RESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept.
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.
By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.
The CIA declined to comment for this story.
The security researchers also claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. Xcode, which is distributed by Apple to hundreds of thousands of developers, is used to create apps that are sold through Apple’s App Store.
The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.
Researchers also claimed they had successfully modified the OS X updater, a program used to deliver updates to laptop and desktop computers, to install a “keylogger.”
Other presentations at the CIA conference have focused on the products of Apple’s competitors, including Microsoft’s BitLocker encryption system, which is used widely on laptop and desktop computers running premium editions of Windows.
The revelations that the CIA has waged a secret campaign to defeat the security mechanisms built into Apple’s devices come as Apple and other tech giants are loudly resisting pressure from senior U.S. and U.K. government officials to weaken the security of their products. Law enforcement agencies want the companies to maintain the government’s ability to bypass security tools built into wireless devices. Perhaps more than any other corporate leader, Apple’s CEO, Tim Cook, has taken a stand for privacy as a core value, while sharply criticizing the actions of U.S. law enforcement and intelligence agencies.
“If U.S. products are OK to target, that’s news to me,” says Matthew Green, a cryptography expert at Johns Hopkins University’s Information Security Institute. “Tearing apart the products of U.S. manufacturers and potentially putting backdoors in software distributed by unknowing developers all seems to be going a bit beyond ‘targeting bad guys.’ It may be a means to an end, but it’s a hell of a means.”
Apple declined to comment for this story, instead pointing to previous comments Cook and the company have made defending Apple’s privacy record.
SECURITY RESEARCHERS from Sandia National Laboratories presented their Apple-focused research at a secret annual CIA conference called the Trusted Computing Base Jamboree. The Apple research and the existence of the conference are detailed in documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.
The conference was sponsored by the CIA’s Information Operations Center, which conducts covert cyberattacks. The aim of the gathering, according to a 2012 internal NSA wiki, was to host “presentations that provide important information to developers trying to circumvent or exploit new security capabilities,” as well as to “exploit new avenues of attack.” NSA personnel also participated in the conference through the NSA’s counterpart to the CIA’s Trusted Computing Base, according to the document. The NSA did not provide comment for this story.
The Jamboree was held at a Lockheed Martin facility inside an executive office park in northern Virginia. Lockheed is one of the largest defense contractors in the world; its tentacles stretch into every aspect of U.S. national security and intelligence. The company is akin to a privatized wing of the U.S. national security state — more than 80 percent of its total revenue comes from the U.S. government. Via a subsidiary, Lockheed also operates Sandia Labs, which is funded by the U.S. government. The lab’s researchers have presented Apple findings at the CIA conference.
“Lockheed Martin’s role in these activities should not be surprising given its leading role in the national surveillance state,” says William Hartung, director of the Arms and Security Project at the Center for International Policy and author of Prophets of War, a book that chronicles Lockheed’s history. “It is the largest private intelligence contractor in the world, and it has worked on past surveillance programs for the Pentagon, the CIA and the NSA. If you’re looking for a candidate for Big Brother, Lockheed Martin fits the bill.”
The Apple research is consistent with a much broader secret U.S. government program to analyze “secure communications products, both foreign and domestic” in order to “develop exploitation capabilities against the authentication and encryption schemes,” according to the 2013 Congressional Budget Justification. Known widely as the “Black Budget,” the top-secret CBJ was provided to The Intercept by Snowden and gives a sprawling overview of the U.S. intelligence community’s spending and architecture. The White House did not respond to a request for comment.
As of 2013, according to the classified budget, U.S. intelligence agencies were creating new capabilities against dozens of commercially produced security products, including those made by American companies, to seek out vulnerabilities.
Last week, CIA Director John Brennan announced a major reorganization at the agency aimed, in large part, at expanding U.S. cyber-operations. The Information Operations Center, which organized the Jamboree conferences, will be folded into a new Directorate of Digital Innovation. Notwithstanding its innocuous name, a major priority of the directorate will be offensive cyberattacks, sabotage and digital espionage. Brennan said the CIA reorganization will be modeled after the agency’s Counterterrorism Center, which runs the U.S. targeted killing and drone program.
THE DOCUMENTS do not address how successful the targeting of Apple’s encryption mechanisms have been, nor do they provide any detail about the specific use of such exploits by U.S. intelligence. But they do shed light on an ongoing campaign aimed at defeating the tech giant’s efforts to secure its products, and in turn, its customers’ private data.
“Spies gonna spy,” says Steven Bellovin, a former chief technologist for the U.S. Federal Trade Commission and current professor at Columbia University. “I’m never surprised by what intelligence agencies do to get information. They’re going to go where the info is, and as it moves, they’ll adjust their tactics. Their attitude is basically amoral: whatever works is OK.”
Bellovin says he generally supports efforts by U.S. intelligence to “hack” devices — including Apple’s — used by terrorists and criminals, but expressed concern that such capabilities could be abused. “There are bad people out there, and it’s reasonable to seek information on them,” he says, cautioning that “inappropriate use — mass surveillance, targeting Americans without a warrant, probably spying on allies — is another matter entirely.”
In the top-secret documents, ranging from 2010 through 2012, the researchers appear particularly intent on extracting encryption keys that prevent unauthorized access to data stored — and firmware run — on Apple products.
“The Intelligence Community (IC) is highly dependent on a very small number of security flaws, many of which are public, which Apple eventually patches,” the researchers noted in an abstract of their 2011 presentation at the Jamboree. But, they promised, their presentation could provide the intelligence community with a “method to noninvasively extract” encryption keys used on Apple devices. Another presentation focused on physically extracting the key from Apple’s hardware.
A year later, at the 2012 Jamboree, researchers described their attacks on the software used by developers to create applications for Apple’s popular App Store. In a talk called “Strawhorse: Attacking the MacOS and iOS Software Development Kit,” a presenter from Sandia Labs described a successful “whacking” of Apple’s Xcode — the software used to create apps for iPhones, iPads and Mac computers. Developers who create Apple-approved and distributed apps overwhelmingly use Xcode, a free piece of software easily downloaded from the App Store.
The researchers boasted that they had discovered a way to manipulate Xcode so that it could serve as a conduit for infecting and extracting private data from devices on which users had installed apps that were built with the poisoned Xcode. In other words, by manipulating Xcode, the spies could compromise the devices and private data of anyone with apps made by a poisoned developer — potentially millions of people. “Trying to plant stuff in Xcode has fascinating implications,” says Bellovin.
The researchers listed a variety of actions their “whacked” Xcode could perform, including:
— “Entice” all Mac applications to create a “remote backdoor” allowing undetected access to an Apple computer.
— Secretly embed an app developer’s private key into all iOS applications. (This could potentially allow spies to impersonate the targeted developer.)
— “Force all iOS applications” to send data from an iPhone or iPad back to a U.S. intelligence “listening post.”
— Disable core security features on Apple devices.
The Intelligence Community is highly dependent on a very small number of security flaws, many of which are public, which Apple eventually patches.
For years, U.S. and British intelligence agencies have consistently sought to defeat the layers of encryption and other security features used by Apple to protect the iPhone. A joint task force comprised of operatives from the NSA and Britain’s Government Communications Headquarters, formed in 2010, developed surveillance software targeting iPhones, Android devices and Nokia’s Symbian phones. The Mobile Handset Exploitation Team successfully implanted malware on iPhones as part of WARRIOR PRIDE, a GCHQ framework for secretly accessing private communications on mobile devices.
That program was disclosed in Snowden documents reported on last year by The Guardian. A WARRIOR PRIDE plugin called NOSEY SMURF allowed spies to remotely and secretly activate a phone’s microphone. Another plugin, DREAMY SMURF, allowed intelligence agents to manage the power system on a phone and thus avoid detection. PARANOID SMURF was designed to conceal the malware in other ways. TRACKER SMURF allowed ultra-precise geolocating of an individual phone. “[If] its [sic] on the phone, we can get it,” the spies boasted in a secret GCHQ document describing the targeting of the iPhone.
All of the SMURF malware — including the plugin that secretly turns on the iPhone’s microphone — would first require that agencies bypass the security controls built into the iOS operating system. Spies would either need to hack the phone in order to plant their malware on it, or sneak a backdoor into an app the user installed voluntarily. That was one of the clear aims of the Apple-focused research presented at the CIA’s conference.
“The U.S. government is prioritizing its own offensive surveillance needs over the cybersecurity of the millions of Americans who use Apple products,” says Christopher Soghoian, the principal technologist at the American Civil Liberties Union. “If U.S. government-funded researchers can discover these flaws, it is quite likely that Chinese, Russian and Israeli researchers can discover them, too. By quietly exploiting these flaws rather than notifying Apple, the U.S. government leaves Apple’s customers vulnerable to other sophisticated governments.”
Security experts interviewed by The Intercept point out that the SMURF capabilities were already available to U.S. and British intelligence agencies five years ago. That raises the question of how advanced the current capacity to surveil smartphone users is, especially in light of the extensive resources poured into targeting the products of major tech companies. One GCHQ slide from 2010 stated that the agency’s ultimate goal was to be able to “Exploit any phone, anywhere, any time.”
Steve Jobs unveiling the first iPhone on January 9, 2007.
THE FIRST JAMBOREE took place in 2006, just as Apple was preparing to unveil its highly-anticipated iPhone. In March 2010, according to a top-secret document, during a talk called “Rocoto: Implanting the iPhone,” a presenter discussed efforts to target the iPhone 3G. In addition to analyzing the device’s software for potential vulnerabilities, the presentation examined “jailbreak methods,” used within the iPhone community to free phones from their built-in constraints, that could be leveraged by intelligence agencies. “We will conclude with a look ahead at future challenges presented by the iPhone 3GS and the upcoming iPad,” the abstract noted. Over the years, as Apple updates its hardware, software and encryption methods, the CIA and its researchers study ways to break and exploit them.
The attempts to target vulnerabilities in Apple’s products have not occurred in a vacuum. Rather, they are part of a vast multi-agency U.S./U.K. effort to attack commercial encryption and security systems used on billions of devices around the world. U.S. intelligence agencies are not just focusing on individual terrorists or criminals — they are targeting the large corporations, such as Apple, that produce popular mobile devices.
“Every other manufacturer looks to Apple. If the CIA can undermine Apple’s systems, it’s likely they’ll be able to deploy the same capabilities against everyone else,” says Green, the Johns Hopkins cryptographer. “Apple led the way with secure coprocessors in phones, with fingerprint sensors, with encrypted messages. If you can attack Apple, then you can probably attack anyone.”
According to the Black Budget, U.S. intelligence agencies have tech companies dead in their sights with the aim of breaking or circumventing any existing or emerging encryption or antiviral products, noting the threat posed by “increasingly strong commercial” encryption and “adversarial cryptography.”
The Analysis of Target Systems Project produced “prototype capabilities” for the intelligence community, enabled “the defeat of strong commercial data security systems” and developed ways “to exploit emerging information systems and technologies,” according to the classified budget. The project received $35 million in funding in 2012 and had more than 200 personnel assigned to it. By the end of 2013, according to the budget, the project would “develop new capabilities against 50 commercial information security device products to exploit emerging technologies,” as well as new methods that would allow spies to recover user and device passwords on new products.
Among the project’s missions:
— Analyze “secure communications products, both foreign and domestic produced” to “develop exploitation capabilities against the authentication and encryption schemes.”
— “[D]evelop exploitation capabilities against network communications protocols and commercial network security products.”
— “Anticipate future encryption technologies” and “prepare strategies to exploit those technologies.”
— “Develop, enhance, and implement software attacks against encrypted signals.”
— “Develop exploitation capabilities against specific key management and authentication schemes.”
— “[D]evelop exploitation capabilities against emerging multimedia applications.”
— Provide tools for “exploiting” devices used to “store, manage, protect, or communicate data.”
— “Develop methods to discover and exploit communication systems employing public key cryptography” and “communications protected by passwords or pass phrases.”
— Exploit public key cryptography.
— Exploit Virtual Private Networks, or VPNs, which allow people to browse the Internet with increased security and anonymity.
The black budget also noted that the U.S. intelligence community partners with “National Laboratories” to conduct the type of research presented at the CIA’s annual Jamboree conference. It confirms the U.S. government’s aggressive efforts to steal encryption and authentication keys, as occurred in the NSA and GCHQ operations against Gemalto, the world’s largest manufacturer of SIM cards, through the use of Computer Network Exploitation attacks. In that case, spy agencies penetrated Gemalto’s internal networks and cyberstalked its employees to steal mass quantities of keys used to encrypt mobile phone communications.
The CIA’s Information Operations Center is currently the second largest of the spy agency’s specialized centers. It not only conducts cyber-ops, but has operated covertly in other nations, working to develop assets from targeted countries to assist in its cyber-surveillance programs, according to the Black Budget. At times, its personnel brief the president.
AT THE CIA’s Jamboree in 2011, the computer researchers conducted workshops where they revealed the specifics of their efforts to attack one of the key privacy elements of Apple’s mobile devices. These machines have two separate keys integrated into the silicon of their Apple-designed processors at the point of manufacture. The two, paired together, are used to encrypt data and software stored on iPhones and iPads. One, the User ID, is unique to an individual’s phone, and is not retained by Apple. That key is vital to protecting an individual’s data and — particularly on Apple’s latest devices — difficult to steal. A second key, the Group ID, is known to Apple and is the same across multiple Apple devices that use the same processor. The GID is used to encrypt essential system software that runs on Apple’s mobile devices.
The focus of the security researchers, as described at the CIA conferences, was to target the GID key, which Apple implants on all devices that use the same processors. For instance, Apple’s A4 processor was used in the iPhone 4, the iPod Touch and the original iPad. All of those devices used the same GID. As Apple designs new processors and faster devices that use those processors, the company creates new GIDs. If someone has the same iPhone as her neighbor, they have the exact same GID key on their devices. So, if intelligence agencies extract the GID key, it means they have information useful to compromising any device containing that key.
At the 2011 Jamboree conference, there were two separate presentations on hacking the GID key on Apple’s processors. One was focused on non-invasively obtaining it by studying the electromagnetic emissions of — and the amount of power used by — the iPhone’s processor while encryption is being performed. Careful analysis of that information could be used to extract the encryption key. Such a tactic is known as a “side channel” attack. The second focused on a “method to physically extract the GID key.”
Whatever method the CIA and its partners use, by extracting the GID — which is implanted on the processors of all Apple mobile devices — the CIA and its allies could be able to decrypt the firmware that runs on the iPhone and other mobile devices. This would allow them to seek out other security vulnerabilities to exploit. Taken together, the documents make clear that researching each new Apple processor and mobile device, and studying them for potential security flaws, is a priority for the CIA.
According to the 2011 document describing the Jamboree presentations on Apple’s processor, the researchers asserted that extracting the GID key could also allow them to look for other potential gateways into Apple devices. “If successful, it would enable decryption and analysis of the boot firmware for vulnerabilities, and development of associated exploits across the entire A4-based product-line, which includes the iPhone 4, the iPod touch and the iPad.”
At the CIA conference in 2012, Sandia researchers delivered a presentation on Apple’s A5 processor. The A5 is used in the iPhone 4s and iPad 2. But this time, it contained no abstract or other details, instructing those interested to contact a CIA official on his secure phone or email.
“If I were Tim Cook, I’d be furious,” says the ACLU’s Soghoian. “If Apple is mad at the intelligence community, and they should be, they should put their lawyers to work. Lawsuits speak louder than words.”
FOR YEARS, Apple has included encryption features in the products it sells to consumers. In 2014, the company dramatically broadened the types of data stored on iPhones that are encrypted, and it incorporated encryption by default into its desktop and laptop operating system. This resulted in criticism from leading law enforcement officials, including the FBI director. The encryption technology that Apple has built into its products — along with many other security features — is a virtual wall that separates cybercriminals and foreign governments from customer data. But now, because Apple claims it can no longer extract customer data stored on iPhones, because it is encrypted with a key the company does not know, the U.S. government can be locked out too — even with a search warrant. The FBI director and other U.S. officials have referred to the advent of the encryption era — where previously accessible data and communications may now be off limits because of the security technology protecting them — as “going dark.”
In the face of this rising challenge to its surveillance capabilities, U.S. intelligence has spent considerable time and resources trying to find security vulnerabilities in Apple’s encryption technology, and, more broadly, in its products, which can be leveraged to install surveillance software on iPhones and Macbooks. “The exploitation of security flaws is a high-priority area for the U.S. intelligence community, and such methods have only become more important as U.S. technology companies have built strong encryption into their products,” says the ACLU’s Soghoian.
Microsoft has, for nearly a decade, included BitLocker, an encryption technology that protects data stored on a computer, in its Windows operating system. Unlike Apple, which made encryption available to all customers, Microsoft had included this feature only in its more expensive premium and professional versions of Windows, up until a few years ago. BitLocker is designed to work with a Trusted Platform Module, a special security chip included in some computers, which stores the encryption keys and also protects against unauthorized software modification.
Also presented at the Jamboree were successes in the targeting of Microsoft’s disk encryption technology, and the TPM chips that are used to store its encryption keys. Researchers at the CIA conference in 2010 boasted about the ability to extract the encryption keys used by BitLocker and thus decrypt private data stored on the computer. Because the TPM chip is used to protect the system from untrusted software, attacking it could allow the covert installation of malware onto the computer, which could be used to access otherwise encrypted communications and files of consumers. Microsoft declined to comment for this story.
In the wake of the initial Snowden disclosures, Apple CEO Tim Cook has specifically denounced the U.S. government’s efforts to compel companies to provide backdoor access to their users’ data.
“I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will,” Cook said last September in announcing Apple’s new privacy policy. More recently, Cook said, “None of us should accept that the government or a company or anybody should have access to all of our private information. This is a basic human right. We all have a right to privacy. We shouldn’t give it up. We shouldn’t give in to scare-mongering.”
As corporations increasingly integrate default encryption methods and companies like Apple incorporate their own indigenous encryption technologies into easy-to-use text, voice and video communication platforms, the U.S. and British governments are panicking. “Encryption threatens to lead all of us to a very dark place,” declared FBI Director James Comey in an October 2014 lecture at the Brookings Institution. Citing the recent moves by Apple to strengthen default encryption on its operating systems, and commitments by Google to incorporate such tools, Comey said, “This means the companies themselves won’t be able to unlock phones, laptops, and tablets to reveal photos, documents, e-mail, and recordings stored within.”
Under current U.S. regulations, law enforcement agencies can get a court order to access communications channeled through major tech companies and wireless providers. But if those communications are encrypted through a process not accessible by any involved company, the data is essentially meaningless, garbled gibberish. “In a world in which data is encrypted, and the providers don’t have the keys, suddenly, there is no one to go to when they have a warrant,” says Soghoian. “That is, even if they get a court order, it doesn’t help them. That is what is freaking them out.”
Comey alleged that “even a supercomputer would have difficulty with today’s high-level encryption,” meaning a “brute force” attempt to decrypt intercepted communications would be ineffective, and, even if successful, time-consuming.
“Encryption isn’t just a technical feature; it’s a marketing pitch,” Comey added. “But it will have very serious consequences for law enforcement and national security agencies at all levels. Sophisticated criminals will come to count on these means of evading detection. It’s the equivalent of a closet that can’t be opened. A safe that can’t be cracked.”
A few months after Comey’s remarks, Robert Litt, the general counsel for the Office of the Director of National Intelligence, also appeared at Brookings. “One of the many ways in which Snowden’s leaks have damaged our national security is by driving a wedge between the government and providers and technology companies, so that some companies that formerly recognized that protecting our nation was a valuable and important public service now feel compelled to stand in opposition,” Litt said. He appealed to corporations to embrace “a solution that does not compromise the integrity of encryption technology but that enables both encryption to protect privacy and decryption under lawful authority to protect national security.”
Green, the Johns Hopkins professor, argues that U.S. government attacks against the products of American companies will not just threaten privacy, but will ultimately harm the U.S. economy. “U.S. tech companies have already suffered overseas due to foreign concerns about our products’ security,” he says. “The last thing any of us need is for the U.S. government to actively undermine our own technology industry.”
The U.S. government is certainly not alone in the war against secure communications. British Prime Minister David Cameron has suggested that if he is re-elected, he may seek to ban encrypted chat programs that do not provide backdoor access to law enforcement. “Are we going to allow a means of communications which it simply isn’t possible to read?” Cameron said in a speech in England earlier this year. “My answer to that question is: ‘No, we must not.’”
When the Chinese government recently tried to force tech companies to install a backdoor in their products for use by Chinese intelligence agencies, the U.S. government denounced China. “This is something that I’ve raised directly with President Xi,” President Obama said in early March. “We have made it very clear to them that this is something they are going to have to change if they are to do business with the United States.” But China was actually following the U.S. government’s lead. The FBI has called for an expansion of U.S. law, which would require Apple and its competitors to design their products so that all communications could be made available to government agencies. NSA officials have expressed similar sentiments.
“Obama’s comments were dripping with hypocrisy,” says Trevor Timm, executive director of the Freedom of the Press Foundation. “Don’t get me wrong, his actual criticism of China for attempting to force tech companies to install backdoors was spot on — now if only he would apply what he said to his own government. Since he now knows backdooring encryption is a terrible policy that will damage cybersecurity, privacy, and the economy, why won’t he order the FBI and NSA to stop pushing for it as well?”
———
Documents published with this article:
———
Andrew Fishman, Alleen Brown, Andrea Jones, Ryan Gallagher, Morgan Marquis-Boire, and Micah Lee contributed to this story.
Note: An earlier draft of this story incorrectly suggested that the iOS Group ID is used to sign software. An earlier draft also incorrectly stated that Lockheed Martin owns Sandia National Laboratories. Sandia Corporation, a wholly owned subsidiary of Lockheed Martin, operates Sandia National Laboratories as a contractor for the U.S. Department of Energy’s National Nuclear Security Administration.
Disclosure: Freedom of the Press Foundation, which Trevor Timm represents, has received grant funding from First Look Media, The Intercept’s parent company. Intercept co-founders Glenn Greenwald and Laura Poitras are on the board of the organization.
Photo: Shutterstock; Google Maps; Simon Dawson/Bloomberg/Getty Images; Tony Avelar/Getty Images; Kevin Lamarque/Reuters/Landov; J. Scott Applewhite/AP
You sure that this was not a story released by Apple!
Where exactly are these documents that support your claims in this article? The only one you link is a post about a jamboree, but says nothing of the sort that you discuss in the article. Further, your quoted document is not classified TOP SECRET, it’s quite clearly labeled SECRET//NOFORN.
Is this article a joke, or are you truly reporting on issues you don’t understand?
How is it that such activities and conferences were sanctioned at the highest levels to begin with? Shut it down! Round up all the hackers, interrogate them heavily, jail the worst offenders, and sanction the rest to “no internet access for 10 years”. 4th, 5th, and 14th Amendments being violated. Time to get tough.
I’m still waiting for a response as to why MOST of my comments DO NOT appear. Whether it is intentional or not, by not posting comments regarding the current domestic counterintelligence operation that is creeping across the nation and targeting innocent Americans, The Intercept helps to perpetuate this evil racket.
Considering our country’s very long and well-documented history of targeting ‘folks’ deemed ‘subversive’ (which could be anyone these days), why does it appear that The Intercept is actively censoring comments about a phenomenon that is basically a ‘no brainer’?
WHO is doing the censoring??!!
And to let other reader/commenters take jabs at me, like Peanut did below, and not print my response is unconscionable (like holding my arms behind my back while someone swings away).
Finally, the HUGE point that the all the nonsense and gibberish about ‘electromagnetic, microwave, and scalar’ weapons is one of the best examples of disinformation that our government spinners have ever created — designed to obscure and to conceal COINTELPRO 2.0 (ON STEROIDS) — needs to be made loudly and clearly.
The distinction between real targeting and sci-fi is VITAL!
— ItCan’tHappenHere (writing from Greensboro, NC — just another place where the American Stasi/FBI/DHS/Contractors/Informants/RATS are ‘in the house’ and out of control).
[quote name=”Steven Bellovin, in article above”]”…“There are bad people out there, and it’s reasonable to seek information on them” (‘says Steven Bellovin, a former chief technologist for the U.S. Federal Trade Commission and current professor at Columbia University’)…”[/quote]#
NO, it is NOT “reasonable to seek information on… ‘bad people'” through mass-surveillance, because it is presumption of guilt in violation of the Fifth and Fourteenth Amendments, and the violation of privacy without a legal, Fourth Amendment warrant!
See how insidiously people who have little or no true, full and complete understanding of and respect for the Constitution and the Bill of Rights, and thereby human rights in general (because the rights delineated in the Bill of Rights are HUMAN RIGHTS, all of which we’re born with and are inalienable, immutable and inviolable), fall for succumbing to the false belief(s) that we supposedly have to give up our liberty(ies), freedom(s) and privacy for so-called “security”; which, in reality, is (rather than True Security) extreme government overreach and using computers to monitor us all under a massive “Big Brother”, “panopticon” surveillance and control grid, as well as abuse and violation of human rights and civil liberties by people who don’t want us to have any such liberties and rights, particularly any privacy, but want to enslave us all in completely un-free countries, and in a totally un-free world.
We’ve got to break out of falling for ANY of this, and stand up against ALL OF IT; or, very soon, we will not be free at all, something NONE OF US must EVER accept. And we must break free of, and “throw off” all such government that is actively seeking to see to it that we have no freedom(s), liberty(ies), privacy and rights.
See my RSN, “Writing for Godot” article on this:
“IT IS (OUR) *DUTY*, TO *THROW OFF* SUCH GOVERNMENT”
Written by John S. Browne [my “nom d’plume” (aka, “pen name”) on RSN]
Thursday, 26 February 2015 08:50
http://readersupportednews.org/pm-section/256-justice/28793-qit-is-our-duty-to-throw-off-such-governmentq
Remember this the next time you all(americans) blame Korea or China for hacking some of your Chinese or Korean made computers. Ooops, sorry… not!
Dumb asses.
“Turn Key Totalitarianism”
Why do you even portray Apple as a hero an victim in this story? Apple’s operating systems are proprietary software. Proprietary encryption is worth 2 peanuts. Freedom and openess is a precondition for the existence of verifiable security.
Yup. Still not posted (via tor) after several days. Are you even reading this? Christ, even jabbering with John was an improvement (before he moved on). Did I say something too sensitive? Too critical? Too specific? Or nothing at all, but tor just won’t be tolerated. It was certainly on topic. And trolls can post. So can paranoid schizophenics.
Do not email me. It won’t work (certainly not now). Maybe I will jabber ryan so my metadata can be better catalogued. I am not sure that glenn learned anything. How could he. I bet the noise level is thru the roof noe on top of everything else.
We were lucky we got Poitras. And I am npt knocking you Glenn… on the contrary and more than you know. The sad thing is given the state of the world and the insanity lying therein I actually can understand why it was almost dismissed offhand. Kooks and provocateurs roam and they roam well-resourced and suppkied with few threats to themselves. Recommending him or any journalist (or not) leakers (and even leakers’ lawyers) should bear in mind that once the shit goes down there is never an unwatched moment. Especially on the ´places we woukd most like to commisserate. Track records count. Though sometimes they have the diametrically opposite effect we hoped for.
At this point I would just as happily have the nonposted comment disappear. and this one read but not posted. What is the point?
Your loss. And sorry, not trusting your dropbox. Trust is earned thru action and interaction. I have been in a glut of everyone wanting to be listened to, everyone wanting comments, everyone wanting time. Watch your soul.
GO DEEPER.
I love the graphic suggesting Spy vs Spy.
It shows appropriate respect for those implementing a Big Brother – and fostering the “Mad” world they claim they’re fighting.
It is not that difficult to store backdoors on apple equipment. Who says Angry Birds was clean??
Lockheed Martin does not own Sandia National Laboratories. Sandia is owned by the US government.
Sandia is operated by the Sandia Corporation, which is owned by Lockheed. So, Lockheed operates Sandia for the US, but does not own it. Before Lockheed, Sandia was operated by Bell Labs for the US govt.
It’s the same story with Caltech operating the Jet Propulsion Laboratory for NASA, or the University of California and Bechtel operating some DOE Labs.
This is just the tip of the iceberg at the factual errors in this article. It’s really as if these writers have some tidbits of knowledge, but no where near a thorough and accurate understanding. So, basically your typical modern, biased garbage journalism.
Sandia national Laboratories vs. Sandia Corporation. Seems like relatively minor errors easily corrected. Some tidbits? Well, It’s not like the government is open and honest about these things.
Most of the really ‘interesting’/insidious research is funded by darpa and the dod and a plethora pf cia and private funded black bag shell corps and has been for almost a century. But don’t worry, they go oht pf their way at least 1/10th of the time to come up with a better-sounding, usually faux-humanitarian purpose so the unwose postdpcs.and undergrads.can sleep well at night.
actually it’s mossad owned cia,microsoft ect. trying to get rid of the competition which is why snowden even recommends not using it
Dear Intercept,
A friend has asked for you to kindly stop advocating the use of things such as tor when you yourselves effectively block posting via tor via moderation for days thusly shutting people out of the conversation.
It is uncouth.
Yeah, did my last comment in response to an exchange between ‘anon’ and ‘Kitt’ get lost in cyberspace or get stuck in The Intercept’s filter?
I’d appreciate it if someone could look into it and maybe get it posted before all the readers have moved on to another article.
Tx
Which might be less suspicious if that were at all on topic, did not imply a whiff of schizophrenia to modify my own complaint, and not trying to latch on to my post made for someone else about something on-topic. Gentlemens’ rules indeed. I see what you did there :)
All they had to do was ask.
Great article though some stuff is left out. And of course they also read the seminal paper ‘Trusting Trust’ about toolchains.
I have a gripe though. I get that everyone likes to quote Matt Green but I am getting sick of him suddenly being the go-to guy ever since the TrueCrypt audit (not long before the authors headed to the hills though I am not suggesting a connection).
There are a ton of better, longer-running people around. Any cypherpunk from the 90s could give you at least a dozen sources, all of whom are probably more likely to have been targets (eg Quisquater).
So yeah.
I am also curious if Charlie Miller Charlie Miller Charlie Miller was consulted. By them, not you.
It takes more than the feds to tango. While I appreciate these articles there is something distasteful about the fact that the government could not do any of this for shit were it not for the participation, usually in private, sometimes coerced, and almost always known by the participants, of the community itself that makes this possible.
What we need is peer pressure and rejection of this too. All the laws in the world don’t mean shit without any sort of a scarlet A. But these people are assets. You burn progeams but you don’t understand how and who makes them tick. Or don’t have the info which honestly is much more likely but you won’t find that stuff out without a lot of work. Even then you would barely scratch the surface.
“… be inspired by its message that ordinary citizens, working together, can change the world.” -E. Snowden
Some day soon, Truth will no longer be Treason…
This report is completely wrong. The iPhone/iPad/iWatch are all based on the OS X software. This OS is one of the easiest operating systems to hack. There is a report that I just looked at from 4 years ago that a guy hacked the OS in – FIVE – seconds. Not years, not decades, but SECONDS. Here is the link to the article if you don’t believe it: http://www.dailytech.com/Apples+OS+X+is+First+OS+to+be+Hacked+at+This+Years+Pwn2Own/article21097.htm
Looks like Obama and the rest of his fascist buddies will have to get to work eliminating – not just ignoring – the Fourth Amendment, if they’re going to fix this one.
Wow this is FUN!
Breaking news, the NSA and CIA spy on…everyone… IMO Snowdens nothing but a traitor and should be treated as such.
Another great expose on Intercept. Great work!
Two thoughts: First, it would or will be very important for someone capable of actually exposing the code being used by the CIA on Apple or other devices to do so. Either in the SIM chips or other phone hardware or via developer apps that contain the code. We know the CIA funds Silicon Valley start ups, publicly, and what their black budget covers we can only imagine. Actually seeing the rogue code will be very persuasive. If it’s there, someone will find it.
Second, given this reality, one might expect an entrepreneur to package a “spy free” phone for assembly or even manufacture one. I would think that if someone knowledgeable about cell phone production and software were to pursue this, then either off the shelf parts or old components with “safe” software installed, or merely pre CIA infected bits, would have a great product to sell.
Old phones of say pre 2005 were not too bad, though primitive by modern standards. But if you are merely talking or texting, and do not want to be spied upon or tracked and hacked. getting a “spy free phone” would be the thing to do.
Even better than a burn phone, these oldie but goody phones might prove quite popular. I don’t think spy agencies control or infect every single aspect of cell phone chip making or technology, not yet.
Carrying around an old clunker phone might even become trendy. Make one yourself, from random components and download “safe” software from vendors, and be on the cutting edge of privacy.
Let’s hope this all happens. Get your “Screw the CIA Phone Today!” ™
The “Central Idolators Agency” who literally seems to have forgotten what their oath of office was all about needs to be completely swept out and swabbed of all the constitution shredders!
Cook recently was in Israhell to support Apple’s tech center there. Any mouth piece who underwrites Israhell’s apatheid state is not to be trusted. For Apple to expand its brick and mortar in Israhell with no respect to the chemically burned to death babies in #Gaza is a deplorable ethos. To insert at point of manufacturing a backdoor is insane. WTH? We need more whistleblowers inside the corporate state monster.
“Researchers at the CIA conference in 2010 boasted about the ability to extract the encryption keys used by BitLocker and thus decrypt private data stored on the computer.”
Lest we forget, this is the same degenerate cabal of sadistic psychopaths who to this day are continuing their quest to “legitimize” torture, notwithstanding actually perpetrating torture. Chris Floyd sums it up succinctly…
quote”American torture still goes on: from the force-feeding of strapped-down captives in Gitmo to the psychological and physical terror Obama inflicts on thousands of innocent people every day as they watch the lizard-eyed drones hovering over them and wonder if this is the hour they’ll be ripped to shreds or burned alive to whatever the hell goes on in the secret cells our humanitarian leaders still keep in bases, basements and hidey holes all over the world.”unquote
http://www.chris-floyd.com/Articles/2489-masters-degree-teaching-torture-as-a-western-value.html
Until this nation as a whole, burns the CIA to the ground and prosecutes every last stinking CIA/DOD/Executive branch personnel who contributed to these heinous, obscene war crimes, they will continue to murder with impunity. Meanwhile, their excursion into the privacy of US citizens is the least of their crimes.
However, given half of America has already decided torture is A-OK, I ain’t holding my breath. At least they provide the living proof..evil exists because good men don’t kill those motherfucking US government officials committing it. However..our patience is wearing thin.
In response to your comment of the other day…that one regarding the hypothetical courtroom scenario….please see my comment below.
Patience is a point on a line in the infinity of possibility.
Staggering article (from someone in the tech sector), great job – seems the U.S. security establishment is at nothing less than war with the U.S. tech sector (which depends on its customers thinking their products keep their data private).
Its one thing to target individuals (should be foreign) and compromise their machines, its quite another to compromise the program compiler (used to build all programs you buy and use on Macintoshes and iPhones) so they have a government backdoor in all of them (and their system BIOS’s as well). Apple should go nuclear on this – and fight it at every level.
The elephant in the room is the compiler that makes the most programs used by U.S. citizens than any other – Visual Studio – made by Microsoft who has been caught bending over backwards and being called out in the Snowden Documents as an exemplary partner with the NSA. If the U.S. govt was trying to compromise Apple’s Xcode, you can be certain they had Microsoft compromise Visual Studio for the NSA/CIA/etc. (based on all the stuff Microsoft did for the NSA that we know about).
The Intercept – the other place in computerized equipment the govt would want are what’s called the BIOS/firmware (mentioned in the Apple article above, on PC’s its now called UEFI) and is the part of the machine that starts things up before the operating system starts – you get a back door there and the operating system & anti-viruses can’t detect it. The new standard (last 7 years or so) actually has a secret part that people can’t see – this new standard was created after 9/11 I wouldn’t be surprised if it was totally compromised by the U.S. security establishment. I’d try to dig there if you can…if I was the government I’d try to compromise that on everything (PC’s, mobiles, networking equipment, etc.).
Now that we can see the lengths the U.S. govt will go to compromise its citizens and tech companies communication products, Richard Stallman was right, Open Source (where you can see and check the code for everything from BIOS/firmware, to chip design, to operating system, to programs is the only way forward – its obvious the U.S. government will compromise everything else that is done in a corporation and the source code isn’t open to be checked. Never thought I’d have to say that in my life, but its obvious now.
Dump Microsoft and Apple.
Be very careful regarding the manufacture of your machine.
Install your own Operating System and be careful which Open-Source Operating System you use.
Encrypt everything.
Even then…your communications can still be freely intercepted by your ISP but they will not be easily decipherable.
Still…those types of precautions remain beyond the capability of the average user. Not everyone is technically inclined. Therefore…following that prescription is NOT the ultimate solution to the problem of worldwide Five-Eyes Government mass surveillance.
The ultimate solution is to shut them down… and that is the imperative road (course of action) that people who value their privacy and freedom must follow.
Mass surveillance, which was initiated by the US Empire, must be declared unconstitutional because it is in direct violation of Amendment IV of the US Constitution.
Amendment IV: Search and arrest warrants
“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched and the persons or things to be seized.”
THIS is the Supreme Law of the Land. This is not to be violated by ANY Branch of the US Government. No Court can erase the law. No Presidential Edict can violate the law in the interest of “national security”, and it is the express duty of every elected Congressional representative to uphold it.
Those that fail to understand the Preamble of the Constitution which is:
“We the People of the United States, in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America”
….must be rudely awakened to the larger “We the People of the United States” part of our Governmental system within the United States.
It would be wise of those occupying higher level positions in the Federal Government to accept the more peaceful solutions to this internal conflict offered within the conduct of a legal environment….as they can be removed from positions of power forcibly as well.
I agree.
Microsoft is not an “exemplary partner”; they happened to be the first tech company that was legally forced into working with the NSA. They’ve also fought against the federal government on search warrants, gag orders, etc. Get your facts straight.
Excellent work, but “the story to end all stories” is the one about the Stasi-apparatus that’s operating from coast to coast, psychologically terrorizing American citizens — a counterintelligence stalking and harassment program that’s literally killing people. It’s the straw that would break… but, hey, no hurry. Take your time.
Maybe T//I will be scooped on this one. The person who “breaks it” will be a national hero, like Edward Snowden. If Laura Poitras hadn’t been in the picture, Snowden would have had to go elsewhere (Glenn Greenwald ignored him, apparently). Who knows where we’d be without Laura… Someone needs to get this story. Someone. Anyone.
Ah, the view must be very limited from that high horse you’re obviously riding, “Kitt”.
My actual name is Kitt. And it’s the only name I’ve ever used to post here. I assume that your name isn’t “anon.” And I don’t what in the hell my comment has to do with, in your stated opinion, a high horse.
Oh obviously it should be you.
In re EPIC – NSA Telephone Records Surveillance Petitioning the U.S. Supreme Court to Halt NSA Surveillance of Domestic Telephone Calls
Background| Amicus Briefs| Government Statements| Legal Documents| News “It is simply not possible that every phone record in the possession of a telecommunications firm could be relevant to an authorized investigation. Such an interpretation of Section 1861 would render meaningless the qualifying phrases contained in the provision and eviscerate the purpose of the Act.” – EPIC Mandamus Petition
https://epic.org/privacy/nsa/in-re-epic/
Hmmm, and John Brennan was just suggesting more money’s needed to, “cover the entire universe, regionally and functionally,” because – reorg.
If they’ve already spent years infiltrating everyone’s devices everywhere, what do you suppose THAT would look like…?
Sandia National Laboratories is Government Owned Contractor Operated:
http://www.sandia.gov/about/history/goco.html
Snowden now works and protected by Russian intelligence services
So, now we have this “news” at The Washington Post regarding the United States and Israel cyber attacking Iranian nuclear installations:
http://www.washingtonpost.com/world/national-security/leak-investigation-stalls-amid-fears-of-confirming-joint-us-israel-operation/2015/03/10/2a348b1e-c36c-11e4-9ec2-b418f57a4a99_story.html
Interesting timing on this story considering the “deal” Obama is trying to get signed with Iran and the P5 plus 1.
Oh, the leaks! The leaks!
The government security/surveillance agencies will sink the American tech industry in its entirety , and the whole country along with it , rather than give up an iota of its control and power .
Who to sue first?
Government has never had unlimited access to anything they wish, and they certainly don’t need it now, regardless of their fake claims of “security”. They should have access to nothing not publicly available, without a warrant, and if it’s encrypted, it’s their problem to decrypt it.
Imagine what Stalin’s NKVD could have done with such capablility. This sort of power in the hands of any government is unacceptable; if the capability exists, it will be used (and for the benefit of those who control it, not ours). The tyranny of our own government is more dangerous than anything a foreign power, or band of terrorists could inflict on us.
Just ask the folks in Ferguson MO if they have the power after all their private emails were laid out by the justice department. Whether you like the politics are not it is telling. They have cracked it. Very good mathematics. This story is a joke. Everything is recorded. It is a function of how much I want to know and how hard is it to crack it. It is not the CIA charter to crack it but it is the NSA s responsibility. Used to be the NSA cracked all foreign traffic, but now days it includes domestic. Doesn’t matter what you use, it will be recorded and cracked if deemed a matter of national security .
God Bless Edward Snow the part he played in history was just as great as Washington or Jefferson.
Doesn’t Apple make all its products in China? Just asking … :-)
Lots of words for lots of dumb.
Jeremy is begging for attention.
How would they get Xcode installed on machine. Knowing that the motive for all this spying is not to find ‘terrorists’ or to spy on insignificant me, it is to spy on corporations, financial institutions, powerful individuals, anyone that is a threat to US corporations and its system (terrorists) – e.g. when Airbus orders a bunch Apple computers (in this case) the CIA/NSA/whoever can intercept them and install their software on there (Boeing has a very close relationship with the US Gov & military and has been caught spying on Airbus), but it could foreign corporations, governments that are a threat to the US system, etc, many many targets.
Boy are you naive. Not to spy on insignificant you…really what if you have a hot 15 year old daughter and a webcam? What if you commented on the Intercept or UK Guardian.
Excellent journalism as always, sorry had to put down “Dirty Wars” , not because it didn’t hold my interest… It was so powerful and thoroughly researched, it was making me sick
Its not getting Xcode on a machine – its compromising Xcode on Apple’s servers (either having someone inside doing it or putting the compromised code up on their servers without Apple noticing…this is the NSA we’re talking about here), then letting them distribute it to all their developers so that ever application they create with it has a government (NSA/CIA/FBI) backdoor inserted in it. Once you compromise the compiler (Xcode), it can be virtually impossible to detect the backdoors (or other compromises it inserts) in the programs it creates.
Next to this you’d want to compromise their BIOS images as well (which is mentioned in this article – this is what gets the machine going (the apple graphic screen) prior to starting the Operating System) – again, once a back door is there its virtually impossible to detect it (as the operating system and any antivirus in it won’t see it). Apple should go back through all these with a fine tooth comb and probably make their BIOS’s burned into ROM chips (yes like the old days) so the only way to update the BIOS would be to replace the BIOS chip(s) themselves (and make that workable). The U.S. security establishment is at open war with the U.S. tech sector and U.S. consumers trying to destroy the security these firms/consumers depend on.
A slight modification here… One can and indeed likely does bd selective peoples’ xcode, likely via update via mitms plus a bit of nsa magic. Actually one needen’t even modify the installer… Once the libs and dev env is installed sanity checking is relatively unheard of. Said perpetrator has free reign to tweak libs in subtle but brutal ways thus building in the 0day…and since most companies including Apple are so SPOF it has the unfortunate consequemce for non-nsa people of being unable to do multiple update consensus checks like one could do thanks to the diaaporic nature of aptitude, yum, et al (also not without their own attack vectors).
The first step to assume if you work on anything thatbcould even be remotely associated with baseband, hardware, drivers, compilers, protocols, crypto, and comms algorythms is to know you are a potential target. Which dies notnmean you are one but the odds are highly in favour of at least someone you know who contributes to yourproject(s) gettimg compromised. Pay attention to your toolchains. For the paranoid acquire them from a neutral location not your work or Zhome IP range (tho with apple ID…. yeah. not a solution either). Checksum the hell out of your toolchains bearing in mind how easy it is to fool people with trojaned checksum binaries or r3 rootkits.
In short the bigger or more specialised you are the more you shoukd be cautious.
And, love of god, quit synching devices with dev machines.
Assume the boxes are owned first. This is a more typical scenario.
No doubt, once technology permits reading thoughts, these same maniacs will argue that not allowing all private thoughts to be recorded by the government is an unacceptable risk.
It would be easier to make you think whatever is desired of you to think.
SOS is working hard to stop you thinking.
One of SOS myth, on wild spread, is capturing thoughts. The emi neuronal radiation is superposition (superposition) on micron distance. So it is impossible to record any meaningless emit out of brain on large distance eg outside of your head. Thus so they develop the means to rupture in mass the heads of suspected not aligned thinkers.
it is sad when folks fall in mo[st]sad
There was a DARPA rfp a handful of years back looking for blue sky research into this. It was a public rfp. They said itd be to help vets with ptsd secondarily to focusing the work on it to eventually teach children in classrooms by letting theirbteachers monitor their problem solvong processes.
I wish I were making this up. And that was maybe three years ago and public.
The ironic thing is none of that is needed. Cass Sunstein and even Robert Cialdini made it clear… A century plus of work delineating people makes such sledgehammer over the head methods ridiculous. You do not need to create exact thoughts only be able to predict patterns and nip them in the bud via subliminal cues. One advertisement is a nudge. A culture seemed in a status quo becomes its own brainwashing. And it is cheaper and works, especially when you’ve got a massive surveillance indmfrastructure
In the non-aligned countries, perhaps. But that was a given. These are public-private partnerships, a ‘Great Game’. Soghoian says “lawsuits speak louder than words”. OK. Google and Yahoo have evidence their data centers were hacked on site . Property rights? Constitutional violations? They haven’t touched the courts. Neither will Apple. And not because they wouldn’t win.
So it’s “trickle down” privacy, or bust. Encryption will improve, government will not. That’s the argument. The political economy of feudal techlords.
The dog that didn’t bark
The capitalism of technology is already dead. It only moves groped by molester hands.
At least we know now who serves who. The dog that didn’t bite the hand that doesn’t even feed. All tech capitalism wants is a more convincing lie.
For those that confuse money and power–money is how you reward those who give up power. Trinkets and beads. Is the difference clear now? Those that hate money most are the most angry at this truth. The others know very well what they are trading. The deal is clearly articulated.
The internet of things–Industries will fall one by one. Yet all are already dead because this has nothing to do with tech. Spying killed capitalism.
What concerns me is not the end of these things–but that these conclusions are not unforeseen.
Just wondering out loud here, but since many people do NOT have unlimited bandwidth usage and some must pay premium for their internet access, would it be possible to sue the government for theft of service allotments? If these devices are sending data to the CIA or whatever intelligence entity, aren’t they in effect stealing my bandwidth, for which I pay premium? Of course how could someone prove that was happening when this invasion of our privacy is apparently a national security secret?
quote”If these devices are sending data to the CIA or whatever intelligence entity, aren’t they in effect stealing my bandwidth, for which I pay premium?”quote
Bingo.. #Standing.. @proveit
Lockheed Martin’s pond looks shitty, they should clean it up, plant some better stuff and get some frogs.
Oh the Irony. American corporations (like Sony) don’t have to fear foreign nations (like North Korea), or rogue hackers hacking their companies or products, but their own government. What originally appeared to be something to protect you from terrorists and really bad criminals has shown its true colours. Its meant to watch you and I. If you ever disagree with, or oppose their will and form of government, they will know. They run the show. You are what they deem you to be. Begs the question who is the real threat to our freedom? The joke is on us.
Sony is a Japanese company… but they have to fear state-financed adversaries of all stripes, as does an American company like Apple.
Sounds like the CIA is a slow growing Astrocytoma without an expert team scrutinizing it over the years. The OSS outlived it’s purpose after WWII. Now the
CIA is so ‘out of control’ they are a threat to the U.S. Government and Americans. Without a resection/removal of this tumor, the USA will implode. Time for
Congress to meet in a basement with some untainted generals and plan the successor to the CIA.
On the one hand, it seems like it’s good to know more about how our privacy is being violated. On the other hand, for lay people, I think saturation has been reached on the message that this, that, and well, everything, is being surveilled. What I keep waiting for is some evidence from the Snowden papers that shows clearly how this stolen private info can be used in a way that is harmful and clearly an abuse of power. For example if an elected official was blackmailed. Or if activist actions were thwarted in an “unfair” manner (whatever that means). Or if insider info gleaned from text messages or emails is being sold or not-sold (blackmail again).
I think that would get people’s attention, if it’s happening. There was a comment in the NYT on the Wikipedia suing the NSA story dismissing privacy concerns by saying there is no evidence of harm. I don’t know whether the surveilled info is being exploited in this way or not, but I think it would be naive to think it is impossible.
The second thing I keep thinking is: even if the government were to pass stringent laws against intercepting the data of innocent people (however that is defined), and many NSA spying programs were dismantled — they said — how would you ever know whether it was true or not? Technically, I don’t think there’s any way to check. No way whatsoever. So one wonders why they don’t just lie and say they have stopped. Do they want us to be afraid of spying and self-censor and remain afraid to protest, comment online, etc? So does it matter whether the spying really is going on or not? It matters if more is going on than simple intimidation, but I don’t think we’re seeing hard evidence of that.
It would be nice if they could spare some time and effort to spy on someone other than Americans. ;)
First WOW!!!!!!!!! Apple should have a legal team at the steps of the Administration buildings. Now they can see that their so called friends were breaking the law and stabbing them in the back….. OR… Did they? C’mon, we are not that stupid/ We are the generation that built you. We are the technoGuru’s that that blow your mind with our inventions….. All Theatre, Apple probably gave them the code, but they had to use this story line if it was ever disclosed or uncovered. Hmmm, I would venture to guess that they even let Snowden have that info and were glad that lies were stolen too… Believe nothing. We live in a tech world. the smartest rule. The real ones whom should be REALLY pissed off is the public around the world. This is another reason I stopped buying Apple products. Not for the reason that any government with enough money can get the info. I’ve accepted that MANY years ago, its the fact that now I can rest assured Apple was in on it. I was having the slightest hope that the tech brethren, whom could really care less about the money, would step in like Ed and hold the line. Science is a wonderful thing, but technology now rules the world… For the moment.
” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.” – MITM developers to download the modified Xcode version, using compromised root certificates. Centralized root authorities are open to corruption, p2p solutions (e.g. Namecoin and the like) to provide distributed, trustless certificates are key.
You people are so easily fooled it’s almost comical. Almost. For God sake can’t you all see Snowden is a CIA operative. All these leaks are designed to throw the citizen off the real issues like a criminal trying to distract a bloodhound. Has he released anything REALY damaging to our government? No. And if Russia still harbors him, I have to ask why? He is like a magician full of illusions. Ignore this and just call it a conspiracy like everything else going on. America is at war with its own people. Russia and China have won. My advise is to just accept it and go along when martial law is imposed. Maybe, just maybe we will have a chance in a hundred years or so to recapture freedom from tyranny.
The problem with dividing law enforcement and intelligence into the 2 separate categories of domestic (FBI) and foreign (CIA and NSA) jurisdictions, is that with modern international communications it is really not an easy task to categorize communications as being foreign or domestic, for the purpose of determining what agency (or agencies) have jurisdictions to carry out a wiretap on a particular communication. If a terrorist overseas is sending a secret “go” order to a terrorist sleeper agent here in the US, does that phone call (or email, or text message, or video, or whatever contains the “go” order) fall under the category of being a foreign communication or a domestic communication? As a result of this confusion, it is easy to see why sometimes the CIA or NSA is working together directly with the FBI on the same case, even though they theoretically should not be, as they don’t have overlapping jurisdictions (though international communications may qualify as exactly that, an overlapping jurisdiction).
The problem is however you slice and dice the American Stasi, it’s still all about self-enrichment, population control, and extra-judicial murder and torture.
The American Stasi never had any interest in defending defending anything but itself, as its actions have demonstrated.
Absolutely. Someone gets it.
NYT buried this story on the “technology” page.
To protect their candidate. A real question the press and people should be asking: Where is the President’s accountability? Former President Bush took hits in political capital for wiretapping. Why does the press public not outcry loudly and critically this administration’s audacious transgressions against the first and fourth amendments?
This double standard with regard to the press’s protection to an administration that is aggressively antagonistic to the press itself, erodes the credibility of the New York Times and others.
First, excellent article, even a neophyte like myself can follow it and it is substantial.
Second, I agree with the ACLU’s Soghoian that Apple has a responsibility to file
law suites to protect its customers secuirity. Most notably, Apple needs to use its billions in cash
to go after PRIVATE actors who are undermining Apple products.
The article notes for example Sandia Labs which is owned by Lockheed are attacking
Apple products and encryption. These two private companies do not have the immunities
and protections of the NSA/CIA etc., at least, as public corporations they should not. I would
expect Apple to pursue Sandia/Lockheed with full vigor.
Am i off base assuming Sandia will not get the same deference as the NSA in federal court?
also, as an aside, has the ACLU or anyone heard even a whisper about the progress of the
Second Circuit opinion in ACLU v. Clapper, challenging the drag net surveillance?
That case has been at the court for at least 6 months.
Wikipedia has a page for ACLU v. Clapper, so that’s a good place to start.
Meantime, I check the ACLU website and look what popped up: “Feds Refuse to Release Documents on “Zero-Day” Security Exploits”
https://www.aclu.org/blog/national-security/feds-refuse-release-documents-zero-day-security-exploits
March 3 story, but worth checking out.
It’s a bad sign for Apple users that Apple has not sued the federal government in court.
Perhaps Chinese devices would be more secure? I’m not kidding. What is China going to do with their knowledge of your activities? They’re helpless to do anything.
We all might be shocked and dismayed to see how twisted, corrupted, sneaky and secretive “corporations” are:
http://www.opednews.com/articles/The-power-and-danger-of-co-by-Rob-Kall-Capitalism_Corporations_Facebook_Secrecy–Transparency-150309-338.html
Watch the videos in the link with Chris Taggart, “Mapping the Corporate Graph”.
I have an IPhone 4. Oftentimes while I’m talking on the phone, for no discernible reason, it starts sounding as if the person with whom I’m conversing is talking to me from in a deep hole, sounding like it’s switched to speakerphone, although it hasn’t. It that a flaw with my phone, or is it some sort of spyware switching on? Whatever it is, it’s annoying.
Likely it has to do with the network you are connected to or connecting to.
As an augury of how this story is trending on high tech news media, this story is now at Cnet —
http://www.cnet.com/news/cia-tried-to-hack-into-iphone-ipad-for-years-say-leaked-documents/
Albeit as a link off the front page at this point. Front page is all Apple Watch (no pun, at least not so far), although the Wikipedia/ACLU lawsuit also gets some play.
2063. Optimistic, I see.
While it sounds all bad and I’m not defending the CIA, don’t forget that it’s important for the CIA to learn and understand how others could also exploit the system.
What’s worse, getting hacked and not knowing how…. or knowing how to hack but not doing it?
Delicate balance.
No surprise here. There are probably CIA spies who have infiltrated Apple, Microsoft, Dell, HP, Google, Facebook, RSA, etc and covertly altered hidden code and permissions and cryptography. The CIA says: if it can be done and it sounds prima facie badass, lets go ahead and do it! That amoral, sickening fratboy-ish mentality is so fucked, and it’s why we’re getting unlawfully spied on as innocent citizens. It was justified in being used against formidable, fascist opponents in war, such as the Nazis and the Imperial Japanese in WWII, or maybe the Soviets during the cold war, but it is definitely not justified against our own citizens. And it’s 100% fucked in the mind that we’re trading info with GCHQ to bypass international laws on dragnet surveillance.
Ever since the end of WWII, the US federal government has acted as a fundamentally authoritarian global force, exhibiting strong fascist and plutocratic elements. The realization of democratic ideals has been thwarted time and time again by the interests of the wealthy and powerful, and it’s only going to get worse until the next real revolution, when we all take a stand for our inalienable rights as human beings. The Fascist Bukkake Infidels, the Cocksucking Inseminators of Amerikkka, the Nazi Scum of America, the Deluge of Horse Semen, and over a dozen other American intelligence agencies are too powerful, unregulated, not transparent, unaccountable, and frankly quite rogue. They ought to be stopped by legal means before they become too large and powerful to prevent violent repression and resistance. If we just sit idly by, by 2100 if you think “the wrong things” or have “subversive thoughts” the mind police will activate your government-issued implant chip and inject you with some mind numbing persuasion drug or maybe just detonate your brain. Such dystopian visions sound massively paranoid, but remember what Snowden has proven to be currently happening, right here, right now. The files he has leaked prove that it’s not so crazy to envision a real-life Airstrip One at the current pace of the deliberate dismantling of our civil liberties.
Even Tails, Tor, Lux, etc may be compromised, so if you have anything truly life-or-death sensitive, don’t even write it down or speak it. If you have to write it down, multiply encrypt with OTP using a FULLY de-networked, one-way(in)-air-gapped computer with encryption on a battery-inverter supply in a well shielded, physically secure environment, making sure to use your own open source, open firmware hardware to generate quantum random numbers, and do all encryption in binary since there’s less information there especially when you use the key to obfuscate by re-sequencing the numbers. If we can democratize proper unbreakable encryption, random number generation, and secure software and systems, and network encryption protocols such as darkmail.
I’m curious, is the Intercept opposed to any form of government surveillance?
I cannot see precisely what is supposed to be wrong with the Central Intelligence Agency developing its CNE/Information Operation capabilities, given those capabilities would be in play in perfectly lawful and justifiable scenarios of surveillance or operations against terrorists, foreign intelligence services, and the like.
It seems increasingly the Intercept is simply reporting things for the sake of it (like Sentry Eagle) and because it can. The main, in fact the only, fundamental question is what oversight exists for these programmes. I see no evidence based on what the Intercept has published here that these capabilities are not being used for justifiable purposes.
Otherwise you are just going down the road of a fatuous, childish position that all surveillance is always bad
Does Hillary use an iPhone?
We get the Government we deserve, and nothing will change until we stop electing Democrats & Republicans after all they are the ones subverting the Constitution, & they must be held to account both politically & leaglly !
WAKE UP AMERICA ! ! !
Yes, we get the leaders we deserve, but we also have the corrupt society we deserve, built with money worship. If it works, it is OK, is the amoral thought of most Americans, even the deeply religious ones. It is important that we realize this is true or our problems will just get more and more complex and less and less tractable. No other society in the planet is so conquered by money as the American, and that has always been a signature of our passing through. Follow the money, show me the money, money talks, get rich or die trying, these are seemingly innocuous all-American expressions that upon analysis reveal the essence of a society doomed to fail its destiny as much as any other mammon worshiper in history. We are worse, though. Money drive anything and everything in this country, lives, minds, hearts, dicks and vaginas to make it more realistic if you don;t mind.
we get the leaders the majority of us deserve, put up with, and buy into. it is, however, disingenuous to suggest we get the leaders we ALL deserve. it is equally disingenuous to suggest that we don’t get worse ones than we deserve due to the feedback loop. i would bebquite content to get the ones i deserved but it doesn’t work that way. and due to curves we will only at best be ruled by those the mediocre can be romanced by.
THIS IS JUST A SALES AD FOR APPLE PRODUCTS-NOTHING MORE.
The illustration accompanying this article features the work of Antonio Prohías published without attribution. Perhaps an editor can assure me that this was done with permission or appropriate payment to the current copyright holders (either the Prohías estate or Time Warner as the case may be).
Despite the purpose of this website and the Snowden revelations, just two weeks ago The Intercept was defending the recent FCC control of the net, and also they praised Obama for Net Neutrality (in an obvious Soros-funded article). Make up your mind.
No inconsistencies along all of those view points at all.
Yes…although I do not agree with position postulated in the articles to which you referred; I disagree with you regarding the necessity of any publication to polarize.
It is an individual who must decide truth for themselves when presented the many facets of polarization.
In other words…my disagreement with a prevailing opinion does not invalidate ALL of the journalism presented by the publication.
If I disagree with the majority of content presented, I can always elect not to read the news source.
It is an individual choice….not a publication imperative.
Lyra, the Chuck Dingo commenter tipped its hand with this idiotic remark: “(in an obvious Soros-funded article).” It’s the old, either you’re a Soros and Obama/Democratic Party, fan or you’re a Rupert Murdoch and Fox News fan. It’s just the infamous pigeon holing, leaving out the possibility that not everyone is an either/or and basically brain dead and incapable of independent thinking. For example, while everyone can decide for themselves what they think about net neutrality, the founders of Popular Resistance fought hard to help make it happen. They, and Popular Resistance have long been on a constant campaign against the two party sham, and you’ll find articles published their everyday exposing that for the sham that it is, and also exposing Obama for the sham and hypocrite that he is.
I agree with Chuck Dingo regarding “Net Neutrality.” It was stupid for the American people to concede control of the internet to the FCC which is basically the opinion of Ajit Pai, who offered one of the dissenting statements to the decision of the Commission. That can be found here:
https://www.fcc.gov/article/doc-327104a5
I disagree with Chuck Dingo in his implied assertion that any Internet based publication like The Intercept should restrict publication of journalistic works based on any individual’s perceptions of party affiliation or the polarity of central banking financial acquisition of the party members. In fact, I think that such a policy would be detrimental to the acquisition of an open-minded and diverse readership. In other words, I do not need to agree with every article or position upheld by any or all of journalists writing for TI and would find such a demand to be narrow-minded and unreasonable.
If one were to find that the prevailing content in any internet based publication had indeed been co-opted by a political faction; one could simply choose to avoid reading it. It is an individual choice.
Mr. Dingo: I still fail to understand how anyone can think that the FCC’s decision to continue the Internet’s long-standing practice of equal handling of the speed and routing of all data packets, is some kind of attempt to “control” the Internet, when it’s exactly the opposite.
Outstanding journalism.
This article should be headlined or referenced in every reputable internet news publication as it clarifies the mechanisms of technology, methods and scope of the National Security Directorate manipulation, and the potential effects upon the end-user.
This is an interesting development: “Wikipedia sues NSA, DoJ over mass surveillance”
http://rt.com/usa/239261-wikimedia-nsa-lawsuit-surveillance/
The resulting mounting world-wide objection will; hopefully, pressure corrupt courts to judge IAW the Constitution since the US National Security directorate is the obvious world-wide ring-leader in mass surveillance. However…if the courts fail to ensure justice ….they too can be eviscerated and forced to comply.
Many thanks to TI for providing and continuing to provide evidence to the masses of end-users. If the masses decide to reject the .01% of elite world masters, there will be no where for THEM to hide from the ensuing wrath. I suspect that the tipping-point of critical mass rejection is now within attainable range.
There is always hope…and the show is not over until the fat lady sings.
More on the Wikipedia lawsuit here —
http://www.theguardian.com/technology/2015/mar/10/wikipedia-to-file-lawsuit-against-nsa-and-us-department-of-justice
— and, prominently, at ACLU (dot) org.
I appreciate the levity that you provide coram nobis.
quote”JUDGE: Court is now in session. The fat lady will make…” Judge is interrupted by voluminous gun shots and loud screams, while armed patriot insurgents invade the courthouse, kill and subdue all law enforcement and resistance… “this court is now adjourned by virtue of it’s illegitimacy and our power to kill you if you resist! Sargent..arrest the Judge and all remaining conspirators to usurp the Constitution…throw the ropes over the beam. To those of you in the gallery who want to join us.. step to that wall. Otherwise..we will hang you. Marshal… Proceed. NOW!
levity indeed.
If the masses decide to reject the .01% of elite world masters, there will be no where for THEM to hide from the ensuing wrath. I suspect that the tipping-point of critical mass rejection is now within attainable range.
There will be pushback, but I would not count on it coming from anyone in Congress for two reasons: 1) Who knows how much dirt the White house now possesses not only on various Statesman and Judges, but also on members of their families. This can increasingly be used as leverage (is Sen. Menendez a case in point?)
2) Assuming that the two parties are in competition (I do not necessarily assume that), the amplification of executive power by means of vastly increased access to information, is going to look attractive to both parties. They are not going to vote on term limitations, campaign reform, or mount a serious opposition to what is taking place with the NSA and CIA. Being able to tap into the communications of opposition figures to be able to “head them off at the pass” as It were, is only the beginning. No doubt the new “Data Chief” is busy working on ways to shape all of the Big Data coming in into all kinds of shapes and forms.
Congress will be busy for quite some time worshiping the hallowed ground Bibi walked on.
There are only two surprises in this article:
1) That the government didn’t strong arm Apple, Microsoft into providing a backdoor
2) That the NSA / CIA couldn’t find a way to crack iPads / iPhones.
Big Brother is being constructed right now under our very noses, while the sheep run around aping phrases like “uh oh, another conspiracy theory” or “break out your tin foil hat”. So for me a key question is: “Is Big Brother an inevitable, inescapable byproduct of advances in digital technology?” Because to me, so far, it looks like they are going to get away with it.
The CIA could have enlisted the help of middle school students in LAUSD schools.
They hacked their free ipads in less than a week!
Implicit in this story is the question about Android. Perhaps Google is more cooperative with spy agencies, and they don’t need to mount such an effort!
If it is OK for the CIA to steal from Apple today, why won’t it be OK for the Marines to go into the local bank and empty the vault tomorrow? – Mike Tabony
I am not an international bank expert – so would welcome comment on the following story from anyone who has such expertise – but it appears to me that a form of this has already occurred, and is something that may be being implemented (if it hasn’t already) in places other than Cyprus:
http://americablog.com/2013/04/fdic-uk-nz-deposit-confiscation.html
I find it difficult to argue with any of those three conclusions.
My compliments Pedinska.
No argument here.
Excellent analysis, Pedinska. I believe this is also why they have trade agreements, so that multinational corporations can go about their business unimpeded by any nation’s laws.
You have to wonder if that “secure phone or email” the CIA is using hasn’t also been cracked to monitor the monitors.
It would be nice if TI verified that their “secure” system for whistleblowers is still secure whenever they publish an article like this…. and that the encryption they recommend for general use by journalists and others is too.
Reading an article here in 5 years that exposes that they were mistaken would be rather disappointing.
The CIA probably let their lower-level people think that when in reality they’ve always had full access.
I think the key word in the article above is “lawful” surveillance. The Snowden leaks have shown that the government no longer follows the law in its surveillance practices. This caused a loss of trust from the public that is going to create a reaction to any sort of legislation or rules that require back doors into commercial products. The back doors would only have been allowed if the public trusted the government. I fear what terrorists might do to the US, but I fear *more* what a “democratic” fascist state would do with that level of control over the public – the capabilities are enough to make Hitler jump out of his grave for another chance at ruling the world. Terrorism can be solved by becoming a better citizen of the world and ending our attempts to economically colonize the world. Fascist tyranny by our own government can only be prevented by ensuring privacy – and an awakened public that votes out anyone who compromises that privacy.
Where is Congress on this?
Immediately beneath the zipper on the NSA’s carefully creased slacks.
congres – clapping to foreign agent
If the government wins, we have a police state. If the manufacturers win, we have a terrorist haven. The subtext here is the limitations of technology to solve our problems. The real solution is having a government one can trust to apply powerful technology discreetly. But it doesn’t seem we are close to that, particularly with the current administration.
So, these spooks, do they use ipads and iphones? Do they know how to tell if a device has been compromised? Do these exploits have corollaries on Android?
Also, who do they hack? Is it just drug dealers and terrorists? Or is it everyone? I mean, why would the CIA/NSA/XYZ need to see pics of some punk’s junk he just sent to his girlfriend or check up on the latest instagrammed lunch pic of a bored suburban housewife?
Why did The Intercept hold this for two years? What else is being held?
Does anyone else find this just a wee tad ironic?
“Since he now knows backdooring encryption is a terrible policy that will damage cybersecurity, privacy, and the economy, why won’t he order the FBI and NSA to stop pushing for it as well?””
Because the loss of a little business in the short term will pay off in a much bigger way over the medium and long term. Remember, the US Neoliberal Empire has control of +/- 40 trillion dollars in enterprise transactions and cash flow per year so the loss of one or two hundred million briefly is chump change.
I am afraid of excercising my rights under the U.S. Constitution to peaceably participate in this discussion for fear of drawing NSA attention upon myself.
“The documents do not address how successful the targeting of Apple’s encryption mechanisms have been” – Let me fill in the gaps… CIA employee applies for a job as a developer within Apple: is directly involved in writing code related to key generation and/or firmware updates.
Don’t ever forget that, back in the 90’s, Berkley researchers had discovered that, somehow, the encryption keys inside cell phones had been padded with zeroes to make breaking the encryption easier.
Snowden has done such damage. Law abiding people could have had strong encryption, while suspected terrorists could have been surveilled with a proper warrant. But since his illegal leaks, now companies feel stampeded into creating products that prevent even the most legitimate, properly warranted search, which in turn forces government to expend enormous effort to crack those products and make us ALL vulnerable.
Is the Lockheed Martin facility, in an office park in Northern Virginia, where the CIA Jamboree took place, in Herndon, Virginia? It is my understanding that the CIA financed a PROMIS software “packaging facility” at a location in Herndon that was used for that purpose by each of the following successive CIA contractors: GE Aerospace, Martin Marietta, and Lockheed Martin. The project was allegedly run by the CIA’s Division D, comprised of CIA clandestine officers together with NSA engineers. That CIA Division later allegedly morphed into the Special Collection Service, a semi-autonomous intelligence agency comprising both NSA engineers and CIA clandestine officers.
“The CIA declined to comment for this story.” lol
c
Copy/paste error… and didn’t have the time to retype my comment.
CIA Admits Using News To Manipulate the USA (1975)
This is an old clip showing admittance of the CIA that they use the mainstream media to manipulate the thoughts and ideas of American citizens in the USA. This has not changed obviously and is good to know happened in the past due to our reality today.
http://youtu.be/5ED63A_hcd0
In case you haven’t read it, get hold of Manufacturing Consent by Eward Herman and Noam Chomsky – http://bookshop.theguardian.com/manufacturing-consent.html
That one will show you the extent of media manipulation, and how they do it.
Actually, this video from a long time source did lead to these books discussed and contained in this video. I am always open to suggested reading! Thank you for your time and comments it is very much appreciated.
Rule from the Shadows The Psychology of Power
The pursuit for dominance is the primary propellant of history, always has been, always will be. Those who don’t identify this assumption are not excused in the grand chess game, but instead are displaced and exploited by forces they do not comprehend.
http://youtu.be/lDDASww6vFY
Anything by Cass Sunstein will do you well, if you’re willing to track it down. The published book isn’t half as brutal as the papers.
and he is one of the guys advocating FOR such use which gives a lot of insight into the mind of thevother side
Within a week after announcing our private and secure communications system hosted in Iceland, all of our computers, phones, routers, even printers were hacked. How do you know you’ve been hacked by a security service? All the devices have a forced reset (reboot is necessary to load up the new hacked firmware and OS) In the case of mobile devices, you’ll notice an extra 5-10 seconds to complete a call, a lot of missed and dropped calls and your battery will often completely drain overnight when they upload all the recorded things. You’ll also notice you don’t have as much storage as you used to, they’ve grabbed a bit of it in a hidden partition for all the things they collected to send back to the mothership.
They do have a sense of humor. I was on a call with a well known alternative media reporter and the Elvis Costello song “Accidents Will Happen” started playing over the call.
The issue is some these backdoors are now being discovered and used by criminal gangs, which in the case of Chinese and Russians, are indistinguishable from those state security services.
Apple and others need not only to use their battery of lawyers to fight back on this with all that they have, but even more importantly and hopefully more effectively they need to go on major and sustained campaign of informing the public what has been and is going on.
With all of this mass surveillance, the results are this: NSA and its contractors are, daily and constantly, snickering as they pass around “private” photos and videos of wives and daughters and so on of innocent citizens of the world. But as for their track record of thwarting terrorist plots, they claimed — aka lied — of having thwarted 43 plots. The truth turned out to be that they had thwarted Zero plots. The FBI finds so many plots to foil with its dependence on this multi-billion dollar surveillance information from the “Intelligence Community” that they have to manufacture and foil their own terrorist plots. (They do that in order to secure more funds for manufacturing more plots). That should tell us all a lot about the usefulness of these agencies and why the are screaming for more of everyone’s information. They are not only not to be trusted, but they are quite clearly criminals and have no intention of having their criminality suppressed or altered. Up to all of us to see to it that they are stopped. The hypocrisy of Obama as he wagged his daddy finger at China about doing what he and the US Government have been and are doing has to be majorly advertised for what it is: blatant and disgusting hypocrisy.
If Apple and others are really serious about stopping this theft of their products and stopping the mass surveillance of their customers they need to work much harder to inform the public. They’ve been seriously missing in action. What’s the explanation for that, especially since they have lost large sums of revenue as it is due to customers seeking other avenues of privacy in products?
This astute observation begs another question.
Is is possible that software giants such as Apple, Microsoft, Google, and Facebook, as well as their software peddling equipment manufacturers such as Dell and Hewlett Packard are covertly in collusion with the National Security directorate that they are purporting to oppose?
In other words…yet one more “good guy vs bad guy” playing tactic designed specifically to confuse the masses as to the underlying intent of their profound technological advances.
Analogous to the same tactic used by political parties like Republicans vs. Democrats or any other factional development of organized and well-funded political ideology designed to serve the very same controlling puppet masters.
Such factions have been winning for the same masters, for millenniums, to the detriment of the majority of living organisms on Earth to include the planet itself.
The probability of this analysis being correct, in my view, is extremely high. All of the tech giants are almost definitely to some degree in collusion with the NSA, FBI, CIA, and other agencies. It’s wrong, and it must be exposed and stopped. To do this, many skilled, professional hackers must individually infiltrate or covertly attack these companies and obtain clear, attributable evidence of these collusions and details thereof. Once released to the public, this would crack the goddamned thing wide open. Just imagine EVERYONE turning on the usually-corporate-bullshit-‘news’ to find out that EVERY SINGLE DEVICE they owned was backdoored and constantly recording their data and metadata to help a fascist, pseudo-democratic government control its citiz…. subjects. Yeah, maybe stock markets would crash, people would panic, and it would be anarchy for a while, then revolution. Maybe we need a revolution to get rid of this madness. Power structures could be rebuilt with care, with regulations, with transparency, with checks and balances, with democratic oversight. Maybe that’s what we need.
inb4 feds show up at my door and take me to a CIA blacksite despite me not advocating anything violent or illegal whatsoever
Is it possible they’ve run the table in the tech sector, yes, but its not probable in particular with Apple….Apple’s founders did not like the government and Jobs sought to keep them at arms length as much as possible (their current CEO is a member of a minority group that has been much abused by govts and individuals alike – so I’d take him at his word at this point). Of all the tech companies that would be trying to preserve user privacy in their products, Apple is probably the one.
Now for others like (AT&T, Verizon, Microsoft etc.) we know they have been working partners with the NSA for a long time (Snowden documents). Intel is in there somewhere as well (along with Cisco), although the picture is less clear how far they’ve gone to compromise their products for the benefit of U.S. intelligence agencies (although their own employees were trying to convince Google etc. to use NSA compromised encryption methods embedded in Intel chips). Some of what we know about Microsoft includes (always worth reading to see what they were/are doing and haven’t said they’d stopped):
http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data
Please stop spreading BS. I like how you don’t mention Google’s dealings with NSA, CIA and other 3-letter government agencies. Microsoft has been very proactive in protecting user privacy and has been legally forced into work with these agencies; they have been proactively against these warrants, gag orders, etc. Apple doesn’t care about its consumers like you think; they’ll do anything to make a $.
“The FBI and the CIA and the NSA and the other alphabet spy agents want back doors into all new tech products blah, blah, freakin’ blah.”
Can someone please tell me the date that the U.S. Constitution was officially shredded? Somewhere in my travels I must have missed that event.
What ever happened to the Congress telling any “law enforcement” agencies and “spy” agencies to get a WARRANT to listen in on a phone or to hack into someone’s email account??!
Honestly, when did we jump into this totalitarian fascist Big Brother nightmare?!
Every morning I awaken hoping that that it was all just a nightmare, but NO! It just goes on and on and gets worse and worse.
Is there NO POLITICAL LEADERSHIP in this country with guts and honor who value the truth and who respect the U.S. Constitution? We have a MAJOR leadership deficit right now. I wish Glenn could run for POTUS but I have a feeling he would never entertain the idea.
I see where Obama now wants to strip the CIA of the power to use drones to murder people. Obama wants the military to take on the “roll”, but the CIA is balking at giving in to Obama:
http://rt.com/usa/obama-drones-cia-pentagon-545/
Reminds me of JFK saying he wanted to “Tear the CIA into a thousand pieces and scatter it to the wind”.
“Obama’s comments were dripping with hypocrisy”
Imagine that.
If drugs are made legal the drug dealers and the drug COPS will both be out of work.
Excellent article.
If it is OK for the CIA to steal from Apple today, why won’t it be OK for the Marines to go into the local bank and empty the vault tomorrow? A government that has gone so far in the fascist direction is in all probability not salvageable.
I fully support the inclusion of an encryption chip in each device that uses some parameter (time to the millisecond it was first activated) to generate a very complex set of encryption codes which are known to only this device, change often, and affect all the data entered into the device. Using that technology only the device would know the codes, not company, not government. A company could also build into the device a destruction mode where all these codes would be destroyed on command, rendering the entire contents of the computer useless garbage.
We should all be afforded the same level of privacy demanded by the most ruthless organization on the planet, the CIA.
JMHO, that would be such an important chip (and threat to the U.S. security establishment), that there would be no way a U.S. company could make that without the U.S. security establishment compromising it (either in design or production etc.)…there’d be no way our government would not do that. Remember, Intel has been found to have NSA backdoored encryption tech in their CPU’s, Cisco chips in routers and on and on…
The better solution is literally to have all the chip designs, firmware and software (used by computer devices, networking equipment, mobile equipment, telecom equipment) be open source (where you can look at the code/designs used to make it) so it can be viewed, checked against our govt agencies compromising them…at this point – its been open season for the U.S. govt doing it to all the these companies where we can’t see the details (willingly or in the case of Apple not willingly)….only with open source will people be able to have some confidence the U.S. government hasn’t planted a back door in the device going forward. The market is waiting for that option (Open Source everything) and its slowly coming together now (the last year and a half has changed things) – and it will most be done outside the U.S.. JMHO…
Thanks to all of you that worked on this.
It’s strange how a little time, and perhaps another piece of some obscure puzzle, can often add clarity to so many things.
Queues a mind control ride at Disneyland: “It’s a Small World after all, it’s a Small World after all…”
Who are these doofuses who keep asserting that we have a “right” to privacy? They must come down with a painful case of cognitive dissonance every April 15th…
Give me a break, Apples offer no additional security over any other device, and any first world government has access to these devices.
Half the celebrities hacked in the last year were using these device.
They use the same core I3 I5 I7 processors… they use Objective C/C instead of Java, but the two languages are extremely similar.
Plus Apple shared their mirror server access int he PRISM program… Al Gore was on their board and Apple sold your secrets to the government.
As for Edward Snowden? He was an American hero who sacrificed his liberty so you could have privacy.
If US voters care about their privacy the first thing they should do is demand that encryption methods like SilentCircle not be forced by law to be open source.
“We have also never allowed access to our servers. And we never will,” — aside from PRISM, does Tim Cook honestly believe his internal network doesn’t have some special hard drive firmwares!? Good luck with that audit! Now all we need is for Oprah to chime in and say… “I’m never going to use another Apple product!”.
In other news, it took the CIA 5 minutes to crack Windows.
The silence from the left is deafening, a leftwing nanny state is perfectly fine with them as long as they hold the reins. Where are the homeless advocates and the press screaming their numbers? Where are all the women’s groups? Where are all the war protestors?
The mask of the donkey party has evaporated revealing the NWO in all it’s glory.
IMPEACH
“Spies gonna spy”
Let’s not undersell our nation’s intelligence. Spies also gonna–
Rape
Torture
Murder
Rape Really Hard
Steal
Overthrow Democracy
Extra Rape
Lie
Instigate war
Anal Rape
Seriously, a lot of Anal Rape
Blackmail
Rig Elections
Even More Anal Rape
Divide
https://soundcloud.com/busdriver-of-hellfyre/worse-produced-by-kenny-segal
this.
This story would have a huge impact if it weren’t going to be diligently and intentionally ignored on the evening news tonight and in the papers.
At least it’s on Drudge which has a large audience. Who watches the evening news anymore?
My dad.
People who vote.
So it IS illegal for the CIA to spy on U.S. citizens on U.S. soil. I guess congress is going to have to get off its ass to write a law to (retroactively) allow the CIA to do this. What is next for congress? Write a law to allow the CIA to target Apple’s encryption dept with drones?
This is precisely why the US government launched the false flag operation against the American people on 9/11. They needed an excuse to do all this stuff. Without 9/11, this stuff is completely indefensible.
Quote: “It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.”
Simple. You do what the CIA did after WWII with a mechanical encryption machine made by a Swiss company. You pay them handsomely, depositing the money in a bank account in a country with strict banking secrecy laws.
New products or those with middling popularity are probably the best target. The developers of lucrative products won’t be tempted by money. Unpopular products won’t be worth the trouble. The best choices would be apps particularly likely to be used by those the CIA wants to monitor.
The powers that be don’t want to stop it because the intelligence community provides them with political intelligence. If there is one thing the intelligence community is good at it is horse trading Intel.
This article is a great piece of misdirection.
Apple’s focus on product design always seemed a bit un-American. I’m pleased the CIA has uncovered this network.
While Apple’s cryptologists are undoubtedly hard to defeat, its users are vulnerable because the Apple logo is quite distinctive and conveniently displayed on all their products. Since border searches can be conducted anywhere within 100 miles of a border or an international airport, it should not be too difficult to round up this network and force them to divulge their passwords.
In a recent case, a man was charged at the Canadian border for refusing to provide the password to his Blackberry (a rival Jihadi group) and is facing a year in jail and $25,000 fine. If the US starts rounding up Apple users, I’m sure they’ll crack fairly easily. But it’s necessary to move quickly before the radicalization process proceeds too far.
It’s important to remember that was the Canadian government charging the guy with the Blackberry – they’ve got that privacy crisis winding its way through Canadian courts.
The U.S. Supreme Court, uncharacteristically, said the data on our smartphones was private and searches required warrants in the U.S. so there’s a little bullwark there against the oceans flooding in around us.
http://www.washingtonpost.com/national/supreme-court-police-must-get-warrants-for-most-cellphone-searches/2014/06/25/e2ff1326-fc6b-11e3-8176-f2c941cf35f1_story.html
Police need a warrant, but there is a border search exception for authorized federal agents which applies within 100 miles from a border or an international airport. Since many international airports are close to large population centers, this actually covers a very large number of people.
Large scale searches might create a political backlash, so it will probably remain a secondary method – but I suggested it just to be helpful. The Canadian government is ahead of the curve in some instances. The NSA already hacks the SIM card manufacturers, but they like to have alternate means of collection to make their information collection system as robust as possible.
You can bet they have cut right through Apple’s security or Apple let them in.
Why did you guys publish stuff about targeted hacking? As Schneier said, that’s exactly what we want the NSA to do. If you can think of just one case in which government hacking of a computer is justified, then there has to be someone somewhere working on breaking into iPhones. Apparently Matthew Green did not keep up with the documents that have been published. You guys mentioned that they had freakin’ drones in the sky hacking routers from 8 miles away. You knew they had lazer microphones, and were sabotaging nuclear facilities with malware, and were hacking heads of state and computers compromised by other intelligence agencies. And Green says it’s “news to me” that they were cracking fucking iPhones!?!?! Like one of the most popular devices in the world? What?
My understanding is that the CIA is forbidden by law from conducting domestic operations. Obviously, that did not stop them from hacking the Senate computers in their efforts to evade oversight, and the reason the CIA works hard to avoid oversight is that they clearly no longer feel restrained by law. The CIA escaped any punishment or accountability for breaking into Senate computers, and I doubt that there will be any repercussions to this latest law-breaking.
Congressional oversight of the CIA is no longer possible—the CIA has seen to that—and it doesn’t seem that the White House can control them either. The CIA is now, so far as one can tell, a rogue agency operating outside the constraints of the law, with no oversight, and is never held accountable for its misdeeds—not even obvious misdeeds such as destroying evidence of war crimes.
The US government has changed character, and not for the better.
Look up the activities of In-Q-Tel.
Do you really think the CIA cares about the law? The CIA is the largest illegal drug cartel in the world. That is the source of most of their funding.
Although they may be the world’s largest drug cartel, that’s not their primary source of funding. But it is substantial (like running Afghani heroin).
I heard Apple came out with a alternate version of the Apple Watch, it’s called the iWatchYou.
or iWatchU
I’m not surprised by this article. It seems to just keep rolling along whether articles get written about the secret intelligence agencies or not.They just keep doing what they do and no one in power is really that interested in stopping them
You got it backwards. The people in power put the CIA in this position. Get over this “Democracy” nostalgia crap. It is not coming back!
When they have copies of every communication made by all our officials, do you think they have the balls to try and do anything about it? The coup is over, the fascists have won.
No, it’s the Apple Northern Spy.
The NSA. The only part of the government that DOES listen to you. ;)