• XDA on the Latest from WikiLeaks



    Much respect for the team over at XDA this morning; on the very same day that the world received news of new revelations from WikiLeaks they published a thorough, thoughtful and level-headed analysis of what they found. I've yet to see anything this detailed anywhere else on the web.

    It would indeed appear that the CIA has been collecting zero-day exploits for both Android and iOS. The good news is that most of the vulnerabilities affect older hardware and versions of those operating systems. Apple will only say that the exploits relating to their products have been patched. XDA, as you will now see, goes quite a bit further than that.

    Android Exploits
    Dugtrio - remote access vulnerability, affects Android 2.3.6 to 4.2
    Freedriod - affects Android 2.3.6 to 4.2, unreliable in Android 4.3 to 4.4
    Flameskimmer - affects Android 4.4.4, Broadcom WiFi chipset only
    Spearrow - remote info leak, affects Android 4.1.2, possibly unreliable

    App Exploits
    EggsMayhem - affects Chrome versions 32 to 39 (2014)

    Device Exploits
    Colobus - affects HTC One M7, Samsung Galaxy S4 i9505, Sony Xperia Z
    Galago - affects two specific build numbers of Samsung Galaxy Note 4
    Simian - affects Snapdragon 800-powered devices
    Snubble - affects specific builds of Samsung Galaxy Note 3 and Galaxy S4
    Sulfur - affects specific builds of Samsung Galaxy Note 4

    Tweets from whistleblower Edward Snowden indicate that the WikiLeaks information dump is legitimate, and would seem to suggest that the U.S. government—and by extension, its Five Eyes partners—have an ongoing interest in keeping your mobile phone and its software unsafe. If you value your privacy and are using anything cited in this post, now might be the time for a hardware upgrade, or to take that software update at the very least.

    Sources: RT, TechCrunch, XDA Developers

    ---------
    This article was originally published in forum thread: XDA on the Latest from WikiLeaks started by acurrie View original post
    Comments 3 Comments
    1. josephf's Avatar
      josephf -
      The leak has CIA information starting from four years ago with the most recent documents being about a year old. Aside from it unlikely containing all relevant secrets from that period, there are certainly newer exploits the CIA, NSA and military have that hasn't been leaked, which is very likely to include the newer OS'.
    1. OmegaWolf747's Avatar
      OmegaWolf747 -
      Such an outrage. Mobile users have grounds for a class action lawsuit against the government.

      Tappin' and talkin' with Tapatalk.
    1. juned393's Avatar
      juned393 -
      hmm XDA is always best at their own feet...