New information has surfaced that points to evidence that the CIA has been attempting to hack Apple iPhone and iPad mobile software for years, looking for ways to spy on user data and insert backdoors. In a report given to The Intercept by Edward Snowden, it is clear that the CIA focused on cracking the security keys that encrypt personal data as well as looked for both “physical” and “non-invasive” ways to hack into the device’s firmware. If the device was hackable, spies could plant malware, harvest personal data, and more.
The new data was provided by a few security researchers who were providing reports on the work they were doing for the CIA in regards to hacking Apple iOS software. The data was presented at a top-secret computer security gathering called “Jamboree” which is held in complete secret and an undisclosed location. Talk about James Bond type stuff. At this meeting, participants discuss the hacking and security of common household electronics.
Also revealed at Jamboree is that the developers working with the CIA had developed a modified version of Xcode, which is the developer software for apps made to run on iOS. The modified version allowed the placement of “backdoors” that could “force all iOS applications to send embedded data to a listening post.”
It’s unclear if the CIA actually succeeded, however it’s clear that the agency was trying its very best. It’s a blow to American consumer confidence for sure – how can American citizens trust the integrity of American made devices? There has been tension in the past between the government and technology firms – is a means to an end always the best scenario? Is national security more important that personal privacy?
There has been an increasing amount of pressure between US and UK governments and technology corporations to allow the government to be able to bypass security for national defense purposes. Apple’s CEO Tim Cook has notably taken a strong stance on the side of privacy for individuals.
“If U.S. products are OK to target, that’s news to me,” says Matthew Green, a cryptography expert at Johns Hopkins University’s Information Security Institute. “Tearing apart the products of U.S. manufacturers and potentially putting backdoors in software distributed by unknowing developers all seems to be going a bit beyond ‘targeting bad guys.’ It may be a means to an end, but it’s a hell of a means.” (Quote taken from the story at Firstlook.org)