Iphone maker Apple, Inc. claimed last month that their latest iteration of the wildly popular handheld device was unhackable. According to HackRead, the company is so convinced of its security successes that they issued a statement saying that data stored on a phone secured with a front screen passcode was impossible to access – even by highly talented intelligence agencies:
Now, with the new upgraded operating systems, Apple has termed it “impossible” to access any data from Apple devices. Though, the company can still access data from older phones.
According to the Apple’s response to the court, 90 percent of the devices has ios 8 installed and with the type of encryption already there in the phone, it’s nearly impossible to access the data without the passcode, which is only known to the original owner. Even Apple itself cannot find the code.
But as we already know from recent hacks of Department of Defense computers, essential domestic grid infrastructure computers, and even NASA’s in-orbit spacecraft, in the digital age nothing is ever really secure.
Within hours of Apple releasing their latest iOS 9 update a cyber security firm known as Zerodium issued a challenge to the hacker community and offered up a $1 million bounty for any team that could bypass Apple’s latest security features. For weeks it appeared that Apple was right. Scores of hackers around the world burned the midnight oil trying to hack the iphone before Zerodium’s bounty expired.
But just few hours before the challenge came to end, one team submitted their exploits and vulnerabilities and Zerodium has confirmed that the Apple’s iOS 9 has been compromised.
The exploits, according to experts, would give snoopers the ability to not only access the data on your phone, but intercept calls, text messages and even live chat conversations.
Here’s the kicker: the exploit is remote, so it can be launched on your phone without you even knowing about it. Simply visiting a web site or receiving a certain kind of text message could initiate the jailbreak process on your phone and then install unwanted (and hidden) monitoring apps.
According to Motherboard, the unhackable has been hacked… again:
Bekrar explained that the winning team found a “number of vulnerabilities” in Chrome and iOS to bypass “almost all mitigations” and achieve “a remote and full browser-based (untethered) jailbreak.”
If true, this is a considerable feat. No one had found a way (at least that’s publicly known) to jailbreak an iPhone remotely for more than a year, since iOS 7.
there’s no doubt that for some, this exploit is extremely valuable. Intelligence agencies such as the NSA and the CIA have run into problems when trying to hack into iPhones to spy on their targets, and the FBI has publicly complained about Apple’s encryption for months. This exploit would allow them to get around any security measures and get into the target’s iPhone to intercept calls, messages, and access data stored in the phone.
A source, who used to work for the NSA, told Motherboard a few weeks ago that $1 million is actually a good price for such an exploit, because “if you sell it to the right people” you can fetch much more.
And who will Zerodium be selling this exploit to?
You probably already know the answer:
Bekrar and Zerodium, as well as its predecessor VUPEN, have a different business model. They offer higher rewards than what tech companies usually pay out, and keep the vulnerabilities secret, revealing them only to certain government customers, such as the NSA.
So just in case you thought your data and private activities were safe from spying eyes, think again.
The very people who we want to keep out of our private lives are the ones who will be the beneficiaries of the jailbreak.
Now the NSA, FBI and other interested intelligence partners will have total access to your phone.