Yahoo, today, published an article that was titled:
WikiLeaks aid on CIA software holes could be mixed blessing
And the basis of the article was that, Wikileaks has offered to provide the information to tech companies on how the CIA is breaking into their phones and TVs, in most likely, an illegal manner.
Interesting outtakes can be found here:
NEW YORK (AP) — WikiLeaks has offered to help the likes of Google and Apple identify the software holes used by purported CIA hacking tools — and that puts the tech industry in a bind.
While companies have a responsibility — not to mention financial incentive — to fix problems in their software, accepting help from WikiLeaks raises legal and ethical questions.
WikiLeaks founder Julian Assange said Thursday that the anti-secrecy site will work with technology companies to help defend them against software vulnerabilities in everyday gadgets such as phones and TVs. In an online news conference, Assange said some companies had asked for more details about the purported CIA cyberespionage toolkit that he revealed in a massive disclosure on Tuesday.
“We have decided to work with them, to give them some exclusive access to the additional technical details we have, so that fixes can be developed and pushed out,” Assange said. The digital blueprints for what he described as “cyberweapons” would be published to the world “once this material is effectively disarmed by us.”
Tech companies could run into legal difficulties in accepting the offer, especially if they have government contracts or employees with security clearances.
“The unauthorized release of classified documents does not mean it’s unclassified,” said Stewart Baker, a former official at the Department of Homeland Security and former legal counsel for the National Security Agency. “Doing business with WikiLeaks and reviewing classified documents poses a real risk for at least their government contracting arms and their cleared employees,” Baker said.
But tech companies might face a bigger problem with public perception. “They don’t want to be seen as endorsing or supporting an organization with a tainted reputation and an unclear agenda,” Cattanach said.
For instance, WikiLeaks published thousands of emails, some embarrassing, from breached Democratic Party computers and the account of a top aide to Hillary Clinton during the 2016 election. Those emails were stolen by hackers connected to the Russian government, an act U.S. intelligence agencies concluded was a Russian attempt to help Donald Trump win the presidency.
“You are getting in bed with someone who is … happy to harm the interests of the United States in whatever way they can,” Baker said. “That does raise concerns of an ethical sort for companies that take their nation seriously.”
A BETTER PATH
Ideally, the CIA would have shared such vulnerabilities directly with companies, as other government agencies have long done. In such a case, companies would not only be dealing with a known entity in an above-board fashion, they might also obtain a more nuanced understanding of the problems than might be apparent in documents or lines of computer code.
And if companies could learn details about how the CIA found these vulnerabilities, they might also find additional vulnerabilities using the same technique, said Johannes Ullrich, director of the Internet Storm Center at the SANS Institute.
As you can see, the journalist is siding with the CIA here and basically calling another journalistic outfit, Wikileaks, a front for the Russians.. in so many words, also suggesting that the companies should work WITH the CIA when it’s the CIA that broke into their systems or discovered vulnerabilities that left ALL of us exposed to nefarious hackers.