Apple working to close remaining CIA exploits exposed by WikiLeaks, but difficulties remain

“Just after 8 a.m. on Tuesday morning, mobile phones belonging to executives on Apple Inc.’s security team began to ring. WikiLeaks had just published a massive trove of documents, purportedly taken from the Central Intelligence Agency, that described the spy agency’s intrusion capabilities for computers and other gadgets, including iPhones,” Robert McMillan reports for The Wall Street Journal. “Apple engineers quickly began calling colleagues to bring them up to speed on the data dump and to coordinate the company’s response to this new security threat, according to a person familiar with the situation.”

“Companies across the technology industry have rushed to assess the damage from the 8,761 documents released by WikiLeaks. The documents, which WikiLeaks said reveal the scope of the CIA’s covert hacking program, showed that the agency was exploiting bugs in mobile phones, routers and even internet-connected television sets in support of its spying activities,” McMillan reports. “On Wednesday, Apple, Microsoft, Samsung, and Google all said that they were still investigating, but Apple and Google expressed confidence that the impact might be limited thanks to measures already taken to enhance its iOS mobile operating system.”

“While our initial analysis indicates that many of the issues leaked today were already patched in the latest iOS, we will continue work to rapidly address any identified vulnerabilities,” an Apple spokesman said,” McMillan reports. “In a statement Wednesday Google said, ‘As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing.'”

MacDailyNews Take: Google’s confident of their Android updates. You know, the ones that end users rarely, if ever, get.

“Companies now find themselves in a difficult position: They believe that at least two organizations have access to hacking code that exploits their products—the CIA and WikiLeaks—but neither one is sharing this software,” McMillan reports. “The CIA is unlikely to provide information on its attacks, because that data could be used to determine whom it has targeted for surveillance, said Dan Guido, director at hack/secure, a cybersecurity investment firm. ‘They wouldn’t do this,’ he said.”

Read more in the full article here.

MacDailyNews Take: These types of leaks make our software stronger – if you can update your software reliably, as Apple iOS and macOS users can and do routinely.

Have fun, Android settlers! (Not that you care a whit about security and/or privacy anyway, as evidenced by your poor purchasing decisions.)

WikiLeaks raises prospect of teaming with tech giants, including Apple, to thwart CIA hacker-spies – March 8, 2017
FBI’s James Comey: ‘There is no such thing as absolute privacy in America’ – March 8, 2017
WikiLeaks reveals CIA’s global covert hacking program targeting Apple iPhone, Google Android, Microsoft Windows and even Samsung TVs – March 7, 2017
Bad news for Fragmandroid: FCC and FTC launch inquiry over mobile security updates – May 10, 2016
Google’s flawed Android is essentially unfixable – May 2, 2016
Apple’s deep commitment to security – April 18, 2016
Apple: We have the ‘most effective security organization in the world’ – April 16, 2016
85% of mobile device failures occur on Android, with Samsung leading the way – February 23, 2016
More than 90% of Android devices are running out-dated, insecure operating system versions – January 27, 2016
Dangerous new zero-day flaw affects more than two-thirds of all Android devices – January 20, 2016
Android malware steals one-time passcodes, a crucial defense for online banking – January 14, 2016
New Android malware is so bad, you’d better off buying a new phone – November 6, 2015
Apple issues iPhone manifesto; blasts Android’s lack of updates, lack of privacy, rampant malware – August 10, 2015
New Android malware strains to top 2 million by end of 2015 – July 1, 2015
Symantec: 1 in 5 Android apps is malware – April 25, 2015
Kaspersky Lab Director: Over 98% of mobile malware targets Android because it’s much, much easier to exploit than iOS – January 15, 2015
Security experts: Malware spreading to millions on Android phones – November 21, 2014
There’s practically no iOS malware, thanks to Apple’s smart control over app distribution – June 13, 2014
F-Secure: Android accounted for 99% of new mobile malware in Q1 2014 – April 30, 2014
Google’s Sundar Pichai: Android not designed to be safe; if I wrote malware, I’d target Android, too – February 27, 2014
Cisco: Android the target of 99 percent of world’s mobile malware – January 17, 2014
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013


    1. Keep dreaming… they don’t have anything. All the Dems are trying to do is make him look bad and slow every process down so they can get more votes next time around. Hopefully no one falls for it! All they are doing is hurting the American People!

      1. Hmm, do you speak Russian fluently??
        Trump is selling America to Russia for a chain of hotels !!

        Blame everything on the dems if you want, but Trumpcare will totally suck if they get it to work at all. Russia will own america at this rate. And KING trump will laugh at you all the way to the bank. That would be a Russian bank.

  1. Wikileaks sex “WikiLeaks specializes in the analysis and publication of large datasets of censored or otherwise restricted official materials involving war, spying and corruption. It has so far published more than 10 million documents and associated analyses.”

    Riiiight. Now go look at their files: and see how many are anti-US or its allies vs say, oh, Russia, China or any of the multitudinous corrupt and oppressive regimes out there. I found only one, Syria

    Assange is a whackadoodle sociopathic tool of Russia, that’s for damn sure.

  2. “Assange is a whackadoodle sociopathic tool of Russia, that’s for damn sure”

    Assange is hiding in the Ecuador embassy in London, it would be a much alarming prospect if a whackadoodle sociopathic tool of Russia ended up as president of a large country somewhere.

  3. While MDN’s take is true on the Android OS level, very fragmented, Google has separated out the service modules that Google brand Apps and Chrome uniquely use since 2012 supporting the OS back to v.2.2 allowing Google to update those critical services on a schedule not dependent on the manufacturer or carrier. If you look at it from that angle, Google Android’s unique services are current on up to 100% of devices based on the Android Dashboard (v2.2 doesn’t even show up as a minor percentage of active devices). I believe that is what is meant by Google’s statement: ” As we’ve reviewed the documents, we’re confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing.”

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.