January 20, 2021
Hot Topics:

WikiLeaks Docs Reveal CIA Coding Practices

  • By Developer.com Staff

Among the thousands of documents from the Central Intelligence Agency (CIA) that WikiLeaks recently posted online, a few of the classified documents detail the agency's best practices for developing hacking tools. However, much of the information included seems to be simple common sense or outdated information.

Ars Technica posted some excerpts from the documents, including the following:

  • "DO NOT leave dates/times such as compile timestamps, linker timestamps, build times, access times, etc. that correlate to general US core working hours (i.e. 8am-6pm Eastern time)."
  • "DO NOT have data that contains CIA and USG cover terms, compartments, operation code names or other CIA and USG specific terminology in the binary."
  • "DO NOT have 'dirty words' in the binary. Dirty words, such as hacker terms, may cause unwarranted scrutiny of the binary file in question."
  • "DO NOT perform operations that will cause the target computer to be unresponsive to the user (e.g. CPU spikes, screen flashes, screen 'freezing', etc."
  • "DO NOT solely rely on SSL/TLS to secure data in transit."

View article

This article was originally published on March 9, 2017

Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Thanks for your registration, follow us on our social networks to keep up-to-date