Apple AirPort not on latest 'Vault 7' list of gear susceptible to factory firmware hack by...
The latest dump of "leaked" documents from WikiLeaks reportedly from the CIA details the "Cherry Blossom" firmware modification program, which allowed intelligence agencies to change firmware in a networking company's factories -- but Apple AirPort hardware appears to be unaffected by the effort.
The latest dump from the "Vault 7" data details the program where the U.S. CIA was able to redirect a surveillance target's web traffic, scan for passwords, and monitor site visits from a penetrated router. The two methods of installing the package are either another undetailed tool called Claymore, or through a "supply-chain operation" in the factories or distribution chains themselves.
The document dump of files generated by the CIA from as late as 2012 claims that devices from Asus, Belkin, Buffalo, Dell, DLink, Linksys, Motorola, Netgear, Senao, and US Robotics were susceptible to the attack vector. According to WikiLeaks, the Stanford Research Institute was a key partner in developing the CIA's tool.
A "Vault 7" dump surrounding Apple wireless networking equipment circulated in March. The "Harpy Eagle" project sought to penetrate the AirPort family of hardware, but failed with all efforts stymied by a combination of Apple's encryption efforts, and the company's custom hardware solutions.
There were no no fully functional or reliable exploits published that allowed the CIA to insert itself in a target's network through AirPort router hardware. Since the data dump's conclusion at the end of 2015, Apple has released four firmware updates for the hardware, further setting back the intelligence community's efforts.
Apple revealed after the initial data dump that it had patched most of the CIA's exploits in iOS 10.
The future of Apple's AirPort hardware is unclear. Internal departmental changes, reinforced by a report about Apple engineers now at eero, suggest that Apple has no plans to update its existing lineup of routers, including the AirPort Extreme, Time Capsule, and AirPort Express, but do not discount the possibility of the functionality being added to a different product. Apple's AirPort Express network extender and AirPlay audio target have not even been updated to the 802.11ac Wi-Fi specification, many years after release.
Without specifically confirming the dissolution of the AirPort hardware division, AppleInsider has been told by sources within Apple not authorized to speak on behalf of the company that the AirPort ecosystem back to the 802.11n version of the AirPort Extreme basestation would be made "as safe as possible for as long as possible."
The latest dump from the "Vault 7" data details the program where the U.S. CIA was able to redirect a surveillance target's web traffic, scan for passwords, and monitor site visits from a penetrated router. The two methods of installing the package are either another undetailed tool called Claymore, or through a "supply-chain operation" in the factories or distribution chains themselves.
The document dump of files generated by the CIA from as late as 2012 claims that devices from Asus, Belkin, Buffalo, Dell, DLink, Linksys, Motorola, Netgear, Senao, and US Robotics were susceptible to the attack vector. According to WikiLeaks, the Stanford Research Institute was a key partner in developing the CIA's tool.
A "Vault 7" dump surrounding Apple wireless networking equipment circulated in March. The "Harpy Eagle" project sought to penetrate the AirPort family of hardware, but failed with all efforts stymied by a combination of Apple's encryption efforts, and the company's custom hardware solutions.
There were no no fully functional or reliable exploits published that allowed the CIA to insert itself in a target's network through AirPort router hardware. Since the data dump's conclusion at the end of 2015, Apple has released four firmware updates for the hardware, further setting back the intelligence community's efforts.
Apple revealed after the initial data dump that it had patched most of the CIA's exploits in iOS 10.
The future of Apple's AirPort hardware is unclear. Internal departmental changes, reinforced by a report about Apple engineers now at eero, suggest that Apple has no plans to update its existing lineup of routers, including the AirPort Extreme, Time Capsule, and AirPort Express, but do not discount the possibility of the functionality being added to a different product. Apple's AirPort Express network extender and AirPlay audio target have not even been updated to the 802.11ac Wi-Fi specification, many years after release.
Without specifically confirming the dissolution of the AirPort hardware division, AppleInsider has been told by sources within Apple not authorized to speak on behalf of the company that the AirPort ecosystem back to the 802.11n version of the AirPort Extreme basestation would be made "as safe as possible for as long as possible."
Comments
Since I've got the keys tonight, we're leaving this thread open, as long as you all behave with each other and treat each other as reasonable human beings.
As a reminder, the news-item forum traffic is less than 5% of AI's traffic, and comments you leave are Google-searchable. Some of us work here -- so don't ruin it for us.
I do hope Apple is seeing and understanding the absence of a hack for their Airport routers. Simply build on what they already have and keep Apple customers safe. It's just a router, nothing more, so Apple could turn it into a hobby and just update it. They can stick it into their Siri box if they don't want to have a separate router, letting Siri configure it with voice instructions.
I had the same problem with their new Technicolor gateway. It wouldn't let me put it in bridged mode to allow the use of my Airport. This is intentional because they want to control everything, including adding their slow as molasses xfinitywifi "public" WiFi hot-spot (public as long as you're a Comcast subscriber). I sent the stupid thing back, used my own cable modem then bought an older telephony modem so I could get the 2yr triple-play contract with 250Mbps speed for the same price as my current double-play at a slower speed without telephone service. The older telephony modem cost me $70 so it's paid for itself by not paying the $11/month rent for a garbage gateway.
It sounds like you either need physical access to the router, or remote access -which is usually disabled by default.
It's probably not safe to purchase any of these brands sold through middleman (Amazon/EBay, etc) from now on because they could have been tampered with.
I bet the router manufacturers are fuming ; )
These routers security has always been bad... now they're approaching unusable.
I am pleased that AppleInsider leaves FaceBook comments open, even on politically-fired articles. It's rather liberating to hope on FaceBook and post a comment when you can't do that here in this forum.
All said, freedom can be abused, but it's worth it!
Thanks for the great site, articles and product reviews, Mike! Best wishes to your team.
1) No code was released.
2) You do need physical access to the router -- and they were getting it either in the factory, at retail, or before delivery.
3) Probably.
4) Probably.
Seriously, I just hang the Apple gear off the Comcast box using ethernet and turn off the Comcast Wi-Fi. Firstly because like you I love my Apple routers and secondly that Xfinity Public access stuff creeps me out! I know you can disable it but none of our neighbors seem to know that.
The 802.11g AirPort was discontinued in 2008. More than half of the routers on the list from third parties were still actively shipping in 2012.
/stupid