Security researcher Jacob Applebaum has revealed some startling information regarding the NSA’s depth of access to Apple’s iPhone.
Applebaum, who has close ties to NSA whistleblower Edward Snowden, gave a speech yesterday at Germany’s Chaos Communication Congress where he detailed a secret NSA program codenamed “DROPOUTJEEP”, which is a form of spyware designed to be put on the iPhone.
DROPOUT JEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.
The document states that the program requires the software to be locally implanted, with plans for a longer range remote version in development. This document, however, dates all the way back to 2008, so it’s impossible to say what advancements have been made since then.
Applebaum states he isn’t sure whether Apple helped the NSA develop the software or not.
It’s unclear as to what exactly this software was used for, but recent reports suggest the NSA may have teams charged with secretly adding the software into brand new still packaged units, before making their way into the hands of consumers.
It will be interesting to see whether what sort of comment Apple gives on the issue.