or Connect
AppleInsider › Forums › Mobile › iPhone › Apple says it was unaware of NSA's iPhone spying, vows to defend customers' privacy
New Posts  All Forums:Forum Nav:

Apple says it was unaware of NSA's iPhone spying, vows to defend customers' privacy

post #1 of 78
Thread Starter 
Apple on Tuesday reacted to news that the U.S. National Security Agency has worked on iPhone spyware to remotely monitor users, saying it has not cooperated with the agency on such projects and was not previously aware of those attempts.

DROUPOUTJEEP
Section of leaked DROUPOUTJEEP document. (Click for full page) | Source: Der Spiegel


In an official company statement provided to AllThingsD, Apple vowed to use its resources "to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them." The statement came after new documents showed the NSA has the capability of deploying software implants on the iPhone to grant access to onboard assets such as text messages, location data, and even microphone audio.

While Apple was previously unaware of the NSA's spyware, the company said it's constantly working to make its products more secure. The iPhone maker said that any reports about potential security issues on its products prompt Apple to "thoroughly investigate and take appropriate steps" in order to protect its customers.

The statement also declared Apple's product security as "industry-leading," and boasted that great effort is placed on making it easy for customers to be able to easily keep their software up to date. To that end, the most recent data from Apple shows that 78 percent of iPhone, iPad and iPod touch users are using iOS 7, the company's latest mobile operating system.

The leaked documents reveal that the NSA's iPhone-targeting spyware program is called "DROPOUTJEEP," and it began in 2008. Capabilities of the software include the interception of SMS text messages, access to onboard data, microphone activation, and approximate positioning via cell tower location.

The NSA boasts a 100 percent success rate in implanting its spyware on iOS devices, but the leaked documents suggest that physical contact with a target phone is required to implant the software.

Apple's full statement in response is included below.

Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers' privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple's industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them.

post #2 of 78

As has been pointed out many times, it's not surprising, not an indication of poor security on the iOS, and not evidence of collusion by Apple that it was, and probably still is, possible to install spyware on an iPhone if one has physical access.

post #3 of 78
So the NSA created spyware - like a keylogger on a desktop computer - which must be hacked into the iPhone. This means the iPhone has to be jailbroken by the NSA first before installation of the spyware.

Luckily, the NSA needs physical contact with the iPhone to do this. It doesn't have a virus that can attach itself to the iPhone.
post #4 of 78
We know nothing, yeah...

It reminds me of our president, he knew nothing as well about NSA spying, no clue about IRS targeting groups, learned about Benghazi from the news...
Marquiz d' Gabber von Gabberaarde

... and Windows Vista...
... fails on the Moon...
... 6x slower!
Reply
Marquiz d' Gabber von Gabberaarde

... and Windows Vista...
... fails on the Moon...
... 6x slower!
Reply
post #5 of 78
Man, is the NSA stuff so advanced that none of the industry-leading security advocates can see this stuff at work in the wild? Not even Charlie Miller can sniff out this stuff? It seems he would've encountered some strange process/app/utility running somewhere during one of his scans of iPhones/iPads at work, to the point that it would've aroused his curiosity.

But, again, maybe the NSA stuff is so ahead of its time that not even top security researchers can "see" it.

Scary.
post #6 of 78
Quote:
Originally Posted by gabberattack View Post

We know nothing, yeah...

It reminds me of our president, he knew nothing as well about NSA spying, no clue about IRS targeting groups, learned about Benghazi from the news...

 

I suggest that you take your political rants to AppleOutsider, where they belong.

post #7 of 78
Quote:
Originally Posted by gabberattack View Post

We know nothing, yeah...

It reminds me of our president, he knew nothing as well about NSA spying, no clue about IRS targeting groups, learned about Benghazi from the news...

Well I don't necessarily agree with your quote above, but this administration certainly didn't know much about IT project management & web application development...
Edited by vaporland - 12/31/13 at 10:16am
post #8 of 78

I see Apple Insider has driven into the hell pit of greed via advertisements :(

post #9 of 78
There has been NSA code all though out iOS from the start. It goes back through all OS X and even Nextstep. There is the NSA's rray, lert, nimation and many more. Most of the code seems be one sort of National Security something or other.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #10 of 78
Quote:
Originally Posted by Boogerman2000 View Post

I see Apple Insider has driven into the hell pit of greed via advertisements 1frown.gif

Someone has to pay for this site.

Proud AAPL stock owner.

 

GOA

Reply

Proud AAPL stock owner.

 

GOA

Reply
post #11 of 78
Quote:
Originally Posted by jameskatt2 View Post

So the NSA created spyware - like a keylogger on a desktop computer - which must be hacked into the iPhone. This means the iPhone has to be jailbroken by the NSA first before installation of the spyware.

Luckily, the NSA needs physical contact with the iPhone to do this. It doesn't have a virus that can attach itself to the iPhone.

What you've seen mentioned so far are the capabilities they had 5 years ago. I imagine they've greatly improved their techniques 1hmm.gif over the past few years. If they still need physical access to plant NSA spyware I'd be a little surprised.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #12 of 78
Aren't these revelations from Der Spiegel also derived from the Snowden leaks? If so, Snowden himself, or Glen Greenwald should be able to confirm.

Ah, yes... Confirmation. It all derives from Snowden: http://en.m.wikipedia.org/wiki/Global_surveillance_disclosure

These news organizations must be analyzing these 2.5 million documents in a piecemeal, coordinated way.
Edited by SpamSandwich - 12/31/13 at 10:50am

Proud AAPL stock owner.

 

GOA

Reply

Proud AAPL stock owner.

 

GOA

Reply
post #13 of 78
Quote:
Originally Posted by Gatorguy View Post
 
Quote:
Originally Posted by jameskatt2 View Post

So the NSA created spyware - like a keylogger on a desktop computer - which must be hacked into the iPhone. This means the iPhone has to be jailbroken by the NSA first before installation of the spyware.

Luckily, the NSA needs physical contact with the iPhone to do this. It doesn't have a virus that can attach itself to the iPhone.

What you've seen mentioned so far are the capabilities they had 5 years ago. I imagine they've greatly improved their techniques 1hmm.gif over the past few years. If they still need physical access to plant NSA spyware I'd be a little surprised.

 

Obviously it can't be ruled out, but going from an established capability (inserting code with physical access) to inserting code without physical access, on any reasonably secure operating system, is more than just improved technique.  It's a fundamental jump in capability, and one that has not been demonstrated on OS X or iOS, so I'd be more surprised if they can do that.

post #14 of 78
Quote:
Originally Posted by SpamSandwich View Post


Someone has to pay for this site.

Well yes, but the degree to which nearly every corner of the internet has transformed into a Googlized advertising greed machine depresses me greatly. To see AI following down that path is unsettling and sad. Some advertising? OK.  Plastering the site? You tell me.. How many people does AI employ?  I haven't been here in probably two years.. it's amazing to witness the transformation. 

post #15 of 78
Quote:
Originally Posted by muppetry View Post
 

 

Obviously it can't be ruled out, but going from an established capability (inserting code with physical access) to inserting code without physical access, on any reasonably secure operating system, is more than just improved technique.  It's a fundamental jump in capability, and one that has not been demonstrated on OS X or iOS, so I'd be more surprised if they can do that.

 

 

iOS has also beefed up its security significantly since 2008 (iOS 1.x/2.0). 

 

Apple controls the whole stack, including the walled garden and physical I/O connectors. NSA will have to tailor its techniques for Apple in general.

 

Last year, I was frustrated by some of the security mechanisms. Now I am starting to be thankful. Goddamn it, NSA.


Edited by patsu - 12/31/13 at 11:18am
post #16 of 78
Quote:
Originally Posted by Boogerman2000 View Post

Well yes, but the degree to which nearly every corner of the internet has transformed into a Googlized advertising greed machine depresses me greatly. To see AI following down that path is unsettling and sad. Some advertising? OK.  Plastering the site? You tell me.. How many people does AI employ?  I haven't been here in probably two years.. it's amazing to witness the transformation. 

I can accept advertising for a free service. It's the many times they have written compensated advertising disguised as stories that really angered and dismayed me. I include affiliate advertising links among those offenses. You either gain credibility by divulging those financial ties or become a complete joke.

Proud AAPL stock owner.

 

GOA

Reply

Proud AAPL stock owner.

 

GOA

Reply
post #17 of 78
Quote:
Originally Posted by SolipsismX View Post

There has been NSA code all though out iOS from the start. It goes back through all OS X and even Nextstep. There is the NSA's rray, lert, nimation and many more. Most of the code seems be one sort of National Security something or other.

You sir have won the internets award which will be posted on-the-line

bb
Reply
bb
Reply
post #18 of 78
Quote:
Originally Posted by bloggerblog View Post

You sir have won the internets award which will be posted on-the-line

Can I watch the award presentation via the Twitters?

Proud AAPL stock owner.

 

GOA

Reply

Proud AAPL stock owner.

 

GOA

Reply
post #19 of 78
Quote:
Originally Posted by SolipsismX View Post

There has been NSA code all though out iOS from the start. It goes back through all OS X and even Nextstep. There is the NSA's rray, lert, nimation and many more. Most of the code seems be one sort of National Security something or other.

Please say more?
post #20 of 78
When will these lowlifes realize that they run the risk of destroying the overseas sales of some of our most successful, dynamic parts of the economy? Don't these idiots get that!?

Add to this, eviscerating our Constitution (violation of the fourth amendment, without which, the first, second and fifth amendments mean nothing), and one has to wonder, what exactly are we protecting with this kind of state overreach?
Edited by anantksundaram - 12/31/13 at 12:01pm
post #21 of 78
Quote:
Originally Posted by anantksundaram View Post

When will these lowlifes realize that they run the risk of destroying the overseas sales of some of our most successful, dynamic parts of the economy? Don't these idiots get that!?

Add to this, eviscerating our Constitution (violation of the fourth amendment, without which, the first, second and fifth amendments mean nothing), and one has to wonder, what exactly are we protecting with this kind of state overreach?

 

I think that the problem (if you regard it that way) is that the intelligence agencies, much like the military, tend to develop whatever capabilities that they can to try to keep their edge and for use if needed. That may be fine, but tends to spawn the problem of regulation of such use, scope creep in the use, and "best intentions" justifications for going too far. It's not a simple issue to fix.

post #22 of 78

OT- Apple is also unaware of useless Board Members which are of no good! Al Gore is one of them (which Apple thinks has invented internet? ) :lol:
 

post #23 of 78
Quote:
Originally Posted by SolipsismX View Post

There has been NSA code all though out iOS from the start. It goes back through all OS X and even Nextstep. There is the NSA's rray, lert, nimation and many more. Most of the code seems be one sort of National Security something or other.

So clever and, yet, so dangerous if not enough people here know about Mac programming.

post #24 of 78
Quote:
Originally Posted by anantksundaram View Post

When will these lowlifes realize that they run the risk of destroying the overseas sales of some of our most successful, dynamic parts of the economy? Don't these idiots get that!?

Add to this, eviscerating our Constitution (violation of the fourth amendment, without which, the first, second and fifth amendments mean nothing), and one has to wonder, what exactly are we protecting with this kind of state overreach?

Other countries are seriously questioning how they do business now with American companies. Especially American companies with servers in America. The fear mongering the American government has created since 911 reminds me of the image below. When you grow so powerful that you can't even trust yourself, you end up destroying everything around you and then yourself.

Help! I'm trapped in a white dungeon of amazing precision and impeccable tolerances!

Reply

Help! I'm trapped in a white dungeon of amazing precision and impeccable tolerances!

Reply
post #25 of 78
Quote:
Originally Posted by LighteningKid View Post

So clever and, yet, so dangerous if not enough people here know about Mac programming.

I tried to make it more verbose at the risk of losing the funny in hopes that it would be obvious to those not familiar with OSX/iOS coding that I'm not being serious.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #26 of 78
Marquiz d' Gabber von Gabberaarde

... and Windows Vista...
... fails on the Moon...
... 6x slower!
Reply
Marquiz d' Gabber von Gabberaarde

... and Windows Vista...
... fails on the Moon...
... 6x slower!
Reply
post #27 of 78
If the NSA requires physical contact then the target list is pretty short.

After all, they are not landing UPS & FedEX cargo planes at Area 51 for some fuel and a big cargo wrap-up party
post #28 of 78

Just Say "NO" to Fake Advertisements

scroogled.com

Your avenue to a Happy New Year!

post #29 of 78
Microsoft seems to be worried about Chromebooks intruding on their turf now. Maybe Google really does have a decent idea. Certainly got MS's attention. Unfortunate that accuracy has never held a lot of importance in their Scroogled campaign.

"Scrappled" may not be all that far off. Back-door negative ads seem like a Microsoft specialty.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #30 of 78
NSA should be held to the same standard as a hacker that hacks into any government agency. Eye for an eye.
post #31 of 78
Quote:
Originally Posted by macinthe408 View Post

Man, is the NSA stuff so advanced that none of the industry-leading security advocates can see this stuff at work in the wild?

It makes sense that they would - they pretty much have to. Techniques they used decades ago would seem laughable now with storage capability, processing power, wireless tech, camera tech and the internet but at the time, nobody would even think it was going on.

This isn't just an issue for customers, Apple's employees use the devices too. Imagine if someone in the intelligence community discovered Apple's plans for the iPhone and decided to trade in stocks on that information. They could even just be snooping on private conversations, you'd never know.

The software being installed doesn't even have to exist in the OS. If it's for tracking data, they just have to hide something in the communication chips and they get access to most of what they need. It's mainly the communication data that matters. It doesn't even have to be active until it's requested like the App Store issue where they can submit broken code that passes any check for malware and it's reassembled later.

If the people in control were only using the techniques responsibly in order to weed out potential mass murder, that's better than having no option to prevent that but, who checks up on it and who decides how they should be punished? It seems to have already happened:

http://gadgets.ndtv.com/internet/news/nsa-employees-used-spy-tools-to-track-spouses-former-lovers-425800

It sounds as though they log every request made to the records so abuse can be traced but we'd never know just like we never knew about all the things being covered up in various wars until wikileaks revealed them. It doesn't even matter that we do find out about these things really, there's nothing anyone can do about it just like nobody had any say in which banks were bailed out, which wars were started with whatever budget. It doesn't matter that people know about this now, it won't stop happening.
post #32 of 78

Apple can say whatever they want, but does the public believe them?  That's what this is about now...trust.

 

Personally I think anyone that trusts anything that comes out of NSA or any of the providers such as Apple that are bound by secret courts to deny knowledge of everything is naive.

post #33 of 78
Quote:
Originally Posted by ruel24 View Post

Buahahahaha! Glad I left Apple! Keep buying their tainted products you iSheep! My Galaxy Note 3 is WAAAAYYY better than my iPhone ever was and if they dare taint it, I'll root it.


And you don't think the NSA has already rooted Android?

post #34 of 78
Quote:
Originally Posted by Rickers View Post

Isn't Steve-O one of the people who said something to the effect of, "if you're not doing anything wrong, you have nothing to worry about"?

Steve rebelled against authority. He was out to change the world, not play within its rules.
post #35 of 78
Originally Posted by Rickers View Post
Most of the nitwits here won't get this.

 

Try reading the post before replying to it.

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply

Originally Posted by helia

I can break your arm if I apply enough force, but in normal handshaking this won't happen ever.
Reply
post #36 of 78
Quote:
Originally Posted by formosa View Post


And you don't think the NSA has already rooted Android?

Prove that it is or go away. Isn't that how I've been treated here for some time now? I've listed proof and evidence in abundance and told to just go away. People in this forum want to hide from the evidence...hide from the truth... Tim Cook only cares about soaking you dry in the name of profit. He's not Jobs. Jobs had conviction. Cook just wants to make money.

Rooted Android? Since there are so many players, they'd be quite busy. Since Google writes it, OEMS fine tune it and add hardware support, and providers add their mods and sign off on the code, they've got their work cut out. Android developer community is so all over this stuff, rooters would be rid of it in days. If it comes out that despite the roadblocks, they did, I'll root and rid myself of it quickly.
post #37 of 78
Quote:
Originally Posted by ruel24 View Post


Prove that it is or go away. Isn't that how I've been treated here for some time now? I've listed proof and evidence in abundance and told to just go away. People in this forum want to hide from the evidence...hide from the truth... Tim Cook only cares about soaking you dry in the name of profit. He's not Jobs. Jobs had conviction. Cook just wants to make money.

Rooted Android? Since there are so many players, they'd be quite busy. Since Google writes it, OEMS fine tune it and add hardware support, and providers add their mods and sign off on the code, they've got their work cut out. Android developer community is so all over this stuff, rooters would be rid of it in days. If it comes out that despite the roadblocks, they did, I'll root and rid myself of it quickly.

 

I don't think anyone needs to waste time arguing with you. You lack an argument, since you just told others to prove their point, and then went along and made a bunch of unproven, shaky assertions of your own.

 

Logic fail much?

post #38 of 78
Quote:
Originally Posted by kc345 View Post

I don't think anyone needs to waste time arguing with you. You lack an argument, since you just told others to prove their point, and then went along and made a bunch of unproven, shaky assertions of your own.

Logic fail much?

Unproven? That's exactly the development chain of events as recently released by HTC. The NSA would have to get every player involved to get in with them. Since Apple is the developer and the OEM, and the providers are pretty much completely out of the picture, the NSA only has to strong arm one player - Apple!

To get Android, they have to deal with Samsung, Verizon, AT&T, Sprint, T - Mobile and all the little carriers - just to compromise all the Samsung devices, and that doesn't encompass Google Experience editions. Then, to get all of Android, they have to strong arm LG, HTC, Sony, Asus, Toshiba...and let's not forget the Nexus and Motorola devices developed completely by Google. Now, they're gonna accomplish that without any one of those blowing the whistle? Highly unlikely...
Edited by ruel24 - 12/31/13 at 11:22pm
post #39 of 78
Quote:
Originally Posted by ruel24 View Post


Unproven? That's exactly the development chain of events as recently released by HTC. The NSA would have to get every player involved to get in with them. Since Apple is the developer and the OEM, and the providers are pretty much completely out of the picture, the NSA only has to strong arm one player - Apple!

To get Android, they have to deal with Samsung, Verizon, AT&T, Sprint, T - Mobile and all the little carriers - just to compromise all the Samsung devices, and that doesn't encompass Google Experience editions. Then, to get all of Android, they have to strong arm LG, HTC, Sony, Asus, Toshiba...and let's not forget the Nexus and Motorola devices developed completely by Google. Now, they're gonna accomplish that without any one of those blowing the whistle? Highly unlikely...

Actually, there is a NSA-secured version of Android, which is available for licensing from Ft Meade.

 

Cheers

post #40 of 78
Quote:
Originally Posted by ruel24 View Post

Buahahahaha! Glad I left Apple! Keep buying their tainted products you iSheep! My Galaxy Note 3 is WAAAAYYY better than my iPhone ever was and if they dare taint it, I'll root it.

 

In my opinion it is not a weakness of device or OS. The "Lavabit affair" demonstrated that in some circumstances any US-based company can be forced to give access to customer/user data and forced not to disclose it.

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • Apple says it was unaware of NSA's iPhone spying, vows to defend customers' privacy
AppleInsider › Forums › Mobile › iPhone › Apple says it was unaware of NSA's iPhone spying, vows to defend customers' privacy