Another day, another collection of NSA spying revelations. The latest comes from security researcher Jacob Appelbaum, who spoke yesterday at the Chaos Communications Congress. During his presentation, Appelbaum detailed a number of nefarious programs, including a remote Wi-Fi hacking device reportedly capable of compromising devices from up to eight miles away. This so-called NIGHTSTAND hardware fits inside a relatively small suitcase, and leaked documents characterize it as "battlefield tested." Appelbaum also speculates that the hardware could be deployed on an unmanned drone, though he admits that there's no evidence to confirm that hunch.
Much of Appelbaum's talk covers programs described by Der Spiegel yesterday. The presentation is fascinating and frightening at the same time, and iPhone users should pay particular attention. At the 44:30 mark, Appelbaum mentions DROPOUTJEEP, a "software implant" that purportedly gives spooks unfettered access to the most popular smartphone on the planet.
Forbes has posted a document snippet describing this "product," which "includes the ability to remotely push/pull files from the device, SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc." So pretty much everything, then. The document is dated 2008, and at the time, DROPOUTJEEP required "close access methods" to compromise a device. However, the document goes on to say that "a remote installation capability will be pursued for a future release." Given the NSA's resources, it seems likely that a remote implant program has been completed by now.
The NSA targets other mobile devices, of course, but it seems particularly adept at exploiting Apple gear. According to Appelbaum, NSA documents claim a 100% success rate when "implanting" iOS devices. Appelbaum worries that Apple may be cooperating with the NSA, though he says the spy agency could simply be sitting on a treasure trove of unpublished security vulnerabilities. Given the extent of the NSA's apparent activities, it seems like no device or Internet connection is safe from prying eyes.
Update: Apple has issued a statement to All Things D saying that it "has never worked with the NSA to create a backdoor in any of [its] products, including iPhone." Amusingly, the statement mentions Apple's "industry-leading security" and says the company will "continue to use [its] resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them." There's no response to the claim that the NSA has a 100% success rate exploiting iOS devices.
|1. BIF - $340||2. chasp_0 - $251||3. mbutrovich - $250|
|4. Ryu Connor - $250||5. YetAnotherGeek2 - $200||6. aeassa - $175|
|7. dashbarron - $150||8. Lucky Jack Aubrey - $100||9. Captain Ned - $100|
|10. Anonymous Gerbil - $100|
|Intel debuts embedded Skylake-R CPUs with Iris Pro graphics||47|
|Chromebooks get multi-monitor support with DisplayLink||2|
|AMD bolsters its budget storage options with its R3 SSDs||12|
|Radeon Software 16.5.1 drivers fix Forza follies||5|
|Fallout 4 gets more love from Bethesda with Far Harbor expansion||18|
|AMD adds refresh-rate ranges to its FreeSync monitor page||38|
|Rumor: Early Broadwell-E benches hint at solid performance gains||88|
|HP refreshes Pavilion consumer PC lineup||17|
|Nvidia teases Pascal GeForces amid GTX 1000-series rumors||56|