Usually people think of security of Macs is better than Windows PCs. Well, WikiLeaks would like you to reconsider that notion with more info about Vault 7.
The organization’s latest dump is a handful of documents from the Central Intelligence Agency that detail, among other things, how the agency can infect a MacBook Air during its boot cycle via a modified Thunderbolt-to-Ethernet adapter. With “Sonic Screwdriver,” the CIA’s monitoring tools are stored on the dongle and the machine can be infected even if it’s password protected. Considering how dongle dependent the new MacBooks are, this sort of exploit becomes even more worrying.
Next on the list is a project called “Dark Matter” which is an umbrella for a handful of other spying initiatives. Perhaps most troubling is that these infections can persist even if you reinstall OS X. Then there’s “NightSkies 1.2” which, as of 2008, was used to infect brand new iPhone 3Gs.
“While CIA assets are sometimes used to physically infect systems in the custody of a target, it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain, including by interdicting mail orders and other shipments (opening, infecting and resending) leaving the United States or otherwise,” WikiLeaks writes.
So, the CIA could intercept iPhone orders, put malware on them and then make sure the devices got to a target. WikiLeaks also notes that despite some of the comparatively ancient dates on the documents, it appears the CIA continues using and updating at least a few of them.
Apple has responded:
We have preliminarily assessed the Wikileaks disclosures from this morning. Based on our initial analysis, the alleged iPhone vulnerability affected iPhone 3G only and was fixed in 2009 when iPhone 3GS was released. Additionally, our preliminary assessment shows the alleged Mac vulnerabilities were previously fixed in all Macs launched after 2013.
We have not negotiated with Wikileaks for any information. We have given them instructions to submit any information they wish through our normal process under our standard terms. Thus far, we have not received any information from them that isn’t in the public domain. We are tireless defenders of our users’ security and privacy, but we do not condone theft or coordinate with those that threaten to harm our users.
Just remember: Don’t leave your laptop unattended in the open, and do not plug anything into your computer that was given to you by a stranger.