Weeping Angel (noun):
1. A terrifying monster from the popular UK sci-fi series “Doctor Who,” which resembles a harmless winged statue — until you blink or look away.
2. An alleged spying tool, co-developed by the CIA and the UK’s MI5 security agency, which lets a Samsung Smart TV (specifically, the F8000 Smart TV) pretend to turn itself off — and record your conversations — when you’re not using the screen.
On Tuesday, WikiLeaks released thousands of documents that purportedly show how the CIA is able to spy on our phones, computers and other gadgets. CNET is unable to verify if the documents are real or have been altered, so we’re not jumping to conclusions. (Samsung didn’t immediately respond to a request for comment.)
But clearly, the idea that your Samsung TV might be spying on you is one of the more startling claims. And yet it may not be that simple. If we’re reading the WikiLeaks documents correctly, there’s no proof that the CIA ever finished refining this tool.
Here’s what we do and don’t know about the so-called “Weeping Angel” hack.
What we ‘know’ about the Samsung TV hacks
Assuming the WikiLeaks documents are entirely legit, here’s what we know:
In June 2014, the CIA and UK’s MI5 held a joint workshop to improve the “Weeping Angel” hack, which appears to have specifically targeted Samsung’s F8000 series TVs released in 2013.
A “Fake-Off” mode was developed to trick users into thinking their TV was off (by turning off the screen and front LEDs), while still recording voice conversations. Based on what we know about the TV, the hack would have tapped into the microphone located in TV’s accompanying remote.
The good news is that TVs couldn’t be hacked remotely, over the internet. The group was installing the hack by using a USB thumb drive physically plugged into the TV. In addition:
- The hack only worked on certain firmware versions of the same TV. It was successfully tested on TVs running firmware versions 1111, 1112, and 1116, but there wasn’t yet a way to hack version 1118 and newer.
- They had not yet figured out a way to turn off the blue LED on the back of the TV, or show the traditional Samsung logos — which might tip off a user who tried to “turn the TV back on.”
- The TV’s Wi-Fi connection couldn’t be forced to remain on — which meant a user would have to plug a physical Ethernet cable into the TV, or else the software would have to wait for a user to turn the TV back on (and keep Wi-Fi enabled) in order to spy over the internet.
- The CIA was working on a way to keep the TV from automatically updating itself — and thus patching the vulnerability — but hadn’t yet implemented it.
- They couldn’t yet eavesdrop in real time, or take screenshots of what a user was looking at on the TV, but they were planning both of those features.
What we don’t know
Literally anything that might have happened with Weeping Angel after 2014. We don’t know…
- If the CIA and MI5 decided to target newer Samsung TVs as well, or TVs from other brands.
- If they found ways to hack TVs over the internet and keep them hacked indefinitely.
- If they found workarounds for newer firmware versions.
- If they have other capabilities.
- If the CIA or MI5 ever actually used the hack to spy on people.
- If Samsung might have patched the original vulnerabilities entirely by now.
- If the CIA gave up entirely on the project after June 2014.
- If turning off your Samsung’s voice-recognition feature or its Wi-Fi connection would do anything to stop the hack (though it probably can’t hurt).
Assuming the documents are legit, we only have a nearly three-year-old snapshot of what two spy agencies were doing to a single range of TVs, back in the day.
It’s not a lot to go on, but we’ll let you know if we get more info.