Apple has added its name to the list of companies denying they have ever cooperated with the National Security Agency to create backdoors in any of its products.
The statement followed news of a NSA document leaked by German news magazine Der Spiegel that included a description of a program targeting Apple iPhones called DROPOUTJEEP. The document, which is dated 2008, mentions the program as being under development with the goal of making it possible “to remotely download or upload files to a mobile phone.”
“It would also, according to the catalog, allow the NSA to divert text messages, browse the user’s address book, intercept voicemails, activate the phone’s microphone and camera at will, determine the current cell site and the user’s current location,” Der Spiegel reported.
The initial release was said to be focused on installing the program through physical access, though developers would be working to include a remote access capability in the future.
Security researcher Jacob Applebaum – who co-authored an article in Der Spiegel on the issue – stated at the Chaos Communication Congress Dec. 30 that the NSA’s boast about having a 100 percent success rate in compromising devices suggests that Apple may have cooperated with the agency.
In response, Apple issued a statement to media outlets that it has never worked with the NSA to develop a backdoor for any of its products, and is unaware of NSA programs to do so.
“Our team is continuously working to make our products even more secure, and we make it easy for customersto keep their software up to date with the latest advancements,” according to the statement. “Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate andtake appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks,regardless of who’s behind them.”
The same NSA document also made mention to tools for compromising products from vendors such as Cisco Systems, Juniper Networks and Dell. Those companies have denied any knowledge or involvement in NSA activities as well.
Brian Prince is a Contributing Writer for SecurityWeek.Previous Columns by Brian Prince:Apple Denies Cooperating With NSA to Develop iPhone BackdoorResearchers Demonstrate MicroSD Card HackNSA Document Lists Tools Targeted Popular Hardware, Software: ReportSnapchat Responds to Security Vulnerability Reports Samsung KNOX Security Software Embedded in Galaxy S4 Vulnerable, Researchers Say