Jump to content

Search the Community

Showing results for tags 'cia'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 20 results

  1. Acting CIA Director Gina Haspel was formally sworn in as the next director of the nation's top spy agency at CIA headquarters in Langley, Virginia on Monday. Haspel, to a loud crowd of applause, said that she was "truly honored to have this opportunity to lead the best workforce in government." On Thursday, the Senate voted, 54-45, to confirm Haspel, one day after the Senate Intelligence Committee, in a 10-5 vote, reported her nomination favorably. Overall, six Democrats voted in support of her candidacy. Two Republicans, Sens. Flake and Paul, opposed it. During her remarks, Haspel noted that it had been nearly 50 years since a CIA operations officer like her rose up through the ranks to become the agency's director. "And after the last few months, I know why that is," she says, referring to her tough confirmation process. Haspel's past connection to enhanced interrogation and her current views on the morality of the program made up the overwhelming focus of her Senate confirmation. "It took courage for her to say 'yes' in the face of a lot of very negative politics and what was supposed to be a negative vote, but I'll tell you, when you testified before the committee, it was over," President Trump remarked at the ceremony. Haspel called her over three decades of service at the agency "more than a career, it's been a calling." "I recommit that I will do everything in my power to justify the faith President Trump and the American people have placed in us," said Haspel telling staff at the CIA that "we cannot rest on our laurels." The agency must constantly learn, adjust and improve. Mr. Trump meanwhile called Haspel a "very special person," saying there's "no one in this country better qualified for this extraordinary office than you." Mr. Trump noted the loud applause for Haspel throughout the ceremony, saying she has the "universal respect and admiration of her colleagues at CIA and throughout government." The president said that Haspel now leads the agency into its "next great chapter," adding that she assumes the role of director at a "crucial moment in our history." Source
  2. jamesDDI

    Media and Deep State

  3. A notorious pro-Palestinian hacking group behind a series of embarrassing hacks against United States intelligence officials and leaked the personal details of 20,000 FBI agents, 9,000 Department of Homeland Security officers, and some number of DoJ staffers in 2015. Believe or not, the leader of this hacking group was just 15-years-old when he used "social engineering" to impersonate CIA director and unauthorisedly access highly sensitive information from his Leicestershire home, revealed during a court hearing on Tuesday. Kane Gamble, now 18-year-old, the British teenager hacker targeted then CIA director John Brennan, Director of National Intelligence James Clapper, Secretary of Homeland Security Jeh Johnson, FBI deputy director Mark Giuliano, as well as other senior FBI figures. Between June 2015 and February 2016, Gamble posed as Brennan and tricked call centre and helpline staff into giving away broadband and cable passwords, using which the team also gained access to plans for intelligence operations in Afghanistan and Iran. The teenager also taunted his victims and their families, released their personal details, bombarded them with calls and messages, downloaded and installed pornography onto their computers and took control of their iPads and TV screens. He also made hoax calls to Brennan's home and took control of his wife’s iPad. At one point, Gamble also sent DHS secretary Johnson a photograph of his daughter and said he would f*** her, phoned his wife, leaving a voicemail message which said: "Hi Spooky, am I scaring you?," and even managed to get the message "I own you" on the couple's home television. Gamble was arrested in February 2016 at his council home in Coalville and last October he pleaded guilty to 8 charges of "performing a function with intent to secure unauthorised access" and 2 charges of "unauthorised modification of computer material." Gamble said he targeted the US government because he was "getting more and more annoyed about how corrupt and cold-blooded the US Government" was and "decided to do something about it." Gamble's defence said he was technically gifted but emotionally immature and has an autistic spectrum disorder, at the time of his offending, he had the mental development of a 12 or 13-year-old. Also, the defence said, at no point did Gamble attempt to profit from his actions. Out of 10 counts, Gamble previously admitted 8 charges of performing a function with intent to secure unauthorised access. The teenager will be sentenced when the hearing resumes at a later date. Two other members of Crackas With Attitude hacking group, Andrew Otto Boggs and Justin Gray Liverman, were arrested by FBI in September 2016 and had already been sentenced to five years in federal prison. source
  4. WIKILEAKS founder Julian Assange has condemned the CIA as “one of the most useless organisations in the world”. By SIMON OSBORNE 17:04, Tue, May 9, 2017 | UPDATED: 18:54, Tue, May 9, 2017 http://cdn.images.express.co.uk/img/dynamic/1/590x/Julian-Assange-802360.jpg Mr Assange, declared by the Donald Trump administration as US public enemy number one, was speaking ahead of a live Spanish television interview. He told current affairs show When It’s Gone: “The CIA is basically useless. They are extremely incompetent as an organisation. good read continued: http://www.express.co.uk/news/uk/802360/Wikileaks-founder-Julian-Assange-slams-US-intelligence-chiefs-CIA
  5. WikiLeaks dumped today the documentation of a new supposed CIA hacking tool called Archimedes, which the Agency had used to perform Man-in-the-Middle attacks on local networks. According to the nine leaked documents, this tool was previously named Fulcrum but was renamed to Archimedes when it reached v1. Timestamps in the documents reveal the tool was developed and most likely used between 2011 and 2014. The Archimedes manual describes the tool's purpose as follows. As you can see, the tool does not execute the MitM attack itself, but only redirects the target's traffic to another PC on the same network. That second machine will be responsible for breaking down connections, reading the user's traffic, and then relaying the traffic to the LAN's gateway server. Archimedes a repackaged version of Ettercap? The tool itself is very simple, as Jake Williams, founder of Rendition Infosec, writes on Twitter. In fact, according to a quick analysis, the tool isn't even original, appearing to be a repackaged version of Ettercap, an open source toolkit for MitM attacks. The most interesting detail in the entire leak are the MD5 hashes for each of the Archimedes files. Security researchers can now take these hashes and scan artifacts from previous cyber-incidents and see cases where the tool might have been deployed, but they failed to detect it at the time. The Archimedes leak is part of a WikiLeaks series called "Vault 7," during which the non-profit organization has dumped the documentation and user manuals of several hacking tools WikiLeaks claims belong to the CIA. WikiLeaks says it received these tools from hackers and whistleblowers. You can follow our WikiLeaks Vault 7 coverage here. Below is a list of the most notable WikiLeaks "Vault 7" dumps: Source
  6. CIA hacking tools that WikiLeaks exposed as part of its Vault 7 data dump are linked to a rash of trojans and zero-day vulnerabilities that have infected computers since 2011, anti-virus software Symantec claimed this week. The attacks, which Symantec researchers have lumped together into a single virus that they codenamed "Longhorn," have targeted at least 40 different organizations in 16 countries in the Middle East, Europe, Asia, and Africa. The victims include companies in the financial, telecom, energy, aerospace, IT, education, and natural resources sectors, as well as governments and international NGOs. Symantec made the link between Longhorn and the WikiLeaks CIA hacking trove using changelog data, which shows that new features were added to the CIA tools at the same time as updates to some of Longhorn's tools. Other similarities exist, too, including cryptographic practices and the methods that both sets of tools use to cover their tracks on the systems they infect. "Longhorn has used advanced malware tools and zero-day vulnerabilities to infiltrate a string of targets worldwide," Symantec said in a blog post. "Taken in combination, the tools, techniques, and procedures employed by Longhorn are distinctive and unique to this group, leaving little doubt about its link to Vault 7." Symantec said it first became aware of Longhorn in 2014, and that its anti-virus products provide protection against the malware. The company hasn't identified any domestic targets; although it observed one computer in the US infected with Longhorn, the virus uninstalled itself within hours, suggesting that the infection was inadvertent. WikiLeaks first announced its possession of the Vault 7 hacking tools in early March, claiming that they were widely circulated among government contractors, one of whom leaked them to the organization. source
  7. WikiLeaks dumped 27 documents today as part of the "Vault 7" series of leaked documents, which the organization claims to belong to the CIA. Codenamed "Grasshopper," these are 27 manuals describe a CLI-based builder for assembling malware-laced Windows installers. CIA internal wiki pages describing the Grasshopper framework were first leaked at the start of March with the initial Vault 7 announcement. The Grasshopper guides leaked today contain more in-depth information and are training guides for CIA operatives. Grasshopper used to assemble the CIA's malware installers According to the leaked documents, CIA operatives must have some sort of technical information on their targets before using Grasshopper. Based on what operating system the target uses, what antivirus he's employing, and other technical details, the Grasshopper framework automatically puts together several components adequate for the job. To put together these components, operatives used a custom rule-based language to write build configs. In the end, Grasshopper delivers a Windows installer that field operatives can run on a target's machine and install their malware. The usage of a pre-infection form to deliver the most appropriate malware payload has also been seen in Fine Dining, another CIA toolkit that consists of malware-laced portable applications. Grasshopper is very modular, adapts to any operation Below is how the latest Grasshopper manual (v2.0.2) describes Grasshopper's modular architecture: As you can see, the CIA designed Grasshopper to be as malleable as possible, decoupling the installer from the final payload. The Grasshopper builder allows operatives to select the components they need for each operation and deliver a payload of their choice. The leaked documents intimate that Grasshopper installers can deliver payloads in EXE, DLL, SYS, or PIC formats, for x86 and x64 architectures, and payloads for getting persistence. In addition, Grasshopper can produce installers with built-in malicious payloads, or the payloads can be delivered at run-time from other locations. According to the leaked documents, the CIA claims "the installation executable should be loaded into and executed solely within memory," which means it is harder to pick up by traditional signature-based antivirus solutions. In fact, a lot of effort has been put into avoiding security products overall, which is consistent with the main rule of cyber-espionage, the one that says stealth is more important than results. Grasshopper borrowed code from the Carberp rootkit Along with the Grasshopper user guides, WikiLeaks also leaked the manual for Stolen Goods, one of the Grasshopper components used with installers to assure persistence on infected hosts. The document reveals that parts of Stolen Goods, as the name implies, were taken from the Carberp rootkit, used by the eponymous Russian cybercrime gang. Previously, it was discovered that the CIA also borrowed code from other malware families, such as HiKit, Shamoon, UpClicker, and the Nuclear Exploit Kit. Source
  8. WikiLeaks dumped yesterday the source code of a CIA tool called Marble, which according to previously leaked CIA manuals, the Agency classified as a code obfuscation framework. The WikiLeaks dump conveniently came a day after the Senate's open hearing on Russian election interference. Marble is not a tool for planting false flags Many news agencies incorrectly reported that Marble allows CIA's operators to plant false flags inside the malware they create thanks to a feature that inserts code comments written in various languages such as Chinese, Russian, Korean, Arabic, and Farsi. In reality, the Marble framework is a banal code obfuscation utility, like many other tools on the malware market. It's role is to scramble code so human operators can't read it and antivirus engines can't assign it to a known malware family. Nothing more. Marble is a banal code obfuscator "Based on less than 30 minutes of code review, I emphatically disagree with the [WikiLeaks] assertion that Marble is used for false flag ops," wrote on Twitter Rendition Infosec founder Jake Williams. "The [Marble] framework is just a string obfuscation library. It IS interesting, but not in the sense that it would allow for cyber false flag," the expert added. "The Chinese and Russian examples noted by WL only show that the tool was tested for Unicode support, nothing more." In the first batch of leaked CIA files, the ones containing CIA manuals and wiki pages, CIA operatives described Marble as follows: The framework also includes a deobfuscation component for reverting the scrambled code to a readable version when operators need to make changes to the malware's soruce code. According to WikiLeaks, the Marble framework reached v1.0 in 2015, and was used as late as 2016. The Marble source code is available for download from here and the documentation page is here. Source
  9. Watch what happens when you ask a Google Home about the CIA. Things get defensive, really fast. Nope, there's certainly no CIA spying going on here with the Google Home. Absolutely not. In fact, don't even bother asking the Google Home about the CIA. But if you do, the Google Home is going to get even more defensive. A YouTube clip from Michael Hraba shows the voice assistant's jargon-filled answer to "Do you know what the CIA is?" The question comes 14 days after WikiLeaks claimed to reveal the CIA's hacking tools, alleging the government agency spied on people through installing malware on their phones, computers and smart TVs. CNET is unable to verify whether the documents are real or have been altered. Google Home's response looked to make it very clear that their technology was safe from CIA spying. "No government entity, US or otherwise, has direct access to our user's information. Respect for the privacy and security of data you store with Google underpins our approach to producing data in response to legal requests. You can learn more in Google's transparency report." Google did not immediately respond to requests for comment. If you're confused by the assistant's answer, so is a person in the background of the video. "The hell is she talking about? I'm not even stoned and I don't understand what she's talking about," the voice said in the background. To make matters worse, the voice assistant didn't even answer the original question, on what the CIA is. It's like if somebody asked you do you know what cookies are and you answered with a rant talking about how you've never eaten sugar. Source
  10. New Vault 7 leaks show CIA can install persistent malware on OS X and iOS devices A new trove of documents belonging to Wikileak’s Vault 7 leaks, dubbed “Dark Matter” reveal that Apple devices including Macs and iPhones have been compromised by the CIA. They are affected by firmware malware meaning that even a re-installation of the operating system will not fix the device. The CIA’s Embedded Development Branch (EDB) have created several tools for exploiting Apple devices, these include: Sonic Screwdriver – allows an attacker to boot its malware from peripheral devices such as a USB stick. DarkSeaSkies – is an “implant” that persists in the EFI firmware of MacBook Air computers. It consists of “DarkMatter”, “SeaPea” and “NightSkies” which affect EFI, kernel-space, and user-space respectively. Triton – macOS malware. Dark Mallet – Triton infector. DerStake – EFI-persistent version of Triton. The documents show that DerStake was at version 1.4 as of 2013, but other documents show that as of 2016, the CIA was working on DerStake 2.0. According to Wikileaks, NightSkies can infect Apple iPhones, the organisation said what’s noteworthy is that NightSkies has been able to infect iPhones since 2008. The CIA documents say NightSkies is a “beacon/loader/implant tool”. It is “expressly designed” to be physically installed onto factory fresh iPhones meaning the CIA has been intercepting the iPhone supply chain of its targets since at least 2008. "Dark Matter" is just the latest release of documents from the wider Vault 7 leaks, more CIA documents are expected in the future. Main Source: Wikileaks Source
  11. Apple dismisses new WikiLeaks revelations Apple says those exploits the CIA used to hack into iPhones and Macs were fixed years ago. Following the new release of CIA classified documents by the WikiLeaks, Apple adopted the same stance it did after the first round of revelations, saying that it had already fixed the bugs mentioned there. The documents, which WikiLeaks say come from the CIA, detail a number of methods for compromising and breaking into Apple devices if an agent can get his or her hands on the device. "We have preliminarily assessed the Wikileaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013," Apple said on the matter. The Wikileaks poke The company also took the time to poke WikiLeaks a bit. Although it admits they have not negotiated any deals for information via WikiLeaks, Apple does say it has given them instructions to submit any information they wish via their normal process under standard terms. So far, no details were shared with them. This comes after Julian Assange said WikiLeaks would cooperate with tech companies to fix any security problems mentioned by the files, imposing a few conditions, however, like the companies having to release a patch within 90 days. Companies have been somewhat reluctant to make deals with WikiLeaks, especially since there are concerns regarding the source of the CIA files and whether writing patches based on them is a good idea under the circumstances. That being said, it's not exactly a surprise that the CIA has developed various techniques to get into people's phones. The Wiki files today discuss methods that require agents having physical access to the device. With enough time on one's hands, getting into a locked device, even an iPhone isn't impossible, although it's extremely difficult. If you'll remember, the CIA had a row with Apple last year over the decryption of the iPhone of the San Bernardino's shooter. Apple said it couldn't open the phone even if it wanted to, and the CIA eventually found another way in, a technique they are refusing to share with the public despite being sued over it. Their answer was, in short, that they're still using it and they can't share their secret cracking ways. Source
  12. The old expression about Washington, D.C., is that if you want a friend, get a dog! In the case of President Donald Trump, this is a lesson he has undoubtedly learned in his thus far short tenure as the commander in chief. Nowhere is this seen more than over the current controversy concerning the president’s claims that he was wiretapped, that is, illegally spied upon, by his predecessor’s administration, former President Barack Obama. As I have written in this Newsmax blog and elsewhere particularly of late, my client, former NSA and CIA contractor Dennis Montgomery, holds the keys to disproving the false claims of those representatives and senators on the House and Senate intelligence committees, reportedly as well as FBI Director James Comey, that there is no evidence that the president and his men were wiretapped. Montgomery left the NSA and CIA with 47 hard drives and over 600 million pages of information, much of which is classified, and sought to come forward legally as a whistleblower to appropriate government entities, including congressional intelligence committees, to expose that the spy agencies were engaged for years in systematic illegal surveillance on prominent Americans, including the chief justice of the Supreme Court, other justices, 156 judges, prominent businessmen such as Donald Trump, and even yours truly. Working side by side with Obama's former Director of National Intelligence (DIA), James Clapper, and Obama's former Director of the CIA, John Brennan, Montgomery witnessed “up close and personal” this “Orwellian Big Brother” intrusion on privacy, likely for potential coercion, blackmail or other nefarious purposes. But when Montgomery came forward as a whistleblower to congressional intelligence committees and various other congressmen and senators, including Senator Charles Grassley, Chairman of the Senate Judiciary Committee, who, like Comey, once had a reputation for integrity, he was “blown off;” no one wanted to even hear what he had to say. The reason, I suspect, is that Montgomery’s allegations were either too hot to handle, or the congressional intelligence and judiciary committees already knew that this unconstitutional surveillance was being undertaken. Moreover, given the power of the NSA, CIA, and DNI, for congressional committee heads to take action to legitimately and seriously investigate and if necessary recommend prosecution of officials like Clapper and Brennan could, given the way Washington works, result in the spy agencies disclosing and leaking (as occurred recently with General Michael Flynn), the details of their mass surveillance, ruining the careers if not personal lives of any politician who would take them on. After Montgomery was turned away as a whistleblower, he came to me at Freedom Watch. With the aid of the Honorable Royce C. Lamberth of the U.S. District Court for the District of Columbia, who I had come to respect and trust over the years of my public interest advocacy, we brought Montgomery forward to FBI Director James Comey, through his General Counsel James Baker. Under grants of immunity, which I obtained through Assistant U.S. Attorney Deborah Curtis, Montgomery produced the hard drives and later was interviewed under oath in a secure room at the FBI Field Office in the District of Columbia. There he laid out how persons like then-businessman Donald Trump were illegally spied upon by Clapper, Brennan, and the spy agencies of the Obama administration. He even claimed that these spy agencies had manipulated voting in Florida during the 2008 presidential election, which illegal tampering resulted in helping Obama to win the White House. This interview, conducted and videoed by Special FBI Agents Walter Giardina and William Barnett, occurred almost two years ago, and nothing that I know of has happened since. It would appear that the FBI’s investigation was buried by Comey, perhaps because the FBI itself collaborates with the spy agencies to conduct illegal surveillance. In landmark court cases which I filed after the revelations of Edward Snowden, the Honorable Richard Leon, a colleague of Judge Lamberth, had ruled that this type of surveillance constituted a gross violation of the Fourth Amendment to the Constitution. A few months ago, given FBI’s seeming inaction in conducting a bona fide timely investigation of the treasure trove of information Montgomery had produced and testified to, I went to Chairman Bob Goodlatte of the House Judiciary Committee, as I had done earlier with Senator Grassley, since Montgomery had revealed that judges had been spied upon, and asked his staff to inquire of Director Comey the status of the investigation. I have heard nothing back from Goodlatte or his staff and they have not responded to recent calls and emails. So last Thursday, I traveled to Capital Hill to personally meet with Chairman Devin Nunes (R-Ca.) of the House Intelligence Committee and, when his scheduler claimed that he was “unavailable,” forcefully pushed for a meeting with one of his committee lawyers, Allen R. Souza, and fully briefed him about Montgomery and the FBI’s apparent cover-up. I told this staff intel lawyer to inform Chairman Nunes of the facts behind this apparent cover-up before the committee holds its hearing on the alleged Trump wiretaps and questions Comey this Monday, March 20, in open session. My expressed purpose: to have Chairman Nunes of the House Intelligence Committee ask Comey, under oath, why he and his FBI have seemingly not moved forward with the Montgomery investigation. During my meeting with House Intelligence Committee counsel Allen R. Sousa I politely warned him that if Chairman Nunes, who himself had that same day undercut President Trump by also claiming that there is no evidence of surveillance by the Obama administration, I would go public with what would appear to be the House Intelligence Committee’s complicity in keeping the truth from the American people and allowing the FBI to continue its apparent cover-up of the Montgomery “investigation.” And, that is where it stands today. The big question: will House Intelligence Committee Chairman Nunes do his job and hold FBI Director Comey’s feet to the fire about the Montgomery investigation? Please watch the House Intelligence Committee hearing closely this Monday. http://www.newsmax.com/LarryKlayman/chariman-nunes-fbi-james-comey-montgomery-whitsleblower/2017/03/19/id/779551/ http://www.foxnews.com/politics/2017/03/23/trump-basks-in-nunes-surveillance-news-so-that-means-im-right.html
  13. WikiLeaks and tech companies don't trust each other It's been quite a few days since WikiLeaks promised it would work with tech companies to patch the security exploits featured in the CIA leak, but no steps have been taken thus far. Following the reveal of the Vault 7 files from WikiLeaks, multiple files indicated the CIA used zero-day exploits to get into people's systems, including Android and iOS devices, Windows PCs, Macs and Linux PCs. After exposing all these files for the world to see, a lot of pressure was put on WikiLeaks because they did not go to the tech companies beforehand, helping them patch up their systems. In response, WikiLeaks said they would work with tech companies to secure everything. Motherboard writes, however, that WikiLeaks made demands on the companies before it would hand over the details needed to patch the vulnerabilities, including a requirement to issue security patches within 90 days. Depending on the size of the bug, this may or may not be possible. There's also the fact that companies may not want to sign up to anything without knowing what the flaws are. Wiki has a side of its own The same sources say, however, that companies are somewhat reluctant to write patches based on WikiLeaks' information because there are concerns about the origins of the leak. The CIA could not confirm they are original because intelligence agencies never can. That makes everyone worry that Russia may have been responsible for forwarding the info to WikiLeaks and, in the process, may have tweaked the information, which could make companies open up their systems instead of making them safer. WikiLeaks has a different take on the story and says that companies such as Google are taking their time because they are, in fact, working with the US government and their relationship prevents them from fixing these kinds of flaws. It looks like everyone is suspicious of the other and, given the circumstances, some have more rights to be wary than the others. Source
  14. I am just copying the important chunks from this article The recent leaks reveal how, for years, CIA was busy hacking into many consumer electronics devices, including Wi-Fi routers, Samsung Smart TVs, iPhones and Android-powered devices. According to the documents, the agency employed specialized tools to exploit the security vulnerabilities in these devices and recorded videos, audio conversations, text messages, or anything that could help them keep tabs on the owners of those devices. According to WikiLeaks, many malwares and hacking tools were developed by EDG (Engineering Development Group), one of CIA’s own software development group, while some tools and applications were acquired from other government agencies or third-party dealers. The CIA dubbed these third-parties as their partners, and used codenames like SurfsUp, Peppermint, Anglerfish and Fangtooth. Forbes reported that these vulnerabilities are worth a lot in the market, i.e., over $1 million for every bug. Severity of the leaks: The malware created by CIA for hacking into users’ personal gadgets are so effective that they can safely bypass even the most popular security programs. Amongst Different OSs, Android Attracted the Most Exploits The popular Smartphone Operating System, Android, enjoys a major market share in the Smartphone industry. Perhaps, that’s what makes it one of the important targets for the Central Intelligence Agency. Amongst the many exploits reported by WikiLeaks, a good chunk of those exploits were especially developed to break into Android devices and applications. Chronos, purchased from Anglerish, exploits the security weaknesses of Android devices that are running on 4.0 Dugrito, another tool by Anglerfish, is a remote access exploit that hits devices running 4.0 – 4.1.2 Flamekimmer, a tool by SurfsUp, hits devices that use Broadcom Wi-fi chipsets, running OS 4.4.4 RCE bugs, by Anglerfish, Fangtooth, NSA and GCHQ, are remote access exploits that can be used for hacking into any device from anywhere Dragonfly, currently no information available except that it is a RCE bug for Android security exploits Sulfur, by Fangtooth, one of the most critical exploits that hits the kernel files of Android, leaking information remotely RoidRage, another tool that allows hackers to have remote access of the hacked device At first, WikiLeaks provided detailed information on these Android exploits by CIA but it later redacted the pages to prevent the actual codes from getting into the wrong hands.
  15. Most Major Antivirus Programs Bypassed By The CIA, Shows WikiLeaks Document WikiLeaks recently published thousands of documents that the organization said belongs to the CIA. Among them, there was a document that showed a list of antivirus and other security products that have been exploited and bypassed by the CIA. The list included the following software products: Comodo Avast F-Secure Zemana Antilogger Zone Alarm Trend Micro Symantec Rising Panda Security Norton Malwarebytes Anti-Malware EMET (Enhanced Mitigation Experience Toolkit) Microsoft Security Essentials McAfee Kaspersky GDATA ESET ClamAV Bitdefender Avira AVG You probably recognize most, if not all, of the products on that list. The list includes Microsoft’s “Security Essentials” antivirus program, which was later converted into the built-in “Windows Defender” program in Windows 8 and later, as well as EMET, Microsoft’s anti-exploit security tool (mainly for enterprise users). EMET was recently deprecated by Microsoft, because the company said that many of EMET’s anti-exploit features such as DEP, ASLR, Control Flow Guard (CFG), as well as other mitigations to bypass the User Account Control (UAC), were already built into Windows 10. Microsoft said that because the security features are built-in, they should offer better security than the ad-hoc security that EMET tried to provide. The CIA documents released by WikiLeaks date from 2014, before Windows 10 came out. Therefore, we don't know what new capabilities the CIA may have obtained since then, and whether or not the new Windows 10 security features were also bypassed. Bypassing Antivirus Programs The leaked documents pertaining to the list of antivirus programs that have been exploited by the CIA seem to have been redacted, likely by WikiLeaks. The organization said that it made over 70,000 redactions in total, mainly to remove harmful code (WikiLeaks has been accused in the past of “hosting malware” because the emails it released contained malware targeted at the recipients of the leaked emails), as well as personal details and IP addresses. However, it’s not clear why the organization removed the technical information about how most of the antivirus programs in the list were exploited. COMODO The CIA appears to give mixed praise to the anti-virus solution by Comodo, the self-described “global leader in cyber security solutions.” One post by an apparent CIA hacker published by WikiLeaks said Comodo is “a colossal pain in the posterior. It literally catches everything until you tell it not to.” Just don’t upgrade to Comodo 6. That version “doesn’t catch nearly as much stuff,” the hacker appears to say, describing a particularly glaring vulnerability as a “Gaping Hole of DOOM.” Melih Abdulhayoglu, Comodo’s chief executive, emphasized the first part of the post, saying that being called a pain by the CIA was “a badge of honor we will wear proudly.” In a statement, he said that the vulnerability described by the CIA was obsolete. Comodo 6 was released in 2013; Comodo 10 was released in January. KASPERSKY LAB This is one of the world’s leading providers of security protection. But it may not keep you safe from the CIA. A flaw in the code “enables us to bypass Kaspersky’s protections,” according to another post . Founder Eugene Kaspersky dismissed the comment, saying in a Twitter message that the flaw identified in the CIA leak was fixed “years ago.” A statement from his company said a second flaw apparently identified by the agency was fixed in December 2015. AVIRA A CIA hacker appears to say that this German-engineered anti-virus product is “typically easy to evade.” The firm said in a statement that it had fixed what it described as “a minor vulnerability” within a few hours of the WikiLeaks release. It added that it had no evidence that any of its users had been affected by the bug. AVG The CIA apparently had a trick to defeat AVG that was “totally sweet.” Ondrej Vlcek, the chief technology officer for AVG’s owner, Netherlands-based Avast, said that the CIA appeared to be discussing a “theoretical bypass” of AVG’s scanning engine which would have required additional work to successfully deploy as malicious software. “We would not consider it critical,” he said of the issue. Speaking via email, he added that it seemed the post was written “some time” ago. “This is in fact not an issue today given the current operation of the AVG products,” he said. F-SECURE One CIA hacker appeared to be particularly scathing about this Finnish firm’s security software. It’s a “lower tier product that causes us minimal difficulty,” one apparent hacker said . F-Secure noted that the company was described elsewhere , along with Avira, as an “annoying troublemaker.” It said there was a broader point to be made about the CIA’s apparent decision not to warn anti-virus companies about the flaws in their products. The agency “considered it more important to keep everybody unsecure … and maybe use the vulnerability for its own purposes or counter terrorism purposes,” F-Secure’s chief research officer Mikko Hypponen said in a statement. BITDEFENDER The posts aren’t complete enough to say for sure, but Bitdefender, a Romanian anti-virus product, seemed to cause CIA hackers a lot of trouble. One post appears to suggest that Bitdefender could be defeated by a bit of tinkering. Or maybe not. “Alas, we’ve just tried this,” a response to the post said. “Bitdefender is still mad.” Bitdefender representative Marius Buterchi said the only conclusion to draw was that “we are detecting the CIA tools.” Tomshardware cbslocal
  16. Windows phone users not targeted by CIA in hacking program The recent leaks regarding CIA’s hacking efforts proved once again that nobody is secure no matter the software or hardware they are using, but there’s one little thing that might be catching the attention of Windows phone fans: no devices powered by Microsoft’s mobile OS are on the list of targets for CIA’s hacking tools. In other words, the CIA hasn’t developed hacking solutions for Windows phones, while the majority of devices on the market, including here iPhones, Android phones, TVs, and Windows PCs and tablets were targeted with more or less advanced exploits taking advantage of zero-days and unpatched flaws. Of course, this can only be good news for those using Windows phones, but on the other hand, it also raises a question whose answer is not that difficult to figure out: why hasn’t the CIA targeted Windows phones too? As reddit user sannhetenunder puts it, this might be “security through obscurity,” as CIA most likely ignored Windows phones for the simple fact that a dropping number of people continue using the platform. The Windows Phone drop On the other hand, users who want to see the glass half-full will probably claim that it all happened because Windows phones are impossible to break, though that’s unlikely to be the case. Windows 10 Mobile is indeed one of the most secure mobile platforms out there, but with CIA’s hacking power, it’s hard to believe this is the reason the agency didn’t target Windows phones as part of this recently-leaked program. For what it’s worth, Windows phones are currently at approximately 0.5 percent market share, and research firms expect the platform to continue its massive drop in the coming years. More recently, analyst house IDC projected a drop to 0.0 percent market share for Windows phones by 2021, estimating that sales could total approximately 800,000 units worldwide. Microsoft, on the other hand, continues to remain tight-lipped on everything related to its mobile platform, and it might be this uncertainty the one that contributed to the CIA staying away from targeting Windows phones with its hacking tools. Or maybe the CIA itself is planning to hack Windows phones soon™. Source
  17. Secret CIA Assessment Says Russia Was Trying To Help Trump Win White House CIA officials told senators it is now “quite clear” that electing Donald Trump was Russia’s goal. In an interview on Fox News Sunday on Dec. 11, President-elect Trump denied the CIA's assessment. (Victoria Walker/The Washington Post) The CIA has concluded in a secret assessment that Russia intervened in the 2016 election to help Donald Trump win the presidency, rather than just to undermine confidence in the U.S. electoral system, according to officials briefed on the matter. Intelligence agencies have identified individuals with connections to the Russian government who provided WikiLeaks with thousands of hacked emails from the Democratic National Committee and others, including Hillary Clinton’s campaign chairman, according to U.S. officials. Those officials described the individuals as actors known to the intelligence community and part of a wider Russian operation to boost Trump and hurt Clinton’s chances. “It is the assessment of the intelligence community that Russia’s goal here was to favor one candidate over the other, to help Trump get elected,” said a senior U.S. official briefed on an intelligence presentation made to U.S. senators. “That’s the consensus view.” The Post's Ellen Nakashima goes over the events, and discusses the two hacker groups responsible. (Jhaan Elker/The Washington Post) The Obama administration has been debating for months how to respond to the alleged Russian intrusions, with White House officials concerned about escalating tensions with Moscow and being accused of trying to boost Clinton’s campaign. [U.S. government officially accuses Russia of hacking campaign to interfere with elections] In September, during a secret briefing for congressional leaders, Senate Majority Leader Mitch McConnell (R-Ky.) voiced doubts about the veracity of the intelligence, according to officials present. The Trump transition team dismissed the findings in a short statement issued Friday evening. “These are the same people that said Saddam Hussein had weapons of mass destruction. The election ended a long time ago in one of the biggest Electoral College victories in history. It’s now time to move on and ‘Make America Great Again,’ ” the statement read. Trump has consistently dismissed the intelligence community’s findings about Russian hacking. “I don’t believe they interfered” in the election, he told Time magazine this week. The hacking, he said, “could be Russia. And it could be China. And it could be some guy in his home in New Jersey.” The CIA shared its latest assessment with key senators in a closed-door briefing on Capitol Hill last week, in which agency officials cited a growing body of intelligence from multiple sources. Agency briefers told the senators it was now “quite clear” that electing Trump was Russia’s goal, according to the officials, who spoke on the condition of anonymity to discuss intelligence matters. Sen. Lindsey Graham (R-S.C.) says he wants to investigate whether Russia interfered with the 2016 U.S. election, amongst claims that Donald Trump's rhetoric on Russia and Vladimir Putin is too soft. (Peter Stevenson/The Washington Post) The CIA presentation to senators about Russia’s intentions fell short of a formal U.S. assessment produced by all 17 intelligence agencies. A senior U.S. official said there were minor disagreements among intelligence officials about the agency’s assessment, in part because some questions remain unanswered. For example, intelligence agencies do not have specific intelligence showing officials in the Kremlin “directing” the identified individuals to pass the Democratic emails to WikiLeaks, a second senior U.S. official said. Those actors, according to the official, were “one step” removed from the Russian government, rather than government employees. Moscow has in the past used middlemen to participate in sensitive intelligence operations so it has plausible deniability. Julian Assange, the founder of WikiLeaks, has said in a television interview that the “Russian government is not the source.” The White House and CIA officials declined to comment. On Friday, the White House said President Obama had ordered a “full review” of Russian hacking during the election campaign, as pressure from Congress has grown for greater public understanding of exactly what Moscow did to influence the electoral process. “We may have crossed into a new threshold, and it is incumbent upon us to take stock of that, to review, to conduct some after-action, to understand what has happened and to impart some lessons learned,” Obama’s counterterrorism and homeland security adviser, Lisa Monaco, told reporters at a breakfast hosted by the Christian Science Monitor. Obama wants the report before he leaves office Jan. 20, Monaco said. The review will be led by James Clapper, the outgoing director of national intelligence, officials said. During her remarks, Monaco didn’t address the latest CIA assessment, which hasn’t been previously disclosed. Seven Democratic senators last week asked Obama to declassify details about the intrusions and why officials believe that the Kremlin was behind the operation. Officials said Friday that the senators specifically were asking the White House to release portions of the CIA’s presentation. This week, top Democratic lawmakers in the House also sent a letter to Obama, asking for briefings on Russian interference in the election. U.S. intelligence agencies have been cautious for months in characterizing Russia’s motivations, reflecting the United States’ long-standing struggle to collect reliable intelligence on President Vladi­mir Putin and those closest to him. In previous assessments, the CIA and other intelligence agencies told the White House and congressional leaders that they believed Moscow’s aim was to undermine confidence in the U.S. electoral system. The assessments stopped short of saying the goal was to help elect Trump. On Oct. 7, the intelligence community officially accused Moscow of seeking to interfere in the election through the hacking of “political organizations.” Though the statement never specified which party, it was clear that officials were referring to cyber-intrusions into the computers of the DNC and other Democratic groups and individuals. Some key Republican lawmakers have continued to question the quality of evidence supporting Russian involvement. “I’ll be the first one to come out and point at Russia if there’s clear evidence, but there is no clear evidence — even now,” said Rep. Devin Nunes (R-Calif.), the chairman of the House Intelligence Committee and a member of the Trump transition team. “There’s a lot of innuendo, lots of circumstantial evidence, that’s it.” [U.S. investigating potential covert Russian plan to disrupt elections] Though Russia has long conducted cyberspying on U.S. agencies, companies and organizations, this presidential campaign marks the first time Moscow has attempted through cyber-means to interfere in, if not actively influence, the outcome of an election, the officials said. The reluctance of the Obama White House to respond to the alleged Russian intrusions before Election Day upset Democrats on the Hill as well as members of the Clinton campaign. Within the administration, top officials from different agencies sparred over whether and how to respond. White House officials were concerned that covert retaliatory measures might risk an escalation in which Russia, with sophisticated cyber-capabilities, might have less to lose than the United States, with its vast and vulnerable digital infrastructure. The White House’s reluctance to take that risk left Washington weighing more-limited measures, including the “naming and shaming” approach of publicly blaming Moscow. By mid-September, White House officials had decided it was time to take that step, but they worried that doing so unilaterally and without bipartisan congressional backing just weeks before the election would make Obama vulnerable to charges that he was using intelligence for political purposes. Instead, officials devised a plan to seek bipartisan support from top lawmakers and set up a secret meeting with the Gang of 12 — a group that includes House and Senate leaders, as well as the chairmen and ranking members of both chambers’ committees on intelligence and homeland security. Obama dispatched Monaco, FBI Director James B. Comey and Homeland Security Secretary Jeh Johnson to make the pitch for a “show of solidarity and bipartisan unity” against Russian interference in the election, according to a senior administration official. Specifically, the White House wanted congressional leaders to sign off on a bipartisan statement urging state and local officials to take federal help in protecting their voting-registration and balloting machines from Russian cyber-intrusions. Though U.S. intelligence agencies were skeptical that hackers would be able to manipulate the election results in a systematic way, the White House feared that Russia would attempt to do so, sowing doubt about the fundamental mechanisms of democracy and potentially forcing a more dangerous confrontation between Washington and Moscow. [Putin denies that Russia hacked the DNC but says it was for the public good] In a secure room in the Capitol used for briefings involving classified information, administration officials broadly laid out the evidence U.S. spy agencies had collected, showing Russia’s role in cyber-intrusions in at least two states and in hacking the emails of the Democratic organizations and individuals. And they made a case for a united, bipartisan front in response to what one official described as “the threat posed by unprecedented meddling by a foreign power in our election process.” The Democratic leaders in the room unanimously agreed on the need to take the threat seriously. Republicans, however, were divided, with at least two GOP lawmakers reluctant to accede to the White House requests. According to several officials, McConnell raised doubts about the underlying intelligence and made clear to the administration that he would consider any effort by the White House to challenge the Russians publicly an act of partisan politics. Some of the Republicans in the briefing also seemed opposed to the idea of going public with such explosive allegations in the final stages of an election, a move that they argued would only rattle public confidence and play into Moscow’s hands. McConnell’s office did not respond to a request for comment. After the election, Trump chose McConnell’s wife, Elaine Chao, as his nominee for transportation secretary. Some Clinton supporters saw the White House’s reluctance to act without bipartisan support as further evidence of an excessive caution in facing adversaries. “The lack of an administration response on the Russian hacking cannot be attributed to Congress,” said Rep. Adam B. Schiff (Calif.), the ranking Democrat on the House Intelligence Committee, who was at the September meeting. “The administration has all the tools it needs to respond. They have the ability to impose sanctions. They have the ability to take clandestine means. The administration has decided not to utilize them in a way that would deter the Russians, and I think that’s a problem.” Philip Rucker contributed to this report. Source Alternate Source - Intelligence Figures Fear Trump Reprisals Over Assessment Of Russia Election Role Also Read:
  18. Thanks to the power of algorithms, machine learning, and open source data sets. Back in March 2015, the CIA chief began setting up a new office, the Directorate of Digital Innovation, to integrate the latest tech into the agency's data-gathering workflow along with boosting the country's cyber defense. According to its director, the department has helped the CIA as a whole improve its "anticipatory intelligence." Speaking at the Next Tech event yesterday, Deputy Director for Digital Innovation Andrew Hallman noted that, in some instances, they've been able to forecast social unrest and societal instability in other countries by as much as three to five days out. That "anticipatory intelligence" has been boosted through a combination of algorithms and analytics to predict the flow of illicit goods or extremists, according to Defense One. Deep and machine learning makes sense of seemingly disparate data, helping analysts see patterns to anticipate national security threats. And then they apply it to the world. "What we're trying to do within a unit of my directorate is leverage what we know from social sciences on the development of instability, coups and financial instability, and take what we know from the past six or seven decades and leverage what is becoming the instrumentation of the globe," Hallman said during yesterday's event. They don't just pore through the intelligence community's own proprietary information, either. The Digital Innovation department has been using more and more open source data sets with specialists who can combine public and agency information to draw more nuanced conclusions, which CIA director John Brennan called a tremendous advantage. Combined with their increasing surveillance of social media, the agency is clearly looking to gobble up as much information as possible. With tech's best data-parsing tools, they hope to get days of lead time to prepare for riots and social decay across the globe. But how successful they are and how far ahead they can accurately anticipate it is uncertain. 1st posted on : Defense One Source: https://www.engadget.com/2016/10/05/cia-claims-it-can-predict-some-social-unrest-up-to-5-days-ahead/
  19. If you're a CIA Director, one would assume that you know how to be cool under fire, right? Apparently that's not the case for current CIA Director John Brennan who seemed to completely freak out when Senator Ron Wyden started asking questions about the CIA's infamous decision to spy on the network and computers of Senate Intelligence Committee staffers who were compiling a report on the CIA's torture program. The details are a bit complex, but the short version is that the Intelligence Committee, which has oversight powers over the CIA, had been set up in a CIA building, with special access to CIA documents, and a special search tool. Apparently, at some point, that search tool returned a document which the CIA had never intended to share with the intelligence committee staffers. That document, called "the Panetta Review" was a draft document that then-CIA chief Leon Panetta had tasked people internal at the CIA to prepare on what the Senate Intelligence Committee staffers were likely to find as they went through the documents. Yes, this is fairly meta. You had Senate staffers reviewing CIA documents, and at the same time, the CIA reviewing those same documents to try to get out ahead of any controversy -- and to make matters confusing, the Senate staffers then got access to that CIA review document as part of their regular searches. When the CIA was questioned about this Panetta review, they freaked out, wondering how the Senate staffers got their hands on the document, and did what the CIA does: they spied on the Senate staffers' computers and network to try to determine how they got the document in the first place. This was despite a promise from the CIA that the Senate staffers' computers and network were considered off-limits (due to an even earlier incident). That resulted in Senator Dianne Feinstein accusing the CIA of illegally spying on the Senate (its overseers). In response, Brennan first denied the spying altogether, and then insisted that it was the Senate staffers who broke the law, saying they illegally mishandled classified CIA documents in how they handled the Panetta Review. Eventually, the DOJ decided that there wasn't enough evidence that either side broke the law, and refused to make any criminal charges either way. While both the CIA's Inspector General and a special review board Brennan himself set up found that the CIA did, in fact, spy on the Senate staffers' network and computers, and that this was inappropriate, neither seemed to say that it rose to a truly controversial level. Not surprisingly, the review board Brennan set up himself cleared him of wrongdoing. Mixed in with all of this are remaining questions about how involved Brennan himself actually was in all of this (he refuses to say) and an ongoing request for an apology. While the CIA's Inspector General claimed that Brennan apologized for the breach, later reporting by Jason Leopold at Vice showed that Brennan had drafted an apology, but never sent it. Instead, he apparently provided a very narrow apology solely to Feinstein and then vice chair Saxby Chambliss, basically of the "I'm sorry if what did upset you" manner. Given this, during a rare open Senate Intelligence Committee hearing, Wyden decided to quiz Brennan about all of this, leading to a rather sarcastic and testy exchange that needs to be watched to be believed: Immediately, Brennan gets snarky, noting that "This is the annual threat assessment, is it not? Yes?" implying that he doesn't think it's appropriate for Wyden to be bringing up this "other" topic in such a hearing. And it only gets worse from there. He immediately jumps to the argument, again, that it was the Senate staffers' fault for getting access to a document he didn't want them to see. He then says the CIA therefore had an "obligation" to find out how that happened. And then he, somewhat insultingly, suggests that Senator Wyden had not actually read the IG's account, or the report of the review panel that Brennan himself set up. Wyden cuts him off, quoting directly from the report and notes that other agencies have all said it would be inappropriate to review Senate oversight computer systems, and asks Brennan if he disagrees. Brennan is clearly pissed off: Wyden then admits his time is up... but Brennan's so angry that he won't give up. He breaks all proper Senate hearing protocol and jumps back in, asking Wyden to say, again, that it was the Senate staffers' fault for accessing the Panetta Review: Wyden angrily points out that everything the Senate staffers did was appropriate, and anyway, he's now asking about the CIA's activities, and points to the Inspector General review and the other review board... all the while with Brennan angrily shaking his head at Wyden. When Wyden finishes, Brennan goes back to being snarky, saying: And then there's this: In short: even if you have oversight over us, don't mess with the CIA, Senator. That's quite a statement. He then goes on to again claim that Wyden is mischaracterizing everything, and that what the CIA did was entirely appropriate. Wyden concludes: Indeed. https://www.techdirt.com/articles/20160209/18023733567/cia-director-freaks-out-after-senator-wyden-points-out-how-cia-spied-senate.shtml
  20. Police at the University of Washington have opened an investigation into an alleged burglary which occurred in the offices of the school’s Center for Human Rights last week. Angelina Snodgrass Godoy, a University of Washington professor and the director of the center, claims that a computer and a hard drive were filched in a super-stealthy break-in, reports The Seattle Times. The computer and the hard drive contain confidential information concerning a freedom-of-information lawsuit the human rights group filed earlier this month against the Central Intelligence Agency. The break-in occurred at some undetermined time between Thursday and Sunday, Godoy said. The now-disappeared hard drive held “about 90 percent” of a set of El Salvador-related research which is at the heart of the lawsuit, the professor also claimed. Godoy admitted that the alleged burglary may have been nothing more than a “common crime.” However, a press release from the University of Washington Center for Human Rights suggests that clandestine government espionage could be afoot. The burglary has all the earmarks of professional job against the tiny center (which has a staff of two), the center says. Signs of forced entry are absent. The office was not ransacked. Thus, the center alleges, the bandit (or bandits) must have delicately rooted around the office for the hard drive and computer. Also, the culprit carefully relocked the door upon leaving. These are “characteristics that do not fit the pattern of an opportunistic campus theft,” a press release obtained by the Times concludes. The Center for Human Rights also questions the timing of the incident because the group filed its lawsuit against the CIA just weeks ago. Additionally, the alleged theft happened around the same time that CIA director John O. Brennan was speaking at a law symposium on the University of Washington campus — the perfect time for the CIA to snatch a hard drive when no one would ever suspect it. The human rights group’s lawsuit asks a federal district court in Seattle to release records relating to an alleged massacre of scores of civilians during the long 1980s-era civil war in El Salvador between the government and communist insurgents. The military commander involved had once attended military training sessions in the United States. “We believe that the CIA is unlawfully withholding documents regarding a commander of the military operation that resulted in the Santa Cruz massacre, as well as files on a U.S. citizen caught up in the operation,” Godoy explained in a Center for Human Rights press release (also available in Spanish). Godoy said she has all the data backed up on an external hard drive. “What worries us most is not what we have lost but what someone else may have gained,” the Center for Human Rights declared. “The files include sensitive details of personal testimonies and pending investigations.” The Center is concerned that the pilfered information could now imperil the lives of human rights advocates in El Salvador. Officials with University of Washington warned against connecting the alleged theft to CIA Director Brennan’s campus visit. “Connecting those dots” might not be prudent but the school is taking the theft “very seriously,” school spokesman Norm Arkans told the Times. He called the incident “suspicious.” Citing the ongoing investigation, Godoy refused to comment on the alleged burglary. University of Washington police are also tight-lipped. “Right now, we just know that we have some missing hardware,” police spokesman Steven Rittereiser told the Seattle newspaper. Under Executive Order 12333, signed by Ronald Reagan in 1981, the CIA is prohibited from collecting intelligence or spying within the United States. “Collection within the United States of foreign intelligence not otherwise obtainable shall be undertaken by the FBI or, when significant foreign intelligence is sought, by other authorized agencies of the Intelligence Community, provided that no foreign intelligence collection by such agencies may be undertaken for the purpose of acquiring information concerning the domestic activities of United States persons,” the order reads. According the taxpayer-funded University of Washington’s Center for Human Rights website, Godoy’s interests include Latin America, labor rights, “health as a human right” and environmental justice. Source