Apple: We didn’t help NSA put the Dropoutjeep Backdoor in our iPhones

(By Jon Queally)

Apple, the company giant behind the iconic iPhone, declared on Monday that is has never assisted the NSA in its efforts to create "back doors" to its signature mobile phone or any of its other products.

The declaration by the computer giant comes in response to revelations made public by the German newspaper Der Spiegel in recent days, based on internal documents provided by Edward Snowden, which revealed secret units within the NSA that have created and reportedly installed sophisticated malware and other software programs designed to bypass security features and give the spy agency full access to information contained on individuals' devices, including portable computers, memory devices, and smart phones.

The program targeting the iPhone, called DROPOUTJEEP and disclosed by noted digital security expert and independent journalist Jacob Applebaum, is designed to remotely retrieve virtually all the information on an iPhone

The program targeting the iPhone, called DROPOUTJEEP and disclosed by noted digital security expert and independent journalist Jacob Applebaum, is designed to remotely retrieve virtually all the information on an iPhone, including text messages, photographs, contacts lists, geolocation data, voice mail and live calls.

The internal NSA slide detailing the program: >

During a speech he gave at the Chaos Computer Conference in Hamburg, Germany over the weekend, Applebaum discussed DROPOUTJEEP and speculated that Apple may have assisted the spy agency in its efforts to infiltrate the iPhone.

"I hope Apple will clarify that," said Applebaum regarding Apple's possible role. He continued: "Here’s a problem: I don’t really believe that Apple didn’t help them. I can’t really prove it, but they [the NSA] literally claim that anytime they target an iOS device, that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write shitty software."

On Tuesday, Apple responded by saying they had no knowledge of the program and denied cooperating in any way with the NSA on this or any similar scheme.

“Apple has never worked with the NSA to create a back door in any of our products, including iPhone," the statement read. "Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements."

Explaining the contents of the NSA documents that refer to the DROPOUTJEEP program, the Guardian reports:

The slides mention iOS5, an iPhone operating system that was launched in June 2011 and updated by iOS6 in September 2012. It is not clear whether the NSA managed to develop the ability to perform remote installation. Given that Apple sold 250m iPhones in its first five years, large scale implementation of DropoutJeep seems unlikely by close access methods.

The spyware is one of the tools employed by the NSA's ANT (Advanced or Access Network Technology) division to gain backdoor access to various electronic devices. According to Applebaum, the NSA claims a 100% success rate on installation of the program.

Apple, along with its peers, has consistently denied working with the NSA unless it has been legally compelled to do so. The NSA documents, first obtained by whistleblower Edward Snowden, have revealed that the NSA has developed the capability to hack other companies, including Google and Yahoo, without their knowledge.

The slide is dated four years before the NSA included Apple in its Prism monitoring program. Apple was the last of the big tech companies to be included in the program, designed to ease data collection for the NSA. Microsoft, by contrast, joined the scheme in 2007, according to the NSA’s slides.

___________________________________________

Mirrored from Commondreams.org

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.

Related video:

More from Marc Lamont Hill at Huffpost Live:

9 Responses

  1. There are probably NSA assets in every major US computer and telecommunications company. It is entirely possible that a back door was inserted into iOS without the knowledge of Apple management.

  2. There are two parts to this Apple pronunciation:
    1) A non-statement: Because in case Apple received a request, it wouldn’t have been a direct NSA request, but high level communication with the FBI. In that sense, the first paragraph is a non-denial.

    2) Missing from Queally’s commentary is the closing paragraph of Apple’s non-pronunciation:
    ” We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.”

    I have never seen Apple so angry. That paragraph has class action lawsuit all over it, or at least a serious warning that all possible considerations are on the table.
    Additionally, word is that top-tier NSA officials and one tech giant official have been emphatically in favor of reining in the NSA. After this statement, I wouldn’t be surprised if that unnamed tech giant official were Tim Cook.

  3. “Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security…”

    This is so obviously a lie it’s ludicrous. Or risible. Or sad. Yes, that’s it: it’s really sad.

  4. Two thoughts: First, Thomas Drake’s issues were with the NSA, not the CIA. Second; is Zach Carter suggesting that unrestricted, covert access to people’s cellphone, computers, & whatever is okay as long as the government is ‘moderate’ about whom they pursue for prosecution??? By what standards is ‘moderation’ measured and how does that attitude jibe with the Constitutional prohibition against unreasonable searches absent demonstrated suspicion (i.e.; sufficient to justify a warrant)? Sounds to me like Zach’s a prime candidate for a position in the Democratic Party… along with Feinstein, Obama, & Biden.

  5. I am only marginally computer literate but I’m not sure that matters.

    “Apple has never worked with the NSA to create a back door in any of our products, including iPhone,” the statement read.

    My, my, but there IS a back door. Or an exploitable vulnerability which the company surely was aware of. How and why did THAT come about? Might they have worked on a back door with the FBI or some one of the other fifteen intelligence agencies? Did Apple anticipate the government’s needs without “working” with it? Did it have ‘needs’ of its own which the NSA rascals exploited? Anyway, that is a pretty weak denial of complicity and in a class action it would certainly be subject to close scrutiny by very talented trial guys.

    Has Apple worked to frustrate such intrusions generically? Has it worked to provide itself with notice that a hostile takeover is in progress so that it can be blocked? If the answer is ‘no’ to both, isn’t that negligence?

    And has it specifically worked to ensure that its phones can not be taken over by government intrusion? If not can it really declare its innocence?

    “Additionally, we have been unaware of this alleged NSA program targeting our products.”

    So, it’s just ‘didn’t work with them’ and ‘didn’t know’. That’s weak, as is the counterintuitive post-facto claim that they really do care:

    ” We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements.”

  6. This is a riot. APPL is trapped. If they claim that they did not know of this *backdoor* it bears the marks of incompetence. Bear in mind that their whole marketing scam is based upon superior software. If they admit that they knew of it they loose their customer base. The truth of the matter is not relevant at all.

    In short this means that we, the humble masses, can expect to continue to receive non-answers to our inquiries and hollow assurances from NSA and APPL et al as neither party really gives a rat’s ass about privacy only money and access to customer data.

    It is fabulous to see our weak democracy fail under the power of a militant bureaucracy and the corporatocracy. Where the hell are our numerous protective branches of balanced power charged with our governance?

    X

  7. We had a valuable asset thanks to Linus Torvalds and Richard Stallman – a Linux/Gnu open source Linux where every line of code was open. Backdoors could be found and you could even compile everything from readable code.

    Somehow we were seduced by shiny android and apple phones. An open source linux phone may not be as sexy but I think we need one rather than a spy in p=our pockets.

    • So no open source phones are available now?

      I’m hopelessly over my head here, but …..

      If everything is surveilled or capable of being so due to software secrecy and and a likely government/industry conspiracy, then what?

      Here’s Hunter’s bold solution to something he knows nothing about:

      Isn’t this a red-blooded American manufacturing opportunity? Business guys build new hardware and open source guys write the code and see to encryption. Then no one has a conflict of interest. There’s a Chinese Wall in place. Software and its weaknesses would be monitored and discussed all over the country in the bright light of day. The moment there is skullduggery the whistles will be deafening. The factory guys and the software guys don’t even have to meet each other. And nothing’s made in Asia. Instead of a Smartphone, it will be the ‘Genuine Patriot Cleanphone’. And when government inquires, it’s: ‘sorry, we don’t do that part of it. Talk to the Assange/Snowden Open Source Society. Just remember that all conversations with government will be open to the public. If you’ve got nothing to hide, etc.’

      This is a little more difficult. In the meantime anyone who wishes to buy an insecure phone because of its bells and whistles has knowingly waived his constitutional rights? And Apple can continue selling them?

      Hey, I might use one as anyone listening to our calls would die of boredom in short order.

      In short Mr. Steerpike, what do we do? Setting up a secret court doesn’t seem to have worked. In retrospect that’s not surprising. It was destined to be co-opted immediately. After all kidnap victims often become sympathetic with their kidnappers.

Comments are closed.