Will WikiLeaks work with tech firms to defend CIA hacking?
WASHINGTON (AP) — The anti-secrecy group WikiLeaks raised the prospect Wednesday of sharing sensitive details it uncovered about CIA hacking tools with leading technology companies whose flagship products and services were targeted by the U.S. government's hacker-spies. If that sharing should take place, the unusual cooperation would give companies like Apple, Google, Microsoft, Samsung and others an opportunity to identify and repair any flaws in their software and devices that were being exploited by U.S. spy agencies and some foreign allies, as described in nearly 9,000 pages of secret CIA files WikiLeaks published on Tuesday. The documents, which the White House declined anew Wednesday to confirm as authentic, describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features for computers, mobile phones and even smart TVs. Spicer said there was a "massive, massive difference" between WikiLeaks publishing stolen, personal emails of a political figure and files about national security tools used by the CIA. The group indicated it was still considering its options but said in a statement Wednesday: Tech companies are saying they need more details of CIA attack techniques to fix them faster. Security experts said WikiLeaks was obligated to work privately with technology companies to disclose previously unknown software flaws, known as zero-day vulnerabilities because consumers would have no time to discover how to defend themselves against their use, and with companies that design protection software. The WikiLeaks disclosures were an extraordinary coup for a group that has already rocked American diplomacy with the release of 250,000 State Department cables, embarrassed the U.S. military with hundreds of thousands of logs from Iraq and Afghanistan and upended the U.S. presidential election by publishing Democratic Party emails.