Der Spiegel reported on the NSA’s access to smartphones and, in particular, the iPhone back in September. Today, these reports expand to the NSA’s apparent ability to access just about all your iPhone data through a program called DROPOUTJEEP, according to security researcher Jacob Applebaum.
From the NSA document in question:
“DROPOUT JEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.”
“Do you think Apple helped them build that?” Appelbaum asks at one point in his talk. “I don’t know. I hope Apple will clarify that… Here’s a problem: I don’t really believe that Apple didn’t help them. I can’t really prove it, but they [the NSA] literally claim that anytime they target an iOS device, that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write shitty software.”
Taken as a whole, each of these revelations and reports paint a grim portrait of government overreach.
Since the Patriot Act was first made into law, and during the intervening years between then and revelations of the NSA PRISM program, one question has been paramount for privacy advocates: How do we, as a society, balance the need for security against the rights to privacy and freedom? At what point does the cost to our freedom begin to outweigh the perceived benefit of an ever more encroaching security apparatus?
That’s two questions, I suppose, but they’re part and parcel. So far, the elected officials we’ve placed in power have been unwilling to answer them, and the only reason we have any glimpse into these programs at all is thanks to whistleblowers like Edward Snowden. The only other question that remains is this: Will the American public ever make this a big enough issue to determine the outcome of elections?
Because until that happens, I sincerely doubt we’ll see a change in policy. I’ll sound off on a dour note. Economic and culture-war politics will almost certainly remain at the top of most voters’ priorities lists. While this story makes a splash, it will be a long time before it influences the ballot in any significant way. NSA privacy violations make a big, short-lived splash in the news and then fade in favor of bread and butter issues like jobs.
Which is understandable, but problematic.
It’s important to also note that these are claims and reports that offer just a glimpse at the full picture. We are dealing with a great deal of murkiness in that regard, so take everything with a grain of salt and the knowledge that, for better or worse, there is much more to this story./>/>
Here’s Applebaum’s speech: