dcsimg
November 20, 2017
Hot Topics:

WikiLeaks Docs Reveal CIA Coding Practices

  • March 9, 2017
  • By Developer.com Staff

Among the thousands of documents from the Central Intelligence Agency (CIA) that WikiLeaks recently posted online, a few of the classified documents detail the agency's best practices for developing hacking tools. However, much of the information included seems to be simple common sense or outdated information.

Ars Technica posted some excerpts from the documents, including the following:

  • "DO NOT leave dates/times such as compile timestamps, linker timestamps, build times, access times, etc. that correlate to general US core working hours (i.e. 8am-6pm Eastern time)."
  • "DO NOT have data that contains CIA and USG cover terms, compartments, operation code names or other CIA and USG specific terminology in the binary."
  • "DO NOT have 'dirty words' in the binary. Dirty words, such as hacker terms, may cause unwarranted scrutiny of the binary file in question."
  • "DO NOT perform operations that will cause the target computer to be unresponsive to the user (e.g. CPU spikes, screen flashes, screen 'freezing', etc."
  • "DO NOT solely rely on SSL/TLS to secure data in transit."

View article


Share



Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Sitemap | Contact Us

Thanks for your registration, follow us on our social networks to keep up-to-date