Apple and the U.S. federal government have a contentious history. Many may remember the debacle in which the FBI crossed swords with the tech giant over access, or lack thereof, to San Bernardino shooter Syed Farook’s iPhone. The feds in other divisions, as Wikileaks shows in their most recent data data dump, appear to also have it out for the iPhone as well as MacBooks.
In the March 23rd data dump entitled “Dark Matter,” which is a continuation of the Vault 7 series, Wikileaks shows damning evidence that the Central Intelligence Agency has “projects that infect Apple Mac firmware.” The actual research was conducted by the CIA’s Embedded Development Branch (EDB) and targeted Macs and iPhones, with the overall goal being to permanently infect the devices upon creation. With some of the explored firmware infections in this data leak it does not matter if you re-install the OS; the very core of the device is bugged (without a doubt for mass-surveillance purposes).
One particular document (screencapped below) of interest is “DarkSeaSkies v1.0-User Manual,” which shows how the CIA developed a tool intended to ultimately give stealth access to a MacBook Air with the intention of allowing full spying on the device (the CIA calls it a “listening post”).
Another document (seen in part below) in the Dark Matter data dump is the incredibly disturbing “NightSkies v1.2 – User Guide,” which dates back to the very first iPhone version release. The powerful tool is able to give the CIA full control of an iPhone and log all data (files, call logs, etc.) whenever the agency wills it. As Julian Assange noted in an interview, NightSkies “is expressly designed (to) be physically installed on factory-fresh iPhones, not phones that are stolen and then have the malware implanted, but in an iPhone before you get it.”
These are only two of numerous and extensive documents in the Dark Matter release, but the implications are massive. For years, the CIA has been developing various tools to infect Apple devices from their inception at a factory or at the very least before sale to users. There is no indication as to how successful the agency has been in terms of hard numbers, but undoubtedly it can be expected that the programs have had success. I say this because the amount of money and resources put into these infection projects could not have continued for so many years without at least some devices being bugged.
The biggest indicator of this is the fact that many of the tools shown in Dark Matter have multiple versions. Typically, updates only happen in currently used products that have been deployed in the wild. Why bother updating a failed product that is not in use?
Apple claims that the vulnerabilities detailed in the data dump “were previously fixed.” I imagine that they will now be even more diligent in checking their devices following this news.
Tech companies since the initial revelations of Vault 7 have to a certain extent worked with Wikileaks to fix their issues. Some companies with numerous ties to the U.S. government, like Google, have largely ignored the claims and brushed them off. Others, like Mozilla, have taken the warnings to heart and have been working proactively to plug the holes.
No citizen of any country should have to worry about their privacy being compromised when they use their phone or computer. Hopefully, Apple agrees and takes action following the Dark Matter data dumps.
Photo credit: Pexels