Yesterday we posted that about a secret NSA software implant called 'DROPOUTJEEP' which allowed the agency access to features including: remotely push/pull files from the device, SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc.
Jacob "@ioerror" Applebaum suggested that perhaps Apple installed this backdoor at their request.
"Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I'd like to believe that since Apple didn't join the PRISM program until after Steve Jobs died, that maybe it's just that they write shitty software. We know that's true."
Apple has now provided an official statement to TechCrunch saying:
Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.
The document seen below dates back to 2008. At the time only close access installation was possible; however, the NSA was working on enabling remote installation in the future. It's unclear what the status of the program is now and if the NSA still has these capabilities.
More details can be found in Applebaum's video presentation which can be seen here.