Uncovered documents point towards CIA-sponsored program to break iOS device encryption, install backdoors

Posted by:
Date: Tuesday, March 10th, 2015, 09:45
Category: iOS, iPad, iPhone, iPod Touch, News, security, Software

cialogo

When the CIA sponsors a full-on “jamboree” focused on breaking the security found in the iPhone and iPad, there’s something to be said for that.

According to recently obtained top-secret documents, security researchers were gathered at a CIA-sponsored “Jamboree” event wherein attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.

By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.


The researchers also claimed they had crafted a modified version of Xcode, Apple’s proprietary development tool, to enable them to sneak surveillance backdoors into apps and programs. The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.

Researchers also claimed they had successfully modified the OS X updater, a program used to deliver updates to laptop and desktop computers, to install a “keylogger.”

Other presentations at the CIA conference have focused on the products of Apple’s competitors, including Microsoft’s BitLocker encryption system, which is used widely on laptop and desktop computers running premium editions of Windows.

This came at a time when the CIA was waging a secret campaign to bypass the security mechanisms built into consumer devices. As a result, the CIA could hand over tools to law enforcement agencies to easily bypass device security and tap into data as needed.

It goes on from there and the entire article, which details some fairly shocking stuff, can be found over on The Intercept.

The piece doesn’t paint a pretty picture, but it does paint an accurate one. Millions of iOS devices in the landscape, government agencies that desperately want to crack them, backdoors that need to be created, leaked documents and the careful balance between privacy and security apparently being upset.

Via The Intercept

Recent Posts

One Response to “Uncovered documents point towards CIA-sponsored program to break iOS device encryption, install backdoors”

  1. RT @JasonOGrady: Uncovered documents point towards CIA-sponsored program to break iOS device encryption, install backdoors http://t.co/fMay…