Recently, Edward Snowden released some documents to The Intercept, which revealed that for nearly a decade, the CIA has been searching for ways to break Apple’s security, so that they can plant malware in their devices. Apple has announced that since the first version of the iPhone was released, they have sold more than 700 million of them. That doesn’t include any of their iPad, laptop, or desktop sales, only the iPhone. With so many Apple products in circulation, it’s no surprise the CIA has been trying to hack them.
Breaching Apple’s Device Security
The documents released by Snowden reveal that the CIA have been attempting to breach the security of Apple’s devices, so that they can plant malware in the devices without the user’s knowledge. They have also been trying to find a way to breach Apple’s OS X updater. If accomplished, the CIA would be allowed to override the update mechanism and install a version of the operating system with a keylogger.
In addition, the CIA has also been developing a poisoned version of Xcode, the software tool used to help create applications for Apple’s App Store. How the CIA would get programmers to use the poisoned version of Xcode is unclear, but if they did, it would give the CIA a direct backdoor into any app created using it, allowing them to steal passwords, view messages, and even force applications to send embedded data.
An expert in Cryptography, Matthew Green, told The Intercept
“If U.S. products are OK to target, that’s news to me. Tearing apart the products of U.S. manufacturers and potentially putting backdoors in software distributed by unknowing developers all seems to be going a bit beyond ‘targeting bad guys.’ It may be a means to an end, but it’s a hell of a means… The last thing any of us needs is for the U.S. government to actively undermine our own technology industry.”
While the leaked documents provide details about the CIA’s efforts to break Apple’s security, they don’t give any indications as to whether or not their tactics were successful. The CIA has remained silent on the subject, and no proof has come out to say definitively if their attempts have been successful or denied completely.
Apple has made no comment. Though in an open letter from Tim Cook made a few things clear stating,
“I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.“