The Central Intelligence Agency has desperately attempted for nearly a decade to hack Apple devices such as iPhones and iPads. Research and strategies to conduct a bypass on Apple security were presented during a classified annual meeting dubbed as the “Jamboree.”
CIA desperate to hack Apple devices
The Intercept has gotten hold of top-secret documents detailing CIA’s year-long research and annual conference discussing tactics for an Apple breach. The documents were provided to The Intercept by National Security Agency whistleblower Edward Snowden.
The decade-long plot targeted household and commercial electronics, The Intercept said. The very first “Jamboree” was held a year before the first iPhone was launched. “Jamborees,” sponsored by the CIA’s Information Operations Center, are platforms for “presentations that provide important information to developers trying to circumvent or exploit new security capabilities” and “exploit new avenues of attack,” the secret documents stated. Staff from the NSA also attended annual “Jamborees.”
The tactics hatched by the CIA included targeting essential security encryption on Apple devices, studying “physical” and “non-invasive” techniques and decrypting Apple’s encrypted firmware for spies to infect Apple devices with malicious code.
Security researchers involved in the plot said they were successful in cloning Apple’s Xcode as well as the OS X updater. The cloning enables spies to do surveillance work through apps or programs created using Xcode.
The Xcode replica specifically allowed spies to steal passwords and read messages from Apple devices. It can also “force all iOS applications to send embedded data to a listening post.”
All agencies named in the classified documents, including Apple and the NSA, refused to give comments regarding the matter, The Intercept said.
On June 2013, Snowden exposed NSA’s classified documents to the mainstream media. Around this time, Apple CEO Tim Cook condemned the government’s appeal to gain access to user data.
“I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will,” Cook was quoted as saying.
“None of us should accept that the government or a company or anybody should have access to all of our private information. This is a basic human right. We all have a right to privacy. We shouldn’t give it up. We shouldn’t give in to scare-mongering.”
Apple Watch Security
The failed attempt of the CIA to bypass securities of iPhones and iPads might have proven how secure Apple devices are. Will this also be the case for the new Apple Watch set to roll out on April 24?
By the looks of it, the smartwatch is secure. It comes with an opt-in pin paired for Apple Pay, and once this pin is activated, it is mandatory to re-enter the pin whenever users put the Apple Watch back on.
Furthermore, when users add credit cards using the Apple Watch, a unique Device Account Number or passcode is automatically assigned, encrypted and stored in a chip exclusively installed within the watch. The passcode, however, will not be stored on Apple servers. Whenever a purchase is made, the passcode and another security code generated specifically for that purchase are used to process the payment.
Apple guarantees that “actual credit or debit card numbers are never shared by Apple with merchants or transmitted with payment.”
“Even if you lose Apple Watch, your accounts are protected. Because when you set up Apple Pay, you’re required to create a passcode. Each time you take Apple Watch off your writs, the passcode must be entered to access it. And you can quickly remove your cards on iCloud.com,” the website for Apple Watch stated.