Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Blogs

Google Claims It Fixed the Security Holes the CIA Exploited

Nate Vickery

WikiLeaks shook the internet again on March 7, 2017, by posting several thousand documents containing information about the tools the CIA allegedly used to hack, among others, Android and iOS devices. These classified files were obtained from the CIA's Center for Cyber Intelligence, although they haven't yet been verified and a CIA official declined to comment on this incident.

This isn't the first time that the U.S. government agencies were accused of crossing the line and undermining online security and civil liberties, as it's been only a year since the infamous FBI-Apple encryption dispute. It's like "1984" all over again.

March 2017

According to these documents, the alleged exploits took place between 2013 and 2016, while at least 24 Android vulnerabilities were identified. Among them were hacking tools capable of turning Android and iPhone devices, smart TVs, and computers into "covert microphones". Chrome was targeted by the EggsMayhem attack, the Sulfur exploit caused Android to leak critical OS information, while the RoidRage bundle was used to obtain remote control over Android devices. At first, all the tech companies from Silicon Valley maintained their silence, but two days later, Google's Manager of Information Security, Heather Adkins, said that many of the vulnerabilities referred to in the report were fixed.

However, security specialists say that those government intrusions on privacy, although undeniably severe and illegal, haven't been reported to affect versions of Android after 4.4. Google is currently busy analyzing their security issues, and working on implementing further protections. Apple also issued a statement saying that their users were protected as the latest iOS version contained security patches for the mentioned exploits. Security protocols of many chat apps such as Facebook's WhatsApp, Signal, or Weibo, were broken, too.

All this obviously puts not only many individual users, but also numerous companies at risk, as their privacy can be easily violated and their trade secrets exposed. That's why it's wise to think about alternative methods of communication and constant security software testing.

February 2016

On December 2, 2015, 14 people were killed, while 22 were injured in a terrorist attack at the Inland Regional Centre in San Bernardino, California. The perpetrators were subsequently killed in a shoot-out with the police. During the investigation, the FBI found an Apple iPhone 5C, issued to one of the terrorists by the San Bernardino County, as he was its employee. However, the phone had a password and couldn't be unlocked due to its advanced security features.

The FBI asked Apple to help them and disable certain security features, which the company declined on the grounds of its policy of never undermining the security features of their products. This case sparked a heated debate regarding the importance of security and encryption both in court and among the general public. A poll conducted by the Pew Research Center on the sample of 1,022 adults showed that 51% of the U.S. citizens supported the FBI, while 38% agreed with Apple, although the company warned that creating a backdoor to the iPhone could pose a threat to the data security, as the government or hackers could potentially unlock any iPhone.

Finally, the FBI used a tool purchased from a third party unlock the device and withdrew the request. This incident is still a controversial matter in the U.S.

December 2013

In December 2013, it was revealed that the NSA and the UK's GCHQ entered the realm of online gaming and started collecting data from the likes of WoW and Second Life, as an attempt to track potential terrorists. The two intelligence agencies claimed, although their efforts weren't fruitful, that terrorists might be using MMORPG networks in order to stay under the radar thus making it easier for them to communicate, plan attacks, or even move money.

This was revealed, together with many other NSA surveillance practices, by Edward Snowden. As a result, 8 tech giants, including Facebook, Google, and Microsoft penned an open letter to the Obama Administration requesting reforms of government surveillance practices.

By Nate Vickery, Consultant
Related topics: Cybersecurity, Networks, Privacy
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.

Related

Topics

Cybersecurity

Sponsored byVerisign

IP Addressing

Sponsored byAvenue4 LLC

Mobile Internet

Sponsored byAfilias

DNS Security

Sponsored byAfilias

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.