iPhone security: NSA’s powerful spy tool suggests foul play

Over the months, the leaked NSA documents have provided enough evidence to confirm that the government agency knows no limits when it comes to snooping and has a complete disregard for individual privacy.

However, a fresh set of documents dated 2008 and released a few days back have made an alarming revelation, one that would have the Apple loyalists asking themselves if they truly want to hang on to their iPhone.

The perfect spy

First disclosed by Der Spiegel and security researcher Jacob Applebaum, the NSA had a disturbingly powerful iPhone spy software named DROPOUT JEEP sitting in their arsenal, one that allowed remote retrieval of information from the target phone covertly with a 100 per cent success rate. The spyware was capable of spying on everything from calls, text messages and voicemail to contact lists, geo-location data, pictures, and even live audio.

As with any other spyware software, DROPOUT JEEP installation required physical access to the target device and since Apple sold about $250 iPhones during its first five years, a large-scale implementation of the software seems highly unlikely.

Apple denies helping the NSA

The 100 per cent success rate of DROPOUT JEEP strongly suggests that NSA may have received some help from Apple to create the iPhone backdoor program.

However, the US-based tech giant has refuted the allegations. It insists that it has never assisted the NSA in its snooping activities by creating a backdoor in any of its products and further claims that it had been completely oblivious to the existence of the powerful spy software that the government agency has allegedly been using to spy on its products.

Reiterating its unwavering commitment to the privacy and security of its users, Apple contended that it continuously struggles to enhance the security of its products and stay one step ahead of malicious hackers and snoops, including the government.

US tech companies with little incentive and choice

Apple’s denial of helping the NSA spy on its customers does seem to carry a lot of weight. The company hardly has any incentive to shoot itself in the foot and risking everything from customers’ trust to its reputation in the market.

However, the company has admitted on many occasions that it, like several other tech companies, have received data requests from the government agency. Just how many of these requests were entertained still remains a secret, one that not too many people would be dying to know.

It is already a known fact that the NSA has been snooping into the internal servers of Google and other major tech companies without their consent. With seemingly no limit to their reach and no check on their activities, it is hard to say what other infractions that government security agencies have been committing.

Tech companies operating on American soil don’t find themselves with too many options when approached by the security agencies, so expecting them to risk sanctions by refusing to cooperate with them is pretty wishful thinking. However, they are exercising the legal option of taking the matter of surveillance to court and asking for reforms that would return citizens their sense of privacy and security.

Jessica Carol is a writer for MobiStealth and has been dishing out tech articles and reviews for several years now. She can be contacted @Jcarol429.

Join the CSO newsletter!

Error: Please check your email address.

Tags NSA leaksiPhoneprivacy

More about AppleGoogleNSASpiegel

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jessica Carol

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts