Apple, Jacob Appelbaum and the National Security Agency

December 31, 2013, 10:23 PM UTC

Appelbaum at the Chaos Communications Congress: Did Apple know?

FORTUNE — If it weren’t for the Apple (AAPL) angle, I’m not sure I would have watched the entire YouTube video Jacob Appelbaum posted Monday of his hour-long lecture at a hackers conference in Hamburg last weekend.

I’m glad I did, although I’m still not sure what to make of it.

Applebaum is a private security expert with connections to Edward Snowden and Julian Assange and a long history with U.S. intelligence agencies. According to his Wikipedia entry, he has been detained a dozen times and had his laptop and several mobile phones seized — which helps explain the video’s undercurrent of wounded outrage.

Appelbaum was one of the co-authors of Sunday’s big expose on the NSA in Der Spiegel. His particular expertise is the top-secret document from 2008 that provided most of the magazine’s revelations: A 50-page “catalog” of NSA capabilities — some still under development five years ago, some already deployed. They include:

DROPOUTJEEP. Click to enlarge.
  • CANDYGRAM: A telephone tripwire that mimics a cellphone tower.
  • COTTONMOUTH: A modified USB plug for intercepting communications, installing trojans etc.
  • WATERWITCH: A handheld “finishing tool” for finding the exact location of nearby handsets.
  • SURLYSPAWN: Monitors keystrokes when a target computer isn’t connected to the Internet.
  • FOXACID: A system for installing spyware with a “quantum insert” that infects spyware at the packet level.
  • IRONCHEF: Infects networks by installing itself in a computer’s input-output BIOS.
  • JETPLOW: A firmware implant that provides a permanent backdoor through a Cisco (CSCO) firewall.
  • HEADWATER: Does the same for China’s Huawai routers.
  • RAGEMASTER: Taps the line between a desktop computer’s video card and its monitor.
  • HOWLERMONKEY: A radio transceiver for extracting data from systems or making them remote-controllable.
  • MONKEYCALENDAR: Attack software that sends a mobile phone’s location by covert text message.
  • DIETYBOUNCE: Installs a secret payload in a Dell (DELL) computer by reflashing the motherboard BIOS when the machine is turned on.
  • NIGHTSTAND: A mobile system for wirelessly installing exploits of Microsoft (MSFT) Windows from up to eight miles away.
  • SOMBERKNAVE: A Windows XP implant to connect computers to NSA headquarters, from where they can be remotely controlled.
  • ANGRYMONK: Inserts itself into the firmware of hard drives made by Western Digital (WDC), Seagate (STX), Maxtor and Samsung.
  • SWAP: Reflashes the BIOS of multiprocessor systems running Windows, Solaris, Linux or FreeBSD.
  • SPARROW II: A tool for detecting and mapping wireless networks via drone.
  • TOTEGHOSTLY: An implant that allows full remote control of Window Mobile phones.
  • DROPOUTJEEP: (I quote) “A software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.”

Appelbaum found references to a long list of U.S. companies whose gear the NSA targeted — including the agency’s favorite phishing holes: Yahoo! (YHOO) and Time Warner’s (TWX)

But it was the last item, DROPOUTJEEP, the only exploit out of 50 that specifically targeted at an Apple product, that became every editor’s favorite second-day story. By Tuesday morning Techmeme had assembled more than 30 headlines about DROPOUTJEEP and made the Daily Dot’s The NSA has nearly complete backdoor access to Apple’s iPhone its lead story.

I don’t mind. If more Americans watch Appelbaum’s video because an Apple headline drew them in, so much the better.

For the record, there’s no evidence that DROPOUTJEEP was ever deployed (it was marked “under development” in 2007), or that Apple knew anything about it.

But Appelbaum seems to think it was, and that Apple did. Here, for the record, is how he put it:

“Do you think Apple helped them build that? I don’t know. I hope Apple will clarify that. Here’s the problem: I don’t really believe that Apple didn’t help them, I can’t really prove it but [the NSA] literally claim that anytime they target an iOS device that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write shitty software. We know that’s true.”

UPDATE: Apple on Tuesday denied working with the NSA. The official statement, via AllThingsD:

“Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers’ privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements. Whenever we hear about attempts to undermine Apple’s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them.”

Below, while it’s still available, Appelbaum’s full video.