Home Your IT Mobility iPhones can be ‘backdoor penetrated’ by NSA

Subscribe now and get the news that matters to your industry.

* Your Email Address:
* First Name:
* Last Name:
Industry:
Job Function:
Australian State:
Country:
Email marketing by Interspire
weebly statistics

Apple has denied any knowledge of the US National Security Agency (NSA) alleged efforts called project DROPOUT JEEP to hack the iPhone and data capable iPad.

Here is the full statement Apple provided to TechCrunch.com.

Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who is behind them.

Let’s just accept the statement at face value – it serves no purpose to debate things like ‘lies by omission’ (… never worked with the NSA … what other agencies has it worked with?) and not attempt to analyse the inordinately carefully chosen language which would win a seasoned wordsmith an Oscar for best fiction script.

Let’s just say that it would have been better it to say something like “Apple is sickened and we will never knowingly allow this to happen again.” How about some positive action Apple?

The point is that the much touted ‘secure’ iPhone has apparently been able to be hacked since the inception of NSA’s project DROPOUT JEEP in 2008. This is not a new phenomenon – it is just that recent action from whistle-blower Edward Snowden and friends have simply revealed the name.

Before we go much further let me state that Apple is not alone. If DROPOUT JEEP exists for a supposedly secure iOS then you can be sure as hell that two other things are true:

  1. Similar backdoor hacks exist for Android, Windows, OSX, Linux – hell every known operating system (OS) and its variants.
  2. And that every government with its own equivalent of NSA will be using similar tools

In fact, Germany’s Spiegel reveals the existence of a 50-page catalogue of NSA hacks – spy toolbox it calls it – that makes for very unsettling reading. I will be absorbing this over the next few days and will provide an overview.

What is DROPOUT JEEP? [Items in square brackets are my additions]

It is a software implant [virus style, remote self-installing, to provide root level functionality] for the Apple iPhone [and the rest] that provides SIGINT [signals intelligence] functionality including: the ability to remotely push/pull files from the device; SMS retrieval; contact list retrieval; voicemail; geo-location; hot microphone; camera capture; cell tower location; and more.

Command, control, and data exfiltration can occur via SMS messaging or data connection [2/3/4G or Wi-Fi]. All communications with the iPhone are covert and encrypted.

Opinion

I opted to file this as a brief opinion piece because of the controversial nature of the allegations and that this issue is likely to escalate once the world returns from its holiday revelry to reality.

For example, Apple’s deal to sell iPhones in China via China Mobile could well be under review – the Chinese government gets tetchy when another country outdoes its spying abilities. The first OS or security provider than can identify DROPOUT JEEP or its variants and disable it will make a fortune!

For now, crooks et al should not use an iPhone. Apple needs to urgently patch iOS and ensure it is safe from prying eyes.

I find it an amazing coincidence that recently, Apple joined AOL, Yahoo, Twitter, Microsoft, LinkedIn, Google, and Facebook in requesting global government surveillance reform. Was it case of trying to minimise fall-out once the true extent of surveillance is revealed?

The inconvenient truth is that NSA and its world equivalents are government agencies. “I’m from the government and I’m here to help” have become the most terrifying words in the English language. Only governments can truly fix this fundamental privacy issue.

Although perhaps better known as an actor former US President Ronald Regan summed this mess up well: “Government exists to protect us from each other. Where government has gone beyond its limits is in deciding to protect us from ourselves.”

PROTECT YOURSELF AGAINST BANDWIDTH BANDITS!

Don't let traffic bottlenecks slow your network or business-critical apps to a grinding halt. With SolarWinds Bandwidth Analyzer Pack (BAP) you can gain unified network availability, performance, bandwidth, and traffic monitoring together in a single pane of glass.

With SolarWinds BAP, you'll be able to:

• Detect, diagnose, and resolve network performance issues

• Track response time, availability, and uptime of routers, switches, and other SNMP-enabled devices

• Monitor and analyze network bandwidth performance and traffic patterns.

• Identify bandwidth hogs and see which applications are using the most bandwidth

• Graphically display performance metrics in real time via dynamic interactive maps

Download FREE 30 Day Trial!

CLICK TO DOWNLOAD!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Connect