Skip to main content

National Security Agency

See All Stories

Former NSA and CIA chief says Apple is right on the bigger issue of encryption back door

hayden

Retired General Michael Hayden, former head of both the NSA and CIA, told USA Today that while he “trends toward the government” on the ‘master key‘ approach to the San Bernardino case, he thinks Apple is right that there should never be a back door to encryption. His remarks were made as Tim Cook called for the government to drop its demands that Apple help the FBI break into an iPhone.

Hayden went so far as to specifically call out FBI Director Jim Comey in his comments.

In this specific case, I’m trending toward the government, but I’ve got to tell you in general I oppose the government’s effort, personified by FBI Director Jim Comey. Jim would like a back door available to American law enforcement in all devices globally. And, frankly, I think on balance that actually harms American safety and security, even though it might make Jim’s job a bit easier in some specific circumstances.

Comey has repeatedly attacked Apple’s use of strong encryption on iPhones …


Expand
Expanding
Close

Site default logo image

Apple among those asking Obama to reject calls for government access to encrypted data

obama-apple-google

Apple and Google have co-signed a letter calling on President Obama to reject any government proposal to allow the government backdoor access to encrypted data on smartphones and other devices. The Washington Post says the letter, due to be delivered today, is signed by more than 140 tech companies, prominent technologists and civil society groups.

The signatories urge Obama to follow the group’s unanimous recommendation that the government should “fully support and not undermine efforts to create encryption standards” and not “in any way subvert, undermine, weaken or make vulnerable” commercial software.

Apple uses end-to-end encryption for iMessages, meaning that Apple has no way to access the data even if presented with a court order. Tim Cook stated last year “it’s encrypted, and we don’t have the key.”

The FBI has been pushing increasingly hard to require tech companies to build in backdoor access to their encryption systems to allow access by law enforcement, even going so far as to say that Apple could be responsible for the death of a child. U.S. Attorney General Eric Holder has also cited child safety as a justification for demanding access to encrypted data.

The letter calling on Obama to reject this argument is also signed by five members of a presidential review group appointed by Obama in 2013 to assess technology policies in the wake of leaks by former intelligence contractor Edward Snowden.

Many in the tech industry have pointed out that, aside from the obvious concerns over government intrusion into the private lives of its citizens, any backdoor used by the government could potentially be discovered and exploited by hackers and foreign governments.

Apple, Google & other large tech companies urge the White House & Congress not to renew the Patriot Act

Site default logo image

patriot-act-reform

Apple is one of ten tech giants to once again call on the US Government not to reauthorize the Patriot Act in its current form. The Act expires on 1st June unless it is renewed by Congress. Apple was joined by AOL, Dropbox, Evernote, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo.

In an open letter to President Obama, NSA Director Admiral Rogers and other prominent government figures, the companies urge Congress to end the bulk collection of communications metadata–the logs that determine how and when ordinary citizens contact each other.

The letter says that mass surveillance must end, and that a revised bill must contain mechanisms to ensure that future government surveillance is both transparent and accountable … 
Expand
Expanding
Close

Tim Cook talks Snowden, Apple Car and Steve Jobs as the best teacher he’s ever had

Site default logo image

2,w=993,c=0.bild

Tim Cook appears to be using his international tour, which so far includes Israel, Germany and the UK, to push a second product every bit as hard as the Apple Watch: privacy. In an interview with the German newspaper BILD posted yesterday (paywall), Cook went as far as to praise Edward Snowden for his role in prompting discussion of the issue.

If Snowden did anything for us at all, then it was to get us to talk more about these things. [Apple’s] values have always been the same.

The comments follow a meeting with German Chancellor Angela Merkel, at which data privacy was reportedly a key topic. Cook also told the Telegraph last week that “none of us should accept that the government or a company or anybody should have access to all of our private information.” Cook has in the past resisted FBI pressure to compromise its strong encryption, and was the only tech CEO to attend a recent White House cybersecurity summit.

In the BILD interview, Cook reiterated Apple’s stance on privacy, and also said that as Apple had grown larger, it had taken deliberate decisions to be less secretive about some aspects of its business … 
Expand
Expanding
Close

China accused of protectionism through new cybersecurity rules aimed at western tech companies

Site default logo image

apple-store-china

The NY Times reports that the Chinese government has adopted a set of supposed cybersecurity regulations on western companies selling technology to banks. These requirements are so absurd that it would be impossible for companies like Apple to comply.

The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China.

The paper reports that while the regulations are so far limited to sales to Chinese banks, they are merely the first in a series of new cybersecurity policies expected to be introduced in the coming months, and businesses fear that they are designed to protect local manufacturers from western companies. It was recently announced that Apple became the biggest smartphone seller in China in the final quarter of last year … 
Expand
Expanding
Close

Chinese government’s war on Apple escalates as it bans govt purchases

Site default logo image

businessinsider

After a Chinese state-run TV channel last month described the iPhone as a “national security concern” (a claim Apple denied), Bloomberg reports that the Chinese government has stepped up its war on Apple by removing the company’s products from its procurement lists.

Ten Apple products — including the iPad, iPad Mini, MacBook Air and MacBook Pro — were omitted from a final government procurement list distributed in July, according to officials who read it and asked not to be identified because the information isn’t public. The models were on a June version of the list drafted by the National Development and Reform Commission and Ministry of Finance, the officials said …


Expand
Expanding
Close

Site default logo image

Apple responds to iOS backdoor access claims, denies its existence

Screen Shot 2014-07-21 at 5.18.07 PM

Over the weekend, iOS security hacker Jonathan Zdziarski released a presentation claiming to show how Apple had purposefully made backdoor access points for a variety of system and user data on iOS devices, that would usually be locked and encrypted via the passcode. The legitimacy of the claims is still questionable.


Expand
Expanding
Close

Chinese state TV annoyed by NSA, takes it out on Apple

Site default logo image

The WSJ reports that the state-run China Central TV has described the iPhone as a “national security concern” due to its location-tracking capabilities.

In its national noon broadcast, state-run China Central Television criticized the “frequent locations” function in Apple’s iOS 7 mobile operating system, which tracks and records the time and location of the owner’s movements. The report quoted researchers who said that those with access to that data could gain knowledge of the broader situation in China or “even state secrets” …


Expand
Expanding
Close

EFF marks Apple’s ‘remarkable improvement’ in protecting customer data from governments

Site default logo image

Screen Shot 2014-05-15 at 3.26.29 PM

The Electronic Frontier Foundation (EFF) today published its annual “Who Has Your Back?” report that rates and compares how major corporations deal with government data requests. The EFF’s ranking of technology company data request transparency is notable because the organization is the “leading nonprofit organization defending civil liberties in the digital world.” The report ranks companies based on six categories: requires a warrant for content, tells users about data requests, publishes transparency reports, publishes law enforcement guidelines, fights for users’ privacy in courts, fights for users’ privacy for rights in Congress. This year, Apple received a star for each of the six categories. 

This compares to many other technology companies, including Google, Yahoo, and Facebook, that received stars across the board:


Expand
Expanding
Close

Site default logo image

Blink and you missed the tech stuff in the State of the Union address

[youtube=http://www.youtube.com/watch?v=arhBRouSmWs]

Technology got only the briefest and vaguest of mentions in last night’s State of the Union address, with little in the way of new commitments.

President Obama promised six more “hubs for hi-tech manufacturing,” adding to the two hardly anyone had heard of in Raleigh and Youngstown that “connected businesses to research universities that can help America lead the world in advanced technologies.” The government apparently kicked in $100M in funding for research into 3D printing and energy-efficient chips. Nothing was said about where the new hubs would be or what they would do.

Aside from that, there was a pledge to connect 99 percent of schools to high-speed broadband over the next four years, which doesn’t seem an overly ambitious deadline for something so basic; generalised promises to reform the NSA; and a plea for Congress to reverse cuts to government research funding.

A one-line mention of possible patent reform, with no firm pledge. Nothing on net neutrality. ISP or carrier monopolies and collusion. Nothing on tightening rules on data security in the wake of large-scale credit card compromises. Not much on immigration reform, to help tech companies hire the people they need. And no specific pledges on limiting the powers of the NSA.

Is is just me, or is it odd to spend so much time talking about the economy and job-creation, but so little on steps to help the industry that is expected to drive much of that growth?

Apple did get a brief name-check, as one of the companies supporting the high-speed broadband initiative.

Tonight, I can announce that with the support of the FCC and companies like Apple, Microsoft, Sprint, and Verizon, we’ve got a down payment to start connecting more than 15,000 schools and twenty million students over the next two years, without adding a dime to the deficit.

In a statement to The Loop, Apple said that it was contributing hardware, software and expertise to the project.

We are proud to join President Obama in this historic initiative to transform America’s schools. Apple has a long history in education, and we have pledged to contribute MacBooks, iPads, software and our expertise to support the ConnectED project. We look forward to announcing more details with the White House soon.

NSA had almost total access to iPhones, including microphone & camera, says security researcher

Site default logo image

[youtube=http://www.youtube.com/watch?v=b0w36GAyZIA&start=270]

The NSA could access almost all data stored on an iPhone, including location, text messages and contact lists – including the ability to activate both microphone and camera, according to a presentation by security researcher Jacob Appelbaum at the Chaos Communication Conference in Hamburg, Germany.

Appelbaum showed what he said were leaked NSA documents in which the agency claimed to have a “100 percent success rate” at installing spyware on iPhones. The documents date back to 2008, at which point the NSA needed physical access to an iPhone to install the spyware, but a remotely-installable version was said at the time to be in development.

Even needing physical access to the phone was seemingly not a barrier to the NSA … 
Expand
Expanding
Close

Apple details how it handles customer data, discloses government information request stats

Site default logo image

Screen Shot 2013-11-05 at 3.46.17 PM

In light of the recent reporting in regards to the NSA and governments across the world and their connection to the data that technology companies hold on their customers, Apple has published a lengthy document detailing its customer privacy policies.

We believe that our customers have a right to understand how their personal information is handled, and we consider it our responsibility to provide them with the best privacy protections available. Apple has prepared this report on the requests we receive from governments seeking information about individual users or devices in the interest of transparency for our customers around the world. This report provides statistics on requests related to customer accounts as well as those related to specific devices. We have reported all the information we are legally allowed to share, and Apple will continue to advocate for greater transparency about the requests we receive.

Additionally, the company has published charts that detail how many customer data requests it has received Between the beginning of January and end of June this year from governments.

Breakdown of important details:


Expand
Expanding
Close

Site default logo image

Apple reiterates it cannot read user iMessages, has no plans to do so

imessage

Update: Fresh Apple statement added

The immunity of iMessages from government surveillance has been cast into doubt by QuarksLab security researchers presenting at the Hack in the Box conference in Kuala Lumpur.

A leaked DEA document had pointed to the impossibility of intercepting iMessages even with a court order, a point that was confirmed by an apparently categorical Apple statement:

Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data.

The researchers reverse-engineered the iMessage protocol and confirmed that the claim was true. However, they identified that Apple needed to hold the encryption keys on its own servers, and that simply by changing these keys, it could enable access to the message content.

They can change a key anytime they want, thus read the content of our iMessages.

The researchers were keen to stress that they do not believe Apple is doing, or has ever done, this – but rather that it could do so if the NSA or another government agency were to require it. Only messages sent after Apple changed the keys would be accessible.

Apple has since issued a statement to AllThingsD:

“iMessage is not architected to allow Apple to read messages,” said Apple spokeswoman Trudy Muller said (sic) in a statement to AllThingsD. “The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so.”

This is, though, merely a weaker version of its earlier statement. Then, it said it couldn’t read iMessages, now it is saying that it could, but it would require work and it has no intention of doing so. That Apple would not willingly do so was never in doubt: the point is that the NSA could force it to. A demonstration from QuarksLab is below:

[youtube=https://www.youtube.com/watch?v=EbqZnTKDVU0]

When the NSA PRISM story broke, it led to a raft of denials in what some security researchers say was carefully-crafted language. Apple, among other companies, was clearly unhappy about the secrecy imposed on it and gained permission to reveal some numbers on government requests for customer data. A meeting was subsequently held at the White House in which Tim Cook and other tech CEOs met with President Obama to discuss the issue. Details of the discussions were not made public.

Apple and other tech companies deny PRISM surveillance claims, NSA says claims ‘inaccurate’ and not used domestically

Site default logo image

PRISM-slide

Claims made by The Washington Post that the National Security Agency was tapping into the servers of nine tech companies for details of user activity have been denied by Apple and most of the other companies alleged to be involved.

“We have never heard of PRISM,” said Steve Dowling, a spokesman for Apple. “We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order.”

Similar denial statements have been issued by Yahoo, Dropbox, Google, Microsoft and Facebook.

The Post published slides from what it said was a Powerpoint presentation detailing the top-secret program, in which it was implied that the companies listed were knowing participants … 
Expand
Expanding
Close