Posted on 03/23/2017 8:33:48 AM PDT by Swordmaker
A new WikiLeaks Vault 7 leak titled “Dark Matter” claims, with unreleased documents, that the Central Intelligence Agency has been bugging “factory fresh” iPhones since at least 2008. WikiLeaks further claims that the CIA has the capability to permanently bug iPhones, even if their operating systems are deleted or replaced.
The documents are expected to be released after a 10 a.m. EDT “press briefing” that WikiLeaks promoted on its Twitter.
Watch a livestream of the Julian Assange led event here.
WikiLeaks has shared a link to watch the livestream about today's CIA document leak, titled "Dark Matter." Watch the Julian Assange led event here.Click here to read more
A summary of the documents has been released on the WikiLeaks website. It reads:
Today, March 23rd 2017, WikiLeaks releases Vault 7 “Dark Matter”, which contains documentation for several CIA projects that infect Apple Mac Computer firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA’s Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.
Among others, these documents reveal the “Sonic Screwdriver” project which, as explained by the CIA, is a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting” allowing an attacker to boot its attack software for example from a USB stick “even when a firmware password is enabled”. The CIA’s “Sonic Screwdriver” infector is stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter.
“DarkSeaSkies” is “an implant that persists in the EFI firmware of an Apple MacBook Air computer” and consists of “DarkMatter”, “SeaPea” and “NightSkies”, respectively EFI, kernel-space and user-space implants.
Documents on the “Triton” MacOSX malware, its infector “Dark Mallet” and its EFI-persistent version “DerStake” are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.
Also included in this release is the manual for the CIA’s “NightSkies 1.2” a “beacon/loader/implant tool” for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.
While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.
I think it was a root kit, not necessarily infecting a firmware EPROM as this is reported to do.
s more about the prevalence of devices in the market.
Crackberry phones constitute very little in the marketplace but, make no mistake, every phone has a backdoor installed.
And every operating system. Windows and Apple O/S(s)
Well said. They are the puppet masters, who found many strings broken during this election cycle.
That is a lie, for-q-clinton. Do you really think that Apple does not check the firmware on a random sampling of iPhone and iPads that leave the factory? Of course they do. They'd be criminally remise if they did not. There have been Android phones where MALWARE has been FACTORY INSTALLED and not caught because of poor quality control. . . and Apple has world class quality control of its products. Firmware is easy to check against a standard.
Can you imagine the impact this would have on the value of Apple as a company if it were found that these compromised firmware were installed at the factory??? It would be a fire sale for AAPL on the stock exchanges around the world as investors dumped AAPL. . . and the class action attorneys would be lining up clients in droves.
"While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise."
The SPIN here is what YOU posted. . . which is completely contrary to the claims in the article which says the spyware has to be installed by interception of the devices in transit to the targeted individual or organization. READ FOR COMPREHENSION, for-q-clinton.
Can we just convince these occupiers to resign and then eliminate most of their positions, meanwhile filling the absolutely necessary ones with regular Americans randomly picked out of the phonebook?
Read the WikiLeaks. It’s happening at the factory. It’s not a lie. What is a lie is when you quote things like it’s “unlikely”.
Hell for all we know Apple is complicit in this.
And .. I had plans to sign up for DirectTV when I get moved to Oregon, and they’re also giving away iPhone7’s.
So, do I still want to do this ..??
Okay, all you wizard’s of smart .. what’s up with this ..??
I so want to have this phone - because my sister is ailing and I need to stay in touch with her via text - which I don’t have now.
People that said this were ridiculed. The court order would have been used as precedence in further court cases to get access to everything (the internet of things.)
Comey lied about that too.
As per 1996 telecom law and CALEB.
with the U.S. Givernment investing in the technologies of these companies they have the right to claim ownership and access to the tech and companies they invested in.
That is how they got around the pesky constitution...
The only thing that Wikileaks has released is data from 2008. It is NOT happening at the factory. . . which makes you a liar. You just want that to be true.
There is not one word about this happening at the factory. The Wikileaks says they are ADDING this spyware to "Factory Fresh" iPhones by intercepting them in shipment. The data is quite explicit about it. That would be unnecessary if they were adding their spyware at the factory.
However, Wikileaks is quite explicit about how the devices are compromised, and it is NOT, repeat NOT, at the factory, it is in the distribution chain, as they are being sent to the target by common carrier, through the mail, FedEx, UPS, what have you.
Quoting directly from the Assange's Wikileaks #Vault 7 dump summary statement on his website:
"Also included in this release is the manual for the CIA’s “NightSkies 1.2” a “beacon/loader/implant tool” for the Apple iPhone.Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.
While CIA assets are sometimes used to physically infect systems in the custody of a target it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise."
In addition, for-q-clinton, Apple does not send iPhones to overseas locations from the United States. They are sent directly from China. That is the case for even delivery to customers in the US who order from the online Apple Store. Customers who buy from a carrier or from a brick and mortar Apple Store walk out with a randomly selected iPhone or iPad from stock.
There is no way the CIA has sufficient staffing which can intercept an Apple device sent in China and then forward it to a foreign customer. They can only do this for US domestic customers but even then, how can they do this in shipments that number in the millions every month? Additionally, what does that say about WHO they are spying on???? I can see the CIA intercepting mail, FedEx or UPS shipments just prior to delivery to specific addresses, and then modifying the contents, but not the wholesale alteration of millions of devices you are claiming is what they are doing. That is simply not possible to do with limited resources, nor is it necessary.
I repeat, READ FOR COMPREHENSION!
There is no reason for you to claim such a thing. . . except your Apple Derangement Syndrome, which causes you to read things that are NOT THERE!.
No, we don't know that.
The ability we are talking about here is a before the fact bugging of an iPhone that allows the CIA to listen in on conversations, send active communications to a recording device, and to track locations, not to unlock the iPhone that is locked. It is also, as far as what has been released, only for iPhones of vintage 2008. I find it strange that Assange only ASSUMES they can bug more modern iPhones, but the security of more modern iPhones is miles above what was being used on the iPhone of 2008. Much more is needed to get spyware on an iPhone of today that would survive detection than what could be done in 2008.
If this data is a modern dump as it purports to be, where is the data about compromising modern iPhones? Why does it stop at 2008? That is strange. The 2008 version of the software probably would have worked up until the iPhone 4s, but not after. There was a sea change in Apple's approach to security at that time. They'd have had to start all over with a new model for their approach and have junked every bit of code they had already begin developing anew. Where is that?
The San Bernardino iPhone 5C was two hardware generations and quite a few iOS generations after that security philosophy change. . . and then Apple changed security philosophies again with the iPhone 5s and beyond, introducing the Secure Element and internal inter-registration of certain ICs, including the boot IC which has the Firmware in it. These four IC chips require Apple's involvement to re-registering them with each other if they are changed or even removed temporarily in any way. While the iPhone or iPad will still work, at the next update, it will 'brick' the device and refuse to accept the update, reporting the infamous "Error 53" due to security tampering because of the registration failure.
It cost quite a bit of FBI money to get into the San Bernardino Terrorist's iPhone because they did not have the means to get into it, and it just had a four digit passcode.
All they found when they got into it was exactly what I predicted. Work information. . . because the terrorists had not destroyed it. They had destroyed the burner phones and their laptop computers where the real data of importance was stored, and thrown the pieces in a lake. If this iPhone had contained any pertinent data, they would have destroyed it as well. However, this iPhone belonged to San Bernardino County Department of Public Works, not the terrorists. It was subject to being opened by his employer at any time for examination. Also, it was not his property. When a terrorist does his foul deed, he must be ritually "Clean," which means "without sin." Destroying that iPhone would have meant stealing his employer's property, a sin. Using it for something other than work would have been a form of theft, also a sin. Ergo, he had not used it for anything other than work related things. Exactly what they found when they got into it.
Considering the death and mayhem perpetrated by these terrorists, this may sound absurd. But, to them, that was not a sin. It was, in fact, sanctioned by his religious beliefs. But to be a thief would have tarnished that act. Crazy, I know, but that is what they believe.
Within a day of the terrorist attack, the government had a record of every call made to and from that iPhone 5C which was supplied under search warrant from Verizon. Within three days they also had a complete copy of the last Apple iCloud backup of the iPhone, which had been made in October, two months before the attack, also provided under a search warrant served on Apple.
So, no, the iPhone 5c was hard for the government to break into. . . and they did not have the means. Perhaps, had they known in advance that these two were going to do something vile, they could have planted something in it in advance to listen in in his calls and messages to other conspirators had he used it for such calls, but that they did not know.
Could you provide a link to CALEB?
Very good response. So, from this release we can say the cia can listen to phone calls with their inserted program. Does this also listen to keystrokes? If so, then they could record all text messages and passwords.
Why would this program be needed if it was just to listen to phone calls? According to many whistleblowers that has been going on by the NSA for years.
Caleb is Mormon.
Meant CALEA... https://en.m.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.