CIA hackers found a way to get into smartphones and read – or listen – to messages instantly, until the conversation could be encrypted by the apps transferring them, according to the documents.
Downloads of encrypted messaging apps similar to Signal have rised since Donald Trump won the presidency in November. Intelligence professionals have linked the spike to general concern between activists, whistle-blowers, journalists and marginalized communities about how Trump would use the nation”s intelligence apparatus to aim for them.
On Tuesday, many took to social media to stress the extent to which messaging apps they believed secure may not be over.

But Moxie Marlinspike, founder of Open Whisper Systems, said, the data show that Signal and apps like it are working, if anything.
“End-to-end encryption has pushed intelligence agencies from unfettered access to mass surveillance to a world where they need to use expensive, high-risk, targeted attacks against individuals to gain access to their information,” he said. “If you use these kinds of attacks on a massive scale, it increases the risk of detection. So to break into people’s phones and get access to encrypted messages, these agencies now need to be very selective. I think that’s a good thing.”
Because end-to-end encryption means that the people engaged in a conversation have the keys to unlock the scrambled message they are sharing would be unable to understand it without the key.
But as stated by the leaked documents, the CIA appears to get bypassed this obstacle by hacking. Hackers which gain access to a device’s operating system might have the ability to record calls and messages in real time, as a person is speaking in their microphone or typing on their keyboard – before the message is actually sent.
“Once you’ve malware on an operating-system level, you can record keystrokes as they’re being typed,” said Jeremiah Grossman, SentinelOne’s chief of security strategy.
Security experts suggested that people continue to encrypt their communication and use apps like Signal and WhatsApp to do so.
“The worst thing which can happen is for users to lose faith in encryption-enabled tools and stop using them,” wrote Cindy Cohn, the executive director of the Electronic Frontier Foundation. “The dark side of the story is that the documents confirm that the CIA holds on to security vulnerabilities in software and devices ” including Android phones, iPhones and Samsung television – that millions of people around the world rely on.”
It was not directly clear how many zero-day vulnerabilities were revealed though WikiLeaks wrote in a news release accompanying the leak that 24 such vulnerabilities were included by the data for Android devices alone. The data dump provided a comprehensive list of attacks the CIA had used to access Android and Apple devices, including several mentions of malicious software that the government appears to have purchased.
For years, technology companies have requested the government to give over details about vulnerabilities and zero days it discovers. Under the Obama administration, the White House issued a compromise known.
For being opaque and difficult to enforce, while allowing the government unchecked authority to decide when to keep information that could compromise millions of devices to itself, critics have long denounced the agreement.
The CIA cache published by WikiLeaks seems to validate these concerns, experts said, and point to a need for greater information sharing between government agencies and tech companies.
“If there is a vulnerability in the wild and it is not making it into the hands of the vendor so that it may be resolved, something is broken,” Rice said. “This ultimately strains tech companies’ relationship with the U.S. government.”
For additional information about spy on an iphone without jailbreaking view our internet page: learn here