Hardly a day goes by without some revelation of a leak, a security breach, or someone somewhere claiming to upset the balance of the technology industry– or the government– with an aforementioned leak or hack into something once considered valuable and personal. So, it’s with sadness that I put Apple up on the chopping block to see if the company still is the champion of privacy and security.
First up, some crazy Mideast hackers claim to have the ingredients to a few hundred thousand Apple iCloud accounts and they’re going to reset them all if our favorite Mac maker doesn’t pay up.
That’s nuclear phishing if I ever saw it.
The hackers, who identified themselves as ‘Turkish Crime Family’, demanded $75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data.
Oh boy. Just when you thought it was OK to be a celebrity and use an iCloud account to store your secret nudist colony photos.
What does Apple say?
There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.
So, at sometime, someone hacked something from Apple somewhere, and it might just be old stuff that was already fixed up and refurbished. Apple does that. It sells refurbished products. Why not refurbished security? April 7th– the deadline the hackers set to receive payment from Apple– will be an interesting day in Cupertino, CA. And, maybe for a few hundred thousand iCloud customers.
Wait. There’s more. And it’s worse.
Remember the C.I.A? Remember WikiLeaks? They don’t like each other, but the C.I.A., according to WikiLeaks’ latest leaks, has mechanisms for spying on you through your iPhone and Mac and even Apple didn’t know about it. So says Vault 7: Projects:
Today, March 23rd 2017, WikiLeaks releases Vault 7 “Dark Matter”, which contains documentation for several CIA projects that infect Apple Mac firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA’s Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain ‘persistence’ on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware.
Good grief. Is anybody safe? Is anybody in charge?
The sneak persistence infection described in the leaked C.I.A. document indicates government hackers would need your Mac or iPhone to deliver the payload, but what’s to prevent them from doing the same thing at the factory level at the start of the supply chain?
Nothing, apparently. It may already have been done.
Is anything safe, private, and secure anymore?
Short of going off the grid entirely, Apple was our last great hope and it could very well be they’ve been suckered by government spooks and we’ve been suckered by Apple and maybe the all this spying brouhaha denied by Fox News is just the tip of a Watergate-like iceberg battle between governments and citizens. If President Obama was a secret muslim them why can’t President Trump be a Russian spy?
Here’s the deal. I want my information protected from prying eyes from anywhere; earth, solar system, galaxy, universe. It’s my information. It belongs to me. It does not belong to someone else to view. If Apple cannot protect me from such ongoing intrusions, who can?
Apple is the protector of what exactly?