Get the Lowest Prices anywhere on Macs, iPads and Apple Watches: Apple Price Guides updated July 25th
 

 

CIA has waged 'secret campaign' to crack Apple's iOS security - report

Classified documents released by whistleblower Edward Snowden reveal that the Central Intelligence Agency has been engaged in a multi-year coordinated effort to crack the security of Apple's iOS platform, which powers and protects the iPhone and iPad.




Details on the CIA's efforts apparently come from an annual, secret agency meeting dubbed "The Trusted Computing Base Jamboree," where the latest progress was apparently revealed. Documents from that meeting were obtained by Snowden, and then provided to The Intercept.

In it, researchers from the U.S. government's "Sandia National Laboratories" are revealed to have allegedly targeted security keys on iOS in an effort to crack the platform and obtain user data. The agency is said to have looked into both physical methods, where access to the device is required, as well as remote efforts.

As part of the CIA's work, the agency is said to have created a modified version of Apple's Xcode developer tools. By "whacking" this software, security researchers were allegedly able to "sneak surveillance backdoors into any apps or programs created using the tool."

It was said that the CIA's cracked version of Xcode could allow the agency to obtain passwords, messages and other information from an infected device. The "whacked" Xcode could also disable core security features on Apple devices.

The CIA's efforts have also apparently targeted Apple's OS X platform for the Mac, as the documents claim the agency has modified Apple's updater tool to install a "keylogger."




It's unclear just how successful the CIA has been at truly penetrating iOS devices in the wild, or exactly how its research has been applied. Law enforcement officials, including the FBI Director James Comey, have decried the fact that encrypted data on an iPhone or iPad is not accessible, which, in Comey's words, allows users to "place themselves above the law."

Unsurprisingly, the CIA's annual "Jamboree" meetings have also delved into the security of other popular platforms. In particular, the documents released by Snowden also show Microsoft's BitLocker encryption system has been a target of CIA researchers.

Snowden has claimed for years that the U.S. National Security Agency has the capability of deploying software implants on the iPhone that could provide remote access to information like SMS text messages, location data, and microphone audio. The whistleblower also said earlier this year that he refuses to use an iPhone over spying concerns.

Apple, for its part, has vehemently defended itself, saying it has not cooperated in any government spying efforts and that it places its users' privacy above all else. In a statement issued in 2013, the company said it uses its resources "to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them."