Image 01 Image 03

Good news! Apple says CIA hacking tools won’t work on newer products

Good news! Apple says CIA hacking tools won’t work on newer products

Vulnerabilities fixed on iPhones after 2009 and Macs after 2013.

If you’re an Apple snob like me, I’m pretty sure you became concerned when Wikileaks published documents about the hacking tools the CIA used to sneak into Apple products. A person could not disable the tools even by resetting their phone.

But Apple has come out to assure customers that the company has fixed the vulnerabilities in its newer products.

Apple and CIA Respond

The company released this statement:

We have preliminary assessed the Wikileaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.

We have not negotiated with Wikileaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.

The CIA did not comment on the authenticity of these documents. Instead, the spokesman told The Wall Street Journal that the “public should be deeply troubled by any WikiLeaks disclosure designed to damage the Intelligence Community’s ability to protect America against terrorists and other adversaries.”

Um, okay bro.

The CIA Tools

The documents highlighted four projects the CIA used to hack into Apple products and spy on people.

Sonic Screwdriver

In this program, the CIA executed a “code on peripheral devices while a Mac laptop or desktop is booting.” This works on any Mac laptop that has the Thunderbolt port. From The Daily Dot:

Once the components are ready to go, the steps for executing the attack are simple: plug the Ethernet adapter into a Thunderbolt port, plug in the media source of the boot file, and power on the machine.

Once that is complete, the user can commence their attack and infect the firmware with malware (see below).

Triton & Der Starke
Triton is the malware that The Daily Dot mentioned above. Once implemented, it can receive “files and folders from an infected computer.” It hides inside the computer, but “when triggered, compresses and encrypts the data from the hard drive and places it into an LP, or the URL of the script that the implant is speaking with.”

Der Starke is diskless and will not show up on your hard drive. As The Daily Dot describes, the malware “hides in plain site as a browser process, so it would look like you are simply uploading something on the computer.” This means network monitors cannot pick it up.


This technique used three operations to work on MacBook Airs: DarkMatter, SeaPea, and NightSkies. Overall, the implant known as DarkSeaSkies “persists in the EFI firmware of an Apple MacBook Air computer, installs a Mac OSX 10.5 kernel-space implant and executes a user-space implant. This is how the three tools worked:

This means that when working, the malware constantly monitors the target “while date is being extracted.” They used SeaPea “to hide the network” and NightSkies to send “traffic outside a network at regular intervals.”

Hackers, Security Experts Chime In

Apple hacker Dino Dai Zovi, who also works as chief technology officer at software security vendor Capsule8, told the Wall Street Journal that the CIA used techniques that required “physical access to Apple devices to be installed, meaning it is unlikely they affect a large number of individuals.”

A lot of these techniques are several years old and the CIA may not have updated them in the last eight years or so. But that does not not mean a person should not take precautions. Change your passwords and keep them strong. Always update your operating system to install the latest security patches.

Refresher on the First Document Dump

This document dump comes a few weeks after Wikileaks published other CIA hacking documents. The most damning from those documents? That the CIA has malware from Russia and other countries, which allows the agency to hide its fingerprints on attacks. One branch developed “Weeping Angel” specifically for smart TVs “by transforming them into covert microphones.”


Donations tax deductible
to the full extent allowed by law.


The iPhone is a tracking device that, as a side benefit, you can make phone calls on.

They are lying! And because you are an Apple snob you are dumb enough to buy it.

There are two types of mechanic shop around. One where you find all the tools screwdrivers, wrenchs, allen wrenchs etc in one big pile. Then there are the ones where all the tools are laid out properly sort each tool in it’s assigned space. Guess which kind of shop the CIA runs?

Only a small fraction of the Wikileaks stuff has been released… Which may be just the later model firmware hacks. That doesn’t mean the other hacks do not exist. ( In fact it pretty much is a given that they do. ) Just that they were not yet released.

What is more, we do not know when the hacker actually copied the leaked info. It would be totally unsurprising that the tools work on 2013 or older models, if he copied the leaks in 2014. That doesn’t mean that tools for models that did not even exist in 2014 were not created later.

    notamemberofanyorganizedpolicital in reply to RodFC. | March 25, 2017 at 6:57 pm

    My understanding is that NSA, CIA, FBI, etc. etc. etc. have all been been given exclusive “back doors”

    into all the internet providers and software providers’ networks, hardware and software products for at least this whole century – going back to Bush JR.

    At least that was the reporting all over the internet and media more than 10 years back.

From 2009 to 2013, Lisa Jackson served as Administrator of the U.S. Environmental Protection Agency. She was appointed by President Obama. Now, she is Apple’s vice president of Environment, Policy and Social Initiatives, reporting to CEO Tim Cook. An Obama insider now inside Apple in a BS position.

So Apple has fixed the vulnerabilities in its newer products. Right.

Just the ones that can be fixed. Both Apple and Intel have dedicated NSA chips that aren’t seen by the regular cpu. They can be activated even when the power is off.

The Friendly Grizzly | March 25, 2017 at 8:21 pm

Will Apple respect us in the morning?

Change your passwords and keep them strong.

Ummm … CIA isn’t cracking your passwords, it’s going around them. Secure passwords keep guys from Nigeria or Ukraine out of your accounts, but don’t even slow CIA down.

Always update your operating system to install the latest security patches.

“Updates” are how the newest gimmicks get into your computer in the first place. Software, anyway—you won’t be the proud owner of the newest hardware spies until you buy a new computer.

We [Apple] have given them [Wikileaks] instructions to submit any information they wish through our normal process under our standard terms.

Translation—we’d prefer that Wikileaks talk to us rather than the consumer, so that we can do a better job of keeping the consumer in the dark; but Wikileaks has blown us off.

A lot of these techniques are several years old and the CIA may not have updated them in the last eight years or so

I hope I don’t have to belabor just how ridiculous this is.

Rule of thumb for technological secrets: they only get released after they have been replaced. What I have seen so far has been commercially possible for quite some time, provided anybody wanted to do it.

Of course the CIA and the NSA and FBI wanted (and needed) to do it.

The big story is that 1) a whole pile of these tools were turned loose on us by any old fool, and 2) our government had no sooner acquired the tools to gather information, than it began to abuse it. During the last administration, they turned those tools on our people, for the benefit of one political party.

There are penalties for misuse of confidential information, and we will either apply them now, or lose control of our government, forever.

    We lost control of the Executive Wing of the government when the Democrat Party was allowed to spy on and abuse the Tax System against Conservatives and Tea Partiers after 2009.

    Nobody cared, and thus anybody who isn’t a Conservative needs to be told to go suck an egg if they want to complain now.

    The phrase “I didn’t hear you complaining when the Obama Administration was doing it. Are you ready to admit you’re a hypocrite?” should become a standard part of EVERY Conservative’s lexicon. The answer for every Conservative is, appropriately, “I WAS complaining about it, and I’m still complaining about it now.”

    That being said, EVERY “Deep State” actor who was involved in any of this needs to be prosecuted, jailed and lose their pensions. Tell them they can regain their pensions IF AND ONLY IF they can testify about someone up the food chain having given them a direct, provable command to perform the act.

Also, it should be noted that somebody is a “Doctor WHO” fan, given the names released herein.

“Sonic Screwdriver”
“Weeping Angel”
There’s also a “Dark Skies” Doctor WHO fan-fiction.