Apple insists it did not work with NSA to create iPhone backdoor program

Tech giant denies knowledge of DropoutJeep tool to retrieve information and insists it 'cares deeply about customers' privacy'

theguardian.com, Dominic Rushe in New York, Tuesday 31 December 2013

A man poses for a photo in front of the Apple store on 5th Avenue in New York.

Apple said: 'We have never worked with the NSA to create a back door in any of our products, including iPhone.' Photograph: Carlo Allegri/reuters

Apple has denied any knowledge of a National Security Agency tool to hack into iPhones after newly-released documents showed the tech giant’s bestselling phone was targeted by the spying agency.

Documents released Monday showed the NSA had worked on software that would allow it to remotely retrieve virtually all the information on an iPhone including text messages, photos, contacts, location, voice mail and live calls.

The software, DropoutJeep, was first disclosed by Der Spiegel and security researcher Jacob Appelbaum. The NSA slides are dated 2008, a year after the first iPhone was launched.

In a statement, Apple said: “Apple has never worked with the NSA to create a back door in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements.

“Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.”

According to the slides, DropoutJeep required “close access methods” in order to be installed on an iPhone, meaning NSA agents would need physical access to the device. However, the slide notes: “A remote installation capability will be pursued for future use.”

The slides mention iOS5, an iPhone operating system that was launched in June 2011 and updated by iOS6 in September 2012. It is not clear whether the NSA managed to develop the ability to perform remote installation. Given that Apple sold 250m iPhones in its first five years, large scale implementation of DropoutJeep seems unlikely by close access methods.

The spyware is one of the tools employed by the NSA's ANT (Advanced or Access Network Technology) division to gain backdoor access to various electronic devices. According to Applebaum, the NSA claims a 100% success rate on installation of the program.

Apple, along with its peers, has consistently denied working with the NSA unless it has been legally compelled to do so. The NSA documents, first obtained by whistleblower Edward Snowden, have revealed that the NSA has developed the capability to hack other companies, including Google and Yahoo, without their knowledge.

The slide is dated four years before the NSA included Apple in its Prism monitoring program. Apple was the last of the big tech companies to be included in the program, designed to ease data collection for the NSA. Microsoft, by contrast, joined the scheme in 2007, according to the NSA’s slides.