⚡️5 Startling Technology Leaks from Julian Assange's Wikileaks
In honor of Julian Assange, here are 5 published Wikileaks that expanded our awareness on technology surveillance.
Today a judgement was passed in Julian Assange’s extradition case, although it drags the case on and gives the possibility for a final rejection. If this happens, Assange will spend up to 175 years in a US maximum security prison.
His crime? Publishing classified documents which corroborated war crimes, covert surveillance programs, and torture. We pray for his release, and we will never forget how Assange and Wikileaks illuminated public awareness of these shadowy programs so we could begin to protect ourselves.
Follow Taylor Hudak for coverage on the Assange Trial.
More tech content on the #TBOT Telegram Channel.
Follow the #TBOT substack.
In honor of Julian Assange, here are 5 published Wikileaks that expanded our awareness on technology surveillance.
#1. The Location of 100 Amazon Data Centers
Amazon, the largest cloud computing provider in the world is also one of the largest cloud providers for government and military. They wouldn’t be doing their jobs if they weren’t protecting the locations of their data centers, unforunately for them - they didn’t see Wikileaks coming. In 2018, Wikileaks published a highly confidential document that listed the IP addresses of one-hundred data centers.
No, there’s no creepy looking Amazon badge on these buildings - these buildings were operated under front companies. The names of these front companies were leaked along with addresses, contact emails, and directions - and a map of their locations.
What secrets lie behind the walls of these unassuming buildings?
https://wikileaks.org/amazon-atlas
#2. ELSA, Locating Windows Computers Through WiFi
Leaked in 2017 as part of the Vault 7 CIA hacking tools, ELSA is a geo-location malware project that can detect the location of Windows devices. Once ELSA has infected a target computer, it takes a list of available WiFi access points and cross-references these access points with public geo-location databases supplied by Google or Microsoft. Based on the signal strength it can calculate the position of the device which can be exfiltrated later.
#TBOT Tip: Don’t use Windows.
#3. No Isolated Network Is Safe, Brutal Kangaroo
Brutal Kangaroo, also a part of the Vault 7 tools was used to target closed ‘air-gapped’ networks that are not connected to to the outside world. Brutal Kangaroo is deployed using a thumbdrive, and can spread through use of the thumbdrive on other computers. Eventually, controlled computers begin communicating directly with each other to exchange data.
#TBOT Tip: Be watchful over your devices. No external USBs, avoid having USBs delivered.
#4. Is your local router a FlyTrap?
CheryBlossom, another tool from Vault 7 is used to capture wireless network devices like wireless routers. Routers can be compromised over the internet through a firmware upgrade, at which point the router becomes a FlyTrap and acts as an ‘Man-In-The-Middle’, manipulating the internet traffic passing through it. It can scan for email addresses, chats, MAC addresses of devices, and VoIP numbers.
#TBOT Tip: Run a VPN on each device to encrypt internet traffic before it reaches a network.
#5. Scribbles: Hidden watermarks in printed documents
A tool that has likely been used to catch whistleblowers, Scribbles is yet another Vault 7 project that embeds beacons into Microsoft Office documents. When a whistleblower prints the documents and releases them, the watermark can be restored to discover the source of the leak. Alternative softwares like OpenOffice or LibreOffice made this watermark visible to the target, and it was recommended to make the watermark match the document.
Readers may be reminded of the NSA’s case against whistlerblower Reality Leigh Winner, a former Air Force Linguist who worked for the NSA and sent a printed document to be published at The Intercept. Certain printers use microdots to identify the printer, date and time of printing.
Be careful what you print!
The discoveries above are a mere drop in the ocean of Wikileaks content that are now known to the world. Please keep in mind that most of the leaks are closed to a decade old. Simply following the tips or avoiding the software mentioned doesn’t guarantee safety from these attacks, or attacks like them. Our advice is to avoid mass surveillance by avoiding proprietary software.
In this short post we kept it focused to technology and left out the disgusting mechanations of the war machine. If you’d like to learn more, we highly encourage you to research Wikileaks and Julian Assange.
Although we must peer into the shadows, the world is better off with this knowledge. Bless those brave enough to speak up and may God protect them all.