Published on Tuesday, December 31, 2013 by Common Dreams
Program codenamed DROPOUTJEEP allows NSA to retrieve all data—including calls, contact lists, geolocation, and other information—contained on iconic mobile device
Apple, the company giant behind the iconic iPhone, declared on Monday that is has never assisted the NSA in its efforts to create "back doors" to its signature mobile phone or any of its other products.
The declaration by the computer giant comes in response to revelations made public by the German newspaper Der Spiegel in recent days, based on internal documents provided by Edward Snowden, which revealed secret units within the NSA that have created and reportedly installed sophisticated malware and other software programs designed to bypass security features and give the spy agency full access to information contained on individuals' devices, including portable computers, memory devices, and smart phones.
The program targeting the iPhone, called DROPOUTJEEP and disclosed by noted digital security expert and independent journalist Jacob Applebaum, is designed to remotely retrieve virtually all the information on an iPhone, including text messages, photographs, contacts lists, geolocation data, voice mail and live calls.
The internal NSA slide detailing the program:
During a speech he gave at the Chaos Computer Conference in Hamburg, Germany over the weekend, Applebaum discussed DROPOUTJEEP and speculated that Apple may have assisted the spy agency in its efforts to infiltrate the iPhone.
"I hope Apple will clarify that," said Applebaum regarding Apple's possible role. He continued: "Here’s a problem: I don’t really believe that Apple didn’t help them. I can’t really prove it, but they [the NSA] literally claim that anytime they target an iOS device, that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write shitty software."
On Tuesday, Apple responded by saying they had no knowledge of the program and denied cooperating in any way with the NSA on this or any similar scheme.
“Apple has never worked with the NSA to create a back door in any of our products, including iPhone," the statement read. "Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements."
Explaining the contents of the NSA documents that refer to the DROPOUTJEEP program, the Guardian reports:
The slides mention iOS5, an iPhone operating system that was launched in June 2011 and updated by iOS6 in September 2012. It is not clear whether the NSA managed to develop the ability to perform remote installation. Given that Apple sold 250m iPhones in its first five years, large scale implementation of DropoutJeep seems unlikely by close access methods.
The spyware is one of the tools employed by the NSA's ANT (Advanced or Access Network Technology) division to gain backdoor access to various electronic devices. According to Applebaum, the NSA claims a 100% success rate on installation of the program.
Apple, along with its peers, has consistently denied working with the NSA unless it has been legally compelled to do so. The NSA documents, first obtained by whistleblower Edward Snowden, have revealed that the NSA has developed the capability to hack other companies, including Google and Yahoo, without their knowledge.
The slide is dated four years before the NSA included Apple in its Prism monitoring program. Apple was the last of the big tech companies to be included in the program, designed to ease data collection for the NSA. Microsoft, by contrast, joined the scheme in 2007, according to the NSA’s slides.
___________________________________________