CIA tried for several years to break Apple’s encrypted firmware in order to plant malicious code on Apple devices and seek out potential vulnerabilities on iPhones and iPads, according to leaked top-secret documents.
The Intercept reports that CIA sponsored a secret annual gathering, called Jamboree, where security researchers presented their latest tactics and achievements and discussed strategies for exploiting security flaws in household and commercial electronics. The conference took place for nearly a decade, with the first meeting taking place a year before the first iPhone was released.
The secret documents show that the researchers have sought to hinder Apple’s plan to provide mobile security to hundreds of millions of customers across the globe by targeting essential security keys used to encrypt data. Also, researchers claimed they had a modified version of Apple’s proprietary software development tool, Xcode, which could allow access into any apps or programs created using the tool. This modified version could enable spies to steal passwords, grab messages on infected devices and force all iOS applications to send embedded data to a listening post. The leaked documents don’t explain how intelligence agencies would get developers to use the poisoned version of Xcode.
Researchers at the CIA conference also focused on other tech giants, including Microsoft’s BitLocker encryption system, which is used widely on computers running premium editions of Windows.
It is well known that the governments are not big fans of companies like Apple and Google, who are resisting pressure to weaken the security of their products. Apple was even publicly criticized for its uncrackable encryption used on devices and FBI Director James Comey, for example, said last year that Apple and Google’s new security measures will lead to “a very dark place” where police might not be able to stop criminals. Strating with his first public speech as a director, Comey asked tech companies to cooperate and build surveillance-friendly systems.
According to The Intercept, CIA declined to comment for this story, while Apple just pointed to previous comments Cook and the company have made defending Apple’s privacy record.