Apple’s iPhone: the Backdoor Is Already There

shutterstock_217604671 (1)

The media is erupting over the FBI’s demand that Apple help it decrypt an iPhone belonging to Syed Rizwan Farook, one of the attackers involved in the assault in San Bernardino this past December. Originally Apple wanted the FBI to keep things on the down low, asking the Feds to present their application for access under seal. But for whatever reason the FBI decided to go public. Apple then put on a big show of resistance and now there are legislators threatening to change the law in favor of the FBI. Yet concealed amid this unfolding drama is a vital fact that very few outlets are paying attention to.

Tim Cook protests that Apple is being asked to create “a new version of the iPhone operating system.” This glib talking point distracts attention from the reality that there’s essentially a backdoor on every new iPhone that ships around the world: the ability to load and execute modified firmware without user intervention.

Ostensibly software patches were intended to fix bugs. But they can just as easily install code that compromises sensitive data. I repeat: without user intervention. Apple isn’t alone in this regard. Has anyone noticed that the auto-update feature deployed with certain versions of Windows 10 is impossible to turn off using existing user controls?

Update features, it would seem, are a bullseye for spies. And rightly so because they represent a novel way to quietly execute malicious software. This past September the Washington Post published a leaked memo from the White House which proposed that intelligence agencies leverage “provider-enabled remote access to encrypted devices through current update procedures.” Yep, the same update procedures that are marketed as helping to keep users safe. And it would appear that the spies are making progress. There’s news from Bloomberg of a secret memo that tasked spymasters with estimating the budgetary requirements needed to develop “encryption workarounds.”

And, finally, please notice throughout this whole ordeal how the Director of the NSA, unlike the vociferous FBI director, has been relatively silent. With a budget on the order of $10 billion at its disposal the NSA almost certainly has something equivalent to what the courts have asked Apple to create. The NSA probably doesn’t want to give its bypass tool to the FBI and blow its operational advantage. After all, the NSA is well versed in the art of firmware-level manipulation. Experts have opined that for a few million (a drop in the bucket for a spy outfit like the NSA or CIA) this capability could be implemented. NSA whistleblower William Binney tends to agree. When asked what users could do to protect themselves from the Deep State’s prying eyes Binney replied:

“Use smoke signals! With NSA’s budget of over $10bill a year, they have more resources to acquire your data than you can ever hope to defend against.

This has to be addressed in law and legislation. Call your local governmental representative and complain, otherwise, if you sit and do nothing… you are fucked!!!”

So while Apple manufactures the perception that it’s fighting for user privacy, keep in mind that the media’s Manichean narrative of “good vs. evil” doesn’t necessarily explain what’s transpiring. Despite cheerleading by Ed Snowden and others Apple is not the company that it would have us believe it is. Apple has a long history of helping the government crack iPhones and security researchers have already unearthed any number of hidden services lurking below the iPhones surface.

The public record over the past several decades informs that ersatz public opposition often conceals private collusion. And Apple, dear reader, is no stranger when it comes to clandestine government programs. The sad truth is that government spies and corporate data hoarders assemble in the corridors of the American Deep State protected by a veil of official secrecy and sophisticated propaganda.

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.