Apple may have had a week to remember with the launch of the Apple Watch and a new alliance with HBO, but the tech giant also had a bit of unwelcome news go public: The Intercept published top secret documents alleging the U.S. Central Intelligence Agency has been systematically hacking iPhones and iPads.
According to The Intercept’s Jeremy Scahill and Josh Begley, CIA-affiliated security researchers have worked since at least 2006 (shortly before the first iPhone was released) to target security keys used to encrypt data on Apple devices. The CIA also claims they created a compromised version of Apple’s Xcode software development tool which allowed them to deploy backdoors at will. The Intercept’s documents do not contain any information on how successful the projects actually were.
In recent years, one of the biggest problems for American tech companies has been the threat of declining sales in important foreign markets like the European Union and China over perceived security threats. The Edward Snowden revelations raised worries that American tech companies might be compromised in surveillance terms by domestic intelligence agencies. Last month’s revelation that American and British intelligence reportedly inserted backdoors into (non-American) SIM card manufacturer Gemalto’s products is just the icing on the cake.
The fact that the CIA targeted Xcode is especially noteworthy. Because of its massive use by iOS software developers, successful compromise of Xcode means that the CIA would have had a much easier time inserting backdoors into nearly any app in Apple’s App Store. While the news might not be surprising, it’s an important reminder of why tech giants like Apple struggle to keep their products secure.
Last year, Apple CEO Tim Cook said that “I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.”
But the leaked Intercept documents, if authentic, put Cook in hard place when it comes to surveillance. Neither of the two alternatives–that the CIA and British intelligence agencies compromised Apple behind its back or that Tim Cook is lying about government collaborations–is flattering to Apple. More importantly, the question remains if similar efforts took place at Samsung, Google, HTC, and other Apple competitors.