THE LINUX FOUNDATION has become the latest firm to responded to the revelations that its products have been compromised by the CIA.
Wikileaks on Tuesday published 8,761 documents dubbed 'Year Zero', the first part in a series of leaks on the agency that Wikileaks has dubbed 'Vault 7'.
The whistleblowing foundation claims the document dump reveals full details of the CIA's 'global covert hacking program', including 'weaponised exploits' used against operating systems including Android, iOS, Linux, macOS, Windows and "even Samsung TVs, which are turned into cover microphones".
In a statement given to INQ, Nicko van Someren, chief technology officer at The Linux Foundation said that the open source nature of Linux means its continuously updated with security fixes, unlike other operating systems.
"Linux is a very widely used operating system, with a huge installed base all around the world, so it is not surprising that state agencies from many countries would target Linux along with the many closed source platforms that they have sought to compromise," he said.
"Linux is an incredibly active open source project. Thousands of professional developers and volunteers - including many of the most talented in the world - are constantly contributing improvements and fixes to the project. This allows the kernel team to release updates every few days - one of the fastest release cycles in the industry. Rapid release cycles enable the open source community to fix vulnerabilities and release those fixes to users faster.
"Further, The Linux Foundation's Core Infrastructure Initiative (CII), which has the backing of many leading technology companies, is working to actively assist open source projects globally to help them develop their code using best practices proven to yield more secure results. Decades of software development tell us software will never be bug-free.
"Through the work of open source communities, assistance from programs like CII and engagement with a vast pool of talent and support from contributing companies, we can enable open source software communities to continue producing some of the most secure software on the planet."
The leaked documents claim that CIA's Mobile Devices Branch has created multiple tools for hacking both Android and iOS smartphones, enabling it to remotely acquire location data, audio and text communications, and to switch on the phones' camera and microphones at will.
Apple has released a statement and claims it has already fixed many of the vulnerabilities exploited by the CIA.
"The technology built into today's iPhone represents the best data security available to consumers, and we're constantly working to keep it that way," a spokesperson told the BBC.
"Our products and software are designed to quickly get security updates into the hands of our customers, with nearly 80 per cent of users running the latest version of our operating system.
"While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities.
"We always urge customers to download the latest iOS to make sure they have the most recent security update."
Google, echoing Apple's remarks, telling Mashable: "As we've reviewed the documents, we're confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities.
"Our analysis is ongoing and we will implement any further necessary protections. We've always made security a top priority and we continue to invest in our defences."
Microsoft's Windows OS is also named also a target, with Wikileaks noting that "the CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware."
In response, Microsoft said vaguely that it is "are aware of the report in question" and "urgently looking into the matter."
Perpahs one of Wikileaks' most shocking revelations was that the CIA is also targeting Samsung smart TVs using a surveillance technique dubbed 'Weeping Angel', which was reportedly created in partnership with the UK's MI5.
This tool allegedly allows government agencies to place Samsung TVs into "fake-off mode", that allows conversations to be recorded even when the television appears to be switched off.
Samsung has responded and, like Microsoft, said it's urgently looking into it.
"Protecting consumers' privacy and the security of our devices is a top priority at Samsung," a spokesperson said. "We are aware of the report in question and are urgently looking into the matter."
Naturally, human rights watchdog Privacy International has been quick to comment on the revelations.
"If today's leaks are authenticated, they demonstrate what we've long been warning about government hacking powers - that they can be extremely intrusive, have enormous security implications, and are not sufficiently regulated," a spokesperson told the INQUIRER.
"Insufficient security protections in the growing amount of devices connected to the internet or so-called "smart" devices, such as Samsung Smart TVs, only compound the problem, giving governments easier access to our private lives. If the CIA knew of security weaknesses in the devices many of us use - from "smart" phones to "smart" TVs - they should have been working with companies to fix the vulnerabilities, not exploit them.
"Privacy International continues to fight for transparency and accountability around government hacking and sharing powers, as well as improvements in the security of our networks and devices.
"Without such, we increasingly face a world where we are vulnerable in ways most of us cannot imagine, and our governments contribute to the problem as often as they try to fix it." µ
Toronto? More like Torrent-o
Firm claims changes come as a result or, er, 'customer feedback'
Hip hip Huawei
Big game hunting