The Intercept¹ is reporting a secret program targeting Apple devices and software as part of a CIA sponsored event called “Jamboree,” where groups of security researchers meet and present on new ways to circumvent security tools and software. The documents are part of the leaked NSA data from Edward Snowden. The document The Intercept links to does not provide information to back up the claims made in the story, so it is assumed there are additional documents that have not been released. In the document provided by the Intercerpt, Apple is not mentioned at all, only mention of the seventh “Trusted Computing Jamboree” where the goal of the conference is to…
…present notable results that will provide developers insight into how to meet the threats of the TCG architectures and embedded architectures and how they can exploit new avenues of attack.
The conference itself appears to be a government sponsored version of DEF CON, without the responsible disclosure… or culture. The Intercept mentions Apple specific research from Sandia National Laboratories that was presented at the Jamboree in 2012 at Lockheed Martin. Similar programs have been revealed, such as the NSA’s Dropout Jeep Program, where the goal was to compromise and root iPhones when you had physical access to the device. I worked with the Red Alert (R3d4l3rt) on a demo of the same capability utilizing existing and publicly available jailbreaking methods, with additional tools to automate the process when connected to a PC.
¹Disclaimer: article may link to classified information.