Ever since the revelations this past year regarding the NSA's domestic spying program, tech companies -- including Apple -- have been facing increased scrutiny about exactly how much access they've provided the US government to users' devices. On Sunday, German news site Der Spiegel published an in-depth article about the NSA's Tailored Access Operations (TAO) unit, which it used to gain access to foreign computer systems. However, the most frightening details for US citizens and iPhone users came via the revelation of a division named ANT and its program DROPOUTJEEP.
ANT collects methods of hacking into consumer electronics. According to Der Spiegel, DROPOUTJEEP is an ANT program that allows the NSA to spy on iPhone users. Today, Apple released a statement to our sister site TechCrunch, disavowing knowledge of the NSA's backdoor into the iPhone and promising that it has not worked with the agency to create such security breaches.
Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers' privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple's industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them.
Earlier this month, Apple joined a number of other tech companies to call for government surveillance reform. Programs like DROPOUTJEEP are at the heart of that call. Using DROPOUTJEEP, the NSA can access contacts, read SMS messages, locate phones via cell towers and activate a phone's microphone and cameras.
According to a leaked document shown below, the DROPOUTJEEP program must be manually loaded onto the phone before it can spy. The Der Spiegel report reveals that the TAO unit would intercept packages after they had been sent from manufacturers to install its various spy apps.