Apple better watch out – CIA investigated ways of cracking Apple firmware

10 Mar 2015

CIA researchers have been working on a multi-year effort to break Apple’s firmware and gain access to Apple’s iPhone and iPad devices, it has emerged.

A so-called ‘jamboree’ of researchers working with the CIA’s Information Operation Center’s Engineering Development Group (EDG) has been held, and researchers presented their latest exploits.

Researchers from Sandia National Laboratories presented their findings at an event called the Trusted Computing Base Jamboree.

According to documents provided to The Intercept by rogue NSA contractor Edward Snowden, researchers targeted essential security keys to intercept data stored on Apple devices which would have potentially given them access to hundreds of millions of Apple customers across the world.

The researchers studied both “physical” and “non-invasive” techniques to decrypt and penetrate Apple’s notoriously secure firmware.

Privacy is a core value of Apple

If they had gained access spies could have been able to plant malicious code on Apple devices.

The researchers claimed to have created a modified version of Apple’s proprietary software development tool Xcode, which could sneak surveillance software into any apps or programs built using Xcode.

The modified version could enable spies to steal passwords and grab messages on infected machines and send the data on to a listening post.

The CIA researchers are also understood to have claimed they had successfully modified the OS X updater program, which would enable them to install “keylogging” software on machines.

Apple has vehemently resisted attempts by US and UK government officials to weaken its security mechanisms.

CEO Tim Cook has consistently emphasised privacy as a core value of the Californian tech giant.

Apple security image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com