Tech Policy Podcast

#166: Hacking the CIA

Episode Summary

Earlier this month, Wikileaks published 9,000 pages of hacked CIA files. The haul, dubbed “Vault 7,” catalogues some of the spy agency’s hacking techniques, including exploits of Android and iOS phones, and even Samsung Smart TVs. When the feds discover vulnerabilities in the products we use, should they tell the companies so they can patch things up? Or does the government sometimes need to keep these things secret for national security purposes? What are the trade-offs? Evan is joined by Heather West, Senior Policy Manager for the Americas at Mozilla and Mieke Eoyang, Vice President of the National Security Program at Third Way. They discuss what Vault 7 means for encryption, the Apple v. FBI case, and the government’s “Vulnerabilities Equities Process” (VEP). For more, see Mozilla’s primer on VEP and its statement on Vault 7.

Episode Notes

Earlier this month, Wikileaks published 9,000 pages of hacked CIA files. The haul, dubbed “Vault 7,” catalogues some of the spy agency’s hacking techniques, including exploits of Android and iOS phones, and even Samsung Smart TVs. When the feds discover vulnerabilities in the products we use, should they tell the companies so they can patch things up? Or does the government sometimes need to keep these things secret for national security purposes? What are the trade-offs? Evan is joined by Heather West, Senior Policy Manager for the Americas at Mozilla and Mieke Eoyang, Vice President of the National Security Program at Third Way. They discuss what Vault 7 means for encryption, the Apple v. FBI case, and the government’s “Vulnerabilities Equities Process” (VEP).


For more, see Mozilla’s primer on VEP and its statement on Vault 7.