Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//20350112
6.1 (U) Confidence and Difficulty Estimates for Supporting a New
Device
(S) The CB team is often tasked with determining the confidence and difficulty of
supporting a new device. Confidence refers to the likelihood that a device could ever be
supported, regardless of the labor invested and the risk level associated with attempting to
support a device. Difficulty refers to the amount of labor that would need to be invested
to support the device.
(S) Confidence estimates are as follows:
• High – a similar device reference design or similar firmware version is already
supported. There is little risk of wasted labor in attempting to support the device.
• Medium – no similar device or reference design is currently supported, but the
firmware has signatures/sections/binaries that indicate support may be possible.
There is a moderate level of risk of wasted labor in attempting to support the
device.
• Low – no similar device or reference design is currently supported, and the
firmware has no signatures/sections/binaries that indicate support may be
possible. There is a high level of risk of wasted labor in attempting to support the
device.
(S) Difficulty estimates are as follows:
• Low/Easy – a similar device reference design or similar firmware version is
already supported. Firmwares ready for FAT can be created in less than a week.
• Medium – a similar device reference design or similar firmware version may
already be supported, but the device is lacking some essential quality or
component that will require additional labor to support. For example, the
firmware may include an additional header that must be reverse engineered.
Firmwares ready for FAT can be created (in accordance with the confidence risk
level) in a 1 week to 3 month timeframe.
• Hard – no similar device reference design or similar firmware version is currently
supported, and the device will require a serious reverse engineering effort.
Firmwares ready for FAT can be created (in accordance with the confidence risk
level) in a 3 month to 1 year timeframe.
(S) As an example, the “Wifi Devices.xls” lists the “Linksys/WRV200/v1/fw 1.0.12” as
Confidence=High, Difficulty=M with the comment “Can rebuild image with tools in
GPL source. Original kernel does not appear to have netfilter built in. Was able to build
new kernel with netfilter from GPL sources.” In this case, the availability of complete
GPL sources makes the confidence level high, but because the original firmware is
lacking an essential kernel component (netfilter), some additional labor is required,
elevating the difficulty level to medium.
26
SECRET//20350112