Apple has contacted TechCrunch with a statement about the DROPOUTJEEP NSA program that detailed a system by which the organization claimed it could snoop on iPhone users.
Apple says that it has never worked with the NSA to create any ‘backdoors’ that would allow that kind of monitoring, and that it was unaware of any programs to do so.
Here is the full statement from Apple:
Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.
The statement is a response to a report in Der Spiegel Sunday that detailed a Tailored Access Operations (TAO) unit within the NSA that is tasked with gaining access to foreign computer systems in order to retrieve data to protect national security. The report also pointed out a division called ANT that was set up to compile information about hacking consumer electronics, networking systems and more.
The story detailed dozens of devices and methods, including prices for deployment, in a catalogue that could be used by the NSA to pick and choose the tools it needed for snooping. The 50-page catalog included a variety of hacking tools that targeted laptops and mobile phones and other consumer devices. Der Spiegel said that these programs were evidence that the NSA had ‘backdoors’ into computing devices that many consumers use.
Among these options was a program called DROPOUTJEEP — a program by which the NSA could theoretically snoop on ‘any’ Apple iPhone with ‘100% success’. The documents were dated 2008, implying that these methods were for older devices. Still, the program’s detailed capabilities are worrisome.
Researcher and hacker Jacob Applebaum — the co-author of the articles, coinciding with a speech he gave at a conference about the programs — pointed out that the ‘100% success rate’ claimed by the NSA was worrisome as it implied cooperation by Apple. The statement from the company appears to preclude that cooperation.
The program detail indicated that the NSA needed physical access to the devices at the time that the documents were published. It does note that they were working on ‘remote installation capability’ but there’s no indication whether that was actually successful. The program’s other options included physical interdiction of devices like laptops to install snooping devices — but there have been security advances like hardware encryption in recent iPhone models that would make modification of devices much more difficult.
Early reports of the DROPOUTJEEP program made it appear as if every iPhone user was vulnerable to this — which simply can’t be the case. Physical access to a device was required which would preclude the NSA from simply ‘flipping a switch’ to snoop on any user. And Apple patches security holes with every version of iOS. The high adoption rate of new versions of iOS also means that those patches are delivered to users very quickly and on a large scale.
The jailbreak community, for instance, knows that once a vulnerability has been used to open up the iPhone’s file system for modification, it’s been ‘burned’ and will likely be patched by Apple quickly. And the process of jailbreaking fits the profile of the capabilities the NSA was detailing in its slide.
Applebaum’s talk at the 30th Chaos Communication Congress walked listeners through a variety of the programs including DROPOUTJEEP. He noted that the claims detailed in the slide indicated that either Apple was working with the NSA to give them a backdoor, or the NSA was just leveraging software vulnerabilities to create its own access. The Apple statement appears to clear that up — pointing to vulnerabilities in older versions of iOS that have likely since been corrected.
I do also find it interesting that Apple’s statement uses extremely strong wording in response to the NSA program. “We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks,” the statement reads, “regardless of who’s behind them.”
Lumping the program in with ‘malicious hackers’ certainly makes a clear point. This year has been an eventful one for NSA spying program revelations. Apple joined a host of large companies that denied that they had been willing participants in the PRISM data collection system — but later revelations of the MUSCULAR program indicated that the NSA could get its hands on data by monitoring internal company server communications anyway. This spurred targets like Google and Yahoo to implement internal encryption.
Last month, Apple released its first ever report on government information requests, detailing the number of times domestic and foreign governments had asked it for user information. At the time, it also filed a suit with the U.S. Government to allow it to be more transparent about the number and frequency of those requests. It also began employing a ‘warrant canary’ to warn users of future compliance with Patriot Act information requests.
Most recently, Apple joined AOL, Yahoo, Twitter, Microsoft, LinkedIn, Google and Facebook in requesting global government surveillance reform with an open letter. Though the NSA is located in the United States and these programs were largely designed to target ‘foreign threats’, these companies have a global customer base — making protecting user privacy abroad as well as at home just as important.
Image Credit: EFF
Comment