dropoutjeep
Latest
Apple officially denies helping NSA spy on iPhone users
Ever since the revelations this past year regarding the NSA's domestic spying program, tech companies -- including Apple -- have been facing increased scrutiny about exactly how much access they've provided the US government to users' devices. On Sunday, German news site Der Spiegel published an in-depth article about the NSA's Tailored Access Operations (TAO) unit, which it used to gain access to foreign computer systems. However, the most frightening details for US citizens and iPhone users came via the revelation of a division named ANT and its program DROPOUTJEEP. ANT collects methods of hacking into consumer electronics. According to Der Spiegel, DROPOUTJEEP is an ANT program that allows the NSA to spy on iPhone users. Today, Apple released a statement to our sister site TechCrunch, disavowing knowledge of the NSA's backdoor into the iPhone and promising that it has not worked with the agency to create such security breaches. Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers' privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple's industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them. Earlier this month, Apple joined a number of other tech companies to call for government surveillance reform. Programs like DROPOUTJEEP are at the heart of that call. Using DROPOUTJEEP, the NSA can access contacts, read SMS messages, locate phones via cell towers and activate a phone's microphone and cameras. According to a leaked document shown below, the DROPOUTJEEP program must be manually loaded onto the phone before it can spy. The Der Spiegel report reveals that the TAO unit would intercept packages after they had been sent from manufacturers to install its various spy apps.
Leaked documents detail 2008 NSA program to hack and remote control iPhones (video)
Part of security expert Jacob Appelbaum's Chaos Communications Congress presentation exposed NSA methods to hack systems via WiFi from long range, but we'll also point out another segment focusing on the Apple iPhone (embedded after the break, beginning at 44:30). Along with German news mag Der Spiegel, he mentioned a program called DROPOUTJEEP which developed malware to install on iPhones that can remotely access files on the devices including email, voicemails and SMS, or perform geolocation, hot mic, camera capture and more. While the documents dated to 2008, around the introduction of the iPhone, Appelbaum quoted the NSA QUANTUMTHEORY "toolbox" which claimed a 100 percent success rate at implanting this spyware. At the time, loading the tool required physical access to a phone but the team was already working on something it could load remotely. Details on more recently developed attacks don't seem to be part of the package, but another Der Spiegel report back in September mentioned an example of a target captured on camera via his iPhone as in 2012. Does this news have you looking for a way around prying eyes? Good luck, since other revelations have shown programs targeting Android devices as well as Blackberry's email servers and phones.
