There are more CIA documents up on WikiLeaks. It seems to be mostly MacOS and iOS -- including exploits that are installed on the hardware before they're delivered to the customer.
EDITED TO ADD (3/25): Apple claims that the vulnerabilities are all fixed. Note that there are almost certainly other Apple vulnerabilities in the documents still to be released.
Posted on March 24, 2017 at 6:46 AM • 24 Comments
Charles R. Smith • March 24, 2017 7:20 AM
4.2.6 NightSkies shall support the following implant features:
a. Beaconing to a listening post (LP)
b. Command receipt and execution from a LP
c. File transfer to and from the LP
d. Program file execution
e. Delay after browser starts to beacon
Note features b and d - remote execution of commands and remote file (pgm) execution. Download a payload - execute by remote - like ... deliver lethal dose of x-rays and erase when done?
Sean • March 24, 2017 7:59 AM
Still waiting for the Linux / *BSD stuff...
My Info • March 24, 2017 10:15 AM
@Sean
Still waiting for the Linux / *BSD stuff...
I don't know where it is, and it may not necessarily be part of this particular leak, but believe you me, CIA // NSA // et al. definitely have the goods on Linux / *BSD.
Bob Dylan's Withered Toenail • March 24, 2017 10:18 AM
Oh come on, Linux is so full of holes I doubt they never need to bother with an exploit...it more like walking in the door and take what they want...and in the case of Android, take what they want from their users outstretched pleading hands.
Who? • March 24, 2017 10:44 AM
I am reading the "sonic screwdriver" documentation. It is not exactly what I was expecting from the last days announcements. It is just a firmware implant for a Thunderbolt-to-Ethernet adapter. I was expecting something like "using a Thunderbolt-to-Ethernet adapter to flash the EFI firmware on an Apple computer once you get physical access to it."
The technology here is nothing new. It would be really easy writing the SPARC64 flavour of this implant by flashing some forth code to a Sun card that will be loaded from the OBP while booting the computer. No password involved either! I would say it must be possible doing the same for PCI cards too, this time playing with the option ROMs.
CISO • March 24, 2017 10:56 AM
@ Who?
The technology here is nothing new.
You're right, it's nothing new to people in the industry. But this story is putting all this stuff out in the mainstream for the world to see. That's beneficial.
Who? • March 24, 2017 11:07 AM
@ CISO
Agreed, it is beneficial.
I hope people will finally understand the value of both secure devices (not the fluff corporations like Google are giving to their customers) and privacy. Hope customers will start requesting manufacturers to fix the security bugs in the same way they fix aesthetical and stability ones, and they demand security as a part of the design of the devices they use.
keiner • March 24, 2017 11:13 AM
@Who ...yeppp, and due to climate change "people" stop buying SUVs as of tomorrow I heard.
.
.
.
.
NOT.
.
.
.
.
:-)
Who? • March 24, 2017 11:17 AM
DerStarke is a bit more frightening, but nothing that cannot be explained by a bug that allows flash to be unlocked. Even Lenovo had a bug like this one a year ago (sleeping quite a few ThinkPads unlocked the flash were UEFI firmware resides). Lenovo fixed this bug quickly, I guess Apple will not do the same.
In any case from description I understand CIA is exploiting a firmware bug, not some sort of backdoor in the EFI firmware.
Charles R. Smith • March 24, 2017 11:46 AM
I'm not sure you guys are getting my point - this is not a "passive" surveillance design but an active "offensive" weapon system. The same design could be used against any number of IOT devices, medical or industrial systems. It could be as simple as "download kiddie porn onto target & email FBI" or "shut off coolant to reactor & make everything look normal".
As for it being old... the UK Trident subs use Win XP.
keiner • March 24, 2017 12:32 PM
@CR Smith
They use computers? I thought they still have the Enigma they got from the Krauts...
Alyer Babtu • March 24, 2017 12:42 PM
What about Raspberry Pi ? Did they do anything to it ?
keiner • March 24, 2017 12:44 PM
Raspis are such high-value targets, these exploits are in Vault666... just kidding...
Slime Mold with Mustard • March 24, 2017 1:47 PM
Are the CIA implants compatible with the NSA's? Could be problematic if all the devices are sent back as defective.
Clive Robinson • March 24, 2017 3:42 PM
Having just read the SonicScrewdriver (didn't know they were Dr Who fans) I got left with just one feeling "cowboys"...
Like the medical oath of "First do no harm", with covert malware the usuall overriding rule is "First show no sign, and restor to default".
This malware breaks both parts of that rule and the excuse for the no restor becaisr the Broadcom --chip supplier-- had no read utility in it's software so they did not have an image to restore is a little lame to put it mildly.
It suggests that SonicScrewdriver is either made out of desperation, or as a seldom used "throw away malware" and this they don't care about "covert" or if somebody gets their hands on it...
So not best practice by more than a country mile or three...
steven • March 24, 2017 5:57 PM
Trammell Hudson (independently?) found, demonstrated (at 31c3, see "Thunder Strike"), and responsibly disclosed to Apple some vulnerabilities exactly like described here - even using the same Thunderbolt-to-Ethernet adapter to get code execution on the target device. It's thanks to him that new firmware was released already to address this. You can also use some epoxy glue if you still have concerns about it.
UEFI firmware of non-Apple products seems to be at even higher risk, having many of the same bugs, but no other vendor usually provides updates for this, or users wouldn't usually find/install them. I expect this will be the topic of further documents from this leak.
steven • March 24, 2017 6:54 PM
Re: Who?, Clive:
I understood it differently than you, that a CIA operative would actually infect some Thunderbolt device *of their own*, and carry that discretely with them for the purpose of infecting target machines (and it otherwise functions the same as the real thing).
The Thunderbolt device is merely a bootloader; it is indeed like a boot option ROMs of legacy BIOS systems (but quicker, more practical). It also defeats the security enhancements EFI was supposed to offer over legacy BIOS: password/write protections, signature verification of firmware updates and the installed OS.
There *is* described a separate payload (which would be on a separate USB stick) that would be used next, to reflash EFI firmware with a malware, having ability to persist, hide, or completely remove itself under various circumstances (with mission-specific choice of paranoia).
Separating the payloads allows the first piece to decrypt the next one, then maybe download+decrypt more pieces or instructions, so the overall effect is not possible to see unless you have *all* the pieces. There's little chance anyone could ever discover this.
That's pretty much worst-case scenario for detection. But prevention is still easy, ranging from simple and physical (don't let it out of sight, or epoxy the Thunderbolt port) to advanced technical (reflash often with clean EFI firmware; or prevent likely ways a compromised machine would exfiltrate data, eg. air gap / firewalls).
Anon • March 24, 2017 10:04 PM
Seems the EFI attack would most likely be deployed against specific targets, and other places where people can be compelled to give up, even temporarily, possession of their system(s), such as border-crossing with a laptop.
Reminds me of the Firewire DMA attack (it allowed any memory location to be read/written). The how isn't as important as the what.
Could any Thunderbolt device be used to carry the payload? What is special about an ethernet adapter specifically?
I like how like with the Snowden leaks this stuff is all heavily dated and nobody asks questions..
Anyone have a iphone 3 or older mac air with one of the early softwares a decade later with vital services or data on them?
I was wondering if it was because low-clearance or intention when I first seen the snowden leak.. This stuff is even older than Snowden projects I think in all cases..
VanRaily • March 25, 2017 10:26 AM
Informative, but depressing.
Serious question though, as I read comments every week that say something to the effect of "______OS/Device is 'spying on you' or is 'open/broken/ripe' to exploits....."
What OS/Device tops the charts of having minimal exploits available, but still is user friendly?
(aware that any app can be a trojan horse for some entity, so spare the responses saying "watch what app you install...")
Or, are we already screwed, a decade past the point of no return? (Everything is spying/open/broken/ripe to exploits)
Thanks
-That member of the family everyone comes to with tech questions
Sean • March 26, 2017 7:29 AM
I don't know where it is, and it may not necessarily be part of this particular leak, but believe you me, CIA // NSA // et al. definitely have the goods on Linux / *BSD.
We've never read any detail concerning Linux or *BSD exploits supposedly used by either NSA or CIA or any other TLA. We all know that Linux happens to have security issues, but also that Linux can be strongly locked down.
Since Snowden, I've been waiting for those details, concerning Linux and *BSD exploits and concerning these agencies' ability to tune them in order to get into any highly hardened Linux or *BSD devices.
I know they are a lot more opportunities to access targeted information when an endpoint is hardly breakable, as for instance through Quantum et so on, yet I'm still wondering whether they were able to cope with such paranoid-hardened endpoints, and if so, how ?
And if these information aren't available, why ?
@Sean,
While not of the same class, don't forget that the freebsd update mechanism disclosure may have been pointing to a larger cache 6 months ago.
We just don't know enough about what is still being withheld (by multiple parties).
Sean • March 29, 2017 10:05 AM
Actually, it means that any conclusion based on any leaked information belongs to a feeling of security, not to security itself. And both could even be their own opposite.
Nobody knows who leaked these data, therefore any scenario is still possible. I've just noticed that a false underlying feeling of security could emerge from these data leaks while you are a Linux or *BSD user, even when you are still as vulnerable as Windows users.
And as far as I know, Linux endpoints are just as vulnerable as Windows'. That's perhaps just more uncommon.
Subscribe to comments on this entry
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.
Leave a comment