CIA Working Behind the Scenes to Break into Apple Security Ecosystem
FREMONT, CA: The Central Intelligence Agency (CIA) in the last few years has been trying to break into the security ecosystem of Apple for surveillance purpose, reports JEREMY SCAHILL and JOSH BEGLEY from THE INTERCEPT. The details of the conferences held to circumvent the Apple security have been procured by THE INTERCEPT – which it has recently put up on its website – derived from the National Security Agency whistleblower Edward Snowden.
Top secret documents leaked through the website reveal how CIA has over the period of time held meetings to discuss the progress in introducing back doors into the Apple devices for gathering user data and other information. One widely debated approach to infringe the Apple security net is to attack the Xcode, Apple’s proprietary software development tool, used by several thousand developers to build apps.
Though the findings don’t mention about any successful attempt of tampering Apple security establishment, the report suggests that the CIA and other security agencies are constantly on Apple’s back probably in the name of securing U.S. interests.
Secret gatherings have been held annually called the ‘Jamboree’ where security researchers working for the CIA have discussed strategies to circumvent the security implementations and exploit the vulnerabilities in household and commercial electronics. The first CIA-sponsored meeting is said to have taken place even before iPhone existed.
The plan made by the CIA is not just to tamper the security of one or a group of individuals using Apple product, but to penetrate much deeper into the proprietary Apple firmware and implant malicious code through back door resulting in vulnerabilities which will be carried to all the Apple devices out there in the horizon. The security agencies could then swing into action and tap information and data from any and every Apple device at will, at the drop of a hat.
Researchers backed by the CIA opined that the modified verision of Xcode could “force all iOS applications to send embedded data to a listening post.” Xcode is the widely used software to create Apple-approved apps. As these apps are distributed across the regions, the spies could easily compromise the devices and private data of any user through the ‘corrupt apps.’ Messages could be read by stealing passwords through this approach.
“If U.S. products are OK to target, that’s news to me,” says Matthew Green, a cryptography expert at Johns Hopkins University’s Information Security Institute. “Tearing apart the products of U.S. manufacturers and potentially putting backdoors in software distributed by unknowing developers all seems to be going a bit beyond ‘targeting bad guys.’ It may be a means to an end, but it’s a hell of a means.” Green Adds.
By James Seevers, CIO & GM, Toyoda Gosei
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Bruce. D. Smith, SVP & CIO, Information Systems, Advocate...
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Graham Welch, Director-Cisco Security, Cisco
By Michael Watkins, Senior Product Director, Global Knowledge
By Bernd Schlotter, President of Services, Unify
By Patrick Hale, CIO, VITAS Healthcare
By Steve Bein, VP-GIS, Michael Baker International
By Jason Alan Snyder, CTO, Momentum Worldwide
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Bill Dow, SVP and General Manager of Business Solutions,...
By Jim Whitehurst, CEO, Red Hat
By Darren Cockrel, CIO, Coyote Logistics, a UPS Company...
By Nathan Johnson, SVP and CIO, Werner Enterprises [NASDAQ:...
By David Tamayo, CIO, DCS Corporation
By Neil Hampshire, CIO, ModusLink Global Solutions, Inc....