Skip to main content

NSA

See All Stories

NSA had almost total access to iPhones, including microphone & camera, says security researcher

Site default logo image

[youtube=http://www.youtube.com/watch?v=b0w36GAyZIA&start=270]

The NSA could access almost all data stored on an iPhone, including location, text messages and contact lists – including the ability to activate both microphone and camera, according to a presentation by security researcher Jacob Appelbaum at the Chaos Communication Conference in Hamburg, Germany.

Appelbaum showed what he said were leaked NSA documents in which the agency claimed to have a “100 percent success rate” at installing spyware on iPhones. The documents date back to 2008, at which point the NSA needed physical access to an iPhone to install the spyware, but a remotely-installable version was said at the time to be in development.

Even needing physical access to the phone was seemingly not a barrier to the NSA … 
Expand
Expanding
Close

Site default logo image

Quick video: Tim Cook & other CEOs meet w/ Obama to discuss healthcare.gov, NSA surveillance, House of Cards

Update: Bloomberg caught up with Tim Cook on his way out of the White House today and reports Cook described the talk as “a great meeting.” Video report below.

Following yesterday’s announcement that Apple CEO Tim Cook along with other tech executives would be meeting with President Obama today, we now have some of the first images from inside the meeting.

While Politico’s report is light on details regarding what was discussed at the meeting, we get a brief video clip below showing Cook seated across from Obama (and next to Google chairman Eric Schmidt and Netflix CEO Reed Hastings) as the President makes a joke about if Hastings brought advanced copies of Netflix show “House of Cards.”

“I’m just wondering if you brought advance copies of ‘House of Cards’?” Obama said to Netflix head Reed Hastings. The executive laughed and invited the president to show up for a cameo, according to a pool report.

“I wish things were that ruthlessly efficient,” Obama said in reference to the show and its Machiavellian lead character. “This guy’s getting a lot of stuff done.”

It looks like cameras were asked to leave following the brief introduction, but on top of the expected discussions regarding the controversial launch of Healthcare.gov, the report also notes that “industry leaders made it clear they wanted to prioritize” issues related to NSA surveillance programs. The White House also announced today following the meeting that it has hired former Microsoft Office exec Kurt DelBene to oversee fixing issues that still exist with the Healthcare.gov website.

[ooyala code=”5veDlvaTolNHDp-9WOJlT-ckxr-ot8Cm” player_id=”null”]

Apple joins tech titans in calling for government spying reform and limitations

Site default logo image

PRISM-slide

The Wall Street Journal reports that Apple has joined Microsoft, Twitter, Google, Yahoo!, Facebook, and other giants in the tech industry in calling for a reform of the NSA’s surveillance tactics. Earlier this year it was revealed that the National Security Agency was using information from these companies and more to monitor citizens across the nation without warrants.

The companies allegedly involved in the “PRISM” program denied turning over any user data to the government, but a leaked NSA slidedeck (seen above) seemed to imply the opposite.

The new collaborative campaign, called Reform Government Surveillance, cites five driving principles in its drive to curb excessive government spying:


Expand
Expanding
Close

Site default logo image

Apple and other leading tech companies support USA Freedom Act to limit NSA powers

nsa1

Apple, Google, Facebook, Microsoft, Yahoo and AOL have all signed an open letter expressing support for the USA Freedom Act co-sponsored by Democrat Senator Patrick Leahy and Republican Representative Jim Sensenbrenner. The Act, if passed, would outlaw the NSA’s speculative bulk collection of data and allow the companies to be far more transparent about the data they are obliged to make available to the government.

As companies whose services are used by hundreds of millions of people around the world, we welcome the debate about how to protect both national security and privacy interests and we applaud the sponsors of the USA Freedom Act for making an important contribution to this discussion.

The companies had previously complained that gag orders forced them to issue denials that were technically true but misleading. They had asked to be allowed to release more specific figures about the number of demands they receive for personal data.

This letter goes further, in supporting moves to actually limit the powers the government would have to gain access to the data in the first place.

Transparency is a critical first step to an informed public debate, but it is clear that more needs to be done. Our companies believe that government surveillance practices should also be reformed to include substantial enhancements to privacy protections and appropriate oversight and accountability mechanisms for those programs.

In introducing the bill, Senator Leahy said “The government surveillance programs conducted under the Foreign Surveillance Intelligence Act are far broader than the American people previously understood. Modest transparency and oversight provisions are not enough.”

The Verge reports that Google is tightening the security of its internal networks, and that Twitter has already moved to encrypt direct messages.

Full text of the open letter below.


Expand
Expanding
Close

Site default logo image

Apple reiterates it cannot read user iMessages, has no plans to do so

imessage

Update: Fresh Apple statement added

The immunity of iMessages from government surveillance has been cast into doubt by QuarksLab security researchers presenting at the Hack in the Box conference in Kuala Lumpur.

A leaked DEA document had pointed to the impossibility of intercepting iMessages even with a court order, a point that was confirmed by an apparently categorical Apple statement:

Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data.

The researchers reverse-engineered the iMessage protocol and confirmed that the claim was true. However, they identified that Apple needed to hold the encryption keys on its own servers, and that simply by changing these keys, it could enable access to the message content.

They can change a key anytime they want, thus read the content of our iMessages.

The researchers were keen to stress that they do not believe Apple is doing, or has ever done, this – but rather that it could do so if the NSA or another government agency were to require it. Only messages sent after Apple changed the keys would be accessible.

Apple has since issued a statement to AllThingsD:

“iMessage is not architected to allow Apple to read messages,” said Apple spokeswoman Trudy Muller said (sic) in a statement to AllThingsD. “The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.”

This is, though, merely a weaker version of its earlier statement. Then, it said it couldn’t read iMessages, now it is saying that it could, but it would require work and it has no intention of doing so. That Apple would not willingly do so was never in doubt: the point is that the NSA could force it to. A demonstration from QuarksLab is below:

[youtube=https://www.youtube.com/watch?v=EbqZnTKDVU0]

When the NSA PRISM story broke, it led to a raft of denials in what some security researchers say was carefully-crafted language. Apple, among other companies, was clearly unhappy about the secrecy imposed on it and gained permission to reveal some numbers on government requests for customer data. A meeting was subsequently held at the White House in which Tim Cook and other tech CEOs met with President Obama to discuss the issue. Details of the discussions were not made public.

Site default logo image

NSA references original Macintosh ad in calling Steve Jobs Big Brother and iPhone owners zombies

nsa2

An NSA presentation leaked by NSA whistle-blower Edward Snowden pointing to the potential of smartphones for government surveillance suggest that Steve Jobs was an unwitting Big Brother figure by popularizing the devices and iPhone owners zombies for buying them.

The reference, made in slides leaked to German news site Spiegel, is to the 1984 ad (below) created for the launch of the original Macintosh.

About 130 million people in the US have [a smartphone]. The mini-computers have become personal communication centers, digital assistants and life coaches, and they often know more about their users than most users suspect.

For an agency like the NSA, the data storage units are a goldmine, combining in a single device almost all the information that would interest an intelligence agency: social contacts, details about the user’s behavior and location, interests (through search terms, for example), photos and sometimes credit card numbers and passwords.

The 2010 presentation, Exploring Current Trends, Targets and Techniques, describes steps the NSA was taking to hack into iOS, Android and Blackberry devices, and refers to the range of data it is possible to extract.

Under the heading “iPhone capability,” the NSA specialists list the kinds of data they can analyze in these cases. The document notes that there are small NSA programs, known as “scripts,” that can perform surveillance on 38 different features of the iPhone 3 and 4 operating systems. They include the mapping feature, voicemail and photos, as well as the Google Earth, Facebook and Yahoo Messenger applications.

The presentation does not suggest that any of the smartphone or online companies were complicit in allowing access to user data, although it has been suggested that denials made by Apple and others in regard to server access via the PRISM program may have been a matter of careful wording.

The slides include two stills from the original Macintosh ad from 1984. Apple famously aired the ad just once, relying on TV stations repeating it in news reports at no cost to Apple.

http://www.youtube.com/watch?v=g_d5R6Il0II

President Obama meets with Tim Cook, other execs over government surveillance

Site default logo image

Tim-Cook-02-Senate-taxes

U.S. President Barack Obama met with Apple CEO Tim Cook and other technology company executives today to discuss government surveillance, according to a report from Politico. Earlier this week, according to the report, the President and his staff began holding confidential meetings about surveillance tactics and topics such as the recent NSA-related controversies with company executives and other members of pertinent organizations.

Those invited were mostly senior executives, including Cook, Stephenson and Cerf, as well as representatives of groups like the Center for Democracy and Technology and Gigi Sohn, the leader of Public Knowledge, according to three sources familiar with the meeting. Each declined comment for this story.

The report names AT&T CEO Randall Stephenson and former Google Vice President Vint Serf as the other technology community members involved in the meetings. Serf recently was appointed by President Obama to the National Science Board, and Serf is also known as a pioneer of the internet…


Expand
Expanding
Close

Site default logo image

Apple, Google, and more join forces to request NSA data be made public

The NSA's $2b data centre in Bluffdale, Utah (source: businessweek.com)

The NSA’s $2b data centre in Bluffdale, Utah (source: businessweek.com)

After having their reputation damaged by the National Security Agency controversy earlier this year, Apple, Microsoft, Google, Facebook, and many more are joining forces to demand more transparency regarding NSA requests and surveillance (via AllThingsD).

The 63 companies, investors, and non-profit organizations are pleading with the U.S. government to allow Internet, phone, and other service providers to share the requests that they receive for user data, including:

  • The number of government requests for information about their users
  • The number of individuals, accounts, or devices for which information was requested
  • The number of requests that sought communications content, basic subscriber information, and/or other information.

The companies claim that the NSA request data should be published just like the law enforcement information has been for years.

“Basic information about how the government uses its various law enforcement–related investigative authorities has been published for years without any apparent disruption to criminal investigations,” a copy of the letter reads. “We seek permission for the same information to be made available regarding the government’s national security–related authorities.


Expand
Expanding
Close

Apple responds to accusations of sharing customer data with U.S. government

Site default logo image

Apple published an open letter late Sunday night responding to recent allegations that the company had given customers’ personal information, including phone call logs, to the U.S. government as part of the National Security Agency’s secret “PRISM” program.

In the letter, Apple notes that the government had in fact issued several thousand requests for such information, but that Apple’s legal department had carefully examined each request and turned over only the smallest amount of information necessary, sometimes rejecting requests outright.

From December 1, 2012 to May 31, 2013, Apple received between 4,000 and 5,000 requests from U.S. law enforcement for customer data. Between 9,000 and 10,000 accounts or devices were specified in those requests, which came from federal, state and local authorities and included both criminal investigations and national security matters. The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer’s disease, or hoping to prevent a suicide.

Apple has placed a link to the full letter at the bottom of their home page, or you can read the entire thing after the break.
Expand
Expanding
Close