Tight security may be a double-edged sword.
Apple is famed for its walled garden approach and is known for encouraging protection and secrecy as the key aspect of its goods. However, security experts assume that this often ensures that hackers who actually manage to crack the wall appear to stay undetected much more frequently than you might expect.
For years, Apple has been encouraging the privacy and protection of its smartphones and, in its ads, explained that it supports these two aspects more than most tech firms. This has lately drawn court battles with firms like Epic, who are involved in breaching the walled garden that Apple has developed around its ecosystem and aligning it with what the rest of the market is doing.
However, unintentionally, the Cupertino giant may have developed a bigger problem than the one it set out to solve. Creating a digital fortress around its goods and services has made some of the world’s biggest hackers one of the safest places to hide. It might be harder to get into an iPhone, but once in, it’s easier for the bad guy to mask their operation for a long time to come.
The MIT Technology Review study deepens Apple’s relentless push to improve product protection while touching on the potential implications of that strategy. The study cites Citizen Lab’s senior cybersecurity researcher Bill Marczak, who describes that top-tier hackers have the resources and incentive to create zero-click vulnerabilities that enable them to execute their malicious code while users are no wiser.
It’s not about the evil people who do this. Companies like the Israel-based NSO Group have been there for years, and although they pledge to offer their resources only to legal organisations such as law enforcement, there is still a possibility that they might be misused. In comparison, businesses like Facebook have been seeking to buy NSO spyware software expressly to obtain the right to track iPhone and iPad users.
Marczak was one of the first to raise awareness of the presence of NSO and states that he originally saw no signs of hacking on Al Jazeera’s iPhone last year. As the investigation went on, the Citizen Lab team found that the handset was pinching servers belonging to the NSO. When Apple launched iOS 14, it broke the researchers’ jailbreaking tool and cut off links to unique files that hackers prefer to use to conceal their malicious code.
Modern machines have evolved in a similar direction to Apple’s lock-down philosophy, but with minimal results. In the case of Macs, we have already seen the launch of T-series encryption chips (which are now built into the M1 SoC for Apple Silicon Macs) that can control cryptographic storage, safe boot, process image signal processing and biometric verification, and even physically disable microphones to prevent snooping.
Also that implementation is not perfect and potentially allows a skilled hacker to bake in a keylogger and steal credential while being virtually impossible to detect. In the tech side, Apple’s strategy is close to a double-edged sword. On the one side, any programme running on a Mac must pass a notarization scan. On the other hand, it can fail drastically because so many users upgrade to the new version of MacOS at the same time.
Security researchers are very constrained because Apple doesn’t allow Mac inspection tools the kind of deep access they need to check at proof of hacks—they’re not allowed to look at the memory allocations of other processes. This means that applications cannot check the personal space of another app that is ideal for protecting end-users but a major restriction for security analysis. Other businesses like Google are going down the same road. For eg, Chromebooks are locked so that you can’t run something outside the web browser.
Apple claims that this approach to protection is correct—the tradeoffs are a small price to pay for making the lives of bad actors very difficult when it comes to accessing confidential data on your computers. Security experts appear to agree, but they are also concerned that if more users gravitate to mobile devices built around the walled garden model, it would be more difficult to determine whether the system has been hacked. They fear that malicious people will get away with it more times than not without leaving a trail.
Image credit: Africa Studio