Another day, another collection of NSA spying revelations. The latest comes from security researcher Jacob Appelbaum, who spoke yesterday at the Chaos Communications Congress. During his presentation, Appelbaum detailed a number of nefarious programs, including a remote Wi-Fi hacking device reportedly capable of compromising devices from up to eight miles away. This so-called NIGHTSTAND hardware fits inside a relatively small suitcase, and leaked documents characterize it as "battlefield tested." Appelbaum also speculates that the hardware could be deployed on an unmanned drone, though he admits that there's no evidence to confirm that hunch.
Much of Appelbaum's talk covers programs described by Der Spiegel yesterday. The presentation is fascinating and frightening at the same time, and iPhone users should pay particular attention. At the 44:30 mark, Appelbaum mentions DROPOUTJEEP, a "software implant" that purportedly gives spooks unfettered access to the most popular smartphone on the planet.
Forbes has posted a document snippet describing this "product," which "includes the ability to remotely push/pull files from the device, SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc." So pretty much everything, then. The document is dated 2008, and at the time, DROPOUTJEEP required "close access methods" to compromise a device. However, the document goes on to say that "a remote installation capability will be pursued for a future release." Given the NSA's resources, it seems likely that a remote implant program has been completed by now.
The NSA targets other mobile devices, of course, but it seems particularly adept at exploiting Apple gear. According to Appelbaum, NSA documents claim a 100% success rate when "implanting" iOS devices. Appelbaum worries that Apple may be cooperating with the NSA, though he says the spy agency could simply be sitting on a treasure trove of unpublished security vulnerabilities. Given the extent of the NSA's apparent activities, it seems like no device or Internet connection is safe from prying eyes.
Update: Apple has issued a statement to All Things D saying that it "has never worked with the NSA to create a backdoor in any of [its] products, including iPhone." Amusingly, the statement mentions Apple's "industry-leading security" and says the company will "continue to use [its] resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them." There's no response to the claim that the NSA has a 100% success rate exploiting iOS devices.
|RX Vega prices inch downward in our latest graphics-card spot check||4|
|HP ZBook x2 detachable is a consummate professional||2|
|NZXT Grid+ v3 keeps PCs quiet with machine learning||6|
|Razer's Blade Stealth and Core V2 step to the cutting edge||14|
|Intel unveils purpose-built Neural Network Processor for deep learning||17|
|Wear Something Gaudy Day Shortbread||14|
|Astro Gaming A20 rockets to 5.8 GHz for clearer connections||0|
|Asus teases ROG Strix X370I mobo for spiffy Mini-ITX Ryzen builds||12|
|NZXT's H700i, H400i, and H200i cases have their heads in the clouds||15|