tech
Apple, Google: We’re Ready If WikiLeaks Shows How CIA Hacks Our Phones
Apple, Google: We’re Ready If WikiLeaks Shows How CIA Hacks Our Phones
By Kevin Collier
Mar 08, 2017
A Black Hole Was Simulated And Studied In A Bathtub
A Black Hole Was Simulated And Studied In A Bathtub
By Jeff Donlan
Aug 25, 2017
Brands Are Having A Total Eclipse Of The Heart
Brands Are Having A Total Eclipse Of The Heart
By Jonathan Sanger
Aug 21, 2017
Telescope-Mounted Jets Will Chase The Solar Eclipse
Telescope-Mounted Jets Will Chase The Solar Eclipse
By Jeff Donlan
Aug 04, 2017
Augmented Reality Puts You In ‘Take On Me’ Music Video
Augmented Reality Puts You In ‘Take On Me’ Music Video
By Jeff Donlan
Jul 28, 2017
Game Of Thrones Premiere Saw 90 Million Illegal Downloads
Game Of Thrones Premiere Saw 90 Million Illegal Downloads
By Andrew Caringi
Jul 21, 2017
Hey Google, Take Me To Space
Hey Google, Take Me To Space
By Jonathan Sanger
Jul 21, 2017
Jaguar’s New SUV Barrel Rolls Into The Record Books
Jaguar’s New SUV Barrel Rolls Into The Record Books
By Vocativ Staff
Jul 17, 2017
This 3D-Printing Pen Got A ‘Double’ Upgrade
This 3D-Printing Pen Got A ‘Double’ Upgrade
By Vocativ Staff
Jun 22, 2017
This Robot Composes Its Own Marimba Music
This Robot Composes Its Own Marimba Music
By Ruby Nitzberg
Jun 16, 2017
This Grocery Drives Itself To Your Door
This Grocery Drives Itself To Your Door
By Ruby Nitzberg
Jun 16, 2017
Cyber Security

Apple, Google: We’re Ready If WikiLeaks Shows How CIA Hacks Our Phones

That the CIA can hack a phone isn't news. But what if WikiLeaks spills those secrets to the world?

Cyber Security
Apple CEO Tim Cook waves as he arrives on stage during a launch event — Getty Images
By Kevin Collier
Mar 08, 2017 at 4:26 PM ET

Apple and Google are ready to patch any vulnerabilities that WikiLeaks might reveal as part of its dump of CIA documents, the companies say.

The document repository site released the first of its long-teased “Vault 7” files on Tuesday, a trove of files, with users’ names redacted, from the Central Intelligence Agency’s hacking division. Intelligence officials have confirmed WikiLeaks’s documents largely appear authentic, and the CIA reportedly has been aware that such documents were leaked, either by a personal leaker or by hack, as of 2016.

The documents themselves don’t contain actual exploits, which are typically used by hackers to take advantage of vulnerabilities or bugs in software code. But they do make reference to the existence of number of such exploits, particularly that would work on Android phones and iPhones, and WikiLeaks has promised it will release far more related documents. While there’s absolutely no evidence that the CIA has compromised the encrypted messaging app Signal, contrary to some early reports, even using encryption won’t protect your privacy if a government hacking agency has compromised your entire phone.

Just in case WikiLeaks does release such exploits, Apple says it’s prepared. “While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities,” the company said in a statement provided to Vocativ. “Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 percent of users running the latest version of our operating system.”

Google offered a similar sentiment. “As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities,” Heather Adkins, Director of Information Security and Privacy, said in a statement to Vocativ. “Our analysis is ongoing and we will implement any further necessary protections.”

It’s not uncommon for intelligence agencies, including the NSA and FBI, to secretly maintain a library of “zero days” — as in, that’s how much time a company’s developers have to patch a vulnerability — which can be used to hack, for instance, a smartphone without the company’s knowledge. If such information were made public and those vulnerabilities were still live, it could give hackers around the world an opportunity to exploit people’s phones.

That’s not to say that any zero days held by WikiLeaks would necessarily still work, as the CIA documents are largely dated from between 2012-2015. Either way, if your phone releases a new operating system, it’s smart to update as soon as possible in case that covers a new vulnerability.