The WikiLeaks CIA release: When will we learn?

to have always-on and network-enabled microphones or cameras in every room of the house. Despite many of these devices being sold with insecure default settings, the market is growing very rapidly. More and more people are buying Google Home or Amazon Echo devices, Wi-Fi enabled baby monitors and even internet-connected home-security equipment.

These have already caused problems for families whose devices overheard a TV newscaster and ordered dollhouses or whose kids were tracked by a teddy bear. And large parts of the internet were disrupted when many “smart” devices were hijacked and used to attack other networked systems.

Phones were a key target
The CIA also explored ways to take control of smartphone operating systems, allowing the agency to monitor everything a phone’s user did, said or typed on the device. Doing so would provide a way around post-Snowden encrypted communications apps like WhatsApp and Signal. However, some of the CIA’s methods of attack have already been blocked by technology vendors’ security updates.

The CIA’s apparent ability to hack smartphones casts doubt on the need for officials’ repeated calls to weaken mobile phone encryption features. It also weakens the government’s claim that it must strengthen surveillance by not telling tech companies when it learns of security weaknesses in everyday products. Just like the door to your house, technological vulnerabilities work equally well in providing access to both “good guys” and “bad guys.”

Ultimately, as a society, we must continue to debate the trade-offs between the conveniences of modern technologies and security/privacy. There are definite benefits and conveniences from pervasive and wearable computing, smart cars and televisions, internet-enabled refrigerators and thermostats, and the like. But there are very real security and privacy concerns associated with installing and using them in our personal environments and private spaces. Additional problems can come from how our governments address these issues while respecting popular opinion and acknowledging the capabilities of modern technology.

As citizens, we must decide what level of risk we – as a nation, a society and as individuals – are willing to face when using internet-connected products.

We’re frequent attackers – but bad defenders
The WikiLeaks release also reconfirms a reality the United States might prefer to keep quiet: While the government objects to others’ offensive cyberattacks against the United States, we launch them too. This isn’t news, but it hurts America’s reputation as