Apple responds to latest WikiLeaks CIA document dump, says iPhone and Mac exploits fixed

Posted:
in General Discussion edited March 2017
Apple issued a statement in response to Thursday's WikiLeaks release of CIA-gathered iPhone and Mac exploits, saying a preliminary assessment reveals the vulnerabilities to be years old and long since patched.




In a statement furnished to TechCrunch, Apple says an iPhone exploit detailed in the purported CIA documents impacts iPhone 3G, a device released in 2008. Apple fixed the security hole that same year. Mac vulnerabilities appear to be more recent, dating back to 2013, but have also been fixed.
We have preliminarily assessed the WikiLeaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.

We have not negotiated with Wikileaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn't in the public domain. We are tireless defenders of our users' security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.
As AppleInsider reported earlier today, the WikiLeaks documents detailing Apple-specific attack vectors are years old and of limited use to would-be hackers.

For example, an exploit dubbed "DarkSeaSkies" targets MacBook Air and inserts an EFI routine called "DarkMatter" that subsequently installs software containing a kernel attack and the "NightSkies" malware and keylogging package.

DarkSeaSkies is delivered via USB and takes advantage of a Thunderbolt exploit discovered in 2014, meaning physical access to a target device is required for the technique to work. Apple later issued a patch for the vulnerability in 2015.

As for the supposed iPhone 3G intrusion, the method outlined in today's files rely on an offshoot of "NightSkies." As Apple notes, however, that hole has been plugged for some 8 years.

Today's WikiLeaks dump is part of the so-called "Vault 7" document stash. Initial disclosures were leaked earlier this month and detail a number of exploits affecting a wide range of hardware platforms.

The first document hoard contained thousands of files and revealed 14 iOS intrusion methods ranging from basic surveillance to remote device command and control. Like today's release, Apple analyzed the previous batch of exploits and confirmed "many" had already been patched.

Comments

  • Reply 1 of 8
    RacerhomieXRacerhomieX Posts: 95unconfirmed, member
    Good Job Apple.
    lolliverwatto_cobra
  • Reply 2 of 8
    SpamSandwichSpamSandwich Posts: 31,201member
    Interesting that such old hacks are being revealed now. 
    cornchipwatto_cobra
  • Reply 3 of 8
    Apple also seemed to indicate that it wasn't pursuing getting the WikiLks doc dump because it was stolen. 

    IIRC the dumps til now were said to be a small percentage of Vault cache. 

    If true, Apple is flipping the bird at getting rest of dump if not already in public domain. 

    The Vault contents could already be in the possession of black hats. Apple's statement is high minded but seems to trade risk for ideological purity. 

    Couldnt Apple seek permission from a federal judge to accept dump docs?  Possibly leveraging its news organization, or in a JV with NYT or WAPO or Walt Mossberg, to receive docs with 1st Amdt protections?  Then Apple staffs as consultants to writer could analyze and plug holes before article is published. 
    watto_cobra
  • Reply 4 of 8
    Interesting that such old hacks are being revealed now. 
    Hopefully all hacks are equally old; even so, of the known hacks, it seems Macs older than 2012-ish have unfixable vulnerabilities. 
    cornchipwatto_cobra
  • Reply 5 of 8
    The vulnerabilities are "alleged" even if we fixed them. So our fixes could also be called "alleged" by extension. Our lawyers tell us to use "alleged" in every sentence because it is so much cooler and they need to earn their living.
    watto_cobra
  • Reply 6 of 8
    Interesting that it's worded in a way to suggest the vulnerabilities weren't "patched" as the article suggests, but "fixed" with the next iteration of the device; iPhone 3G - "fixed with release of 3GS", while the Mac vulnerabilities were "fixed in all macs launched after 2013".

    That to me says the iPhone 3G is still vulnerable as is ALL pre-2014 mac's which I'm sure there are plenty still in operation. :worried: 
  • Reply 7 of 8
    linkmanlinkman Posts: 916member
    adm1 said:
    Interesting that it's worded in a way to suggest the vulnerabilities weren't "patched" as the article suggests, but "fixed" with the next iteration of the device; iPhone 3G - "fixed with release of 3GS", while the Mac vulnerabilities were "fixed in all macs launched after 2013".

    That to me says the iPhone 3G is still vulnerable as is ALL pre-2014 mac's which I'm sure there are plenty still in operation. :worried: 
    I'm wondering about the pre 2013 Macs... what would be vulnerable in them running Sierra that a newer Mac running Sierra is not? Another thing to note is that all Macs with at least 2GB RAM made since late 2010 can run Sierra. I think El Capitan is still fully supported (thus patched) and runs on all Macs from mid 2009.
    watto_cobra
  • Reply 8 of 8
    I find it interesting that a major adversary of information privacy is our own government.  It kinda puts them in the same camp as the Russians and non-State criminal rings.  I guess we have seen the enemy and it is us.
    watto_cobra
Sign In or Register to comment.