Sun Jan 26, 2014
In the year 2014, a startup in San Francisco builds an iPhone app that successfully cures people of heartbreak, but it requires access to every permission allowed on the operating system, including some that no app has ever requested before. It only costs $2.99 though.
The app becomes hugely popular. The heartbroken protagonist of our story logs into the Apple iStore to download it, but because the Apple iStore doesn’t support HTTP Strict Transport Security yet, an NSA FOXACID server intercepts the HTTP request and injects targeted iPhone malware into the download before Apple’s servers have a chance to respond.
However, the malware was actually targeted for the iPhone of an overseas political dissident. The only reason it reached our protagonist by mistake was because the first SHA-1 collision in recorded history was generated by the tracking cookies that NSA used to target the dissident.
Meanwhile, the protagonist is wondering whether this app is going to work once it finishes installing. He smokes a cigarette and walks along a bridge in the pouring rain. Thousands of miles away, an NSA agent pinpoints his location and dispatches a killer drone from the nearest drone refueling station.
The protagonist is silently assassinated in the dark while the entire scene is caught on camera by a roaming Google Street View car. The NSA realizes this and logs into Google’s servers to delete the images, but not before some people have seen them thanks to CDN server caching.
Nobody really wants to post these pictures, because they’re afraid of getting DMCA takedown notices from Google Maps.