Late last year the Dutch government gave its police and central intelligence agency official approval to exploit zero-day vulnerabilities. Other agencies are also taking the view that zero-days are a necessary element of law enforcement. Add in attacks aimed at other products, including those from Microsoft, Google and Samsung, plus Linux, and the actual scale of the CIA's zero-day hoard could be much larger, which means that guesstimates about the total number of zero-days in circulation may have to be pushed up significantly.
Android stockpile app android#
The WikiLeaks documents - known as Vault 7 - apparently show that the CIA has built up a significant stockpile of zero-day flaws to use for surveillance.Īccording to the leaks, in 2016 the CIA had 24 Android zero-day vulnerabilities, which it had either developed itself or obtained from GCHQ, NSA and others. The sorts of flaws that law enforcement and the security services are most interested in would be ones that allow surveillance - perhaps a flaw in a smartphone that allows police to turn on the camera or microphone, or a bug in an email package that allows investigators to read messages. Thousands of classified "secret" and "top secret" files point to a covert effort by the CIA to develop exploits for vulnerabilities in popular phones for surveillance. Secret CIA files detail tools for hacking iPhones, Android, smart TVs
0 kommentar(er)
