Government snooping into mobile devices has been going on far longer than many originally thought. In a new report by the news site The Intercept, CIA researchers have been working for nearly a decade to break the security protecting Apple phones and tablets, citing documents from NSA whistleblower Edward Snowden.
According to the report, secret U.S. government documents suggest that its researchers had created its own version of Xcode, Apple's software application development tool, in an effort to create surveillance backdoors into programs distributed on Apple's App Store.
The documents, which covered a period from 2006 to 2013, failed to show whether or not U.S. intelligence actually had succeeded in breaking Apple's encryption, which secures user data and communications.
Breaking Apple's security on its devices was part of a top secret program by the U.S. government, aided by British intelligence researchers, to hack "secure communications products, both foreign and domestic" including Google's Android phones. In addition, the CIA has targeted other competitors such as Microsoft's BitLocker encryption that is used widely on laptop and desktop computers running premium editions of Windows.
Last September, Apple strengthened its encryption methods for data stored on iPhones, saying the changes meant the company no longer had any way to extract consumer data even if ordered by warrant from the government. Soon after, rival Google also said it planned to strengthen security on its devices.
"If U.S. products are OK to target, that's news to me," says Matthew Green, a cryptography expert at Johns Hopkins University's Information Security Institute. "Tearing apart the products of U.S. manufacturers and potentially putting backdoors in software distributed by unknowing developers all seems to be going a bit beyond 'targeting bad guys.' It may be a means to an end, but it's a hell of a means."
An Apple spokesman pointed to public statements made by CEO Tim Cook on privacy, but declined any further comment.
"I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services," Cook wrote in a statement on privacy and security published last year. "We have also never allowed access to our servers. And we never will."
Government leaders such as U.S. President Barack Obama and British Prime Minister David Cameron have expressed concern that such privacy enhancements in mass market devices could prevent governments from tracking militants planning attacks.