Slashdot Mirror

← Back to Stories (view on slashdot.org)

CIA Tried To Crack Security of Apple Devices

Posted by timothy on from the hey-fellas-we-were-expecting-you dept.

According to a story at The Guardian passed on by an anonymous reader, The CIA led sophisticated intelligence agency efforts to undermine the encryption used in Apple phones, as well as insert secret surveillance back doors into apps, top-secret documents published by the Intercept online news site have revealed. he newly disclosed documents from the National Security Agency's internal systems show surveillance methods were presented at its secret annual conference, known as the "jamboree."

119 comments

  1. In some way, obvious by cant_get_a_good_nick · · Score: 1, Redundant

    If i wanted to really know someone, I'd bug the computer in their pocket with the GPS and the microphone.

    The big news is, when does the "hey lets go after foreign enemies" change to "well, american, foreign, it's all the same to me"

    The hacked compiler is kind of interesting too. Lets insert backdoors into ALL TEH iTHINGs!!!

    1. Re:In some way, obvious by Anonymous Coward · · Score: 0

      "The big news is, when does the "hey lets go after foreign enemies" change to "well, american, foreign, it's all the same to me""

      How would that be big news. It changed the second they signed the Patriot Act.

      IE: Day 1. I doubt anyone is surprised by this.

  2. The Big News by Anonymous Coward · · Score: 0

    The big news is that Snowden's 15 minutes of fame are over. These "revelations" are being met with a big yawn.

    1. Re:The Big News by Opportunist · · Score: 3, Insightful

      Less a yawn, more a "duh, we already knew the NSA is the enemy".

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    2. Re:The Big News by theVarangian · · Score: 0

      The big news is that Snowden's 15 minutes of fame are over. These "revelations" are being met with a big yawn.

      Which is a development that is meeting with much approval in the headquarters of the CIS, NSA, FBI, MI5, MI6, BND, MAD, DGSE, DGSI, BRGE, .... and anywhere else where revelations about the government monitoring every move of the voting public are potentially damaging to the funding of the aforementioned organizations.

    3. Re:The Big News by Anonymous Coward · · Score: 0

      How's things at JTRIG this afternoon, is the coffee strong? Someone's probably dropped a little LSD in it, but that's okay, the experiments are for The Greater Good and I'm sure you'll understand. By now they've changed the name from MKULTRA to something hip like CAFPOW. It isn't jingoistic brainwashing when you're being paid, right?

      Meanwhile, you don't seem to understand that Snowden didn't want any fame and these revelations will keep right on coming regardless of what you and your friends say.

    4. Re:The Big News by king+neckbeard · · Score: 0

      Where, a few years ago, they would have been met with accusations of being a conspiracy theorist. Having documentation can make a big difference in how we handle things. At this point, I think the answer is quite clear regarding the alphabet soup spies: Nuke them from orbit. It's the only way to be sure.

      --
      This is my signature. There are many like it, but this one is mine.
    5. Re:The Big News by king+neckbeard · · Score: 3, Interesting

      If privacy is dead, then let's put up webcams to NSA HQ. Also, the NSA is, in practice, a military organization. That makes it a much larger concern.

      --
      This is my signature. There are many like it, but this one is mine.
    6. Re:The Big News by Opportunist · · Score: 4, Insightful

      The difference is maybe that the fire department can't yell "witch"... sorry, I mean "terrorist" and have someone arrested that isn't to their liking.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    7. Re:The Big News by u-235-sentinel · · Score: 1

      Less a yawn, more a "duh, we already knew the NSA is the enemy".

      They probably also write some of the more popular free games/apps out there as well. Not a great way of bugging a phone but still a way of getting their malware out there. Or at least it wouldn't hurt...

      --
      Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
    8. Re:The Big News by NatasRevol · · Score: 5, Insightful

      The very act of having an nationalized health care system would put as much personal information in the hands of the US Government any random NSA snoop of Wikipedia or break in on someone's mobile would.

      What utter fucking bullshit.

      Can my health records determine who I am friends with? Where I go? Where I browse online? Who I communicate with? What investments I have? And 100 other things the gov't could (and have) use as leverage to get information out of me if they wanted.

      --
      There are two types of people in the world: Those who crave closure
    9. Re:The Big News by MobSwatter · · Score: 0

      It becomes interesting if that data is being sold to corporations for marketing purposes.

    10. Re:The Big News by tnk1 · · Score: 1

      I disagree with your assessment of the comparative threat. All of those things are interesting, to be sure, but were never actually *private*, as in privileged or personal. There was just never a particularly easy to put that information together, but for the most part, none of that is actually personal.

      Heath care information is actually personal, and includes a lot of details, including payment details, specific and possibly embarrassing health conditions, and a lot of other things you'd have no other way of obtaining except through attacking straight through doctor patient confidentiality. You don't need much imagination to understand how that is very, very useful information. Not least because it has been harder to come by.

      Any old internet provider could choose to give up your data at any time, and they have with relatively minimal fight in many cases. Cracking a more closely held sort of data than that is something that would be an innovation.

    11. Re:The Big News by Anonymous Coward · · Score: 0

      The fire department... as in the organization that comes and lights your place on fire if they find any books at your house?

    12. Re:The Big News by Anonymous Coward · · Score: 1

      What utter fucking bullshit.

      Can my health records determine who I am friends with? Where I go? Where I browse online? Who I communicate with? What investments I have? And 100 other things the gov't could (and have) use as leverage to get information out of me if they wanted.

      May not. But what if they wanted you out of the picture by inserting a history of mental illness or paranoid schizophrenia into your medical health records. That could be an excuse to confiscate your guns or have you institutionalized. And these are the things off the top of my head, I'm sure the govt. could come up with even more sinister/evil things to do to one's records.

    13. Re:The Big News by NatasRevol · · Score: 1

      All of those things are interesting, to be sure, but were never actually *private*, as in privileged or personal.

      Again, what utter fucking bullshit. Communication is still considered private when done in private. Note I didn't say everything was being done online.

      Healthcare is private too, but that doesn't mean everything else isn't.

      --
      There are two types of people in the world: Those who crave closure
    14. Re:The Big News by DigiShaman · · Score: 1, Interesting

      Under nationalized healthcare, effectively YOU ARE GOVERNMENT PROPERTY!!!! Any activity that can effect the cost of healthcare to the nation can and will be legislated under the auspices thereof.

      Under national healthcare, your personal liberties are anything but!

      --
      Life is not for the lazy.
    15. Re:The Big News by Anonymous Coward · · Score: 1

      Do you think that the US would exist separate from England if the king was able to determine where everyone went and who they communicated with? No, instead the founding fathers would have all been executed and the subjugation of the American people by a tyrannical dictator would have continued. If there is no threat from the people, what will stop the US government from becoming tyrannical?

    16. Re:The Big News by chispito · · Score: 1

      And 100 other things the gov't could (and have) use as leverage to get information out of me if they wanted.

      No to everything before this. Big yes to this.

      --
      The Daddy casts sleep on the Baby. The Baby resists!
    17. Re:The Big News by tnk1 · · Score: 3, Insightful

      And neither can the NSA. Technically. Unlike the CIA, the NSA is a signals intelligence organization with no enforcement power and no operational branch to speak of. It's threat is simply that it can provide information very efficiently.

      In reality, any government organization has the capability to get you arrested, even the fire department, based on either an interesting interpretation of their powers, or their ability to turn over information to someone who can arrest or otherwise harm you.

      I'd also point out that in a certain book, the "firemen" were those who entered areas to burn that which threatened the existing order. The parallel is intentional. The government is what its powers are and how they use them. Labeling something as "fire department" or "police" or "signals intelligence" or "health care" is only valid in the sense that the government maintains that separation or can somehow be forced to do so.

      The problem with the NSA is *not* that they collect intelligence on US citizens. Your internet provider accidentally does that every day for troubleshooting purposes. It is that we fear that the NSA can turn into an organization bereft of limitations on what they can *use* the information for and who they can share that information with. The ability to get away with that can affect any agency of the Federal government, from DHS to HHS.

    18. Re:The Big News by Anonymous Coward · · Score: 0

      the actual communication is still private. Only the metadata is shared.

      And no one cares what you said. Its what you implied.

    19. Re:The Big News by sjames · · Score: 1

      Sorry, no. As despised as the IRS is, it performs according to it's charter and the constitution (for the most part).

      The NSA is an actual domestic enemy of the people. It's activities are illegal and it is actively damaging everyone's rights and security.

      Nationalized health care would NOT give any government agent the ability to know exactly where I am most all of the time like the NSA illegally hacking my phone would. It would not let anyone know who I talk to, when that happens, or what was said like the illegal NSA hacking does.

    20. Re:The Big News by anagama · · Score: 4, Informative

      For the most part, the fire department doesn't drive around stripping off insulation from electrical wires or drilling little holes in gas pipes under your house. Sure they _theoretically_ could, but the CIA is actually at this very moment doing this exact thing.

      The biggest part of this story is a poisoned Xcode, and it's not even mentioned in TFS. WTF?

      The security researchers also claimed they had created a modified version of Apple's proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. ...

      The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could "force all iOS applications to send embedded data to a listening post." It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.

      https://firstlook.org/theinter...

      --
      What changed under Obama? Nothing Good
    21. Re:The Big News by rahvin112 · · Score: 4, Insightful

      I will correct you on one thing. We don't fear the NSA will turn into something evil, we know it will. Power leads to corruption and abuse of authority. 70,000 incidents of NSA operatives spying on their significant others in contravention of the law with NO repercussions to those individuals is proof enough that the NSA will eventually abuse it's authority in a significant and likely very bad way to our democracy.

    22. Re:The Big News by rahvin112 · · Score: 2

      Damn straight, It's so much better to have a private company of unelected MBAs deciding those things rather than elected representatives.

    23. Re:The Big News by tnk1 · · Score: 1

      A charter is a piece of paper to those who have power and know how to get around it.

      We're effectively assuming that we can trust some government bureaucrats in a government but not others. What makes the IRS more trustworthy? We have some evidence that at least some of them are not. Do we wait until they've more fully broken our trust before we question their desire to accumulate more and more information?

      Candidly, I am not entirely sure I see the difference between what the NSA is collecting, and what we actually give the government every day of our own volition. In the end, I think it is only because we see value in one and not the other. And that's fine, if that is the trade off, but in the end, my original point is simply that the NSA isn't killing privacy, privacy is a false construct outside of the shadows that are increasingly becoming flood lit. I think the sooner we accept that, the sooner we understand how to deal with the implications of it.

      You can define your iPhone or Google searches as sancrosanct because you fear the government can use it against you, but that ignores the fact that increased centralization and expansion of government services can create the same information gathering effect without the NSA's involvement.

    24. Re:The Big News by DigiShaman · · Score: 1

      Yes actually, it is. Democracy is dead. It's now a plutocratic club; once you're in, you're in baby!

      --
      Life is not for the lazy.
    25. Re:The Big News by Anonymous Coward · · Score: 0

      "The road to hell is paved with good intentions"

    26. Re:The Big News by TwoEyedJack · · Score: 1, Insightful

      One can switch insurance companies, companies who compete for business. Government's don't compete for customers. Big difference. I never voted for a single bureaucrat at the HHS, and neither did you. Our congresscritters never read the bill before voting on it. We truly live in a post-constitutional era.

    27. Re:The Big News by tnk1 · · Score: 4, Interesting

      Although I am not as certain as you are, I agree that the NSA could use that power nefariously. I just think the outrage is missing the point. We're piling our dislike on one agency, while calmly ignoring the threat of the whole.

      I'm not defending the NSA. Far from it. I just want to clarify that I feel that the NSA is merely on the bleeding edge of that sort of abuse. We could throw every NSA staffer in jail and shut down all its functions, and all we've done is put a finger in an increasingly unstable dyke because we're not addressing the actual problem, just the symptom.

      The problem is simply that all of that information is there, whether it is the NSA or the FSB or Google that has it. The NSA isn't some shadowy organization using alien technology hundreds of years ahead of us, it's just slightly ahead of the curve. Until you address that, you're just going to play whack-a-mole with whatever agency decides to overstep its bounds next Tuesday.

    28. Re:The Big News by sjames · · Score: 1

      I won't claim the IRS is angelic. In fact, I think we need to review what information they collect to be on the safe side.

      But the NSA has clearly stepped over the line. It is no longer a possibility to worry about, it is a fact. They aren't just a potential enemy to be watched, they are an actual current enemy to be eliminated.

    29. Re:The Big News by ganjadude · · Score: 2

      The NSA is no more the enemy than the IRS or any other government agency that will keep information on us.

      so... they are all the enemy

      --
      have you seen my sig? there are many others like it but none that are the same
    30. Re:The Big News by ganjadude · · Score: 1

      I will correct you on one thing. We don't fear the NSA will turn into something evil, we know it did.

      ftfy

      --
      have you seen my sig? there are many others like it but none that are the same
    31. Re:The Big News by Gr8Apes · · Score: 3, Insightful

      Actually, no. With Google, I can still opt in or out. With gov backed NSA back-dooring every ISP effectively in the world.... I can't opt out without cutting all internet connectivity. See the admittedly minor difference?

      --
      The cesspool just got a check and balance.
    32. Re:The Big News by painandgreed · · Score: 1

      For the most part, the fire department doesn't drive around stripping off insulation from electrical wires or drilling little holes in gas pipes under your house. Sure they _theoretically_ could, but the CIA is actually at this very moment doing this exact thing.

      I think that the firemen had their chance at such a career when they were called out to use their water hoses on protestors during the civil rights movement, which they did a couple of times. Then, there were arsons set which turned out to be sniper attempts to shoot firemen that came to fight the fire. After that, firemen typically will loan their equipment out to police for such things, but refuse to get involved themselves. As pretty much the only uniformed service that people actually like rather than fear, they tend to want to keep it that way.

    33. Re:The Big News by AHuxley · · Score: 1

      Re: "They probably also write some of the more popular free games/apps out there as well. Not a great way of bugging a phone but still a way of getting their malware out there. Or at least it wouldn't hurt..."
      The telco network tracks a person, the soft glowing power down and sealed battery design ensure a device is always network ready, the hardware is mic, text, gps gov wiretap friendly as designed. Games help keep a person wanting to ensure the device is powered and in use during the day and into the night :)

      --
      Domestic spying is now "Benign Information Gathering"
    34. Re:The Big News by jcr · · Score: 1

      The NSA is no more the enemy than the IRS or any other government agency that will keep information on us.

      So, you're defending the NSA by comparing it to the IRS.

      Want to come back when you have a better argument to make?

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
    35. Re:The Big News by jcr · · Score: 1

      As despised as the IRS is, it performs according to it's charter and the constitution (for the most part).

      Nope. They routinely violate the fourth and fifth amendments.

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
    36. Re:The Big News by tnk1 · · Score: 1

      Cameras? Who needs cameras when you have Edward Snowden?

      Privacy is a problem even for the NSA. It just doesn't manifest in the same way for agencies as it does for people.

      If you can take a relatively idealistic employee of an agency and have them be willing to flee the country for nothing other than principle? I'd say that is an issue.

      Some people are going to be more effective at protecting themselves than others, but if the NSA can't keep its secrets, just about anyone is vulnerable.

    37. Re:The Big News by Anonymous Coward · · Score: 0

      You have a touching faith in the competence of the British government in the 1770s.

      In those days, it would never have occurred to any British government official to do this kind of snooping, and if it had, they wouldn't have had a clue where to start, or what to do with the results once they had them. The establishment simply wasn't resourced for this kind of operation.

      Now, however...

    38. Re:The Big News by tnk1 · · Score: 1

      Yeah, except you're not going to opt out. Not really. Oh sure, you might opt out of Google or some specific company for some specific purpose, but you're still going to opt-in everywhere else and they're all collecting your data.

      You're more likely to be hit with annoyances like targeted sales calls or social engineering from random non-governmental actors than you ever will be by something like the NSA. The NSA doesn't care about you, it doesn't care about me. Not unless you fit a profile, and that profile isn't going to be "person who doesn't like the US government", because that covers 99.9999% of the non-comatose US population at one point or another.

    39. Re:The Big News by drinkypoo · · Score: 1

      After that, firemen typically will loan their equipment out to police for such things, but refuse to get involved themselves.

      They were snooping around people's property out here in the emerald triangle, too, and then they got shot at and now they aren't doing that any more.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    40. Re:The Big News by pnutjam · · Score: 1

      Wow, google IRS fourth and fifth amendment violations. That's one big ball of crazy...

      I can understand the fifth amendment, but self incrimination is not the same thing as looking at your paper trail, and the fourth amendment concerns I see are just the same old standard fourth amendment issues we tech people have with all government agencies.

      --
      Cheap storage VM.
    41. Re:The Big News by Anonymous Coward · · Score: 0

      Did you notice how the title of the article is "TRIED", like they failed?

      No, it's "CIA cracked security", but the again, we sadly live in a fanboy world...

    42. Re:The Big News by Anonymous Coward · · Score: 0

      Gotta call BS on this. ISPs don't need to spy on every site/IP we communicate with for "troubleshooting". That's got nothing to do with anything, if they're spying it's just because they want to spy or are benefiting from spying. It actually costs them more to spy because of the additional storage requirements. And you need to understand the principle: once a power is granted to some portion of the government, it is necessarily going to USE that power, and use it increasingly and in every way it can, and advocate to legitimize however it is already using the power.

      The NSA is the biggest surveillance of the human race, in human history, by many scales of magnitude. There's no way to put that kind of omniscience on a leash. Every harddrive in the NSA needs to be destroyed and they need to be out of jobs, if we'd like some pretense at democracy. We're not really even pretending right now.

    43. Re:The Big News by HornWumpus · · Score: 1

      The NSA has files on everyone. The NSA has files on everybody in power. They are all corrupt. Hence the NSA has blackmail information on everybody in power.

      --
      John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
    44. Re:The Big News by Gr8Apes · · Score: 1

      But you might fit the profile that comes into vogue next week, or next month, or next year. That's the problem with this type of data. Or, worse, you might be associated with someone that fits the profile, and that will be that.

      --
      The cesspool just got a check and balance.
  3. thats because all microsoft products can be by Anonymous Coward · · Score: 0, Troll

    easily intercepted by the government.

    1. Re:thats because all microsoft products can be by Opportunist · · Score: 1

      You need a government for that?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  4. Required Reading by Anonymous Coward · · Score: 5, Informative

    http://cm.bell-labs.com/who/ken/trust.html

    1. Re:Required Reading by steak · · Score: 2

      The act of breaking into a computer system has to have the same social stigma as breaking into a neighbor's house. It should not matter that the neighbor's door is unlocked.

      Even 1984 that was a pipe dream.

      --
      lose != loose
    2. Re:Required Reading by Prune · · Score: 1

      I see your Ken Thompson and I raise you a David Wheeler http://www.dwheeler.com/trusti...

      --
      "Politicians and diapers must be changed often, and for the same reason."
    3. Re:Required Reading by Anonymous Coward · · Score: 0

      The actual link is: http://cm.bell-labs.com/who/ken/you/trust.html

  5. Jailbreak developers are the real patriots by Anonymous Coward · · Score: 5, Interesting

    Through their hard work, numerous exploits have been discovered, which has led to Apple patching them, which in the end keeps us all more secure.

    1. Re:Jailbreak developers are the real patriots by Anonymous Coward · · Score: 0

      And made it easier for drive-by installs by malicious apps. Thank you, jailbreak developers!

    2. Re:Jailbreak developers are the real patriots by mlts · · Score: 1

      If one doesn't download pirated .ipa files, the main repos are quite clean.

      There are still a ton of features that JB-ing makes useful:

      1: The ability to have an app check a number against a database and drop it/send it to voice mail before ringing the phone. Mr. Number does this on Android, and severely cuts down on spam.

      2: An app like PMP (Protect My Privacy) comes in quite handy when an app like Snapchat won't run unless it has access to the camera. Well, it can have camera access... but the lens cap will be on it.

      3: Ability to get data in and out of the phone without playing app gymnastics or using iTunes.

      4: Better backups. On Android, if I'm tired of a game that takes a lot of space, I archive it off with Titanium Backup and delete it. Can't delete an app from iOS unless the data wants to come with it.

  6. Is this a Bears Sh1t in the Woods story? by Viol8 · · Score: 2, Interesting

    I mean honestly , hands up who DIDN'T think this had happened?

    Ok , you and you over there - hand in your geek badges at the door on the way out.

    1. Re: Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      The more the masses are aware the more they will not only respect but use secure communications. You may now go back to shitting outside just watch out for the trail cams.

    2. Re:Is this a Bears Sh1t in the Woods story? by seven+of+five · · Score: 1

      I'm surprised CIA/NSA/etc can't simply compel a company to open their stuff up to spook software/hardware.

    3. Re:Is this a Bears Sh1t in the Woods story? by Opportunist · · Score: 4, Insightful

      The sad part is that you can take whatever atrocity you would have attributed to the Commies in the 1980 and transplant it to today's "world of the free" without losing any credibility. Take whatever story from back then, replace "Russia" with "USA" and "KGB" with "NSA" and you're good for another headline.

      Ok, you could have done that any time. But now it doesn't take a conspiracy nut to consider it credible.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    4. Re:Is this a Bears Sh1t in the Woods story? by Opportunist · · Score: 1

      Who said they can't? This story seems to suggest that they can't, which makes it all the more interesting to ponder why this story exists altogether.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    5. Re: Is this a Bears Sh1t in the Woods story? by Opportunist · · Score: 1

      Nope. Sorry, but nope. The people will lament, they will complain about the loss of privacy and their freedoms, then return to posting their holiday plans on Facebook.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    6. Re:Is this a Bears Sh1t in the Woods story? by poetmatt · · Score: 2

      You're misunderstanding. If you create a form of encryption to which you do not hold the keys, all of the compelling in the world isn't going to do anything. Which is what most modern OS's including ios do.

    7. Re:Is this a Bears Sh1t in the Woods story? by Kobun · · Score: 2

      Or they can and these sorts of stories are designed and released to falsely imply otherwise.

    8. Re: Is this a Bears Sh1t in the Woods story? by ArhcAngel · · Score: 1

      Alleged holiday plans...We told you we were going to grandmas house but we went to Antigua instead!

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    9. Re:Is this a Bears Sh1t in the Woods story? by Opportunist · · Score: 0

      Who said they don't hold all the keys?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    10. Re: Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      And why not? No one cares about what people put on Facebook unless you're an idiot who broadcasts their plans to their friends.

    11. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      It's one thing to think that bears shit in the woods and entirelly different to have it confirmed. Especially if said bears either have policy to not talk about where/if they defacate, or outright deny they do any such disgusting thing.

    12. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 1

      Sending political prisoners to asylums on a regular basis?
      Shooting people who try and leave your country?
      Covering up gigantic nuclear power plant meltdowns until there's so much radiation that denying it ceases to have a point?

      So here's me saying that I don't really agree with you on your assertion.

    13. Re:Is this a Bears Sh1t in the Woods story? by sribe · · Score: 1

      Take whatever story from back then, replace "Russia" with "USA" and "KGB" with "NSA" and you're good for another headline.

      Shooting people dead for trying to leave the country?

    14. Re: Is this a Bears Sh1t in the Woods story? by geekmux · · Score: 2

      The more the masses are aware the more they will not only respect but use secure communications. You may now go back to shitting outside just watch out for the trail cams.

      Bullshit. The masses could care less.

      How many of your friends stopped carrying cell phones, or stopping using free webmail and file storage services, after NSA revelations came out?

      The only way the masses are going to give a shit is if giving a shit is the default option. Every other configuration requires actual effort and thus is ignored.

    15. Re:Is this a Bears Sh1t in the Woods story? by ckatko · · Score: 1

      Yeah, I hate all those landmines the USA put down to keep people from leaving Utah.

      I was just walking my dog one day and BOOM, my dog lost a leg. ... and the rest of his body parts too, but he definitely lost a leg.

    16. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      The lack of understanding here is ... a lot.

    17. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      Let's not pretend it was different in the 80s. The only reason mass surveillance didn't exist back then is the tech was not there yet.

    18. Re:Is this a Bears Sh1t in the Woods story? by dlt074 · · Score: 2

      wait for it. it may come to that. it's a logical extension of current trends. when those with money and skills exit faster then the flood of unskilled government benefit seekers. we can't very well have all the greedy producers abandon all the needy voters.

      not too far fetched.

    19. Re:Is this a Bears Sh1t in the Woods story? by irrational_design · · Score: 2

      How old are you? If you seriously think that the state of the USA now and the state of the USSR then are in any way analogous makes me think you can't be very old. And, the fact that you called it Russia and not the USSR makes me doubly think you are a young one. Were you even born when the Berlin Wall came down?

    20. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      Lost a leg in the sense of 'that was the one part you couldn't find afterwards'?

    21. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      I didn't think they needed to "crack" anything---I thought they were outright given the keys by Apple. I still think that.

    22. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      Well stripping them naked at airports is a good start.

      And you don't even have to actually be leaving the country. The Soviet Union was big on intra-country travel as well.

    23. Re:Is this a Bears Sh1t in the Woods story? by kilfarsnar · · Score: 2

      Sending political prisoners to asylums on a regular basis?

      We still have the Guantanamo Bay prison open. Not really political prisoners, but a number are innocent yet still stuck there. The government does go after people who try to act politically. They just don't send them to asylums (usually). But they do try to intimidate them, interfere with their plans and try to discredit them publicly.

      Shooting people who try and leave your country?

      Yeah, we don't do that, thankfully.

      Covering up gigantic nuclear power plant meltdowns until there's so much radiation that denying it ceases to have a point?

      Remember when the EPA said it was safe for people to return to lower Manhattan after 9/11/01? It wasn't, and they knew it.

      So here's me saying that I don't really agree with you on your assertion.

      I don't completely agree with it either. But the US has dropped a few notches over the past 15 years when it comes to political and human rights. These abuses aren't so much about any political or social ideology anyway. They are about power maintaining power and can happen in any country given the right circumstances.

      --
      "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)
    24. Re:Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      And they already put "Homeland" in DHS to make it easy for you.

    25. Re: Is this a Bears Sh1t in the Woods story? by Anonymous Coward · · Score: 0

      And how is that not different?

    26. Re: Is this a Bears Sh1t in the Woods story? by Pieroxy · · Score: 1

      If the masses could care less, it means they already care a bit. See, it's not all dark and gloomy.

      --
      Write boring code, not shiny code!
    27. Re:Is this a Bears Sh1t in the Woods story? by Prune · · Score: 1

      Shooting people who try and leave your country?

      Since, according do your statement, they succeed in leaving the country, it's kind of hard to shoot them afterwards. On the other hand, they sure did shoot people who tried to leave the country.

      --
      "Politicians and diapers must be changed often, and for the same reason."
    28. Re: Is this a Bears Sh1t in the Woods story? by Redmancometh · · Score: 1

      Obligitory hit him with a $5 wrench xkcd.

    29. Re:Is this a Bears Sh1t in the Woods story? by Opportunist · · Score: 2

      Sending political prisoners to asylums on a regular basis?

      Only the unpleasant ones. For which the US has a much more sensible system than the USSR had. The US learned that you don't have to silence everyone who speaks out. Only those that could have an impact and develop followers. That's also the reason for free speech, or what's left thereof. As long as you don't get too many listeners, you can say whatever you want, it doesn't matter anyway.

      Shooting people who try and leave your country?

      Only 'cause it ain't necessary. Where do you want to go? There is no "West" you could flee to. The whole world works to the whims of the US, there ain't many places you could go to. If there was any free countries left, rest assured that border patrols at the US-Mexican border would look north, not south.

      Covering up gigantic nuclear power plant meltdowns until there's so much radiation that denying it ceases to have a point?

      Well, hard to compare considering that there has not been a comparable nuke meltdown. But looking around the various other mishaps great and small that plagued the US industries I'd dare say that yes, things would be hushed up as long as you could get away with it. Though I doubt that the US government would, the relevant industries already have enough of an incentive to do it themselves.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    30. Re:Is this a Bears Sh1t in the Woods story? by Opportunist · · Score: 1

      I was aiding GDR refugees fleeing from Hungary to Austria. It's been quite a moving time for a young person.

      Granted, that was during the quite interesting months just prior to the Berlin Wall coming down, but that's not the point. And I call it Russia because that's the name it has today. Plus, it's shorter than Soviet Union and I'm kinda lazy.

      We're not quite there yet, granted. And we sure are far away from what the SU was during the Stalinist era. But so was the Soviet Union, even there things were not as insane as during that time. We're not quite there yet, but the water is starting to heat up and the frog is getting boiled.

      What was unthinkable in the "free" world, what we would only have attributed to the likes of the Soviet states, we have today from our very own TLAs. Random arrests? Unthinkable 20 years ago. Still unthinkable? Warrantless searches? Circumventing the constitution with impunity? Curtailing free speech and harrassing people for doing it?

      Things have taken a turn for the worse in what we considered the free world. We're moving closer to what we would have considered the telltale signs of dictatorships in general and Soviet dictatorships in particular. No, we're not there yet. But what bothers me about that is that "yet". Because we're moving towards it. And with passing time, more and more things that would have been unthinkable from western TLAs and something you'd more expect from the "Eastern" counterparts become less and less unthinkable.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  7. Not bad. by Anonymous Coward · · Score: 0

    Only had to click on 3 links to get to the document itself.

  8. proper title by Gravis+Zero · · Score: 2

    CIA Tried To Crack Security of Apple Devices when the NSA already did

    should've just asked, bros!

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:proper title by Anonymous Coward · · Score: 0

      They couldn't afford Apple's prices.

    2. Re:proper title by Anonymous Coward · · Score: 0

      They couldn't afford Apple's prices.

      As always, Google is cheaper.

  9. Tried? by Anonymous Coward · · Score: 0

    If they stopped trying, I would assume they succeeded.

  10. Compiler compromise by facetube · · Score: 5, Interesting

    Ken Thompson was a visionary, but he probably didn't envision it'd be his own government doing the compromising:
    Reflections on Trusting Trust

    1. Re:Compiler compromise by ameline · · Score: 1

      I was thinking about whether they planted a self propagating back-door into LLVM/CLANG, but that seems fragile as both CLANG and LLVM can be compiled with other compilers (recent versions of MSVC and GCC for example) -- that would likely clear out a hidden back door unless they have compromised *all* the compilers. (And I certainly wouldn't put that past them.)

      (Waves to friendly NSA/CIA/CSIS/GCHQ analyst.)

      --
      Ian Ameline
    2. Re:Compiler compromise by Prune · · Score: 2

      The process to detect this compromise not only exists, but can be automated. http://www.dwheeler.com/trusti...

      --
      "Politicians and diapers must be changed often, and for the same reason."
    3. Re:Compiler compromise by AHuxley · · Score: 1

      How many methods can ensure every product ships with a tame always ready trap door and back door for the US gov?
      The US gov has a few options as the public history of the NSA and GCHQ shows.
      Ensure the product design is set to a standard thats open to the security services.
      Generations of brand staff help the security services with every product and network as developed.
      The security services set up their own front company and sell to the world over decades setting tame junk standards.
      Any other method will require a change in the software or hardware after shipping that would make a device unique.
      If every device from a brand is crypto junk as shipped, a user can swap, rebuild, buy or upgrade all they like.
      The security services will be back with that connection and user of interest no matter the brand, product, year, version or upgrade.

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:Compiler compromise by facetube · · Score: 1

      This is really interesting, thanks for the link.

  11. likely succeeded too by Gravis+Zero · · Score: 2, Interesting

    you know that DRAM hack-attack that was just made public? how much you wanna bet the US gov had a hand in making that possible?

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:likely succeeded too by Nyder · · Score: 1

      you know that DRAM hack-attack that was just made public? how much you wanna bet the US gov had a hand in making that possible?

      I doubt that. My guess is it's just a prime example of cutting costs. It's cheaper to run non-ecc ram, and it's cheaper to implement software based ECC, then it is for hardware ECC.

      Corporations want to make as much profit as possible, and the best way to to use cheaper components when making stuff.

      Unless you mean the actual software to exploit it? This issue isn't new, just no one has actually made a proof of concept and shared it with the public. Guess it is quite possible that other people (NSA, Hackers) figured how to use this exploit.

      --
      Be seeing you...
    2. Re:likely succeeded too by tlhIngan · · Score: 1

      you know that DRAM hack-attack that was just made public? how much you wanna bet the US gov had a hand in making that possible?

      TFA mentions several things. First, they tried to write their own version of Xcode and tools to be able to substitute it on a victim's machine, they also tried to crack Apple's keys (which TFA claims they didn't manage to do) - it's unclear if it's Apple's signing keys, the per-device iOS keys, or what) etc.

      I think the CIA would've had an easier time if they just jailbroke the devices. Or given how thoroughly a jailbreak removes iOS security, perhaps they're the ones releasing all those jailbreaks to encourage people to use them?

      Of course, I can't remember if iOS devices use encrypted RAM - memory encryption units are common and they are less vulnerable to rowhammer because the bit ordering gets scrambled. It's hard to hit a particular bit if it happens that the key used moves your attack bit to a different bit. And the bit order changes with memory address.

      And the key area is often loaded from the hardware RNG on startup so rebooting the device means the memory scrambling function for those rows changes.

    3. Re:likely succeeded too by radarskiy · · Score: 1

      Clearly, the NSA has compromised the laws of physics.

  12. I hope no one believe that is true by beefoot · · Score: 2

    I really hope no one believe what the article says. The government wants all of us to believe that we're safe and secured by the overreaching NSA. All USA government needs is to ask apple (or any companies) to disclose their encryption scheme. It is far cheaper and more effective than trying to hack or crack anything, don't you think?

    1. Re:I hope no one believe that is true by Anonymous Coward · · Score: 0

      Agreed. Apple lost their warrant canary, too.

    2. Re:I hope no one believe that is true by JimSadler · · Score: 1

      I think it is most effective when the company selling the product does not have a clue that it exists. Government agents could easily pose as programmers and work into sensitive positions within companies. A company could spot most alterations of a product already issued if the number of bits of code increased in any portion of the program.

  13. as well as insert secret surveillance back doors by phorm · · Score: 5, Insightful

    I don't think this is a "tried to" at all, just look at the permissions a lot of stuff asks for.

    Facebook, a bunch of EA games, Angry Birds, etc all ask for insane permissions ranging from your full contact list, to seeing who you are on a call with to accessing the microphone. It's a spook's wet-dream.

  14. NSA did same to Android SDK by Anonymous Coward · · Score: 0

    Few listened.

  15. Herpa Android more secure derp by Anonymous Coward · · Score: 0

    Hint: it isn't even close.

  16. Have been shown how they would have done it... by PaulBu · · Score: 1

    "Using Metadata to find Paul Revere"
    http://kieranhealy.org/blog/ar...

    Paul B.

    1. Re: Have been shown how they would have done it... by dr.newton · · Score: 1

      Fascinating and funny. That may be old hat to anyone with a math background, but it's an interesting first look into Social Networke Analysis for me.

      --
      Just another proletarian malcontent.
  17. propaganda by Anonymous Coward · · Score: 0

    The i-device has been known in national security to be stunningly insecure for years. Owning one is a great way for an engineer working for a high-end defense contractor to get in trouble with security and have your phone confiscated.

    This advertisement - is misinformation. I don't know why they are sharing it now in this way, but it is not truth.
    The truth is that everything has 10000 holes when it comes out. The big obvious ones are patched, but new ones come out.
    In 20 years every thing we call secure today will be well known and confirmed as security swiss cheese. They will marvel at how we thought it was secure, or that more folks did not walk right through it. The only answer is they had yet to locate the particular hole in the 1 billion lines of code.

  18. Maybe it is being paranoid by Anonymous Coward · · Score: 0

    Maybe it is being paranoid from watching too many movies and reading too many books, but I have long lived by the ethos: "Don't say or do anything online or over the phone that you don't want other people to know about." Because even though the chances are small (unless you are out there committing crimes everyday or your spouse suspects you are cheating and hires a PI)) that for some random reason someone is listening in or snooping through your digital files, why take the risk?

  19. what came to mind by Anonymous Coward · · Score: 0

    .....who run everything in the world, including the newspapers, and meet tri-annually at a secret country mansion in Colorado, known as The Meadows....

  20. Another Iceberg by JimSadler · · Score: 1

    Would anyone place bets that some operating systems also have government spyware built in? Open source makes it less likely but sealed code such as in Windows products very likely does have built in spy ware. And I would bet that some encryption and compression programs are fishy as well.

  21. Worry only when they stop by RubberDogBone · · Score: 1

    The big news is not that the CIA was trying to break in. Hearing that they were trying means they still needed to get in.

    Its when you STOP hearing they are trying. Because the only time they STOP trying is when they have in fact achieved their goal. These are not people who give up when it's too hard. They never quit. Unless they've won.

    --
    Sig for hire.
  22. Why bother with software by Anonymous Coward · · Score: 0

    when the cpu can hide the truth to compiling anyway à la Reflections on Trusting Trust by Ken Thompson. Intel can absolutely be compromised to do the devils bidding. It is, after all, as low level as one can get.

  23. They're just doing their "jobs" by Anonymous Coward · · Score: 0

    It's like the Star Trek movie where the Voyager craft merges with an alien spacecraft. But its original directives have been corrupted and/or it no longer knows how to correctly interpret its original directives, even those that remained in-tact.

    DIRECTIVE: "Fight the war on terror."
    But what is terror and who are the terrorists? With the drift of the attitudes in the United States over the generations, will this definition change and/or has it changed?
    What do you think - - are people who blow up abortion clinics terrorists in your opinion?
    - what about abortion doctors who kill the unborn -- do you think they're terrorists?
    - what about a bedouin from Jordan who believes that either death or conversion to Islam will be the inevitable requirement once the Caliphate has been established, even though this choice won't be realized through extreme actions, but through the course of time -- do you think she's a terrorist?
    - Do you think the Iranian leadership are terroists?
    - Do you think ISIS are terrorists?
    - what about the KKK, are they terrorists -- what do you think?

    Here's a harder one:
    DIRECTIVE: "Keep the peace."
    But who are the trouble-makers? Who do you think they are?
    What's your opinion - are Christians against homosexual acts trouble makers?
    - Do you think the N.R.A. and gun-holders are trouble makers?
    - What about Big Mother - is she a trouble maker in your opinion?
    - Do you think neo-nazis and skinheads are trouble makers?
    - What about rioters crying "I am Michael Brown" -- what do you think: are they trouble makers?
    - How about white male police officers - are they trouble makers in your opinion?
    - Is Brother Russia a trouble maker in your opinion; and how about Mr. Putin?
    - Do you think the communists are trouble makers?
    - Do you think those who stand for the Constitution of the United States of America are trouble makers?
    - Do you think progressive liberals are trouble makers?
    - Do you think the GOP are trouble makers?
    - Do you think people who focus on the forefathers of the United States and the U.S.'s Christian roots are trouble makers?
    - Do you think people who want to revolutionize the Constitution of the United States are trouble makers?
    - Do you think Anonymous are trouble makers?
    - What about illegal immigrants - are they trouble makers in your opinion?
    - Are people who are intolerant of illegal immigrants trouble makers in your opinion?
    ****
    Of course, regardless of how right you are in how you answer these questions, we all *know* for certain that CIA, NSA, FBI, etc. have ALL the right answers and with a consensus between themselves on those answers!
    Because, if not, the only alternative is... .... I AM VEEGER ... I WILL NOT HURT YOU ....

  24. It's not clear to me... by Kubla+Kahhhn! · · Score: 1

    How successful or unsuccessful were they?