CIA Vault 7

Topics that do not fit anywhere else. Absolutely NO discussions of religion, race, or immigration!

Moderators: carlson1, Charles L. Cotton

User avatar

Pariah3j
Senior Member
Posts in topic: 1
Posts: 865
Joined: Thu Oct 08, 2015 5:03 pm
Location: Webster

Re: CIA Vault 7

#46

Post by Pariah3j »

anygunanywhere wrote:Just because I'm paranoid they're out to get me doesn't mean they aren't.
:iagree: Truer words... I've been called a conspiracy nut for proposing the CIA can and has done some of the very things proposed in Vault 7

And to those asking how
mojo84 wrote: I am duly impressed with all of the technoligical knowledge and expertise that has been flaunted in this thread. I still have one question, with all of this awesome knowledge about incredible encryption technology and data protection, how in the world are all of these various breaches happening?
Social engineering - still the most powerful tool in a hacker/spy/analist toolkit
"When governments fear the people, there is liberty. When the people fear the government, there is tyranny" - Thomas Jefferson
User avatar

ScottDLS
Senior Member
Posts in topic: 13
Posts: 5052
Joined: Sun Jun 26, 2005 1:04 am
Location: DFW Area, TX

Re: CIA Vault 7

#47

Post by ScottDLS »

Beiruty wrote:
mojo84 wrote:I have a feeling some of the same folks that are saying there is no worries regarding the US government would spy on them are some of the same ones that would have an aneurysm if a cop stopped them and asked to see their LTC.

I am duly impressed with all of the technoligical knowledge and expertise that has been flaunted in this thread. I still have one question, with all of this awesome knowledge about incredible encryption technology and data protection, how in the world are all of these various breaches happening?

Then again, if you have nothing to worry about, why worry about about the government monitoring or ID'ing you?
The encryption software provider would provide a back door access to the Federal Agencies and under the protection of no-see, no-tell, not-me....
It is true for almost all software providers.
Most of the software providers use cipher suites where the encryption source code is available and has been published for quite some time. How would they build back doors in the encryption that would not be recognized and called out by experts?

During the Clinton administration an attempt was made to pass a law REQUIRING a back door in all commercial encryption (skipjack cipher and clipper chip hardware). It failed, It also would be relatively easy to defeat, by plugging in your own cipher. So how are the software manufacturers getting away with this subterfuge?

It would certainly be easier for the government (or a hostile government) to do this in hardware appliances implementing encryption...like routers, switches, firewalls. In fact it is REQUIRED to put in mechanisms for the FBI to tap into communications equipment, but they still likely can't easily crack the encryption.
4/13/1996 Completed CHL Class, 4/16/1996 Fingerprints, Affidavits, and Application Mailed, 10/4/1996 Received CHL, renewed 1998, 2002, 2006, 2011, 2016...). "ATF... Uhhh...heh...heh....Alcohol, tobacco, and GUNS!! Cool!!!!"
User avatar

TexasJohnBoy
Banned
Posts in topic: 4
Posts: 1999
Joined: Sun Mar 22, 2015 4:21 pm
Location: North Texas

Re: CIA Vault 7

#48

Post by TexasJohnBoy »

mojo84 wrote:Then again, if you have nothing to worry about, why worry about about the government monitoring or ID'ing you?
Image
TSRA Member since 5/30/15; NRA Member since 10/31/14

treadlightly
Senior Member
Posts in topic: 5
Posts: 1335
Joined: Mon Jan 05, 2015 1:17 pm

Re: CIA Vault 7

#49

Post by treadlightly »

Beiruty wrote:The encryption software provider would provide a back door access to the Federal Agencies and under the protection of no-see, no-tell, not-me....
It is true for almost all software providers.
This is why open source encryption is about all you can trust. Hopefully somebody spotted the errors in implementation before you downloaded it.

I don't think the NSA can crack AES256 if it's implemented correctly. That cipher leverages the one true uncrackable encryption tool, exclusive or.

It's called AES256 because the key is a 256 place binary number. That's pretty big. 1.15 times ten to the 77th power. Minus one, if you want to be nit-picky.

The Milky Way galaxy is 100,000 light years in diameter. If it were a sphere with that diameter, it would have a surface area of 3.14 times ten to the tenth power light years, a number that fits easily in 256 bits.

In fact, if my math is correct and the HP25 simulator on my iPhone hasn't been hacked by the NSA, the surface area of a Milky Way-sized sphere, expressed in square Angstroms, times 413,611,060,000,000 is what it takes to fill up a 256 bit number.

A 256 bit number is so large it could have even contained the national debt through nearly the first 90 days of Obama's third term in office, had we enjoyed his beneficence for another round.

It's that big.

philip964
Senior Member
Posts in topic: 1
Posts: 17957
Joined: Wed Sep 30, 2009 12:30 pm

Re: CIA Vault 7

#50

Post by philip964 »

I had sorta previously figured the government was doing all the things that were covered in the release of vault 7.

What I enjoyed was having it confirmed. That and all the cool names.

I figured people like HP or Intel were installing extra chips for the government into the printers or computers, so the CIA could remotely take over a printer and have it send them any thing that the target printed or typed. Or guide a cruise missile to the target.

I figured that any computer with a US made chip could be activated in a time of war to turn off and not aid the enemy.

When you realize how sophisticated the attack on the Iranian centrifuges was, you can easily realize how much they can do.

But like the breaking of the German code in WW2, you can't in many times use it to its full potential unless it is something really important.

Now we find Best Buy geek squad was helping the FBI by scanning your computer when you brought it in for repairs looking for illegal stuff.

I think for someone who has become a target, you have to assume everything you do is monitored by someone.

I've assumed everything we say here is being monitored, stored and screened for those words we shouldn't type, less we become an interest to someone out there.

ninjabread
Senior Member
Posts in topic: 2
Posts: 647
Joined: Tue Jan 17, 2017 7:12 pm

Re: CIA Vault 7

#51

Post by ninjabread »

mojo84 wrote:I am duly impressed with all of the technoligical knowledge and expertise that has been flaunted in this thread. I still have one question, with all of this awesome knowledge about incredible encryption technology and data protection, how in the world are all of these various breaches happening?
https://blog.keepersecurity.com/wp-cont ... /00001.jpg
mojo84 wrote:Then again, if you have nothing to worry about, why worry about about the government monitoring or ID'ing you?
https://www.wsj.com/articles/SB10001424 ... 0830760842
This is my opinion. There are many like it, but this one is mine.

User avatar

ScottDLS
Senior Member
Posts in topic: 13
Posts: 5052
Joined: Sun Jun 26, 2005 1:04 am
Location: DFW Area, TX

Re: CIA Vault 7

#52

Post by ScottDLS »

philip964 wrote:I had sorta previously figured the government was doing all the things that were covered in the release of vault 7.

What I enjoyed was having it confirmed. That and all the cool names.

I figured people like HP or Intel were installing extra chips for the government into the printers or computers, so the CIA could remotely take over a printer and have it send them any thing that the target printed or typed. Or guide a cruise missile to the target.

I figured that any computer with a US made chip could be activated in a time of war to turn off and not aid the enemy.


When you realize how sophisticated the attack on the Iranian centrifuges was, you can easily realize how much they can do.

But like the breaking of the German code in WW2, you can't in many times use it to its full potential unless it is something really important.

Now we find Best Buy geek squad was helping the FBI by scanning your computer when you brought it in for repairs looking for illegal stuff.

I think for someone who has become a target, you have to assume everything you do is monitored by someone.

I've assumed everything we say here is being monitored, stored and screened for those words we shouldn't type, less we become an interest to someone out there.
I'm not sure they are that blatant. Maybe high end routers and telephone switches. The TV's and printers are more hacks and malware. Now I wouldn't be surprised if the Chinese are doing it. And there really are very few US manufactured chips...at the end of the day for all the talk, nobody really wants a wafer fab in their backyard. TI was going to build one in Richardson 22 years ago, but I think they gave up. Let them pollute the air and water in China...

I know US government is very paranoid about the electronics in defense applications. Those probably built here (for cost plus, of course) by the big defense contractors. I know my company (a "little" defense contractor) decided to stop buying Lenovo (previously IBM) Thinkpads because they are made in China, now we buy NEC.

If you become a target, it will probably be quite difficult to keep your privacy, but I always take some comfort in the fact that there is SO much information out there, that the chances of me being picked out of the petabytes of data are pretty low, especially if I take reasonable precautions. :yawn
4/13/1996 Completed CHL Class, 4/16/1996 Fingerprints, Affidavits, and Application Mailed, 10/4/1996 Received CHL, renewed 1998, 2002, 2006, 2011, 2016...). "ATF... Uhhh...heh...heh....Alcohol, tobacco, and GUNS!! Cool!!!!"
User avatar

TexasJohnBoy
Banned
Posts in topic: 4
Posts: 1999
Joined: Sun Mar 22, 2015 4:21 pm
Location: North Texas

Re: CIA Vault 7

#53

Post by TexasJohnBoy »

ScottDLS wrote:
philip964 wrote:I had sorta previously figured the government was doing all the things that were covered in the release of vault 7.

What I enjoyed was having it confirmed. That and all the cool names.

I figured people like HP or Intel were installing extra chips for the government into the printers or computers, so the CIA could remotely take over a printer and have it send them any thing that the target printed or typed. Or guide a cruise missile to the target.

I figured that any computer with a US made chip could be activated in a time of war to turn off and not aid the enemy.


When you realize how sophisticated the attack on the Iranian centrifuges was, you can easily realize how much they can do.

But like the breaking of the German code in WW2, you can't in many times use it to its full potential unless it is something really important.

Now we find Best Buy geek squad was helping the FBI by scanning your computer when you brought it in for repairs looking for illegal stuff.

I think for someone who has become a target, you have to assume everything you do is monitored by someone.

I've assumed everything we say here is being monitored, stored and screened for those words we shouldn't type, less we become an interest to someone out there.
I'm not sure they are that blatant. Maybe high end routers and telephone switches. The TV's and printers are more hacks and malware. Now I wouldn't be surprised if the Chinese are doing it. And there really are very few US manufactured chips...at the end of the day for all the talk, nobody really wants a wafer fab in their backyard. TI was going to build one in Richardson 22 years ago, but I think they gave up. Let them pollute the air and water in China...

I know US government is very paranoid about the electronics in defense applications. Those probably built here (for cost plus, of course) by the big defense contractors. I know my company (a "little" defense contractor) decided to stop buying Lenovo (previously IBM) Thinkpads because they are made in China, now we buy NEC.

If you become a target, it will probably be quite difficult to keep your privacy, but I always take some comfort in the fact that there is SO much information out there, that the chances of me being picked out of the petabytes of data are pretty low, especially if I take reasonable precautions. :yawn
Some can be pretty blatant...
https://www.eff.org/pages/list-printers ... cking-dots
https://arstechnica.com/security/2015/1 ... ching-you/

Others are downright in your face if you read the license... (which in the case of google you pretty much agree to instantly)
https://www.forbes.com/sites/gordonkell ... 0-tracking
https://www.wired.com/2014/12/google-on ... recaptcha/
Instead of depending upon the traditional distorted word test, Google’s “reCaptcha” examines cues every user unwittingly provides: IP addresses and cookies provide evidence that the user is the same friendly human Google remembers from elsewhere on the Web. And Shet says even the tiny movements a user’s mouse makes as it hovers and approaches a checkbox can help reveal an automated bot.
(It knows which websites you've visited, what you bought on amazon, and how you move your mouse on your computer...)

And there's the good, old fashioned, "How in the world did anyone think that this should be legal?" kind of stuff.
http://www.newsweek.com/what-cell-ls-th ... ers-268589
Last week, the city of Oakland, California, released documents revealing that three local jurisdictions applied for a Homeland Security grant to obtain a “state-of-the-art cell phone tracking system” with 4G tracking abilities. Other areas, including Tacoma; Baltimore; Chesterfield, Virginia; Sunrise, Florida; and Michigan's Oakland County are also seeking upgrades.
^Thats more of your tax dollars being funneled back to the states in order to infringe on your 4th amendment rights ;-)

This stuff just makes me want to scream.
TSRA Member since 5/30/15; NRA Member since 10/31/14
User avatar

ScottDLS
Senior Member
Posts in topic: 13
Posts: 5052
Joined: Sun Jun 26, 2005 1:04 am
Location: DFW Area, TX

Re: CIA Vault 7

#54

Post by ScottDLS »

None of this stuff is putting secret chips in printers, tv sets, and computers.

-The tracking dots are known to be in printers and they were specifically asked for by the government in models that they buy so they could detect where leaks/unauthorized copies were coming from.

-If you can't mask your IP and cookies from Google or anyone else you're failing Privacy 101.

-Everybody knows about the Stingray cell-tower spoofing. Assume anything you say on an unencrypted commercial wireless device is insecure. Take out your SIM and battery before you embark on any black ops...or prepare to be tracked by Pauley Perrette and Mark Harmon from NCIS. Cote de Pablo will track me :evil2:

99% of the easy surveillance can be defeated with commercially available tools and logical precautions. If you read Schneier's stuff at EFF and at his blog you can learn a lot. One point that he makes that is excellent is that encryption is just one tool against one particular type of threat. Other boring stuff like locks, safes, keeping your mouth shut, hiding places, etc. all have their uses too. I can have all my data encrypted on my Macbook Pro, but it won't stop the guy from smashing my car window in and grabbing off the seat to sell at the flea market. They won't get my next great American novel, but they'll get my $2200 gadget. :biggrinjester:
4/13/1996 Completed CHL Class, 4/16/1996 Fingerprints, Affidavits, and Application Mailed, 10/4/1996 Received CHL, renewed 1998, 2002, 2006, 2011, 2016...). "ATF... Uhhh...heh...heh....Alcohol, tobacco, and GUNS!! Cool!!!!"

Abraham
Senior Member
Posts in topic: 2
Posts: 8400
Joined: Tue Aug 14, 2007 8:43 am

Re: CIA Vault 7

#55

Post by Abraham »

This discussion reminds me why (at times) I quit reading/watching the news.

Getting anxious over that I've no control isn't my cup of tea.

What good is vexatious knowledge?

Ignorance can be bliss and yes, I'm complacently ignorant and loving it.

I've already a long list of stuff I worry about, so given the thrust of this thread , I'm going to put my noggin back in the sand and simply not bother about cryptic this, or prying that or governmental over reach the other and so on...nope, not gonna do it, wouldn't be prudent.

Ah complacency, come here my friend, I have a hug for you!

Look, a butterfly...
User avatar

Wolverine
Member
Posts in topic: 1
Posts: 96
Joined: Wed Oct 29, 2014 6:57 pm

Re: CIA Vault 7

#56

Post by Wolverine »

Abraham wrote:This discussion reminds me why (at times) I quit reading/watching the news.

Getting anxious over that I've no control isn't my cup of tea.

What good is vexatious knowledge?

Ignorance can be bliss and yes, I'm complacently ignorant and loving it.

I've already a long list of stuff I worry about, so given the thrust of this thread , I'm going to put my noggin back in the sand and simply not bother about cryptic this, or prying that or governmental over reach the other and so on...nope, not gonna do it, wouldn't be prudent.

Ah complacency, come here my friend, I have a hug for you!

Look, a butterfly...
Do you mean nano drone? :coolgleamA:
"When injustice becomes law, resistance becomes duty."
III
User avatar

TexasJohnBoy
Banned
Posts in topic: 4
Posts: 1999
Joined: Sun Mar 22, 2015 4:21 pm
Location: North Texas

Re: CIA Vault 7

#57

Post by TexasJohnBoy »

ScottDLS wrote:None of this stuff is putting secret chips in printers, tv sets, and computers.

-The tracking dots are known to be in printers and they were specifically asked for by the government in models that they buy so they could detect where leaks/unauthorized copies were coming from.

-If you can't mask your IP and cookies from Google or anyone else you're failing Privacy 101.

-Everybody knows about the Stingray cell-tower spoofing. Assume anything you say on an unencrypted commercial wireless device is insecure. Take out your SIM and battery before you embark on any black ops...or prepare to be tracked by Pauley Perrette and Mark Harmon from NCIS. Cote de Pablo will track me :evil2:

99% of the easy surveillance can be defeated with commercially available tools and logical precautions. If you read Schneier's stuff at EFF and at his blog you can learn a lot. One point that he makes that is excellent is that encryption is just one tool against one particular type of threat. Other boring stuff like locks, safes, keeping your mouth shut, hiding places, etc. all have their uses too. I can have all my data encrypted on my Macbook Pro, but it won't stop the guy from smashing my car window in and grabbing off the seat to sell at the flea market. They won't get my next great American novel, but they'll get my $2200 gadget. :biggrinjester:
I'm more worried about
Image

You and I may know these things, but I firmly believe that most people have no idea, or don't care.
TSRA Member since 5/30/15; NRA Member since 10/31/14
User avatar

Flightmare
Senior Member
Posts in topic: 1
Posts: 3088
Joined: Wed Mar 09, 2016 7:00 pm
Location: Plano, TX

Re: CIA Vault 7

#58

Post by Flightmare »

TexasJohnBoy wrote:
ScottDLS wrote:None of this stuff is putting secret chips in printers, tv sets, and computers.

-The tracking dots are known to be in printers and they were specifically asked for by the government in models that they buy so they could detect where leaks/unauthorized copies were coming from.

-If you can't mask your IP and cookies from Google or anyone else you're failing Privacy 101.

-Everybody knows about the Stingray cell-tower spoofing. Assume anything you say on an unencrypted commercial wireless device is insecure. Take out your SIM and battery before you embark on any black ops...or prepare to be tracked by Pauley Perrette and Mark Harmon from NCIS. Cote de Pablo will track me :evil2:

99% of the easy surveillance can be defeated with commercially available tools and logical precautions. If you read Schneier's stuff at EFF and at his blog you can learn a lot. One point that he makes that is excellent is that encryption is just one tool against one particular type of threat. Other boring stuff like locks, safes, keeping your mouth shut, hiding places, etc. all have their uses too. I can have all my data encrypted on my Macbook Pro, but it won't stop the guy from smashing my car window in and grabbing off the seat to sell at the flea market. They won't get my next great American novel, but they'll get my $2200 gadget. :biggrinjester:
I'm more worried about
Image

You and I may know these things, but I firmly believe that most people have no idea, or don't care.
Thanks for the flashbacks of that movie! :P
Deplorable lunatic since 2016
Post Reply

Return to “Off-Topic”