Could iTunes Be Used by Foreign Governments Spy On You?

This sounds like something out of a hacker novel.  A company from the UK called Gamma International was found selling software to “foreign intelligence services” that used some kind of security hole in iTunes to spy on targets.  

The hole has since been fixed, but this whole thing should give us pause.  Using iTunes in cyberwarfare?  Read on:

A reporter for a German magazine caught a British security firm boasting about how they can use Apple’s megapopular software to infect target computers with malware on behalf of foreign governments. At a booth this past September at Germany’s Cyber Warfare Europe conference, representatives from Gamma International UK showed how their FinFisher product service could insert spyware via iTunes at the request of intelligence, security, and police agencies worldwide.

The spyware takes advantage of an unencrypted HTTP request that is filed by iTunes when Apple Software Updater is inactive. Once installed on a user’s computer, the spyware program redirected users’ web browsers to a customized web page that pretended Flash was not installed on the user’s computer. The “Flash” that the web page would install was in reality a sophisticated piece of spyware that sent info on a user’s activities directly to foreign intelligence services.

It’s a great story from Fast Company magazine.  Read the rest here.

Alan Cross

is an internationally known broadcaster, interviewer, writer, consultant, blogger and speaker. In his 40+ years in the music business, Alan has interviewed the biggest names in rock, from David Bowie and U2 to Pearl Jam and the Foo Fighters. He’s also known as a musicologist and documentarian through programs like The Ongoing History of New Music.

One thought on “Could iTunes Be Used by Foreign Governments Spy On You?

  • November 23, 2011 at 5:10 pm
    Permalink

    That is like the pre-installed (from China) spyware on digital frames story. No one checks that device as they later on link up to their computers.

    Reply

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.