I don’t think the US Govt backdoors phones anymore … mostly because they don’t need to. They find other ways to get the information, like warrantless surveillance of Google and Apple notification servers.
The other reason I don’t think it happens is that there are just too many security researchers trying to find exploits and backdoors. Also it’s pretty well known that any backdoor can be used against you. The NSA has an interest in domestic phones being secure.
Granted, international models might have some alterations/backdoors… Even then, that would be egg on the face that they don’t really need if they got caught with a backdoor that applied only to international phones.
The backdoors the NSA uses are known vulnerabilities, 0days, USB drops, all the normal hacker tools… and if it’s a target of sensitive enough in nature, maybe a warrant requiring Apple Update/Windows Update/whoever or whatever device needs spied on, to deliver a payload to that specific machine.
I’m sorry if I act like an asshole, but doesen’t this mean, the same as the comment you answered to?
Edit: I’m dumb. The person answering just added some info in the post.
I don’t think the US Govt backdoors phones anymore … mostly because they don’t need to. They find other ways to get the information, like warrantless surveillance of Google and Apple notification servers.
The other reason I don’t think it happens is that there are just too many security researchers trying to find exploits and backdoors. Also it’s pretty well known that any backdoor can be used against you. The NSA has an interest in domestic phones being secure.
Granted, international models might have some alterations/backdoors… Even then, that would be egg on the face that they don’t really need if they got caught with a backdoor that applied only to international phones.
The backdoors the NSA uses are known vulnerabilities, 0days, USB drops, all the normal hacker tools… and if it’s a target of sensitive enough in nature, maybe a warrant requiring Apple Update/Windows Update/whoever or whatever device needs spied on, to deliver a payload to that specific machine.
https://www.vice.com/en/article/wnx5bm/nsas-hacker-in-chief-we-dont-need-zero-days-to-get-inside-your-network-rob-boyce
I’m sorry if I act like an asshole, but doesen’t this mean, the same as the comment you answered to? Edit: I’m dumb. The person answering just added some info in the post.