The CIA campaign to steal Apple’s secrets

“Researchers working with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept,” Jeremy Scahill and Josh Begley report for The Intercept.

“The security researchers presented their latest tactics and achievements at a secret annual gathering, called the ‘Jamboree,’ where attendees discussed strategies for exploiting security flaws in household and commercial electronics,” Scahill and Begley report. “The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.”

“‘If I were Tim Cook, I’d be furious,’ says the ACLU’s Soghoian. ‘If Apple is mad at the intelligence community, and they should be, they should put their lawyers to work. Lawsuits speak louder than words,'” Scahill and Begley report. “The encryption technology that Apple has built into its products — along with many other security features — is a virtual wall that separates cybercriminals and foreign governments from customer data. But now, because Apple claims it can no longer extract customer data stored on iPhones, because it is encrypted with a key the company does not know, the U.S. government can be locked out too — even with a search warrant… In the face of this rising challenge to its surveillance capabilities, U.S. intelligence has spent considerable time and resources trying to find security vulnerabilities in Apple’s encryption technology, and, more broadly, in its products, which can be leveraged to install surveillance software on iPhones and Macbooks.”

Reams more in the full article – very highly recommended – here.

MacDailyNews Take: Insidious.

As we wrote last month:

Do not support fear-mongers who espouse Big Brother-esque surveillance doctrine. Adhere to the U.S. Constitution.

And, as we’ve quoted umpteen times:

Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. – Benjamin Franklin, Historical Review of Pennsylvania, 1759

Freedom is never more than one generation away from extinction. We didn’t pass it to our children in the bloodstream. It must be fought for, protected, and handed on for them to do the same, or one day we will spend our sunset years telling our children and our children’s children what it was once like in the United States where men were free. – Ronald Reagan, March 30, 1961

Visit the Apple-backed reformgovernmentsurveillance.com today.

Related articles:
New York prosecutor calls for law to fight Apple data encryption – January 7, 2015
DOJ warns Apple: iPhone encryption will lead to a child dying – November 19, 2014
Apple’s iPhone encryption is a godsend, even if government snoops and cops hate it – October 8, 2014
Short-timer U.S. Attorney General Eric Holder blasts Apple for protecting users’ privacy against government overreach – September 30, 2014
What if Osama bin Laden had an iPhone? – September 26, 2014
FBI blasts Apple for protective users’ privacy by locking government, police out of iPhones and iPads – September 25, 2014
Apple thinks different about privacy – September 23, 2014
Apple’s iOS Activation Lock reduces iPhone thefts, Samsung phone thefts skyrocket – September 18, 2014
Apple CEO Tim Cook ups privacy to new level, takes direct swipe at Google – September 18, 2014
Apple will no longer unlock most iPhones, iPads for government, police – even with search warrants – September 18, 2014
Would you trade privacy for national security? Most Americans wouldn’t – August 6, 2014
Apple begins encrypting iCloud email sent between providers – July 15, 2014
Obama administration demands master encryption keys from firms in order to conduct electronic surveillance against Internet users – July 24, 2013
U.S. NSA seeks to build quantum computer to crack most types of encryption – January 3, 2014
Apple’s iMessage encryption trips up U.S. feds’ surveillance – April 4, 2013

42 Comments

  1. “Apple led the way with secure coprocessors in phones, with fingerprint sensors, with encrypted messages. If you can attack Apple, then you can probably attack anyone.”

    1. I say “bring it!”
      If people (including governments) are trying to crack Apple gear, then Apple will only continue to improve the security. This is a good thing. I’m just glad that the word got out over the CIA’s activities.

  2. There are two types of terrorist attacks. One involves mass destruction and the other involves a personal attack such as identity theft. You are more likely to be the victim of identity theft if your devices aren’t secure. Apple’s job is to make sure your devices are as secure as can be. Apple cannot allow “back doors” on its devices because terrorists will also exploit them. Doesn’t the CIA realize THEY need bullet proof devices also? Apple to the CIA: “You do your job, we’ll do ours.”

    1. Identity theft is NOT a terrorist attack. We need to make sure we don’t abuse or misuse words just for effect, in our discourse about security.

      Terrorism is activity that results in intentional death of civilians, the purpose of which is some political aim. Its prerequisite is violence (the physical kind).

      Identity theft, while very troubling and upsetting, especially when on large scale, has nothing to do with terrorism. It is certainly a matter of grave concern for safety and security of society, but terrorism it is definitely NOT.

      1. Two problems:

        1) Terrorism is NOT limited to physical violence that results in the death of civilians. That limitation of the definition is ultimately a silly one. It would ignore actions such as shutting down an electric grid. That doesn’t necessarily involve physical violence, nor does it necessarily involve civilian deaths (although civilian deaths might result).

        2) I would argue that identity theft conducted by terrorists in order to further terrorist objectives is terrorism. Even creating FUD in the affected population can be a terrorist objective, hence would be terrorism.

        I suspect terrorists do not consider legalistic niceties in development of strategies and tactics. 🙂

        1. You are re-defining the meaning of the word terrorism. What you are describing is called sabotage (shutting down the power grid).

          The definition of the word terrorism and terrorist has always been precise and consistent in every language of the world. It has always meant precisely the same: actions that use violence and intimidation, and have civilian deaths as a consequence, with the aim of promoting some political agenda.

          While terrorists often use sabotage and other criminal acts in pursuit of their political goals, they can only be called terrorists if they use violence against civilians.

          There have been many situations in the history where one group of peoples consistently used clandestine activities such as sabotage (disabling public infrastructure, etc) to further their political goals. There are many examples of sabotage during cold war (main power station in Honduras was destroyed by Nicaraguan saboteurs, leaving Tegucigalpa without power for three days. Nobody was killed. The saboteurs were definitely NOT terrorists, nor were they ever labeled as such, since they never killed anyone).

          1. I think you are both correct. The issue is how do we define terrorism. Definitions change over time (see “gay” or “bad”).

            I don’t think each and every act that is considered as terroristic has to result in a death. The history of the perpetrator can be such that the threat of death can be sufficient to induce terror (intimidation).

            That being said, I think America is too politically correct and too easily “offended.”
            http://www.sandiegoreader.com/weblogs/quillpena/2012/dec/05/america-the-easily-offended/#

            Almost all crime is “hate” crime. If I threaten, maim, or kill this or that person then I would say that is a crime. I am certainly not loving this or that person so you might say I hate them. Whether or not this or that person is any particular segment of society does not matter.

            Finally, Krioni says it well below: . . .In short, it is “data security for all, or data security for none.” I would not personally be against a way for government to check my data (I have nothing to hide) BUT ONLY IF I COULD TRUST THEM TO DO SO RESPONSIBLY which is not the case. I keep seeing visions of Terminator’s Skynet in my mind and we are not far from there now.

        2. BillD, You are making very valid points regarding that both terrorism and identify theft are harmful and the latter is more likely to hurt any given person.

          But bending the word terrorism is counterproductive unless you are a politician who puts votes over rational messages. Don’t water that word down for them please. Some politicians use terrorism to label anything they don’t like already.

    2. Exactly. Security expert Bruce Schneier had a great article recently where he basically said: “The choice isn’t whether or not to have data security for ‘the good guys,’ it’s whether ANYONE gets data security.”
      In short, it is “data security for all, or data security for none.”

  3. This is how my government spends my money–trying to spy on me. Well FU Uncle Sam.

    The only positive take away from this is that because Apple hires smarter people than the government and government tends to be incompetent, Apple will likely win the privacy battle with the Feds. Unless, of course, our corrupt Congressmen pass some laws outlawing privacy.

    1. Don’t think it’s only U.S. agencies doing this sort of thing. British, French, Russian, Chinese, … just about any government on earth had similar goals, using similar methods.

      It’s sort of like the cost of living with microbes all around us, all the time.

  4. Oh my God Tim Cook is furious at the CIA? That’s hilarious. They are a fucking spy agency! Of course they would try to break any phone’s security. As they should! And what do you know about the US Constitution? You think a few hackneyed quotes sums it up? From your simplistic anti-government perspective, you think it’s fine that Ed Snowden flew to China and then gave the South China Post details on which IP addresses the NSA was using to hack into their backbone. You also think it’s fine he then flew to Moscow and let the Russians know that we had successfully hacked their mobile communications. You can think whatever stupid shit you want, but maybe just maybe you might consider that those sworn to defend the United States have a different more reasonable point-of-view. And they way you link externally-directed spying operations back to your own narcissistic sense of paranoia, like the CIA and the NSA could ever even potentially give a fuck about you. It’s truly pathetic. The people who work in these agencies are American heroes trying desperately to prevent ISIL from seizing the Mall of America and slaughtering hundreds and posting the carnage on YouTube, or seizing an elementary school and setting the teachers on fire in from of their students before slaughtering all of them. That’s not fear mongering. It’s a very real threat. But instead you live in a fantasy world where the CIA and NSA are the real evildoers intent on taking your freedoms away from you. If you knew anything about the culture within these agencies you’d know how utterly facile that is. So shut the fuck up and let them do their jobs.

      1. Rant it was indeed. Given your comment I feared for a moment that I missed something so I looked at it again. I still fail to see your point so please elaborate. One thing I neglected to mention, is that the NSA’s first order of business is protecting out troops in harms way. What Snowden has done, by maliciously leaking EVERYTHING, has done incalculable harm to their ability to do that.

          1. That’s a non-response if I’ve ever seen one. By the way, the ideal that Tim Cook should or would be furious at the NSA is laughable. Unfortunately his hand was forced by Snowden, who was (and it’s difficult to fathom that it was unwittingly) acting in the service of China and Russia’s interests. Now China is pressuring Apple to give them the keys to the kingdom. It will be truly ironic if it turns out China has a backdoor and the NSA does not. If China demands it, Apple will have no choice.

    1. For a moment there, I was willing to consider your argument. Then you said: …”American heroes trying desperately to prevent ISIL from seizing the Mall of America and slaughtering hundreds and posting the carnage on YouTube, or seizing an elementary school and setting the teachers on fire in from of their students before slaughtering all of them. That’s not fear mongering. It’s a very real threat.“… (emphasis mine).

      The threat is just as real as humans landing on Mars in 2016. I have no doubt that most of the people who work in these two agencies (NSA and CIA) are truly patriots who love their country and genuinely believe that their work makes the country safer. The problem is, they live in their own distortion field and their own perceived reality is severely out of touch with the actual world. It is very difficult to reason with such people; they truly believe that their work is the last line of defense against the total destruction of America, that every method and action is completely justified (because it is necessary to protect America) and anyone who disagrees with them is naïve and unpatriotic (if not outright traitor).

      There is no need to discuss constitution; anyone with a functioning moral compass will know that this is wrong on so many levels. America is well on its way to becoming Soviet Union. Just an example: in USSR, if you had purchased a typewriter, before taking it home, you were required to type a standard form document on it and register that document with the government. That way, the government would have the sample from your typewriter, so that they can easily identify you if you ever typed up anything against the government. Not doing this would be considered crime (not misdemenaor!) punishable by jail (not just a fine!). America is slowly but surely getting there.

      1. Predrag, you are right that there is a risk that any corporate or agency culture can fall prey to a reality distortion field, and can become too focused on their mission and at the expense of other serious considerations like invasion of privacy. However, that is a far greater problem with local law enforcement, and not federal agencies that have oversight from the two other branches of the government (whether that is effective enough is indeed a serious issue). The abuses of constitutional rights on their part of local law enforcement is widespread and well-known, like seizure of property without any due process. With the advent of the internet, the NSA suddenly faced a situation where external and internal communications traffic were no longer deconflicted. They have struggled to deconflict them and have in fact done a pretty good job of finessing that. And it’s definitely a matter of finessing. That this involves trade-offs between privacy and safety is unavoidable no matter what side of the argument you are on. The simple fact that NSA provides an accounting of whenever they end up violating strict privacy requirements (which given the millions upon millions of intercepts they process is a statistical certainty) says everything. The idea that we are sliding toward something like the old USSR is unwarranted. Nothing that Snowden, Greenwald, and Poitras have revealed even remotely suggests that.

        1. What they did reveal, on tape, is leaders from Executive Branch agencies lying in sworn testimony to Congressional oversight Committees and evidence that the agencies did specifically engage in actions that were positively not allowed under the legislation that created those same agencies. Since we know the Agencies are willing to lie, why should we believe their accounting of privacy transgressions is to be trusted?

          Was that their best way forward? I don’t know. Give the history of the bloviating, do-nothing Congress of recent history, maybe telling the truth was a non-starter. Are there good and well motivated people at NSA and CIA? You bet. Was their task made harder by Snowdens revelations? Yes. Should it be easy for the Government to spy on citizens? The Founding Fathers thought it should be just as hard to spy on citizens as it is to take away their guns, Fourth Amendment and all that.

          Given that a General and former head of the CIA can reveal secret information to his mistress and get away with a minor fine and two years probation, Snowden should get charged with being a tattle-tale and sentenced to inconveniences to date.

      2. I don’t take issue with most of what you say. But then you said of the NSA & CIA, “their own perceived reality is severely out of touch with the actual world.”

        I have to wonder how you can be so sure of that. These intelligence agencies see and hear about a lot of things that the general public does not. I think it more likely that they have a substantially wider view of the world given the relatively poor state of news reporting, especially in the U.S.

        I am in no way defending their efforts to hack into electronic devices including the iPhone. But I do understand it.

    2. Wow you really don’t get it do you. Those guys in the NSA & CIA don’t give a crap about your right to freedom. The government wants to get total domination to be able to control its people. Men in power will always seek more power. Power corrupts, absolute power corrupts absolutely. Give your head a shake and realize you are just giving away your freedom with the attitude that you. Your great leader, Obamanation would love nothing more then that kind of power And he would just take over completely and ultimately become another Osama bin Ladin.

    1. Who forceably extracts more than 50% of the income of the private sector in the US each year?

      Wasn’t that what tyrants & Communism & Socialism did?

      Does anyone care?

  5. This has been going on forever. In the revolutionary war armies used codes and the opposition tried to break them. I’m sorry, but if terrorists like the Boston bomber currently on trial, are using social media or consumer technology to pass their plans and arrange support I am hopeful our govt can track and stop these murderous activities.

      1. Nice, now when it’s your son, daughter, brother, sister, mother, father injured or killed, go ahead and feel free to quote me Big Ben’s words. I’m sure they will go a long way to making you feel better.

        1. This is exactly the excuse that politicians use to strip away all of our civil liberties.

          You feel better letting your son, daughter, brother, sister, mother, father live under constant surveillance without a shred of privacy?

          1. chef and others: interesting blog on Franklin quote http://3dblogger.typepad.com/wired_state/2012/05/those-who-use-this-benjamin-franklin-quote-deserve-not-to-be-taken-seriously.html

            Do you think ISIS and others of their kind plan to stop in the Mideast?

            http://shoebat.com/2014/09/22/isis-spokesman-supporters-kill-europeans-americans-canadians-way-possible/

            How, then do we find the next coming instance of terrorism? Back in the revolutionary days, how did we spy on Britain? We posted lookouts, tried to intercept written messages, got close to people to overhear what they said, put spies in inside positions, etc. How did that affect Americans at that time? Not so much I would think.
            How much time is the NSA spending on YOUR surveillance? Mine is probably near zero. I am very boring and don’t have time for nefarious activities. However, if you are considering doing anything terroristic I relly want the NSA to find out and stop you.

      1. Yes, they are opposed to those trying to incite terror through bombings, killings, kidnappings, mutilation. Unfortunately they are trying to camouflage their communications among personal data. Does that mean we shouldn’t try to decipher and ferret out their plans?

  6. The problem here is that the people have no voice over this. It transcends political parties. The surveillance state has become rooted like a cancer within our system and survives any and all political attempts to curtail it via the voting booth. Our elected leaders bow at the altar of the security state and all the economic spoils that go with it. They are part of the problem, but we cannot cure it by voting them out. The average citizen who cries for security in the wake of the fear mongering are just as complicit.

    This will be the downfall of America.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.