【Landlady’s Loose Legs】

The Landlady’s Loose LegsCIA has put quite a bit effort into figuring out ways to hack Apple devices.That's the takeaway from the latest batch of documents dumped by WikiLeaks.

The so-called "Dark Matter"documents, published Thursday, detail methods allegedly used by the CIA to infect MacBooks and some older iPhones with malware that allowed the agency to remotely spy on device owners.

SEE ALSO: Wikileaks' CIA dump contained WAY more bad memes than you would think

As usual, WikiLeaks released a fairly alarming-sounding statement accompanying the documents. But before you freak out about the security of your own Apple products, it's important to understand exactly what they say.

Physical access is everything

It's important to note that, much like the earlier Vault 7 dump that detailed exploits used to "bypass" encryption used by chat apps like WhatsApp and Signal, the new methods described in the latest documents also require physical access to the device.

The documents make completely clear the fact that CIA operatives would need physical access to a device before they can carry out any of the exploits described.

So what was that about an iPhone?

First, the good news. The only iPhone specifically named in the documents is one that is pretty much completely dead: the iPhone 3G (running iOS 2.1, no less). Apple also confirmed Thursday the only iPhone affected was the 3G and that the vulnerability was fixed as of the release of the iPhone 3GS.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Still, the exploit detailed in a document called NightSkies, dated to 2008, involved "a beacon/loader/implant tool" that "operates in the background providing upload, download and execution capability on the device."

Original image has been replaced. Credit: Mashable

The setup process was somewhat complex (again, it required physical access to the phone), but once there, it could have been used to access an astonishingly vast amount of data from a "target's" iPhone.

The document contains instructions for downloading call logs, text messages, contacts lists, mail and maps files, browser history, YouTube video cache (YouTube was one of the only third-party apps to come pre-installed on early iPhones), voicemails, calendar data, photos and even "user-specific" keyboard data. In other words: very nearly everything you could possibly hope to get off an iPhone using the app's that came pre-installed at the time.

What about the MacBooks?

It all started with a dongle. Seriously.

A project called Sonic Screwdriver (yes, we already know the CIA is full of Doctor Whofans) detailed how a thunderbolt-to-ethernet adapter could be modified with a bit of malicious code designed to infect a laptop's firmware.

Original image has been replaced. Credit: Mashable

By infecting the firmware, this allowed the code to "persist" in the device even if the hard drive was wiped or the operating system is completely re-installed. As Motherboard'sLorenzo Franceschi-Bicchierai points out, it was actually a fairly clever move by the CIA as a similar method was later uncovered by security researchers two years later in 2014.

According to the documents, the CIA tested this method with MacBook Pros and MacBook Airs from late 2011 to mid 2012. (In a statement, Apple said this particular exploit had been fixed in every MacBook made after 2013.)

But, again, before you go chucking your own ethernet adapter in the garbage, remember that this only worked with adapters that had been specially modified with the malicious code to begin with.

---

Featured Video For You

---

Edward Snowden says Russians probably hacked the NSA

---

Topics Apple iPhone

• Life
• Science
• Deals
• Digital Culture
• Shopping
• Social Good
• Entertainment
• Tech

• I’ve been working on this post…. for ten minutes…. just tweet it out
• Dad with diarrhea gets wholesome pep talk from 4
• Fans are convinced they know when Ariana Grande and Pete Davidson will tie the knot
• 'Windfall' review: A stunning Netflix thriller that keeps you guessing until the very end
• Fighting Words
• Maserati goes all in on electric with 5 new EVs
• Emma Watson ruled the BAFTAs with one sentence: 'I'm here for ALL of the witches'
• How to watch Ted Lasso
• Momentive’s Hundred Days
• Mercedes' 'Drive Pilot' A.I. can take over when drivers are stuck in freeway traffic

• 'Doctor Strange in the Multiverse of Madness' review roundup: What do critics think?
• A professional photographer explains what you're doing wrong on Instagram
• 'Super Mario' Toad mask sure to induce nightmares this Halloween
• How 'Hatching's creepy creature compares to those in Star Wars 'Andor'
• Grandmother pulls out two pythons hiding in barbecue like it's no big deal
• Twitter has 3 separate DM inboxes. Find your missing direct messages here.
• Man poses with incredible cucumber and inspires an awesome photoshop battle
• BTS inspires the best dance challenge since Drake's 'In My Feelings'
• 'Moon Knight's' moons could hint at a surprise new MCU hero
• Taco Bell menu items, ranked

• Our Lady of Complicity
• Listen to a dog perfectly nail the hook from Britney Spear's 'Toxic'
• NASA unveils its colossal Artemis 1 mega moon rocket in grand display
• Heineken pushes metaverse 'beer' in Decentraland
• Bridging the Healthcare Divide in West Virginia
• Listen to a dog perfectly nail the hook from Britney Spear's 'Toxic'
• Donald Trump's tweet to the Iranian President is over 200 capital letters of pure rage
• 'Severance's opening sequence secrets revealed
• Right to Burn
• Google I/O dates announced for May

• After the Fire
• Winamp is doing NFTs now, and its founder hates it
• The 'pee after sex' meme is doing a better job at sex ed than some schools
• The 'pee after sex' meme is doing a better job at sex ed than some schools
• Julian Assange and the Banality of Access
• Dad with diarrhea gets wholesome pep talk from 4
• Trump said he had 'full faith in our intelligence agencies' and then the lights went out
• Humble Bundle 'Stand with Ukraine' offer launches, will support humanitarian relief
• The Musk of Success
• Google's 'delete last 15 minutes of search history' feature comes to Android early