Apple Denies NSA Backdoor For iPhone

Apple’s hugely popular iPhone is reportedly a target for exploitation by the US National Security Agency.

This is according to a presentation at the Chaos Communications Congress in Hamburg, Germany, on 30 December, where security researcher Jacob Appelbaum discussed multiple exploits in the NSA’s catalogue of vulnerable devices and systems.

Apple Backdoor?

Appelbaum’s talk complemented a report he helped to author in the German publication Der Spiegel over the weekend. The report includes new revelations from NSA whistleblower Edward Snowden about US surveillance operations and capabilities.

The report details the NSA’s Tailored Operations Unit (TAO) as well as a listing of vulnerable technologies. According to the report, a program referred to as “DROPOUTJEEP” is available to NSA agents to surveil Apple iOS users. The program enables the government to both send files to and receive files from the exploited devices as well as gain access to the devices’ contact lists, cameras and microphones.

During his presentation, Appelbaum raised the question of how the Apple devices were exploited.

“The NSA claims that anytime they target an iOS device, it will succeed,” Appelbaum said. “So either they have a huge collection of exploits against Apple products, meaning they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves.”

Appelbaum added that he’s not sure what the answer is and it could just well be that Apple writes buggy software. Apple’s iOS does have a history of security bugs throughout its existence.

Apple is publicly denying the accusation that it has directly worked with the NSA. In a statement sent to media outlets, Apple stated that it has never worked with the NSA to create a backdoor in any of its products, including the iPhone.

“We have been unaware of this alleged NSA program targeting our products,” Apple stated. “We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.”

Smartphone Spying

The DROPOUTJEEP data slide that Appelbaum presented is dated from October 2008. Multiple researchers in the security community have been able to publicly demonstrate exploits against iOS both before and after 2008.

At the Black Hat USA 2007 event, security researcher Charlie Miller publicly presented a batch of Apple iPhone vulnerabilities. In 2009, Miller returned to Black Hat USA to demonstrate an exploitable SMS flaw in iOS.

Apple’s iOS has also repeatedly been exploited by researchers at the Hewlett-Packard sponsored Pwn2own hacking challenge in 2010, 2011, 2012 and 2013.

Concerns about US technology vendors working directly to facilitate the NSA spying efforts have had an impact on business. Apple joined with AOL, Facebook, Google, Microsoft and Yahoo in an open letter sent to the US Congress on 31 October asking for more transparency into government surveillance.

The requests from the tech vendors have not fallen entirely on deaf ears either. A Presidential Task Force report titled “Liberty and Security in a Changing World” released on 18 December calls for sweeping reform in US intelligence agency operations.

What do you know about whistleblowers and their tech? Take our quiz!

Originally published on eWeek.

Sean Michael Kerner

Sean Michael Kerner is a senior editor at eWeek and contributor to TechWeek

Recent Posts

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

2 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

4 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

19 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

22 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

23 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

1 day ago