This is too high tech for me to understand.

WikiLeaks has released the second volume of their CIA Vault 7 leaks today, publishing information on a hacking project focusing on Apple devices referred to as “Project Dark Matter.”

Project Dark Matter contains documentation relating to multiple CIA projects developed by the CIA’s Embedded Development Branch which focus on the infection of Apple Mac computer firmware. Due to the software being installed on a firmware level, the CIA’s infection is unaffected by operating system wiping, unlike many other malware infections. The documents within WikiLeaks data dump explain the methods used by the CIA to hijack Apple devices such as Mac computers, iPhones, and iPads.

The documents also feature information on another project referred to as the “Sonic Screwdriver,” which is explained by the CIA as being a “mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting” allowing an attacker to boot attack software for example from a USB stick “even when a firmware password is enabled.” The “Sonic Screwdriver” is inconspicuously installed on the modified firmware of Apple Thunderbolt-to-Ethernet adapters.

The WikiLeaks release page includes details on three more hacks which reads:

“DarkSeaSkies” is “an implant that persists in the EFI firmware of an Apple MacBook Air computer” and consists of “DarkMatter”, “SeaPea”, and “NightSkies”, respectively EFI, kernel-space and user-space implants.

Documents on the “Triton” MacOSX malware, its infector “Dark Mallet” and its EFI-persistent version “DerStake” are also included in this release. While the DerStake1.4 manual released today dates to 2013, other Vault 7 documents show that as of 2016 the CIA continues to rely on and update these systems and is working on the production of DerStarke2.0.

Also included in this release is the manual for the CIA’s “NightSkies 1.2” a “beacon/loader/implant tool” for the Apple iPhone. Noteworthy is that NightSkies had reached 1.2 by 2008, and is expressly designed to be physically installed onto factory fresh iPhones. i.e the CIA has been infecting the iPhone supply chain of its targets since at least 2008.

WikiLeaks further hypothesizes that Apple devices may have been infected at a factory level, “While CIA assets are sometimes used to physically infect systems in the custody of a target,” states WikiLeaks, “it is likely that many CIA physical access attacks have infected the targeted organization’s supply chain including by interdicting mail orders and other shipments (opening, infecting, and resending) leaving the United States or otherwise.”

http://www.breitbart.com/tech/...t-dark-matter-leaks/

Here's where apples' 'anything you want as long as it's black' hardware can bite you in the ass. Not enough variety to fuck up a hack campaign.

Try that with windows/PC -'what do you mean I can't install unsigned drivers, it's a fucking mircosoft driver'...

There's so many holes in technology & the biggest one is that it has to be operated by humans. This isn't 'we want to hear what Osama is planning', it's 'we want to hear what GovX or CorpY is doing'

I saw this the other day, read up quite a bit and it would seem that unlike most other brand devices, they still require physical possession of the apple device to infect it with their most intrusive stuff. But, once / if done it can not be fixed, or even detected by the end user.

The most troubling part is, because they have to have hands on access they are intercepting shipments of devices en route to the customer. Opening and implanting the software / firmware, repacking and then sending on to the end user. (Or rather swapping a pre doctored phone for a new one in transit to save time) .
This I have a big problem with, unless a surveillance / wiretapping warrant is possessed.

I expect the actual use is very rare, if it actually even works. Maybe even just a bit of in your face to Apple for not cooperating with them. From my understanding they are primarily targeting overseas suspects. But how would we know?? And who the hell is providing the shipment orders info?

Oh what a tangled web we weave...