WikiLeaks dumped almost 9000 pages of secret CIA documents on the web for all to see, detailing dozens of secret hacking tools and techniques. What does this all mean for you and me?
In this week’s interview, I speak with Daniel Davis from the privacy-preserving web search engine company DuckDuckGo. We discuss how crafty marketing services are attempting to track everywhere you go on the web in an effort to show you highly targeted (and highly profitable) advertising. We explain how it all works and give you several tips on how you can protect your privacy.
Daniel Davis is Community Manager at DuckDuckGo, the search engine that doesn't track you. Working with both contributing developers and end users, he's passionate about spreading the benefits of open source and online privacy.
For Further Insight:
The company's blog: https://spreadprivacy.com
Follow on Twitter: https://twitter.com/duckduckgo
Connect on Linkedin: https://www.linkedin.com/company/duck-duck-go
Send me your questions! I’ll answer them online at the end of each show. CareyParker@americaoutloud.com
TRANSCRIPT OF FULL INTERVIEW
Carey: Hello, everybody. This is Carey Parker, and welcome to another edition of Firewalls Don't Stop Dragons. We've got a little bit of news to catch up on first, and then we will be having an excellent interview with Daniel Davis from DuckDuckGo. So I definitely think the big news this week is the massive dump of documents, secret documents from the CIA on WikiLeaks. What's been dubbed “The Vault Seven Dump” I guess, or Vault Seven Documents.
Something like almost 9,000 pages of internal secret CIA documents that were released by WikiLeaks. There's a lot of really interesting aspects to this. So it's a great news topic for the weekend. Let's talk about this a little bit, and what we know, what we don't know, what's important, and frankly, what's not so important. So first of all, in case you haven't heard, WikiLeaks published a bunch of documents, what they actually is the first of many more to come of what appeared to be internal CIA documents detailing tools and techniques that they use to hack into people's devices. That would be smartphones, computers, home routers, even televisions, which we'll talk about here in a minute.
So far, we believe this information is probably real. This information also kind of appears to be at least one to two years old, which has some silver lining benefits in that most of the stuff that's detailed there as far as we know is probably mostly fixed. Most of these kind of vulnerabilities and exploits, things we call Zero Day Vulnerabilities or Zero Day Exploits, get patched over time. Because these companies care about security, they learn about these bugs and they fix them. It's the bugs that allow hackers and groups like the CIA to get into our devices and make them do things they weren't supposed to do.
Zero Day, by the way, is a term you'll hear a lot. The idea, the meaning of the term is that it's the first day of knowing about something that has been out there for certain amount of time. So the bad guys probably know about it, but it's the first time we know about it. So it's the Day Zero. So they're called Zero Day Exploits.
What else do we know? Well, we really don't know who leaked it. I mean obviously WikiLeaks published it. We don't know who gave this information to WikiLeaks, so was it somebody working within the CIA who's doing a whistleblower kind of a thing? Or was it some foreign government that hacked into the CIA and decided it would be a good idea to embarrass the CIA by publishing this information. We really don't know.
We also don't know why it was leaked, because we don't know who … We can't even really speculate as to why this might have been released. Those are very important questions to ask and understand at some point, but at this point, from what I've read, we don't know either. We also don't know who,