5 reasons why Silicon Valley should reject Julian Assange and Wikileaks’s offer to help
Share on Facebook
Share on Twitter
Share on Google+
Share on Reddit
Share on Email

LONDON, ENGLAND - FEBRUARY 05: Wikileaks founder Julian Assange squints in the sunlight as he prepares to speak from the balcony of the Ecuadorian embassy where he continues to seek asylum following an extradition request from Sweden in 2012, on February 5, 2016 in London, England. Photo credit: Carl Court/Getty Images Israel

Wikileaks founder Julian Assange in London, England. Photo credit: Carl Court/Getty Images Israel

Beware of Greeks bearing gifts. There are some pretty good reasons not to trust Julian Assange

Having facilitated the latest leak of yet to be confirmed dump of US government documents highlighting how the Central Intelligence Agency was using exploits in major tech products to carry out intel gathering ops, Wikileaks founder Julian Assange announced last Thursday he was prepared to hand over technical details that would allow them to plug the gaps in their security.

If the information in the leaked Vault 7 material is true, as it most likely will prove to be based on the accuracy of past data dumps, it will prove that the CIA knew of flaws in Android, iOS, and many other devices. It would follow that they used this knowledge for espionage, since they’re . . . well . . . a spy agency.

There has been plenty of debate over whether government hackers have a responsibility to disclose to companies if they uncover an exploitable flaw. Should the government keep secret and use such information that in turn could be used against Americans? Interestingly, there is a process where these decisions over whether to disclose play out that essentially gives intelligence agencies a chance to make their case for keeping the bugs secret, allowing a third party to weigh their operational needs versus the public good.

While there is no denying that concerns about the overstepping of the bounds placed on the intelligence agencies are well founded, there is little reason to believe that Assange is being genuine in his offer.

1. Is he working for the Russians?

Assange is either a willing agent for Russian intelligence or has an extreme case of tunnel vision that only lets him see the sketchy behavior coming out of Western governments. Whatever you think about Edward Snowden’s leaks — and there is PLENTY to criticize about him — the discussion that emerged afterwards about where the lines should be drawn on US government-run surveillance to the global consciousness.

Former intelligence contractor Edward Snowden poses for a photo during an interview in an undisclosed location in December 2013 in Moscow, Russia (Photo by Barton Gellman/Getty Images Israel)

But what about Russia’s bad actions? Snowden conveniently found a safe haven there after fleeing the US, escaping the long reaches of the US government. Assange has had his own show on Kremlin mouthpiece and propaganda machine RT, making it hard to claim that he is a fair arbitrator in this case.

While everything should be viewed through a critical lens, whether it comes from a government or company, there are actors who play dirtier than others. If Wikileaks wants to speak truth to power, then they should call foul when Russia or others break the rules as well.

Either way, without Assange’s motives being clearer, it would be inadvisable to move forward with him.

2. The fact is the information in these reports show that this not really news

Despite the initial panic over the idea that gold standard communication apps like Signal or the more widely used Whatsapp could have been compromised, the general reaction at this point is a resounding shrug.

A customer compares pictures taken with an Iphone 6 (R) and the new Iphone 7 (L) at Puerta del Sol Apple Store the day the company launches their Iphone 7 and 7 Plus on September 16, 2016 in Madrid, Spain. (Photo by Gonzalo Arroyo Moreno/Getty Images Israel)

It turned out that the apps were perfectly secure. The method that the CIA (and probably others) had come up with was to hack the phones themselves, heading off the security on the apps. On the face of it, this means that the CIA is still unable to use mass surveillance to vacuum up your data so long as you use encryption. Therefore, if the intel group wants to spy on your device, they will have to hack your specific device. Taking the effort to do so is a decent limit on unchecked power.

Oh, and the matter that Samsung smart TVs spy on you? They were built to do that. Anything with a camera and microphone can record you. Words to live by. Anyone remember Hello Barbie?

Video of girl with Hello Barbie, a "smart" barbie that can talk to kids in more natural ways. Photo credit: Mattel

Video of girl with Hello Barbie, a “smart” barbie that can talk to kids in more natural ways. (Photo credit: Mattel)

3. Are his exploits still relevant?

The second question that needs to be asked here is if the exploits that he has here are still relevant. On the one hand a RAND Corporation report notes that the average zero-day exploit can remain out in the wild for 6.9 years, which certainly feels like a long time.

At the same time, assessing the real value of an exploit dump can be difficult as patches issued from companies often plug many of these holes on a weekly or perhaps more consistent basis. Therefore the really good ones can be sold in packages that reach the millions of dollars.

However what is far more likely is that the CIA already knows what Assange has his hands on and considers those exploits burned, moving on to new hacks that we do not yet know about.

CIA HQ in Langley, VA (Photo Credit: Mark Wilson/Staff/Getty Images Israel)

4. How much more does he have?

Even as Assange offers to pass on to the tech giants the parts of the documents that he did not release or were redacted, we don’t know which parts he’s holding back for his friends.

Even if the information that he is passing is legit, there is a good chance that he is still keeping the best ones in his pocket. If we believe that he has a connection to the Russian government, then he might be passing those along to them.

What is certain is that he is connected with hacker groups that would probably be just as interested in receiving the exploits and to whom he is just as likely to hand off some of the juicier bits.

5. Political fallout: For Silicon Valley’s own reputation, it might not look so good to be accepting help

While there does not appear to be anything illegal about taking “help” from Assange that would fix flaws in security, the optics of appearing too friendly with the leader of Wikileaks simply do not look good.

Unlike most bug bounty programs that have thankfully become far more commonplace, most of the companies recognize that this is pretty much a publicity stunt to make the US intelligence community look bad and Wikileaks to be the hero.

Donald Trump, 2016 Republican presidential nominee, speaks as Hillary Clinton, 2016 Democratic presidential nominee, laughs during the first U.S. presidential debate at Hofstra University in Hempstead, New York, U.S., on Monday, Sept. 26, 2016. Photo credit: Andrew Harrer/Bloomberg via Getty Images Israel

Donald Trump, 2016 Republican presidential nominee, speaks as Hillary Clinton, 2016 Democratic presidential nominee, laughs during the first U.S. presidential debate at Hofstra University in Hempstead, New York, U.S., on Monday, Sept. 26, 2016. (Photo credit: Andrew Harrer/Bloomberg via Getty Images Israel)

Much like the Russian involvement during the US elections, Assange is trying to sow distrust in how the public views the government and the tech industry. By proffering himself as the one who can step in and save us from the government, he is trying to undermine the system.

As one of the biggest lobbyist groups, the tech sector has a much stronger interest in not appearing to undermine their relationship with the government. Especially as the topic of talent related H-1B visas are all of a sudden on the chopping block. It is one thing to go head to head with the Justice Department over encryption, and another to be embracing someone who has made himself a clear antagonist against the US.

It probably is worth mentioning that the mostly liberal Silicon Valley – with some pretty notable exceptions – are probably still a bit peeved at the man behind the DNC email leak that played a part in sinking Hillary Clinton’s campaign.

When push comes to shove, the tech cos will likely look for alternative paths to securing their technology, preferably which is far less controversial.

Share on:Share
Share on Facebook
Share on Twitter
Share on Google+
Share on Reddit
Share on Email
Gabriel Avner

About Gabriel Avner

Gabriel has an unhealthy obsession with new messaging apps, social media and pretty much anything coming out of Apple. An experienced security and conflict consultant, he has written for The Diplomatic Club, the Marine War College, and covers military affairs with TLV1 radio. He mostly enjoys reading articles wherever his ADD leads him to and training Brazilian Jiu Jitsu. EEED 44D4 B8F4 24BE F77E 2DEA 0243 CBD1 3F7C F4B6

More Goodies From Security

Russia in talks with US to create cybersecurity working group

FBI warns parents: Internet-connected toys can spy on your kids

Your data may have crashed, but you don’t have to!

  • Eric Park

    how telling. so you’re on the DJB payroll?

  • Damon

    I am torn by the Assange thing. I applaud more transparency and view disclosure of violations as a good thing. However, the problem with Wikileaks is that we have no way of knowing how it selects what to publish. Do they have info they don’t release? Based on their patterns of what they release, it sure appears that way. So Wikileaks becomes the arbiter of what should and shouldn’t be disclosed. That is dangerous. Assange is in a compromising position and it is not hard to imagine him making deals with those who help him.

  • MissV

    Assange, Manning and Snowden are great heroes for revealing the truth.

    In times of universal deceit, telling the truth is a revolutionary act. – George Orwell

  • Ozy Fixit

    What a disgraceful FAKE news article. You state Russian hacking of the election as a fact. Zero evidence after mutable investigations of Russia having anything to do with it. And most experts agree the leaked documents had to come from someone inside the CIA. What are you going to spend that Clinton foundation money on?