to hide the agency’s 
> involvement in cyberattacks; and the growth of a substantial hacking division within the CIA, known as the Center for 
> Cyber Intelligence, bringing the agency further into the sort of cyberwarfare traditionally practiced by its rival 
> the National Security Agency.
>
> The smart TV breach is just the latest example of a security problem emerging from the so-called “Internet of 
> Things,” the increasingly large catalog of consumer products that include (or require) an internet connection for 
> contrived “smart” functionality. Last year, the Guardian reported that Director of National Intelligence James 
> Clapper told the Senate that breaching smart devices was a priority for American spies: “In the future, intelligence 
> services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and 
> targeting for recruitment, or to gain access to networks or user credentials.”
>
> [snip]
>
> Dewayne-Net RSS Feed: <http://dewaynenet.wordpress.com/feed/>



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20170307164829:CB4AECDC-037F-11E7-A6B4-B380104CD86B
Powered by Listbox: http://www.listbox.com