Spooks bragged at secret meeting about planting backdoors and key stroke loggers
Newly released documents obtained via NSA whistleblower Edward Snowden have revealed that the CIA attempted for a decade to gain access to data on Apple’s i devices as part of the intelligence establishment’s continued mass spying program.
“Studying both ‘physical’ and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware,” The Intercept report by Glenn Greenwald states.
The CIA set its sights on accessing user data on iPhones and iPads all over the globe, according to the documents, as well as attempting to introduce backdoors to the devices, in order to monitor them at will.
“This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.” the report notes.
Within the documents, CIA researchers brag that they have found a way to introduce surveillance backdoors into practically every mobile application downloaded via the Apple App Store.
The spooks say that they did this by creating a modified version of the Xcode integrated development environment, which is a Apple’s proprietary suite of tools used to develop software for OS X and iOS.
“The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.”
The CIA hackers also boasted that they had managed to modify Apple’s OS X updater, which is used to automatically update software and programs on Apple computers. The agents claimed that they had successfully installed a “keylogger” via the OS X updater, meaning keystrokes from users could be logged and analysed.
“The Intelligence Community (IC) is highly dependent on a very small number of security flaws, many of which are public, which Apple eventually patches,” the CIA researchers noted during a secret presentation.
The documents note that the CIA began the surveillance effort in 2006, while the first iPhone was still in development. The spooks bragged about the inroads they were making in 2011 at an event known as “Jamboree,” a hush hush confab for the “intelligence” community held at a Lockheed Martin facility inside an executive office park in northern Virginia. Continue reading