August 22, 2016

DROPOUTJEEP: Apple's Achilles Heels, Exploited

And just like that, all of us Apple fans see our pricey toys fall like so many tinker toy Windows boxes.

Like the hacking tools, the catalog used similar codenames. Among the tools targeting Apple was one codenamed DROPOUTJEEP, which gives NSA total control of iPhones. “A software implant for the Apple iPhone,” says the ANT catalog, “includes the ability to remotely push/pull files from the device. SMS retrieval, contact-list retrieval, voicemail, geolocation, hot mic, camera capture, cell-tower location, etc.” 

(Reuters.)

Note, however, they don’t mention Messages traffic. Unlike standard SMS data, Messages traffic should be, by virtue of its end-to-end Public Key Infrastructure underpinnings, bullet-proof for now.

A remaining question for Messages users is, how long would it take the NSA to decrypt a Messages note if they threw an acre of supercomputing at it? They sure have the capability.

Is your traffic worth that investment of computing time?

No comments:

Post a Comment

Above all, follow Wheaton's Law: don't be a dick.