Today, there has been widely held misconceptions circulating in the media which revolves around the reports of CIA documents being disclosed by WikiLeaks. The misconstructions are that the exploits utilized are in Signal, WhatsApp, and that the CIA has successfully penetrated through the Signal Protocol Encryption.
Since the news articles referred to these applications, the media discourses are suggesting that the civilian foreign intelligence service possesses bulletproof methods of bypassing the securities incorporated within the crucial chat infrastructure. This is false. The documents disclosed by WikiLeaks does not indicate any proof that the attacks are definitely targeted at the apps Signal and WhatsApp. Instead, the attacks are utilized to seize control of your entire phone. Logically, this would bypass the encrypted chat applications since it circumvents nearly all security structures embedded within the device. The attacks intercept messages on the device prior their encryption. Hence, the encryption is not even defeated. Sure that the CIA can bypass your VPN and that they can spy on your Tor Browser usage. Many people are thinking that using Signal, VPNs, or the Tor Browser is unsafe now. Evidently, this does not hold to be true. What is happening is that since the CIA has the ability to infiltrate your device and gain complete control of it, they possess the power to observe everything occurring on the device while watching an episode of The Walking Dead or Project Runway simultaneously in Langley. But again, this doesn’t mean the CIA will target specifically at you. A high profile individual or enterprise is more deserving of being a prospective target. No offense to you. Remember the CIA has to make an effort to target your phone specifically. They don’t have the manpower to deal with most of us. Time is money. Thus, we can make the justification that Signal and WhatsApp are still safe.
There is the misconception that the CIA are precise in everything they do. In reality, they aren’t perfect. It is undeniable that they possess tremendous resources and they are powerful government bureau. However, remember that no one and no organization is perfect. Had the CIA been perfect, Snowden’s heroism or if you perceive it, his notoriety would remain unrecognizable and obscure. Optimism triumphs pessimism. It is crucial to remain positive in this age of massive surveillance by governments. Contrary to the beliefs that the CIA are godlike or possess some sort of dark side, it is more reasonable to perceive them as ordinary people with families to care for. They have an important job which relates to national security and foreign matters. More importantly, we should remember that they along with the FBI do protect us from threats to our safety and security. Have a little faith, people. Nevertheless, it is certainly possible that the CIA have indeed cracked the encryption of the apps, but there is a lack of clear evidence provided by WikiLeaks.
The CIA/Wikileaks story today is about getting malware onto phones, none of the exploits are in Signal or break Signal Protocol encryption.
— Open Whisper Systems (@whispersystems) March 7, 2017
It amazes me that there are also a ton of people that have absolutely no idea what they are talking about using the trending hashtag #Vault7 on Twitter. Thus, this misconception is not merely continuously spread out, but also emphasizes the significance of having to inform others what the consequences are for spreading these deceitful notions. This is frustrating to see for the people in the Information Security industry. By repeatedly spreading these fallacies, this leads to the inducement of a moral panic, people that use Signal may refrain from ever using it again since they perceive the app has having been successfully “bypassed” by the CIA’s engineers and developers. This is what the CIA exactly wants to see happen. It makes their jobs easier when users cease usage of the applications. The CIA would be laughing hysterically in Langley.
Below are some examples of misconceptions being circulated throughout Twitter that illustrates the perpetuation of a potentially devastating misunderstanding:
The CIA used techniques to bypass encrypted apps:
— NIRP Umbrella (@NIRPUmbrella) March 7, 2017
— EXPOSINGTHRUTH (@higginsgggg) March 8, 2017
WikiLeaks release said CIA managed to bypass encryption in mobile apps by compromising the entire phone https://t.co/OYmSNvSApL
— The New York Times (@nytimes) March 7, 2017
— The Boston Globe (@BostonGlobe) March 7, 2017
CIA can bypass signal encryption, I actually didn't think that was possible. This is a huge deal #Vault7
— not maclain (@OGfirealarm420) March 7, 2017
As you can perceive, the famous New York Times made a few adjustments in regards to the discourses in their article and tweets. Nonetheless, people are still thinking that using Signal or WhatsApp now lacks merit. Therefore, what I’m really saying is don’t discontinue using Signal, WhatsApp, the Tor Browser, and VPNs. By doing so, you are merely making it easier for the CIA to gain control and increased surveillance over the world. The moral panic is just an illusion perpetuated by misinformed individuals, technically challenged people and news outlets. Don’t contribute to the misconceptions.