Apple iPhone Backdoor DROPOUTJEEP

Old 2 Comments on Apple iPhone Backdoor DROPOUTJEEP 316

As we all know the NSA has many different tools that they use to spy on us. This covers everything from the TURMOIL, TURBINE, and QFIRE systems (as I covered in my NSA Surveillance post) to COTTONMOUTH-I which is a USB hardware implant (I will cover this in a later post). In this post I will be talking about the NSA’s backdoor DROPOUTJEEP which is a backdoor for Apple’s iPhone.

What It Is
The DROPOUTJEEP backdoor is a backdoor for Apple’s iPhones (as I said above) which enables the NSA to spy on you at the application layer. Now if you are using an iPhone they don’t have to use the TURMOIL system to capture all of your traffic at the network level. They simply install this backdoor and your phone turns into a botnet basically for them. With the DROPOUTJEEP backdoor the NSA can remotely push/pull files from your device, receive SMS messages, receive contact list, receive voicemail, get geolocation data, get cell tower location, and turn on your mic & camera at any time. The only slightly good part about this backdoor is that the NSA has to have physical access to your phone to install the implant BUT with future versions of DROPOUTJEEP the NSA might be able to install this implant remotely which means they do not have to have physical access to your phone.

What We Can Do
We need to stop using cell phones for all of the stuff that we do or start using open source phone OS’s. What I mean by stop using cell phones for all of the stuff that we do is go out and buy a very basic cell phone that can only make calls and only give the phone power when you are using it (remove the battery and any other power sources when you are not using it). The other alternative is to look into open source software projects like Android but you will need to root the phone’s OS before it is going to do you any good because you are going to have to modify the OS in a way where you make the NSA’s job a lot harder for them to get into the phone. For example have a firewall installed on the phone and set it up where only traffic can be routed through the Tor network. Then have something like a software based intrusion detection system (IDS) that runs on the phone and when it detects that there might have been a breach have it send out the log file to someone and then self-destruct so that way it minimizes what the NSA is able to get.

 

Click here to see the NSA’s original documentation on DROPOUTJEEP.

 

Thank you all for taking the time to read this post and as always God bless!

 

This post can also be seen at blog.pjhoodsco.com.

Author

Preston Hood

Hello, my name is Preston Hood. I am the owner of PJHoodsCo, an Information Technology (IT) solutions provider. I am also an independent writer and IT security researcher.

Related Articles

2 Comments

  1. Martin Lehner July 12, 2014 at 12:46 am

    Interesting concepts there. Unfortunately, I don’t think you’re going to find that the masses are willing to do all this work on their mobile devices (not to mention, most of the masses won’t know how).

    • Preston Hood July 12, 2014 at 4:10 pm

      Unfortunately I think you are correct which is why we (the developers) need to make easier to use GUI’s and eliminate the need for regular users to have to go through so much trouble to secure their systems and mobile devices.

Leave a comment

Back to Top