Apple security flaw could be a backdoor for the NSA
Within hours of one another over the weekend, Apple acknowledged that it had discovered critical vulnerabilities in both its iOS and OSX operating systems that, if exploited correctly, would put thought-to-be-secure communications into the hands of skilled hackers.
“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS,” the company announced.
Apple has since taken steps to supposedly patch up the flaw that affected mobile devices running its iOS operating system, such as iPhones, but has yet to unveil any fix for the OSX used by desktop and laptop computers. As experts investigated the issue through the weekend, though, many couldn’t help but consider the likelihood — no matter how modicum — that the United States’ secretive spy agency exploited those security flaws to conduct surveillance on targets.
On Saturday, Apple enthusiast and blogger John Gruber noted on his personal website that information contained within internal NSA documents leaked by former intelligence contractor Edward Snowden last year coincide closely with the release of the affected mobile operating system, iOS 6.
According to a NSA slideshow leaked by Mr. Snowden last June, the US government has since 2007 relied on a program named PRISM that enables the agency to collect data “directly from the servers” of Microsoft, Yahoo, Google, Facebook and others. The most recent addition to that list, however, was Apple, which the NSA said it was only able to exploit using PRISM since October 2012.
The affected operating system — iOS 6.0 — was released days earlier on September 24, 2012.
These facts, Gruber blogged, “prove nothing” and are “purely circumstantial.” Nevertheless, he wrote, “the shoe fits.”
With the iOS vulnerability being blamed on a single line of erroneous code, Gruber considered a number of possibilities to explain how that happened.
“Conspiratorially, one could suppose the NSA planted the bug, through an employee mole, perhaps. Innocuously, the Occam’s Razor explanation would be that this was an inadvertent error on the part of an Apple engineer,” he wrote.
“Once the bug was in place, the NSA wouldn’t even have needed to find it by manually reading the source code. All they would need are automated tests using spoofed certificates that they run against each new release of every OS. Apple releases iOS, the NSA’s automated spoofed certificate testing finds the vulnerability, and boom, Apple gets ‘added’ to PRISM.”
Gruber said he sees five possible scenarios, or “levels of paranoia,” as he put it:
Nothing. The NSA was not aware of this vulnerability.
The NSA knew about it, but never exploited it.
The NSA knew about it, and exploited it.
NSA itself planted it surreptitiously.
Apple, complicit with the NSA, added it.
Of course, Guber added, there is always the possibility that “this is all a coincidence.” He certainly wasn’t the only one to consider it, though.
“Again, all of this is circumstantial and speculative, and Apple has come out numerous times vehemently denying its involvement in any NSA program,” iDownloadblog’s Cody Lee wrote on Monday. “But the timing is rather odd, and it makes you wonder how such a serious bug went undiscovered for over a year.”
Indeed, Apple has since the start of the Snowden leaks adamantly fended off allegations concerning a possible collusion with the NSA. On December 31, 2013, the company even issued a statement insisting “Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone.”
“We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them,” Apple said then — nearly two months after acknowledging the major security vulnerability discovered last week.
At the time, though, Apple was responding to another serious allegation that, if correct, gives much more credence to the latest accusations. The Dec. 31 statement was sent hours after security researcher Jacob Appelbaum presented previously unpublished NSA slides at a hacking conference in Germany, including some where the spy agency boasted about being able to infiltrate any iPhone owned by a targeted person.
The NSA, Appelbaum said, “literally claim that any time they target an iOS device, that it will succeed for implantation.”
“Either they have a huge collection of exploits that work against Apple products — meaning they are hoarding information about critical systems American companies product and sabotaging them — or Apple sabotages it themselves.”
Last year, RT reported that the NSA entered into a contract in 2012 with VUPEN, a French security company that sells so-called 0-day exploits to governments and agencies so that vulnerabilities and flaws can be abused before the affected product’s owner is even made aware. It’s likely just another major coincidence that fits the timeframe eerily well, but that contract was signed only days before iOS 6 was released — and, coincidentally, days before the NSA boasted about being able to access Apple communications through its PRISM program.