Aletho News

ΑΛΗΘΩΣ

Is the Vault 7 Source a Whistleblower?

By Jesselyn Radack | Expose Facts | March 13, 2017

It is the leakiest of times in the Executive Branch. Last week, Wikileaks published a massive and, by all accounts genuine, trove of documents revealing that the CIA has been stockpiling, and lost control of, hacking tools it uses against targets. Particularly noteworthy were the revelations that the CIA developed a tool to hack Samsung TVs and turn them into recording devices and that the CIA worked to infiltrate both Apple and Google smart phone operating systems since it could not break encryption. No one in government has challenged the authenticity of the documents disclosed.

We do not know the identity of the source or sources, nor can we be 100% certain of his or her motivations. Wikileaks writes that the source sent a statement that policy questions “urgently need to be debated in public, including whether the CIA’s hacking capabilities exceed its mandated powers and the problem of public oversight of the agency” and that the source “wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyber-weapons.”

The FBI has already begun hunting down the source as part of a criminal leak investigation. Historically, the criminal justice system has been a particularly inept judge of who is a whistleblower. Moreover, it has allowed the use of the pernicious Espionage Act—an arcane law meant to go after spies—to go after whistleblowers who reveal information the public interest. My client, former NSA senior official Thomas Drake, was prosecuted under the Espionage Act, only to later be widely recognized as a whistleblower. There is no public interest defense to Espionage Act charges, and courts have ruled that a whistleblower’s motive, however salutary, is irrelevant to determining guilt.

The Intelligence Community is an equally bad judge of who is a whistleblower, and has a vested interest in giving no positive reinforcement to those who air its dirty laundry. The Intelligence Community reflexively claims that anyone who makes public secret information is not a whistleblower. Former NSA and CIA Director General Michael V. Hayden speculated that the recent leaks are to be blamed on young millennials harboring some disrespect for the venerable intelligence agencies responsible for mass surveillance and torture. Not only is his speculation speculative, but it’s proven wrong by the fact that whistleblowers who go to the press span the generational spectrum from Pentagon Papers whistleblower Daniel Ellsberg to mid-career and senior level public servants like CIA torture whistleblower John Kiriakou and NSA whistleblower Thomas Drake to early-career millennials like Army whistleblower Chelsea Manning and NSA whistleblower Edward Snowden. The lawbreaker does not get to decide who is a whistleblower.

Not all leaks of information are whistleblowing, and the word “whistleblower” is a loaded term, so whether or not the Vault 7 source conceives of him or herself as a whistleblower is not a particularly pertinent inquiry. The label “whistleblower” does not convey some mythical power or goodness, or some “moral narcissism,” a term used to describe me when I blew the whistle. Rather, whether an action is whistleblowing depends on whether or not the information disclosed is in the public interest and reveals fraud, waste, abuse, illegality or dangers to public health and safety. Even if some of the information revealed does not qualify, it should be remembered that whistleblowers are often faulted with being over- or under-inclusive with their disclosures. Again, it is the quality of the information, not the quantity, nor the character of the source.

Already, the information in the Vault 7 documents revealed that the Intelligence Community has misled the American people. In the wake of Snowden’s revelations, the Intelligence Community committed to avoid the stockpiling of technological vulnerabilities, publicly claiming that its bias was toward “disclosing them” so as to better protect everyone’s privacy. However, the Vault 7 documents reveal just the opposite: not only has the CIA been stockpiling exploits, it has been aggressively working to undermine our Internet security. Even assuming the CIA is using its hacking tools against the right targets, a pause-worthy presumption given the agency’s checkered history, the CIA has empowered the rest of the hacker world and foreign adversaries by hoarding vulnerabilities, and thereby undermined the privacy rights of all Americans and millions of innocent people around the world. Democracy depends on an informed citizenry, and journalistic sources—whether they call themselves whistleblowers or not—are a critical component when the government uses national security as justification to keep so much of its activities hidden from public view.

As we learn more about the Vault 7 source and the disclosures, our focus should be on the substance of the disclosures. Historically, the government’s reflexive instinct is to shoot the messenger, pathologize the whistleblower, and drill down on his or her motives, while the transparency community holds its breath that he or she will turn out to be pure as the driven snow. But that’s all deflection from plumbing the much more difficult questions, which are: Should the CIA be allowed to conduct these activities, and should it be doing so in secret without any public oversight?

These are questions we would not even be asking without the Vault 7 source.

Jesselyn Radack is a national security and human rights attorney who heads the “Whistleblower & Source Protection” project at ExposeFacts. Twitter: @jesselynradack

March 15, 2017 Posted by | Civil Liberties, Deception, Timeless or most popular | , , , , | Leave a comment

Wikileaks’ Timely Reminder of our Digital Panopticon

“The Panopticon must not be understood as a dream building: it is the diagram of a mechanism of power reduced to its ideal form.” – Michel Foucault
By Kit | OffGuardian | March 7, 2017

In the late eighteenth century English Utilitarian philosopher and social-theorist Jeremy Bentham devised what he called the “perfect prison” – The Panopticon. The design is simple, a circular prison with one guard in the central room, and all the cells facing the guard tower. In this way the gaoler can have a line of sight to every cell at once, and no inmate can ever be sure he’s not being observed. Bentham described it as:

“… a new mode of obtaining power of mind over mind, in a quantity hitherto without example… a mill for grinding rogues honest.”

Wikileaks latest release of classified documents, entitled Vault 7, comes as a timely reminder to all of us (as if we needed it) that the panopticon – the theorized perfect prison – is now a fibre-optic, digitized, hard-coded reality.

Here’s a run down from Wikileaks’ own analysis page (with some added emphasis):

The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell’s 1984, but “Weeping Angel”, developed by the CIA’s Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.

The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake-Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake-Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.

As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.

The CIA’s Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user’s geolocation, audio and text communications as well as covertly activate the phone’s camera and microphone.

The CIA’s Remote Devices Branch’s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation. With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.

These early analyses show us the powerful trifecta of these operations – the CIA can hear you, find you and…if they deem it necessary…kill you. In fact, the reveal that the CIA has been working on hacking vehicle control systems adds new dimensions to the (as yet unsolved) case of Michael Hastings, a counter-culture voice in the American press who died in an inexplicable car accident four years ago. (A good rundown of the case can be found here.)

The repetition of a now well-established fact – that the CIA, NSA, DHS… whoever… can hack various electrical devices to listen in to our communications is nicely topical, given the current clash between the in-coming and out-going presidential administrations. An interesting thought is that Wikileaks, if it ever was as completely impartial and alternative as it purports to be, might be being used to score political points. The theorized split between the CIA (pro-Hillary) and the FBI (pro-Trump) works well as an explanation for this, as it did with the DNC and Podesta e-mail dumps prior to the elections. Either way, this information is nicely timed to remind the world that, as we already reported, of course Donald Trump was being surveilled. Everyone is.

The final section we’ve highlighted, the proof that “… the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from” is an interesting tidbit of information. Worth remembering, because it will almost definitely have fallen down the memory hole next time some “evidence” is produced claiming Russia or China or Iran have hacked this, that or the other.

Further along in Wikileaks’ explanation of the data, and much discussed on CNN and in Congress (who seem rather unfazed by the illegal bugging and possible assassinations), is that the CIA’s arsenal of “cyber-weapons” were unsecured, and probably stolen by unknown parties.

Did state and/or non-state actors access and steal CIA created data-mining programs and spyware? I don’t think it matters. At all. The reasoning behind this is fairly simple. Firstly, there are no groups LESS trustworthy than the American military intelligence institutions. Secondly, and more importantly, I don’t believe it to be true.

I don’t think the CIA had their weapons “stolen”, I think that establishing – in the public eye – that they don’t have sole control of these tools enables them to preserve plausible deniability, in the event they are used.

If the cyber-tools the CIA developed are also in private hands, they were more likely sold than stolen. The CIA has massive corporate ties in the media, defense, pharmaceuticals and countless other big corporate interests. To the extent it is essentially one large family.

So what has the media reaction been? Four years ago I would have answered “disappointing”, these days I would say “predictable”.

CNN chose to focus on the “stolen” angle, suggesting there be a Senate investigation – not into the CIA’s power to illegally surveil and/or kill American citizens – but into their lax security and whether or not they have endangered national security by letting their toys get taken away.

Already the false premise is set and the subject for debate is decided: The question is not whether or not they should have these powers, but whether enough is being done to ensure they are the only people who have them. In this way a public outcry can be generated, the CIA can be brought before the senate and begged to tighten their security (possibly further slipping what little congressional oversight they still endure in the process). Engineering a situation whereby the citizenry plead with you to what you wanted to do all along is one of the oldest tricks of government.

Ewen McAskill, writing in the Guardian, has this to say:

The leak, dubbed “Vault 7” by WikiLeaks, will once again raise questions about the inability of US spy agencies to protect secret documents in the digital age.

He talks about it being an “embarrassment” for the CIA, and “good timing” for Trump. You’ll also be interested to know he considers the sky to be blue, and water wet. In-depth analysis is thin on the ground, as (more troublingly) is any indication that he understands that this is morally repugnant.

The BBC considers Wikileaks revelations to be a smaller story than the Lords voting on small amendments to the article 50 bill, or the Champions League. The story about how the CIA is spying on all of us and researching covert assassination techniques was filed, not under “politics”, but rather “technology”. You can only imagine that, had this modern BBC existed in 1945, they’d have reported the bombing of Hiroshima under “technology” too, perhaps with the headline “US make breakthrough in use of Nuclear energy”.

No one in the media is ready to concede this vindicates Trumps “wire-tap” tweets from a few days ago, or willing to admit that the “that would be illegal!” defence from Obama’s reps was farcical. (They will instead, in the coming days, point to this being another example of WikiLeaks being on Trump’s side and probably in the pay of Russia. Just watch).

All-in-all the media are taking it in their stride, not one source I could find expressed any kind of shock or moral outrage. They take a deliberately apathetic tone chosen very carefully. They tell us the facts, but refuse to analyse them. They address the current reality as the only option.

That the state claims the power to invade our privacy is a given, that they have the tools to do so, an unfortunate fact of life. Set in stone. The way the world works. No thought is given to holding governmental power to account, and no column inches supplied to those with an angry voice. In short the media provide only one message: They are always watching you, and there’s nothing you can do about it.

In that sense the media, and even Wikileaks, provide a valuable service. There’s no point in creating a panopticon if nobody knows they are being watched.

March 7, 2017 Posted by | Civil Liberties, Deception, Timeless or most popular | , , , , | Leave a comment