NSA spyware gives agency full access to the iPhone - report (CNET)The US National Security Agency can reportedly sniff out every last bit of data from your iPhone, according to leaked NSA documents published by German magazine Der Spiegel.
Known as DROPOUTJEEP, the spyware is said to be one of the tools employed by the NSA's ANT (Advanced or Access Network Technology) division to gain backdoor access to various electronic devices. On Sunday, leaked documents obtained by Der Spiegel showed how these tools have reportedly been used to infiltrate computers, hard drives, routers, and other devices from tech companies such as Cisco, Dell, Western Digital, Seagate, Maxtor, and Samsung.
Those same documents reveal how DROPOUTJEEP can infiltrate virtually all areas of the iPhone, including voice mail, contact lists, instant messages, and cell tower location. The tool's abilities are revealed in the following description from one of the apparently leaked NSA documents published by Der Spiegel.
DROPOUTJEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.
The document ends by saying that DROPOUTJEEP will be initially be installed through "close-access methods." But a future version would focus on remote installation. The spyware tool was reportedly developed in 2008 to target the first iPhones.
Computer security researcher and independent journalist Jacob Appelbaum also described DROPOUTJEEP in a presentation at the 30c3 conference on Monday. Appelbaum even speculated over whether Apple played any role in helping or allowing the NSA to obtain backdoor access to the iPhone.
That's certainly an interesting theory. Tech companies have been forced to cooperate with the NSA in turning over certain customer data. A new report claims that the NSA paid security firm RSA $10 million to create backdoors in its encryption tokens.
In the following statement released Tuesday, Apple denied any involvement in assisting the NSA to create a backdoor to the iPhone:
Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers' privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple's industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them.
Apple says it's unaware of NSA iPhone backdoor program (CNET)