Apple says it was unaware of NSA's iPhone spying, vows to defend customers' privacy
Apple on Tuesday reacted to news that the U.S. National Security Agency has worked on iPhone spyware to remotely monitor users, saying it has not cooperated with the agency on such projects and was not previously aware of those attempts.
In an official company statement provided to AllThingsD, Apple vowed to use its resources "to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them." The statement came after new documents showed the NSA has the capability of deploying software implants on the iPhone to grant access to onboard assets such as text messages, location data, and even microphone audio.
While Apple was previously unaware of the NSA's spyware, the company said it's constantly working to make its products more secure. The iPhone maker said that any reports about potential security issues on its products prompt Apple to "thoroughly investigate and take appropriate steps" in order to protect its customers.
The statement also declared Apple's product security as "industry-leading," and boasted that great effort is placed on making it easy for customers to be able to easily keep their software up to date. To that end, the most recent data from Apple shows that 78 percent of iPhone, iPad and iPod touch users are using iOS 7, the company's latest mobile operating system.
The leaked documents reveal that the NSA's iPhone-targeting spyware program is called "DROPOUTJEEP," and it began in 2008. Capabilities of the software include the interception of SMS text messages, access to onboard data, microphone activation, and approximate positioning via cell tower location.
The NSA boasts a 100 percent success rate in implanting its spyware on iOS devices, but the leaked documents suggest that physical contact with a target phone is required to implant the software.
Apple's full statement in response is included below.
In an official company statement provided to AllThingsD, Apple vowed to use its resources "to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them." The statement came after new documents showed the NSA has the capability of deploying software implants on the iPhone to grant access to onboard assets such as text messages, location data, and even microphone audio.
While Apple was previously unaware of the NSA's spyware, the company said it's constantly working to make its products more secure. The iPhone maker said that any reports about potential security issues on its products prompt Apple to "thoroughly investigate and take appropriate steps" in order to protect its customers.
The statement also declared Apple's product security as "industry-leading," and boasted that great effort is placed on making it easy for customers to be able to easily keep their software up to date. To that end, the most recent data from Apple shows that 78 percent of iPhone, iPad and iPod touch users are using iOS 7, the company's latest mobile operating system.
The leaked documents reveal that the NSA's iPhone-targeting spyware program is called "DROPOUTJEEP," and it began in 2008. Capabilities of the software include the interception of SMS text messages, access to onboard data, microphone activation, and approximate positioning via cell tower location.
The NSA boasts a 100 percent success rate in implanting its spyware on iOS devices, but the leaked documents suggest that physical contact with a target phone is required to implant the software.
Apple's full statement in response is included below.
Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers' privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple's industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them.
Comments
As has been pointed out many times, it's not surprising, not an indication of poor security on the iOS, and not evidence of collusion by Apple that it was, and probably still is, possible to install spyware on an iPhone if one has physical access.
Luckily, the NSA needs physical contact with the iPhone to do this. It doesn't have a virus that can attach itself to the iPhone.
It reminds me of our president, he knew nothing as well about NSA spying, no clue about IRS targeting groups, learned about Benghazi from the news...
But, again, maybe the NSA stuff is so ahead of its time that not even top security researchers can "see" it.
Scary.
We know nothing, yeah...
It reminds me of our president, he knew nothing as well about NSA spying, no clue about IRS targeting groups, learned about Benghazi from the news...
I suggest that you take your political rants to AppleOutsider, where they belong.
Well I don't necessarily agree with your quote above, but this administration certainly didn't know much about IT project management & web application development...
I see Apple Insider has driven into the hell pit of greed via advertisements
Someone has to pay for this site.
What you've seen mentioned so far are the capabilities they had 5 years ago. I imagine they've greatly improved their techniques
Ah, yes... Confirmation. It all derives from Snowden: http://en.m.wikipedia.org/wiki/Global_surveillance_disclosure
These news organizations must be analyzing these 2.5 million documents in a piecemeal, coordinated way.
So the NSA created spyware - like a keylogger on a desktop computer - which must be hacked into the iPhone. This means the iPhone has to be jailbroken by the NSA first before installation of the spyware.
Luckily, the NSA needs physical contact with the iPhone to do this. It doesn't have a virus that can attach itself to the iPhone.
What you've seen mentioned so far are the capabilities they had 5 years ago. I imagine they've greatly improved their techniques
Obviously it can't be ruled out, but going from an established capability (inserting code with physical access) to inserting code without physical access, on any reasonably secure operating system, is more than just improved technique. It's a fundamental jump in capability, and one that has not been demonstrated on OS X or iOS, so I'd be more surprised if they can do that.
Someone has to pay for this site.
Well yes, but the degree to which nearly every corner of the internet has transformed into a Googlized advertising greed machine depresses me greatly. To see AI following down that path is unsettling and sad. Some advertising? OK. Plastering the site? You tell me.. How many people does AI employ? I haven't been here in probably two years.. it's amazing to witness the transformation.
Obviously it can't be ruled out, but going from an established capability (inserting code with physical access) to inserting code without physical access, on any reasonably secure operating system, is more than just improved technique. It's a fundamental jump in capability, and one that has not been demonstrated on OS X or iOS, so I'd be more surprised if they can do that.
iOS has also beefed up its security significantly since 2008 (iOS 1.x/2.0).
Apple controls the whole stack, including the walled garden and physical I/O connectors. NSA will have to tailor its techniques for Apple in general.
Last year, I was frustrated by some of the security mechanisms. Now I am starting to be thankful. Goddamn it, NSA.
I can accept advertising for a free service. It's the many times they have written compensated advertising disguised as stories that really angered and dismayed me. I include affiliate advertising links among those offenses. You either gain credibility by divulging those financial ties or become a complete joke.
There has been NSA code all though out iOS from the start. It goes back through all OS X and even Nextstep. There is the NSA's rray, lert, nimation and many more. Most of the code seems be one sort of National Security something or other.
You sir have won the internets award which will be posted on-the-line
Can I watch the award presentation via the Twitters?
Well yes, but the degree to which nearly every corner of the internet has transformed into a Googlized advertising greed machine depresses me greatly. To see AI following down that path is unsettling and sad. Some advertising? OK. Plastering the site? You tell me.. How many people does AI employ? I haven't been here in probably two years.. it's amazing to witness the transformation.
It's called "Ad Block" and it does wonders
Please say more?
Add to this, eviscerating our Constitution (violation of the fourth amendment, without which, the first, second and fifth amendments mean nothing), and one has to wonder, what exactly are we protecting with this kind of state overreach?