dcsimg
June 21, 2018
Hot Topics:

WikiLeaks Docs Reveal CIA Coding Practices

  • March 9, 2017
  • By Developer.com Staff

Among the thousands of documents from the Central Intelligence Agency (CIA) that WikiLeaks recently posted online, a few of the classified documents detail the agency's best practices for developing hacking tools. However, much of the information included seems to be simple common sense or outdated information.

Ars Technica posted some excerpts from the documents, including the following:

  • "DO NOT leave dates/times such as compile timestamps, linker timestamps, build times, access times, etc. that correlate to general US core working hours (i.e. 8am-6pm Eastern time)."
  • "DO NOT have data that contains CIA and USG cover terms, compartments, operation code names or other CIA and USG specific terminology in the binary."
  • "DO NOT have 'dirty words' in the binary. Dirty words, such as hacker terms, may cause unwarranted scrutiny of the binary file in question."
  • "DO NOT perform operations that will cause the target computer to be unresponsive to the user (e.g. CPU spikes, screen flashes, screen 'freezing', etc."
  • "DO NOT solely rely on SSL/TLS to secure data in transit."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

×
We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date