Apple and the CIA: MacBooks and iPhones infiltrated but Duplicity or Sincerity?
Sawako Uchida and Lee Jay Walker
Modern Tokyo Times
It is reported by WikiLeaks that the CIA has infiltrated products by Apple, in relation to iPhones and MacBooks, for 8 years. Of course, while this issue is nothing new, the extent, possible duplicity, and Apple’s sincerity, is questionable. After all, if Apple is fully aware of this issue then why weren’t full measures taken legally – and fixing all issues rather than enabling the same channels to obtain information?
National governments are obviously concerned about issues related to cybercrime, criminality, terrorism, narcotics, smuggling, sexually related crimes against minors, and so forth; therefore, hacking is taken for granted in many areas of new technology. However, this shouldn’t apply to a carte blanche approach and where information outside “serious issues” is being manipulated by intelligence agencies. This is certainly topical given recent issues in relation to privacy, political smear campaigns, releasing information covertly in order to create political pressure and other important areas.
WikiLeaks says, “Among others, these documents reveal the “Sonic Screwdriver” project which, as explained by the CIA, is a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting” allowing an attacker to boot its attack software for example from a USB stick “even when a firmware password is enabled”. The CIA’s “Sonic Screwdriver” infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.”
WikiLeaks further says, “Documents on the “Triton” MacOSX malware, its infector “Dark Mallet” and its EFI-persistent version “DerStarke” are also included in this release. While the DerStarke1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.”
The “Vault 7” WikiLeaks information, in relation to “Dark Matter,” states categorically that the infiltration of Apple products by the CIA is an established reality. In other words, the CIA was able to infect and spy on American nationals based on the Thunderbolt port (microcode of MacBook infected based on the tool “Sonic screwdriver”) until Mac vulnerabilities were allegedly fixed in 2013 for future launches. Similarly, the contamination of the early iPhone version (CIA obtained call logs and SMS history) 3G was allegedly fixed in 2009 based on the iPhone 3GS.
Yet, this is a gray area because initial malware was designed to affect EFI/UEFI (in PC’s then BIOS) the system permanently. In other words, updated versions have allegedly failed to remove past infiltrations.
Wikileaks appears to doubt the sincerity of Apple that claims to fix all flaws. In a tweet by Wikileaks (@wikileaks – 24 March 2017), it says, “Apple’s claim that it has “fixed” all “vulnerabilities” described in DARKMATTER is duplicitous. EFI is a systemic problem, not a zero-day.”
In another tweet by Wikileaks, it says, “Darkmatter+Triton can be remotely installed – CIA has 2016 version: DerStake2.0 – EFI is not fixable “vulnerability.”
It may well be that Apple is being sincere. In other words, flaws are not deliberate nor is Apple being duplicitous in relation to any possible links in the CIA chain. Yet, if Wikileaks is vindicated, then Apple needs to take its security to a higher level and one that creates genuine trust. If not, then the issue of “sincerity” or “duplicity” needs to be questioned at a higher level.
DONATIONS to SUPPORT MODERN TOKYO TIMES – please pay PayPal and DONATE to firstname.lastname@example.org
http://moderntokyotimes.com Modern Tokyo Times – International News and Japan News
http://sawandjay.com Modern Tokyo Times – Fashion
https://moderntokyonews.com Modern Tokyo News – Tokyo News and International News
http://global-security-news.com Global Security News – Geopolitics and Terrorism
PLEASE JOIN ON TWITTER
https://twitter.com/MTT_News Modern Tokyo Times
PLEASE JOIN ON FACEBOOK