The CIA has worked with researchers security to hack Apple's technology long before almost everyone started carrying Apple devices in their pockets.
The news came with a post by Intercept, and is based on information from National Security Agency (NSA) documents leaked by Edward Snowden. The story sets out in detail how, for almost a decade, the CIA is trying to find ways to penetrate Apple's iPhones and iPads in order to collect data from Apple's customers. Recall that Apple CEO Tim Cook has vowed publicly and repeatedly to protect them.
Σύμφωνα με τη δημοσίευση, οι ερευνητές είχαν (έχουν) σαν στόχο τα wrenches ασφαλείας της Apple, με τα οποία πραγματοποιείται η κρυπτογράφηση των data του χρήστη. Εργάζονται δε με μια δική τους έκδοση Xcode, το εργαλείο ανάπτυξης λογισμικού της Apple, το οποίο δίνει την κοινότητα πρόσβασης στις υπηρεσίες πληροφοριών σε οποιεσδήποτε εφαρμογές αναπτύχθηκαν από το τροποποιημένη εργαλείο – μια πρόσβαση που η Apple δεν επιτρέπει. Ένα έγγραφο που αναφέρεται στη δημοσίευση σημειώνει ότι το εργαλείο αυτό θα μπορούσε να “αναγκάσει όλες τις εφαρμογές του iOS να αποστείλουν ενσωματωμένα δεδομένα σε μια βάση παρακολούθησης.” Αυτά και άλλα ευρήματα παρουσιάστηκαν στο ετήσιο congress of the CIA Trusted Computing Base Jamboree.
The aim of this research, according to the documents, was to make it CIA less dependent on "a very small number of security vulnerabilities, many of which are public, and Apple will eventually fix them." The new methods were designed by researchers to go unnoticed. The Intercept website reports that none of the documents say whether or not these methods have been shown to work.
Αν όμως είναι επιτυχείς, οι επιπτώσεις των εν λόγω παραβιάσεων θα είναι τεράστια, γιατί όπως αναφέρει ο Matthew Green, ένας εμπειρογνώμονας κρυπτογραφίας στο Information Security Institute του Πανεπιστημίου Johns Hopkins: “Κάθε άλλος κατασκευαστής κοιτάζει την Apple. Αν η CIA μπορεί να υπονομεύσει τα συστήματα της Apple, είναι πιθανό ότι θα μπορούν να κάνουν το ίδιο σε όλους τους άλλους. ”
The release comes less than a year after Apple launched a new website, proudly stating that the company protects users' data. In an open letter, CEO Tim Cook said Apple had never allowed government agencies to have a "backdoor" on its products and services. The website also states that from iOS 8 onwards, all user data is protected by a user password, which even Apple can not bypass.
These default encryption settings have earned a lot of praise from data protection advocates, but they also caused many criticisms from government officials such as US Attorney General Eric Holder and FBI Director James Comey, who said that such protection could fix investigations by law enforcement agencies.
According to a statement from a technologist from the American Civil Liberties Union at Intercept, the CIA's actions were not just aimed at finding vulnerabilities in Apple's encryption technology. It is a very well funded endeavor, and is not limited to Apple products. According to a classified budget, a 2012 project aimed at penetrating "strong commercial data security systems" received $ 35 million in funding.
These projects are part of a broader CIA shift to cyber espionage. Just last week, CIA Director John Brennan issued a statement saying that digital technology should be "at the heart of all our mission efforts."
It is a strategy that Green believes could threaten not only privacy but also the US economy. "US tech companies have already suffered losses abroad due to concerns about the safety of our products," he told Intercept. "The last thing we need is for the US government itself to undermine the technology industry."