Menu
Virgin Galactic SpaceShipTwo Crashed

Virgin Galactic SpaceShipTwo Crashed

The Best Early Black Friday 2014 Sales To Shop this Weekend

The Best Early Black Friday 2014 Sales To Shop this Weekend

Call of Duty: Advanced Warfare Live Action Trailer is Released

Call of Duty: Advanced Warfare Live Action Trailer is Released

Amazon Countdown to Black Friday 2014 Sale Announced

Amazon Countdown to Black Friday 2014 Sale Announced

Heidi Klum Halloween Costume 2014 Teaser Revealed

Heidi Klum Halloween Costume 2014 Teaser Revealed

Appelbaum's Extraordinarily Disingenuous Claims About NSA Penetration Of Apple's iPhones

Dec 31 2013, 2:38pm CST | by , in News

 
 

Jacob Appelbaum has yet another revelation from the Edward Snowden trove of documents: that the NSA has a backdoor into all of Apple's iPhones. And I have no doubt at all that the NSA does indeed have the capability to crack an iPhone if it so wishes. But it’s what Appelbaum then goes on to say that is what I would call misinformation. At the very least it’s a disingenuous suggestion. Here’s what he does go on to say:

Appelbaum says that presents one of two possibilities:

“Either [the NSA] have a huge collection of exploits that work against Apple products, meaning they are hoarding information about critical systems that American companies produce, and sabotaging them, or Apple sabotaged it themselves,” Appelbaum said at the Chaos Communication Conference in Hamburg, Germany.

“Do you think Apple helped them with that?” Appelbaum asked. “I hope Apple will clarify that.”

Apple has of course clarified that:

Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.

But the problem with the larger claim that Appelbaum is making is that it’s not actually backed up by the information in Snowden’s documents. Which includes this very important point:

According to leaked documents, the NSA claims a 100 percent success rate when it comes to implanting iOS devices with spyware. The documents suggest that the NSA needs physical access to a device to install the spyware….

You can hack anything at all if you’ve got physical access to the hardware that you want to hack. We could undoubtedly hack President Obama’s BlackBerry if we could lay hands on it for a couple of days.

Appelbaum’s conclusion, that all Apple iPhones are vulnerable to some backdoor that is either a risk to Apple users or that Apple helped to create, is simply not backed up at all by the fact that physical access to the device is necessary to be able to hack it. Because, as I say, you can hack anything if you’ve physical access to it. You could, for example, jailbreak it and then add malicious code. If you were being really ambitious you might create some customs ROMs and add those. The list of things that you can do with said physical access is very long: and mean absolutely nothing at all about whether there is a backdoor into a system or whether Apple, or any other manufacturer, has either left a security gap or collaborated in the creation of the hack.

I’m entirely willing to believe that Edward Snowden is honest in his motivations, even if I think him misguided. This latest from Appelbaum (to add to all those lovely stories of his sojourn in Hawaii etc at a crucial time) make me much less willing to trust his statements on this or any other matter. He knows, as a security expert, that there are no secure systems if those who desire access gain physical access to the hardware. Yet even though he knows this point he goes on to claim a general backdoor and casts all sorts of aspersions about the motives that led to this. That’s just not credible, knowing what he already does about that physical access requirement. And those two things together make Appelbaum not credible to me I’m afraid.


Source: Forbes

Recommended For You

Comments

blog comments powered by Disqus