Leaked Documents Suggest CIA Work on Hacked Version of Xcode, OS X Installer Exploit

xcodelogoUnited States Central Intelligence Agency researchers have been working for years to crack the security of Apple's iPhone and iPad, and may have done so through the creation of a modified version of Xcode, Apple's software development tool designed for developers.

According to secret documents obtained by The Intercept, at a 2012 "Jamboree" that focused on security flaws found in various electronics, CIA researchers outlined both a hacked version of Xcode and a modified OS X updater that could be used to install malicious software like keyloggers.

The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could "force all iOS applications to send embedded data to a listening post." It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.

The malicious version of Xcode could potentially be used to extract private data from devices that installed apps built by the hacked Xcode. Some of the things researchers said could be done with Xcode included installing "remote backdoors" in Mac apps, embedding an app developer's private key into iOS applications (letting the government masquerade as the targeted developer), forcing iOS apps to send data from an iPhone or iPad to a "listening post," and disabling core security features on iOS devices.

None of the documents detail how the Xcode and OS X installer exploits have been used by the CIA, and they also don't state whether the efforts have been successful, but as noted by The Intercept, they suggest that the government's efforts to crack the security technology companies employ is a continually ongoing effort.

Apple and the U.S. government have been at odds over privacy and security issues in recent years. A 2013 document leak suggested that Apple and other tech companies were working with the government on a secret project called PRISM, which allegedly provided the government with direct access to customer data on company servers.

Apple and multiple other technology companies like Google vehemently denied their participation in such a program and have since gone to great lengths to ensure the public that they're not involved in the government's spying attempts. Apple, Google, Facebook, Microsoft, and other companies banded together to ask for greater surveillance transparency and the ability to share more info on government data requests with consumers, which was ultimately successful.

Apple launched a privacy site in September of 2014 outlining the privacy features of its products and services and offering detailed information on government information requests. Across 2014, Apple CEO Tim Cook began putting a heavy emphasis on the importance of privacy, and with iOS 8, Apple significantly increased the encryption protection on iOS devices. Prior to iOS 8, Apple had the ability to access data on iOS devices with a company-held encryption key, and now, that no longer exists. Google has made similar changes.

The FBI has strongly opposed Apple's efforts to increase the security of its iOS devices, with FBI Director James Comey insisting that government access to electronic devices is necessary in some cases. Apple has reportedly been in talks with FBI officials over its security changes, but Apple CEO Tim Cook has maintained Apple's commitment to privacy and security.

At the White House Cyber Security Summit in February, Cook said customer trust means everything to Apple. "When it comes to the rights of customers and citizens, we're all talking about the same people," he said. "People have entrusted us with their most personal and precious information and we owe them nothing less than the best protections we can possibly provide by harnessing the technology at our disposal."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: Xcode, FBI, CIA

Top Rated Comments

sputnikv Avatar
75 months ago
this shouldn't be a surprise to anyone at this point. that in itself should be alarming
Score: 36 Votes (Like | Disagree)
DiabBarca Avatar
75 months ago

I wish people would stop being so suspicious of agencies like the CIA. These hard working men and women are there to protect us all. From the terrorists.

We live in a safer and more secure world, thanks to the CIA!



To protect us all?!
From the terrorists?!
http://en.wikipedia.org/wiki/Operation_Northwoods
Score: 28 Votes (Like | Disagree)
bushido Avatar
75 months ago

I wish people would stop being so suspicious of agencies like the CIA. These hard working men and women are there to protect us all. From the terrorists.

We all live in a safer and more secure world, thanks to the CIA!


i love your sarcasm
Score: 27 Votes (Like | Disagree)
aaronvan Avatar
75 months ago
NSA should be angry about CIA encroaching on their turf.
Score: 27 Votes (Like | Disagree)
Four oF NINE Avatar
75 months ago

I wish people would stop being so suspicious of agencies like the CIA. These hard working men and women are there to protect us all. From the terrorists.

We all live in a safer and more secure world, thanks to the CIA!


You're kidding, right?
Score: 18 Votes (Like | Disagree)
gusapple Avatar
75 months ago
So many things wrong with this.
Score: 18 Votes (Like | Disagree)

Top Stories

maxresdefault

Italy Fines Apple $12 Million for Misleading iPhone Water Resistance Claims

Monday November 30, 2020 3:10 am PST by
Apple has been slapped with a 10 million euro ($12 million) fine by Italy's antitrust watchdog for unfair commercial practices related to its iPhone marketing in the country. One of the Apple ads cited in the Italian watchdog's proceedings (credit: setteBIT) Specifically, Apple is being charged for misleading claims in promotional messages about how deep and how long iPhones can be submerged...
m1 chip macbook air pro

Developer Delves Into Reasons Why Apple's M1 Chip is So Fast

Monday November 30, 2020 1:57 pm PST by
Apple's M1 chip is the fastest chip that Apple has ever released in a Mac based on single-core CPU benchmark scores, and it beats out many high-end Intel Macs when it comes to multi-core performance. Developer Erik Engheim recently shared a deep dive into the M1 chip, exploring the reasons why Apple's new processor is so much faster than the Intel chips that it replaces. First and foremost,...
General cyber monday 20 sale feature

Apple Cyber Monday 2020: Discounts on iPads, Macs, AirPods, and More [Updated]

Monday November 30, 2020 6:25 am PST by
Today is Cyber Monday, a shopping event that sees many of the same deals from Black Friday bleed over into a new week, along with a few brand new offers on everything from Apple products to related accessories. In this post we'll highlight the best online discounts that you can find on Apple devices today. Note: MacRumors is an affiliate partner with some of these vendors. When you click a...
16 inch MBP Mini Led

Mini-LED M1 MacBook Pro and Mini-LED iPad Pro Models Coming First Half of 2021

Monday November 30, 2020 2:24 am PST by
Apple is widely reported to be embracing mini-LED display backlighting technology for some products next year, and a new report today by DigiTimes has named several of Apple's partners in the supply chain that are expected to benefit from the switch. According to the report, Apple is set to launch its first mini-LED iPad Pro in the first quarter of 2021 and mass produce mini-LED MacBook Pro...
Mac Mini 2018

Apple Developers Now Able to Natively Run macOS Within AWS With Amazon EC2 Mac Instances

Monday November 30, 2020 9:01 pm PST by
As AWS re:Invent kicks off, Amazon Web Services today announced new Mac instances for Amazon Elastic Compute Cloud, allowing AWS customers to run on-demand macOS workloads in the AWS cloud for the first time. Amazon says that the new feature extends the flexibility, scalability, and cost benefits of AWS to all Apple developers as those creating apps for iPhone, iPad, Mac, Apple Watch, Apple...
periscope iPhone feature2

Apple Moving Forward With Plans for 'Folded' Periscope Cameras to Significantly Increase iPhone's Optical Zoom

Monday November 30, 2020 8:01 am PST by
Apple is advancing its plans to significantly enhance the iPhone's optical zoom range using periscope lens technology, according to ETNews. Citing industry sources familiar with the development of iPhone cameras, ETNews report says Apple is currently seeking an appropriate "folded" periscope camera solution for the iPhone and has already initiated discussions with suppliers. Apple has...
apple fitness plus instructor kim ngo

Apple Fitness+ Promotion Ramps Up as Launch Approaches

Sunday November 29, 2020 11:57 am PST by
Promotion for Apple Fitness+ is ramping up, with advertising initiatives and teases from instructors being spotted on social media, indicating that the new subscription service may be launching imminently. MacRumors reader Chris Weaver spotted that Best Buy has started advertising six-month free trials of Apple Fitness+ with Apple Watch purchases. The advert suggests that retailers have...
iphone 12 colors

iPhone 12 Colors: Deciding on The Right Color

Thursday November 5, 2020 8:35 am PST by
The iPhone 12 and iPhone 12 Pro arrived last month in a range of color options, with entirely new hues available on both devices, as well as some popular classics. The 12 and 12 Pro have different color choices, so if you have your heart set on a particular shade, you might not be able to get your preferred model in that color. iPhone 12 mini and iPhone 12 The iPhone 12 mini and iPhone 12 are ...
mac mini macbook pro macbook air m1

Notable Developer Starts Patreon to Fund Apple Silicon Linux Port

Monday November 30, 2020 4:23 pm PST by
Developer Hector Martin, who describes himself as someone who "likes putting Linux on things," has launched a plan create a Linux port for Apple Silicon Macs. Martin, also known as "Marcan," has created a Patreon with the goal of earning enough funding to be able to take on the complexities of bringing Linux to Macs equipped with an M1 chip. Creating a Linux port is no easy task, and Linux...
leather sleeve iphone 12 box

Hands-On With the Leather Sleeve for iPhone 12 Models

Monday November 30, 2020 2:13 pm PST by
Apple this year came out with a handful of accessories for the new iPhone 12 models, and in addition to the standard Silicone and Leather cases, there's also a new Leather Sleeve that recently went on sale. Subscribe to the MacRumors YouTube channel for more videos. We picked up one of the Leather Sleeves to check it out to see if it's worth the $129 that Apple is charging. The Leather Sleeve ...