SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
iSpy: How the CIA Targeted Apple
New documents and reporting by The Intercept detail sustained attempt to break encryption of iPhone and iPad
Mar 10, 2015
New reporting by The Intercept published Tuesday reveals a years-long effort by the Central Intelligence Agency, alongside partners both inside and outside of government, to crack the digital security systems of the Apple's signature iPhone and iPad products.
Citing top-secret documents leaked to journalists by Edward Snowden, the latest reporting by Jeremy Scahill and Josh Begley reveals the determination of researchers working for the U.S. spy agency to break through Apple's encryption system for its widely used portable devices, both of which operate on the company's iOS operating platform.
According to Scahill and Begley:
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the "Jamboree," where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.
By targeting essential security keys used to encrypt data stored on Apple's devices, the researchers have sought to thwart the company's attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both "physical" and "non-invasive" techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple's encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.
In addition, the report makes reference to attempts by CIA operatives to create a "modified version" of Apple's proprietary app development software, called Xcode, upon which outside app developers can create new tools for both iPhone and iPad. The reporting says it remains unclear how unwitting developers might be tricked into using the altered version--one researcher quoted in the document described this process as "whacking" the code--but according to the documents, if installed, a backdoor service in the code would "force all iOS applications to send embedded data to a listening post."
In addition, the CIA researchers claimed the software, could perform these functions as well:
- "Entice" all Mac applications to create a "remote backdoor" allowing undetected access to an Apple computer.
- Secretly embed an app developer's private key into all iOS applications. (This could potentially allow spies to impersonate the targeted developer.)
- Disable core security features on Apple devices.
Scahill and Begley point out that Apple is among the tech companies that has most consistently and publicly resisted the government's efforts to exploit the encryption of private computer systems and personal devices.
"Perhaps more than any other corporate leader," they write, "Apple's CEO, Tim Cook, has taken a stand for privacy as a core value, while sharply criticizing the actions of U.S. law enforcement and intelligence agencies."
The new reporting also makes clear that private defense contractors are playing an outsized role in providing research and other assistance to government agencies in developing and executing these clandestine programs. For this program aimed at Apple's encryption, weapons and aerospace giant Lockheed Martin is singled out as a significant player, which owns the Sandia Lab that hosted the Apple hacking "jamboree" and whose researchers apparently contributed to the program.
"Lockheed Martin's role in these activities should not be surprising given its leading role in the national surveillance state," William Hartung, director of the Arms and Security Project at the Center for International Policy and author of Prophets of War, told The Intercept. "It is the largest private intelligence contractor in the world, and it has worked on past surveillance programs for the Pentagon, the CIA and the NSA. If you're looking for a candidate for Big Brother, Lockheed Martin fits the bill."
Though Scahill and Begley acknowledge the documents "do not address how successful the targeting of Apple's encryption mechanisms have been nor do they provide any detail about the specific use of such exploits," the existence of these efforts, they argue, does reveal the "ongoing campaign aimed at defeating the tech giant's efforts to secure its products, and in turn, its customers' private data."
Read the full article here. And the documents themselves can be viewed here.
An Urgent Message From Our Co-Founder
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission has always been simple: To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It's never been this bad out there. And it's never been this hard to keep us going. At the very moment Common Dreams is most needed, the threats we face are intensifying. We need your support now more than ever. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Will you donate now to make sure Common Dreams not only survives but thrives? —Craig Brown, Co-founder |
Our work is licensed under Creative Commons (CC BY-NC-ND 3.0). Feel free to republish and share widely.
New reporting by The Intercept published Tuesday reveals a years-long effort by the Central Intelligence Agency, alongside partners both inside and outside of government, to crack the digital security systems of the Apple's signature iPhone and iPad products.
Citing top-secret documents leaked to journalists by Edward Snowden, the latest reporting by Jeremy Scahill and Josh Begley reveals the determination of researchers working for the U.S. spy agency to break through Apple's encryption system for its widely used portable devices, both of which operate on the company's iOS operating platform.
According to Scahill and Begley:
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the "Jamboree," where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.
By targeting essential security keys used to encrypt data stored on Apple's devices, the researchers have sought to thwart the company's attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both "physical" and "non-invasive" techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple's encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.
In addition, the report makes reference to attempts by CIA operatives to create a "modified version" of Apple's proprietary app development software, called Xcode, upon which outside app developers can create new tools for both iPhone and iPad. The reporting says it remains unclear how unwitting developers might be tricked into using the altered version--one researcher quoted in the document described this process as "whacking" the code--but according to the documents, if installed, a backdoor service in the code would "force all iOS applications to send embedded data to a listening post."
In addition, the CIA researchers claimed the software, could perform these functions as well:
- "Entice" all Mac applications to create a "remote backdoor" allowing undetected access to an Apple computer.
- Secretly embed an app developer's private key into all iOS applications. (This could potentially allow spies to impersonate the targeted developer.)
- Disable core security features on Apple devices.
Scahill and Begley point out that Apple is among the tech companies that has most consistently and publicly resisted the government's efforts to exploit the encryption of private computer systems and personal devices.
"Perhaps more than any other corporate leader," they write, "Apple's CEO, Tim Cook, has taken a stand for privacy as a core value, while sharply criticizing the actions of U.S. law enforcement and intelligence agencies."
The new reporting also makes clear that private defense contractors are playing an outsized role in providing research and other assistance to government agencies in developing and executing these clandestine programs. For this program aimed at Apple's encryption, weapons and aerospace giant Lockheed Martin is singled out as a significant player, which owns the Sandia Lab that hosted the Apple hacking "jamboree" and whose researchers apparently contributed to the program.
"Lockheed Martin's role in these activities should not be surprising given its leading role in the national surveillance state," William Hartung, director of the Arms and Security Project at the Center for International Policy and author of Prophets of War, told The Intercept. "It is the largest private intelligence contractor in the world, and it has worked on past surveillance programs for the Pentagon, the CIA and the NSA. If you're looking for a candidate for Big Brother, Lockheed Martin fits the bill."
Though Scahill and Begley acknowledge the documents "do not address how successful the targeting of Apple's encryption mechanisms have been nor do they provide any detail about the specific use of such exploits," the existence of these efforts, they argue, does reveal the "ongoing campaign aimed at defeating the tech giant's efforts to secure its products, and in turn, its customers' private data."
Read the full article here. And the documents themselves can be viewed here.
New reporting by The Intercept published Tuesday reveals a years-long effort by the Central Intelligence Agency, alongside partners both inside and outside of government, to crack the digital security systems of the Apple's signature iPhone and iPad products.
Citing top-secret documents leaked to journalists by Edward Snowden, the latest reporting by Jeremy Scahill and Josh Begley reveals the determination of researchers working for the U.S. spy agency to break through Apple's encryption system for its widely used portable devices, both of which operate on the company's iOS operating platform.
According to Scahill and Begley:
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the "Jamboree," where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.
By targeting essential security keys used to encrypt data stored on Apple's devices, the researchers have sought to thwart the company's attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both "physical" and "non-invasive" techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple's encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.
In addition, the report makes reference to attempts by CIA operatives to create a "modified version" of Apple's proprietary app development software, called Xcode, upon which outside app developers can create new tools for both iPhone and iPad. The reporting says it remains unclear how unwitting developers might be tricked into using the altered version--one researcher quoted in the document described this process as "whacking" the code--but according to the documents, if installed, a backdoor service in the code would "force all iOS applications to send embedded data to a listening post."
In addition, the CIA researchers claimed the software, could perform these functions as well:
- "Entice" all Mac applications to create a "remote backdoor" allowing undetected access to an Apple computer.
- Secretly embed an app developer's private key into all iOS applications. (This could potentially allow spies to impersonate the targeted developer.)
- Disable core security features on Apple devices.
Scahill and Begley point out that Apple is among the tech companies that has most consistently and publicly resisted the government's efforts to exploit the encryption of private computer systems and personal devices.
"Perhaps more than any other corporate leader," they write, "Apple's CEO, Tim Cook, has taken a stand for privacy as a core value, while sharply criticizing the actions of U.S. law enforcement and intelligence agencies."
The new reporting also makes clear that private defense contractors are playing an outsized role in providing research and other assistance to government agencies in developing and executing these clandestine programs. For this program aimed at Apple's encryption, weapons and aerospace giant Lockheed Martin is singled out as a significant player, which owns the Sandia Lab that hosted the Apple hacking "jamboree" and whose researchers apparently contributed to the program.
"Lockheed Martin's role in these activities should not be surprising given its leading role in the national surveillance state," William Hartung, director of the Arms and Security Project at the Center for International Policy and author of Prophets of War, told The Intercept. "It is the largest private intelligence contractor in the world, and it has worked on past surveillance programs for the Pentagon, the CIA and the NSA. If you're looking for a candidate for Big Brother, Lockheed Martin fits the bill."
Though Scahill and Begley acknowledge the documents "do not address how successful the targeting of Apple's encryption mechanisms have been nor do they provide any detail about the specific use of such exploits," the existence of these efforts, they argue, does reveal the "ongoing campaign aimed at defeating the tech giant's efforts to secure its products, and in turn, its customers' private data."
Read the full article here. And the documents themselves can be viewed here.
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.