The CIA has conducted a sustained effort to break the security of Apple’s iPhones and iPads.
According to top-secret documents obtained by The Intercept, the effort took place over several years where researchers targeted security keys used to encrypt data stored on Apple’s devices, and ultimately penetrate Apple’s encrypted firmware.
The security researchers also claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. Xcode, which is distributed by Apple to hundreds of thousands of developers, is used to create apps that are sold through Apple’s App Store. The CIA and Apple declined to comment.
A modified version of Xcode could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed that they had successfully modified the OS X updater to install a keylogger.
Ken Westin, senior security analyst at Tripwire, said that the story unfortunately does not tell a whole lot that most security researchers did not already know or assume.
“The one document that The Intercept provides only reveals the existence of a CIA-sponsored event, where security researchers met to discuss methods and techniques to compromise Trusted Computing systems,” he said.
“The article also mentions that the documents they have do not show any evidence of actual successful compromise or active exploits. There have been a number of similar programs such as the NSA’s Dropout Jeep – where the goal was to find ways to compromise devices. I think it is a bit naïve to think that these types of programs don’t exist either by the US Government or other Government agencies for that matter.”
Westin did make the point that if vulnerabilities were discovered that were not disclosed to Apple or other companies whose systems were potentially exploited, this is where the definition of security research and high tech espionage diverge.