Top-secret documents disclosed by former intelligence contractor Edward Snowden have exposed an array of programs that put the digital privacy of computer users at risk. But as security concerns continue to amount, the industry appears to be answering.
Some are now making that argument, at least, after experts became aware of a fix in Apple’s newest operating system that stifles at least one of the National Security Agency programs made public through unauthorized leaks attributed to Mr. Snowden.
The Washington Post revealed earlier this month that classified documents supplied by the former intelligence contractor indicated the NSA has harvested hundreds of millions of email address books and contact lists intercepted by the agency as data routinely moves across the globe between Internet servers located around the world.
Personal data — including that of American citizens — passes through an “overseas collection apparatus,” one official privy to the program told the Post — which the NSA then uses to justify that the intelligence is not of a US person, and thus fair game for interception.
“The documents and intelligence officials say all the collection of contact information takes place outside US territory. But the distributed nature of modern web infrastructure means that communications between an American user and a US webmail provider (such as Google) could still flow outside the United States, where there are fewer legal restrictions on NSA surveillance,” Ashkan Soltani wrote in a separate article for the Post. “The contact lists of Americans also cross the NSA’s international collection points when they live or travel overseas.”
Jonathan Mayer, a computer science doctoral student at Stanford University, says the new operating system released by Apple includes an upgrade that makes personal data harder to pilfer while in transit.
Along with a number of new bells and whistle included in Apple’s OS X Mavericks released on Tuesday, Mayer discovered that users who wish to sync their contacts list between their computer and their Google account can now do so using encryption — something absent in Apple’s previous operating systems.
“The speculation seems to be that this is one of the ways in which the NSA was able to collect Google address book information,” Mayer told Huffington Post.
With earlier Apple operating systems, users wishing to sync their accounts were only allowed to do so in an unencrypted fashion, Mayer said, making eavesdropping that much easier. Now, Mavericks allows such transferring to be done in a way that protects personal information — to a degree — from parties looking to pry, including the NSA.
“In short, Apple was irresponsible in not giving users of non-Apple contacts services even the option of using encryption. Apple has fixed their end of the problem,” Electronic Frontier Foundation staff attorney Nate Cardozo added to HuffPost.
For privacy conscious users, however, upgrading to Mavericks is only one method of obfuscation and isn’t an all-encompassing solution.