On March 7, the US awoke to a fresh cache of internal CIA documents posted on WikiLeaks. They detail the spy organization’s playbook for cracking digital communications. WikiLeaks claims to have large portions of the CIA’s hacking arsenal in a series called Vault 7 (though the first information dump didn’t contain any of the code used to actually crack modern smartphones and internet-connected devices).
These documents, if legitimate, show exactly how a spy agency uses a technologically saturated culture to its own ends. As such they’re a neat foil to the National Security Agency secrets unveiled by Edward Snowden in 2013. As NPR writes, “other leaks featured program overviews; these are developer notes.” Many of the CIA documents outlined “zero-day exploits”—undetected security loopholes—in software made by companies like Apple, Google, and Samsung.
Ironically, though, the Vault 7 dump also shows just how strong modern encryption and privacy measures are. While Snowden revealed that telcos handed over data about their customers to the NSA in bulk, there is no sign in the Vault 7 documents that the CIA can hack into encrypted messaging apps like WhatsApp or Signal and use that to carry out mass surveillance. To see what’s on your phone, the agency must get access to the phone itself. Zeynep Tufekci, writing in the New York Times, said security researchers she interviewed saw “no big surprises or unexpected wizardry.”
There’s also one other big difference between now and 2013. Snowden’s NSA revelations sent shockwaves around the world. Despite WikiLeaks’ best efforts at theatrics—distributing an encrypted folder and tweeting the password “SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds”—the Vault 7 leak has elicited little more than a shrug from the media and the public, even if the spooks are seriously worried. Maybe it’s because we already assume the government can listen to everything.