Another day, another collection of NSA spying revelations. The latest comes from security researcher Jacob Appelbaum, who spoke yesterday at the Chaos Communications Congress. During his presentation, Appelbaum detailed a number of nefarious programs, including a remote Wi-Fi hacking device reportedly capable of compromising devices from up to eight miles away. This so-called NIGHTSTAND hardware fits inside a relatively small suitcase, and leaked documents characterize it as "battlefield tested." Appelbaum also speculates that the hardware could be deployed on an unmanned drone, though he admits that there's no evidence to confirm that hunch.
Much of Appelbaum's talk covers programs described by Der Spiegel yesterday. The presentation is fascinating and frightening at the same time, and iPhone users should pay particular attention. At the 44:30 mark, Appelbaum mentions DROPOUTJEEP, a "software implant" that purportedly gives spooks unfettered access to the most popular smartphone on the planet.
Forbes has posted a document snippet describing this "product," which "includes the ability to remotely push/pull files from the device, SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc." So pretty much everything, then. The document is dated 2008, and at the time, DROPOUTJEEP required "close access methods" to compromise a device. However, the document goes on to say that "a remote installation capability will be pursued for a future release." Given the NSA's resources, it seems likely that a remote implant program has been completed by now.
The NSA targets other mobile devices, of course, but it seems particularly adept at exploiting Apple gear. According to Appelbaum, NSA documents claim a 100% success rate when "implanting" iOS devices. Appelbaum worries that Apple may be cooperating with the NSA, though he says the spy agency could simply be sitting on a treasure trove of unpublished security vulnerabilities. Given the extent of the NSA's apparent activities, it seems like no device or Internet connection is safe from prying eyes.
Update: Apple has issued a statement to All Things D saying that it "has never worked with the NSA to create a backdoor in any of [its] products, including iPhone." Amusingly, the statement mentions Apple's "industry-leading security" and says the company will "continue to use [its] resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them." There's no response to the claim that the NSA has a 100% success rate exploiting iOS devices.
|EVGA GTX 980 Ti VR Edition puts 5.25" drive bays to use||13|
|Windows 10 gets new Release Preview ring and detailed change logs||15|
|Asus releases a trio of colorful B150 boards for smaller PCs||17|
|Ash Wednesday Shortbread||33|
|Google to phase out Flash display ads in January of next year||16|
|Oculus will discount Oculus Ready PCs as part of a Rift bundle||25|
|Micron reports early successes in GDDR5X production||49|
|AOC U2879VF monitor brings 4K and FreeSync together||65|
|Amazon lets developers build games for free with Lumberyard||10|