According to a report in Der Spiegel, the NSA has cracked smartphone security:
The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been.
Here is the key part of this article:
In the internal documents, experts boast about successful access to iPhone data in instances where the NSA is able to infiltrate the computer a person uses to sync their iPhone. Mini-programs, so-called “scripts,” then enable additional access to at least 38 iPhone features.
The actual details on how the NSA has compromised smartphone security is in a completely separate article:
The access to such material varies, but much of it passes through an NSA department responsible for customized surveillance operations against high-interest targets. One of the US agents’ tools is the use of backup files established by smartphones. According to one NSA document, these files contain the kind of information that is of particular interest to analysts, such as lists of contacts, call logs and drafts of text messages. To sort out such data, the analysts don’t even require access to the iPhone itself, the document indicates. The department merely needs to infiltrate the target’s computer, with which the smartphone is synchronized, in advance. Under the heading “iPhone capability,” the NSA specialists list the kinds of data they can analyze in these cases. The document notes that there are small NSA programs, known as “scripts,” that can perform surveillance on 38 different features of the iPhone 3 and 4 operating systems. They include the mapping feature, voicemail and photos, as well as the Google Earth, Facebook and Yahoo Messenger applications.
The article has extensive details on how BlackBerry handhelds and the BlackBerry Enterprise Server (BES) has been compromised. However, it is mystifyingly lacks significant details on the iPhone and Android. Somehow it does not surprise me that BlackBerry handhelds have been compromised, but I find it harder to believe that iOS and Android are as easily crackable. While it is certainly possible – especially considering all the revelations since the Snowden document release – there just is not enough available published information to conclude there is something to worry about.
This post is part of the thread: Security – an ongoing story on this site. View the thread timeline for more context on this post.