Julian Assange of WikiLeaks during a live-streamed press conference on Thursday. CIA hacking tools described in documents released by WikiLeaks are actually a good sign, privacy experts say.Screenshot by CNET
In all this talk of a CIA hacking playbook, is there a silver lining? Privacy advocates seem to think so.
That might surprise you. Nothing makes a person feel vulnerable in quite the same way as hearing that everyday electronics are being turned into spy devices. And that's exactly what we heard Tuesday, when WikiLeaks published thousands of documents that appeared to reveal CIA tools for hacking into computers, phones and even smart TVs. CNET is unable to verify whether the documents are real or have been altered.
Still, the news prompted Edward Snowden to post on Twitter , "It may not feel like it, but computer security is getting better."
Here's the idea: If CIA spies are spending their time hacking the phones of suspected terrorists or foreign spies, that means they aren't relying on spy programs that are much more intrusive and essentially hack the entire internet.
Autoplay: ON Autoplay: OFF
Moose and squirrel, meet spy vs. spy
Sure, hacking a smart TV is creepy . But it's a far cry from the National Security Agency programs Snowden, a former NSA contractor, revealed to journalists in 2013. Those programs -- in particular the tools known asMuscular andUpstream -- suck up huge amounts of internet traffic and store it for the NSA to comb through later. Privacy advocates refer to these as dragnets, and there's every possibility your information has been pulled in by these programs, whether or not you're an American citizen.
"The NSA has been caught running dragnet intelligence," said Dan Petro, a cybersecurity expert who specializes in spotting networks and devices that are vulnerable to hacking. The agency's programs are so broad, he said, "it sounds like it's something out of a Rocky and Bullwinkle cartoon."
But you can't scoop up that volume of data by hacking a phone, Petro said. In fact, what the WikiLeaks documents show is the opposite of a dragnet, and that's Snowden's point.
The CIA and NSA didn't respond to requests for comment for this story.
'Encryption works; patch your software'
Moxie Marlinspike, the creator of an encryption tool that scrambles up communications sent on messaging apps Signal and WhatsApp, agrees with Snowden. In fact, it's the increased use of these apps -- and encryption more broadly -- that's forcing spy agencies to turn to hacking their targets, according to a statement put out Tuesday by Marlinspike's company, Open Whisper Systems.
"Ubiquitous end-to-end encryption is pushing intelligence agencies like the CIA from a world of undetectable mass surveillance to a world where they have to very selectively use high-risk, expensive, targeted attacks," the statement said.
Maybe you're still concerned that the CIA has the tools to hack the operating system on your phone. OK, fair enough. Eva Galperin, director of cybersecurity at the pro-privacy Electronic Frontier Foundation, says the best defense against hacking tools is updating your software.
Indeed,Apple,Google andMicrosoft have all said their products are already safe from most of the tools outlined by the WikiLeaks documents if you're using their latest software. If you can't update your software because you're using a really old device, but you care about keeping hackers out of your phone, it's time to consider an upgrade.
"I think for ordinary people, the takeaway is: 'Encryption works; patch your software,'" Galperin said.
CNET Magazine: Check out a sampling of the stories you'll find in CNET's newsstand edition,right here.
Life, disrupted: In Europe, millions of refugees are still searching for a safe place to settle. Tech should be part of the solution. But is it?CNET investigates.