Later On

A blog written for those whose interests more or less match mine.

The CIA is forbidden by law from operations inside the US. They don’t care.

with one comment

The CIA seems to have become a rogue operation. First they hack into Senate computers—that is, they target the Senators and staff who are trying to exercise their oversight responsibilities. That in itself is an illegal domestic operation, but that illegality is overshadowed by an Executive branch organization trying to escape oversight.

And now they are found to have targeted domestic companies. The CIA is truly out of control: it is no longer under the control of Congress (which has oversight responsibility) and it doesn’t seem to be under control of the Executive branch.

Jeremy Scahill and Josh Begley report for The Intercept:

RESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept.

The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.

By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.

The CIA declined to comment for this story.

The security researchers also claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. Xcode, which is distributed by Apple to hundreds of thousands of developers, is used to create apps that are sold through Apple’s App Store.

The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.

Researchers also claimed they had successfully modified the OS X updater, a program used to deliver updates to laptop and desktop computers, to install a “keylogger.”

Other presentations at the CIA conference have focused on the products of Apple’s competitors, including Microsoft’s BitLocker encryption system, which is used widely on laptop and desktop computers running premium editions of Windows.

The revelations that the CIA has waged a secret campaign to defeat the security mechanisms built into Apple’s devices come as Apple and other tech giants are loudly resisting pressure from senior U.S. and U.K. government officials to weaken the security of their products. Law enforcement agencies want the companies to maintain the government’s ability to bypass security tools built into wireless devices. Perhaps more than any other corporate leader, Apple’s CEO, Tim Cook, has taken a stand for privacy as a core value, while sharply criticizing the actions of U.S. law enforcement and intelligence agencies.

“If U.S. products are OK to target, that’s news to me,” says Matthew Green, a cryptography expert at Johns Hopkins University’s Information Security Institute. “Tearing apart the products of U.S. manufacturers and potentially putting backdoors in software distributed by unknowing developers all seems to be going a bit beyond ‘targeting bad guys.’ It may be a means to an end, but it’s a hell of a means.”

Apple declined to comment for this story, instead pointing to previous comments Cook and the company have made defending Apple’s privacy record.

SECURITY RESEARCHERS from Sandia National Laboratories presented their Apple-focused research at a secret annual CIA conference called the Trusted Computing Base Jamboree. The Apple research and the existence of the conference are detailed in documents provided to The Intercept by National Security Agency whistleblower Edward Snowden.The conference was sponsored by the CIA’s Information Operations Center, which conducts covert cyberattacks. The aim of the gathering, according to a 2012 internal NSA wiki, was . . .

Continue reading.

It’s a lengthy article, and it makes clear the degree to which the CIA operates with no oversight or control: the Agency ignores the law and does as it pleases, and neither Congress nor the White House can control what it does. Even when it explicitly acknowledges that it has destroyed evidence of war crimes, nothing happens—no one is prosecuted, punished, or held accountable.

The CIA operates as it pleases, and the government of the US is assuming a new character, one in which agencies like the NSA and CIA and FBI can do whatever they want. We’ll soon find that police can simply shoot dead unarmed citizens, with the shootings always labeled “justified.” It seems as though the security arm of the government is taking off the gloves in how it treats citizens.

Written by LeisureGuy

10 March 2015 at 10:43 am

One Response

Subscribe to comments with RSS.

  1. Reblogged this on Brian By Experience.

    Brian Dead Rift Webb

    10 March 2015 at 3:29 pm


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.