![](\"http:\/\/zapt2.staticworld.net\/images\/article\/2017\/03\/wikileaks-100712683-large.3x2.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Michael Kan| Date: Thu, 09 Mar 2017 19:06:00 -0800<\/strong><\/p>\n WikiLeaks plans to\u00a0share<\/a>\u00a0details about what it says are CIA hacking tools with the tech companies so that software fixes can be developed. <\/p>\n But will software companies want it? <\/p>\n The information WikiLeaks plans to share comes from\u00a08,700-plus documents it says were stolen from an internal CIA server. If the data is classified — and it almost certainly is — possessing it would be a crime. <\/p>\n That was underlined on Thursday by\u00a0White House press secretary Sean Spicer, who\u00a0advised tech vendors to consider the legal consequences of receiving documents from WikiLeaks. <\/p>\n \u201cIf a program or a piece of information is classified, it remains classified regardless of whether or not it is released into the public venue or not,\u201d he said.\u00a0\u201cThere\u2019s a reason that we have classification levels, and that\u2019s to protect our country and our people.\u201d <\/p>\n However, his comments aren\u2019t sitting well with some legal experts. <\/p>\n \u201cThe idea that the government might stand in the way of companies fixing vulnerabilities that have already been disclosed is remarkable — and reckless,\u201d Patrick Toomey, an attorney with the American Civil Liberties Union, said in an email. <\/p>\n Cindy Cohn, an attorney and executive director at the Electronic Frontier Foundation said using\u00a0U.S. law to penalize vendors would be a “gross misuse.” <\/p>\n U.S. laws about security clearances on classified documents were never designed with software patching in mind, she said. <\/p>\n \u00a0\u201cIt would be really wrong-headed for the government to go after these companies for simply trying to make their technologies more secure,\u201d Cohn said. \u201cIt\u2019s exactly the opposite of what they (the U.S. government) should be doing.\u201d <\/p>\n To-date, the CIA hasn\u2019t confirmed whether any of the documents published by Wikileaks are legitimate, but there is widespread belief they are. <\/p>\n Tuesday’s dump by WikiLeaks contained information on numerous exploits aimed at\u00a0smartphones, PCs and software from major vendors including Apple, Google and Microsoft, but the source code for the attack tools wasn’t published. <\/p>\n On Thursday, WikiLeaks founder\u00a0Julian Assange said tech vendors would be given \u201cexclusive access\u201d to the tools, so they could learn how to\u00a0better secure<\/a>\u00a0their products. <\/p>\n \u201cWikiLeaks has a lot more information on what has been going on with the (CIA) cyberweapons program,\u201d Assange said. <\/p>\n And there’s another worry: If WikiLeaks managed to get its hands on the data, it could be elsewhere too, increasing the risk that companies and consumers are being watched online. <\/p>\n So the U.S. government should be \u00a0helping tech vendors patch the vulnerabilities involved in the leak,\u00a0said John Bambenek, manager of threat systems at Fidelis Cybersecurity. <\/p>\n \u201cRight now, there\u2019s only risk and no reward,\u201d Bambenek said. \u201cWe need to fix that risk.\u201d <\/p>\n It’s unclear when WikiLeaks plans to begin sharing the information. <\/p>\n On Thursday, vendors including Microsoft, along with the security firms Avira and Comodo, said that WikiLeaks hasn\u2019t contacted them yet. \u00a0 <\/p>\n \u201cOur preferred method for anyone with knowledge of security issues, including the CIA or WikiLeaks, is to submit details to us at\u00a0secure@microsoft.com<\/a>,\u201d Microsoft said in an email. \u00a0 <\/p>\n Others such as antivirus vendor Bitdefender said they expect WikiLeaks to reach out to them probably over the following days. <\/p>\n \u201cIf WikiLeaks do want to reach out to us, we are always grateful for an opportunity to make our products even better,\u201d the company said in an email. <\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Credit to Author: Michael Kan| Date: Thu, 09 Mar 2017 19:06:00 -0800<\/strong><\/p>\n<\/p>\n