Skip to Content

Julian Assange’s Potentially Hollow Promise to Help Tech Firms Overcome CIA Hacks

Many of the problems are already fixed and technology companies may be reluctant to work with WikiLeaks—for now, at least.

A generous offer from Julian Assange to lend tech firms a hand in shoring up the security of their software in the wake of the WikiLeaks CIA data dump might not necessarily come to much.

Earlier this week, Assange’s WikiLeaks published thousands of files that are part of what it claims is the “largest ever publication of confidential documents” from the CIA. Present and former government staff say that the files appear to be genuine. We’ve already argued that the kinds of cyberweapons described in the files, and allegedly in use by the CIA, aren’t particularly revelatory from a technical perspective.

Still, they are a concern for tech companies whose hardware is compromised. That includes Samsung, whose smart TVs can apparently be repurposed as spy posts, as well as Apple and Google, whose smartphone operating systems, iOS and Android, find themselves threatened by targeted exploits that allow the CIA to gain partial remote control. WikiLeaks claims that it has source code for such attacks, though it has not yet published it.

Step forward the gallant knight Assange. “After considering what we think is the best way to proceed and hearing these calls from some of the manufacturers,” he explained during a press conference yesterday, “we have decided to work with them to give them some exclusive access to the additional technical details that we have so that fixes can be developed and pushed out, so that people can be secure.”

The technology world, it seems, is supposed to be grateful to Assange for this kindness and the fact that he’s willing to extend it despite his taste for radical transparency at all costs. But there are some problems with this promise.

First, it’s unclear why WikiLeaks didn’t simply share details of the CIA exploits with technology firms before going ahead and publishing the files. Security researchers, for instance, would typically alert companies to vulnerabilities before going public, allowing them a grace period in which to solve the problem before the news hits. Still, in WikiLeaks's defense, even opting to hold back the source code at all is an improvement on its previous "publish first, worry later" approach.

Second, a lot of the vulnerabilities listed in the files published so far are already old and fixed. Apple says that most of the flaws have already been spotted and patched in the latest version of iOS. Google says that users with the latest version of Android are protected from most of the hacks.

There’s also the fact that technology firms may not even take him up on the offer. According to the Financial Times (paywall), sources at some tech companies have decided that it might be “legally dangerous” to look at, let alone act on, the files without government permission. So even if it was useful to work with WikiLeaks, Assange’s promise may be of no practical use.

And then, of course, there’s the fact that Assange is notoriously media-savvy and the promise may be more bluster than substance. The Financial Times reports that he may be using the opportunity to sidle right into the center of an already fraught relationship between Silicon Valley and federal agencies to refresh his notoriety. Jake Williams, founder of security firm Rendition Infosec, meanwhile, is even more blunt: he told Wired that it all “sounds like pure hype.”

The situation may yet change. WikiLeaks has so far only published part of the full set of files that it claims to have in its possession, and it’s unclear how explosive the remaining tranches will be. But for now, it looks like technology companies may try to get by without his help.

(Read more: Reuters, Wired, Financial Times (paywall), "The Wikileaks CIA Stash May Prove Interesting, But Not Necessarily for the Hacks," “Transparency and Secrets”)

Keep Reading

Most Popular

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

This baby with a head camera helped teach an AI how kids learn language

A neural network trained on the experiences of a single young child managed to learn one of the core components of language: how to match words to the objects they represent.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.