Skip to main content

CIA

See All Stories

Apple engineers working to address remaining CIA exploits, but two factors hampering efforts [U]

Site default logo image

Update: AP reports that Wikileaks has decided to address the first problem by giving tech companies details of the tools.

The WSJ reports that Apple engineers are working to address the remaining iOS exploits reportedly used by the CIA, but they and other tech companies are being hampered by two factors. The first is lack of any access to the code itself.

Apple engineers quickly began calling colleagues to bring them up to speed on the data dump and to coordinate the company’s response to this new security threat, according to a person familiar with the situation […]

Companies now find themselves in a difficult position: They believe that at least two organizations have access to hacking code that exploits their products — the CIA and WikiLeaks — but neither one is sharing this software …


Expand
Expanding
Close

CIA has hacking unit devoted to iOS malware; has lost control of most of it – Wikileaks [U]

Site default logo image

Update: Edward Snowden has tweeted that the code names are real and would only be known by a cleared insider. The BBC has reported that some of the iOS malware allows ‘the agency to see a target’s location, activate their device’s camera and microphone, and read text communications.’

Wikileaks claims that the U.S. Central Intelligence Agency has a specialized unit within its Center for Cyber Intelligence that is devoted to developing and obtaining zero-day exploits for iOS devices. A zero-day exploit is one unknown to Apple or security researchers, so cannot specifically be protected against.

Despite iPhone’s minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA’s Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA’s arsenal includes numerous local and remote “zero days” developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.

Wikileaks further claims that the CIA recently ‘lost control’ of the majority of the malware used to attack iPhones and iPads …


Expand
Expanding
Close

Site default logo image

Ex-CIA director: Apple ‘generally in the right’ on encryption, FBI not ‘very good telephone designers’

Speaking with CNBC’s Squawk Box, former CIA director James Woolsey gave his personal thoughts on the FBI’s request to have Apple unlock an iPhone used by one of the San Bernardino killers. Telling CNBC that the last time he looked into the situation with care, the former CIA head said he felt as though the FBI was attempting to get a right to effectively decide what kind of operating system Apple would have. Stating it wasn’t about getting into one phone, but rather to change “an important aspect of Apple’s operating system.”


Expand
Expanding
Close

Former NSA and CIA chief says Apple is right on the bigger issue of encryption back door

Retired General Michael Hayden, former head of both the NSA and CIA, told USA Today that while he “trends toward the government” on the ‘master key‘ approach to the San Bernardino case, he thinks Apple is right that there should never be a back door to encryption. His remarks were made as Tim Cook called for the government to drop its demands that Apple help the FBI break into an iPhone.

Hayden went so far as to specifically call out FBI Director Jim Comey in his comments.

In this specific case, I’m trending toward the government, but I’ve got to tell you in general I oppose the government’s effort, personified by FBI Director Jim Comey. Jim would like a back door available to American law enforcement in all devices globally. And, frankly, I think on balance that actually harms American safety and security, even though it might make Jim’s job a bit easier in some specific circumstances.

Comey has repeatedly attacked Apple’s use of strong encryption on iPhones …


Expand
Expanding
Close

Snowden: The CIA has been working “for years” to break iPhone, iPad and Mac security

Site default logo image

Update: One of the approaches suggested – modifying Xcode to inject malware – has now been used, though we don’t at this stage know who was responsible.

The Central Intelligence Agency has conducted “a multi-year, sustained effort to break the security of Apple’s iPhones and iPads,” claims The Intercept, referencing new Snowden leaks of a document from the CIA’s internal wiki system.

A presentation on the attempts, focusing on breaking Apple’s encryption of iOS devices, was said to have been delivered at an annual CIA conference called the Jamboree.

Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.

One route reportedly taken by the CIA was to create a modified version of Xcode, which would allow it to compromise apps at the point at which they are created … 
Expand
Expanding
Close

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications