Apple denies ‘backdoor’ NSA access

PTI Updated - January 02, 2014 at 09:41 AM.

Apple said it had no “backdoor” in its products after a security researcher and a leaked document suggested the US National Security Agency had unfettered access to the iPhone.

Apple had said yesterday in an e-mail to AFP that it “has never worked with the NSA to create a backdoor in any of our products, including iPhone.”

The statement added: “We have been unaware of this alleged NSA program targeting our products.”

Security researcher Jacob Applebaum described the NSA programme based on a purportedly leaked document about NSA access to the iPhone, in comments made in Germany.

Apple said it “is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements... and will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.”

DROPOUTJEEP

Applebaum told a security conference in Germany that the program called DROPOUTJEEP allowed the NSA to intercept SMS messages, access contact lists, locate a phone using cell tower data, access voice mail or activate an iPhone’s microphone and camera.

He described it as “an iPhone backdoor” that allowed the NSA to access any iPhone. The documents were also described in the German newspaper Der Spiegel.

Security researcher Graham Cluley said in a blog post that Applebaum’s presentation and the documents show a “broader range of tools that the NSA apparently deploys against other technology companies and products, including HP (Hewlett-Packard) servers, Cisco firewalls, Huawei routers, and so on.”

But Cluley said the document “does not mean that the NSA has complete control of your iPhone” because physical access to the device would be needed.

“It may be that they have since found unpatched vulnerabilities in iOS to install the spyware onto targeted devices remotely... but that’s not what the leaked documents say,” Cluley said.

Cluley also noted that the document dates from 2008

“Let’s hope that Apple has improved its software’s security since 2008. And if it’s not true, we’ve all got a huge problem,” he said.

Published on January 1, 2014 03:35