31 December 2013
Apple said in an email to AFP that it "has never worked with the NSA to create a backdoor in any of our products, including iPhone."
The statement added that " we have been unaware of this alleged NSA program targeting our products."
Security researcher Jacob Applebaum described the NSA program based on a purportedly leaked document about NSA access to the iPhone, in comments made in Germany.
Apple said it "is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements... and will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them."
Applebaum told a security conference in Germany that the program called DROPOUTJEEP allowed the NSA to intercept SMS messages, access contact lists, locate a phone using cell tower data, access voice mail or activate an iPhone's microphone and camera.
He described it as "an iPhone backdoor" that allowed the NSA to access any iPhone.
The documents were also described in the German newspaper Der Spiegel.
Security researcher Graham Cluley said in a blog post that Applebaum's presentation and the documents show a "broader range of tools that the NSA apparently deploys against other technology companies and products, including HP (Hewlett-Packard) servers, Cisco firewalls, Huawei routers, and so on."
But Cluley said the document "does not mean that the NSA has complete control of your iPhone" because physical access to the device would be needed.
"It may be that they have since found unpatched vulnerabilities in iOS to install the spyware onto targeted devices remotely... but that's not what the leaked documents say," Cluley said.
Cluley also noted that the document dates from 2008
"Let's hope that Apple has improved its software's security since 2008. And
if it's not true, we've all got a huge problem," he said.