Apple By Russell Holly Jan. 2, 2014 11:19 am
Tim Cook decided to end 2013 with the most obvious statement he could have possibly made, denying any involvement in helping the NSA and promising to remain dedicated to the security of Apple’s user base.
For the uninitiated, the seemingly endless treasure trove of documents made available by the now infamous Edward Snowden continues to be sifted through by organizations all over the world. Due to the volume of information and the highly technical nature of the programs contained within the documents, many media outlets have started working with security researchers to help them better understand what is going on within these documents. One document in particular described a project from within NSA’s Tailored Access Operations unit that focused on exploiting Apple’s iPhone.
The document in question included a vague description about the exploit process, and included commentary on the 100% success rate of the project as long as they had physical access to the device. Combined with the original report by Edward Snowden that accused Apple, Google, Microsoft, and others of being complicit in allowing the NSA to access user information carte blanche, and you have a really exciting story about how Apple lets the NSA access iPhones and gives them the ability to monitor every single byte of data that comes and goes from that device. Fortunately for Apple, the truth is a whole lot less exciting.
NSA Headquarters
The security researcher working with Der Spiegel was completely accurate in his analysis of the exploit and what it meant for users. What got lost in the mix was how the exploit happened, and why there was absolutely no evidence to suggest that Apple was involved at all. TAO needed physical access to the device to install anything on an iPhone or iPad, which means all they were really doing was jailbreaking the devices once they had access to them. After the device was jailbroken, they installed software that captured data and silently shipped it off to a collection facility. There’s nothing unique or special about this process. In fact, this exact behavior is what security researchers and antivirus manufacturers have been warning jailbreak users about for years. The only reason it is interesting now is because the NSA is doing it.
While it may seem troubling that the NSA is behaving this way, it really shouldn’t be. At the very least, it shouldn’t be if you’re a US citizen. A big thing that is repeatedly ignored in this national surveillance conversation is the intended target. The NSA focuses on people and organizations outside of the US, and while it is certainly true that some of their recent dragnet-esque tactics have included data from US citizens, it doesn’t give them the authority to act on that information. NSA vans don’t appear and scoop up regular citizens, that’s just not how this works. What you’re seeing here is the modern equivalent of spycraft. James Bond doesn’t have to plant the bug in the chancellor’s office anymore, he just has to swipe his secretary’s iPhone for a minute. This doesn’t mean that the iPhone you ordered from Amazon is going to be intercepted and filled with spyware before it hits your doorstep.
It’s also worth pointing out that Apple is not alone in this vulnerability. These same issues apply to Android users where the phone has root access. These same tools can be deployed. Granted, the nature of Android makes it a little easier to detect this sort of thing, but the skill level required to know where to look is high enough to assume the vulnerability is the same. Plus, most Android phones require a semi-unique set of steps to root so it is harder to issue a blanket statement on how susceptible that platform is as a whole. At the end of the day, it is clear that Apple is neither involved nor interested*in helping the NSA with this exploit, and it’s really not as sneaky or secretive as it was made out to be.
More...
For the uninitiated, the seemingly endless treasure trove of documents made available by the now infamous Edward Snowden continues to be sifted through by organizations all over the world. Due to the volume of information and the highly technical nature of the programs contained within the documents, many media outlets have started working with security researchers to help them better understand what is going on within these documents. One document in particular described a project from within NSA’s Tailored Access Operations unit that focused on exploiting Apple’s iPhone.
The document in question included a vague description about the exploit process, and included commentary on the 100% success rate of the project as long as they had physical access to the device. Combined with the original report by Edward Snowden that accused Apple, Google, Microsoft, and others of being complicit in allowing the NSA to access user information carte blanche, and you have a really exciting story about how Apple lets the NSA access iPhones and gives them the ability to monitor every single byte of data that comes and goes from that device. Fortunately for Apple, the truth is a whole lot less exciting.
NSA HeadquartersThe security researcher working with Der Spiegel was completely accurate in his analysis of the exploit and what it meant for users. What got lost in the mix was how the exploit happened, and why there was absolutely no evidence to suggest that Apple was involved at all. TAO needed physical access to the device to install anything on an iPhone or iPad, which means all they were really doing was jailbreaking the devices once they had access to them. After the device was jailbroken, they installed software that captured data and silently shipped it off to a collection facility. There’s nothing unique or special about this process. In fact, this exact behavior is what security researchers and antivirus manufacturers have been warning jailbreak users about for years. The only reason it is interesting now is because the NSA is doing it.
While it may seem troubling that the NSA is behaving this way, it really shouldn’t be. At the very least, it shouldn’t be if you’re a US citizen. A big thing that is repeatedly ignored in this national surveillance conversation is the intended target. The NSA focuses on people and organizations outside of the US, and while it is certainly true that some of their recent dragnet-esque tactics have included data from US citizens, it doesn’t give them the authority to act on that information. NSA vans don’t appear and scoop up regular citizens, that’s just not how this works. What you’re seeing here is the modern equivalent of spycraft. James Bond doesn’t have to plant the bug in the chancellor’s office anymore, he just has to swipe his secretary’s iPhone for a minute. This doesn’t mean that the iPhone you ordered from Amazon is going to be intercepted and filled with spyware before it hits your doorstep.
It’s also worth pointing out that Apple is not alone in this vulnerability. These same issues apply to Android users where the phone has root access. These same tools can be deployed. Granted, the nature of Android makes it a little easier to detect this sort of thing, but the skill level required to know where to look is high enough to assume the vulnerability is the same. Plus, most Android phones require a semi-unique set of steps to root so it is harder to issue a blanket statement on how susceptible that platform is as a whole. At the end of the day, it is clear that Apple is neither involved nor interested*in helping the NSA with this exploit, and it’s really not as sneaky or secretive as it was made out to be.
More...
