[youtube=http://www.youtube.com/watch?v=b0w36GAyZIA&start=270]
The NSA could access almost all data stored on an iPhone, including location, text messages and contact lists – including the ability to activate both microphone and camera, according to a presentation by security researcher Jacob Appelbaum at the Chaos Communication Conference in Hamburg, Germany.
Appelbaum showed what he said were leaked NSA documents in which the agency claimed to have a “100 percent success rate” at installing spyware on iPhones. The documents date back to 2008, at which point the NSA needed physical access to an iPhone to install the spyware, but a remotely-installable version was said at the time to be in development.
Even needing physical access to the phone was seemingly not a barrier to the NSA …
An earlier leak described an NSA team known as Tailored Access Operations, whose job was to intercept technology shipments between supplier and customer in order to install spyware and reseal the packaging in a way that would be undetectable to the recipient. Reportedly the NSA could even install spyware in the firmware of hard drives, so that even reformatting the drive would not protect it.
Appelbaum says it is unclear whether Apple cooperated in allowing the exploit on which the spyware relies.
Either [the NSA] have a huge collection of exploits that work against Apple products, meaning they are hoarding information about critical systems that American companies produce, and sabotaging them, or Apple sabotaged it themselves.
Do you think Apple helped them with that? I hope Apple will clarify that.
Given the age of the documents, it is also unknown whether the exploit used still exists in current iPhones. It has been pointed out that back in 2008 iPhones did not have any kind of encryption, and all apps ran as root.
@apfeltalk those slides are from 2008, a time when the iPhone: 1. Didn't use any encryption and 2. Ran everything as root.
— Tobias Timpe (@tt) December 31, 2013
Apple previously denied granting access to its servers, though it was suggested that the denials by Apple and others appeared to have been carefully and consistently worded.
Apple and other tech companies wrote an open letter asking for the NSA’s powers to be limited, and asking to be allowed to provide greater transparency regarding any legally-required cooperation with the NSA. Tim Cook and other top tech execs subsequently had two meetings with President Obama to discuss the issue (among other things), the second of which took place earlier this month.
Via The Daily Dot via TechMeme
FTC: We use income earning auto affiliate links. More.
let’s be fair here. if you put aside bashing apple and some bad jokes about its “writing extremely bad software”, applebaum has just told that if having physical access, any iphone can be turned into a surveillance device. as much as that.
wow, what a surprise, considering any jailbreak is done exactly the same way.
let’s face it, this is not apple’s wrong doing, it is just the fact of life. later in the same lecture applebaum describes how any computer can be compromised if nsa has a physical access to it.
the bare fact is: with computing, if gained physical access, any device can be compromised. what a revelation, really, from a great security expert. :-/
You might want to change the title to “UNTIL 2008 THE NSA ONCE HAD…”
Utterly misleading title.
“Given the age of the documents, it is also unknown whether the exploit used still exists in current iPhones. It has been pointed out that back in 2008 iPhones did not have any kind of encryption, and all apps ran as root.”
The iPhone was certainly an easier target in 2008, but given the sophistication required to insert spyware into hard drive firmware, it would be naive to imagine that the NSA cannot tackle much tougher targets today.
and by the way, the title is out of context, hence wrong and misleading. boo, 9to5mac
Hmm. If a bad actor has PHYSICAL ACCESS TO INSTALL MALWARE ON YOUR DEVICE it can do a lot of things. This should be news to no one. This is not isolated to Apple products. I don’t know why this is a story. Oh. Right. The iPhone name appears in the headline. Silly me.
He would just say that would he not …
non-news …
policeman’s helmet comes to mind, and why they are pointed …