In brief: Apple is notorious for its walled garden approach and renowned for promoting security and privacy as the top feature of its products. However, security researchers believe this also means hackers who do manage to breach the wall tend to remain undetected a lot more often than you’d think.
For years, Apple has touted the privacy and the security of its devices and explained through its marketing that it values those two features more than other tech companies. Lately, that has attracted legal fights with companies like Epic, which are interested in breaking the walled garden that Apple has built around its ecosystem and aligning it to what the rest of the industry is doing.
However, the Cupertino giant may have inadvertently created a bigger problem than the one it set out to solve. Creating a digital fortress around its products and services has given some of the world’s top hackers one of the best places to hide. It may be harder to break into an iPhone, but once in, it’s also easier for that bad actor to conceal their activity for a long time.
A report from the MIT Technology Review takes a deep dive into Apple’s intense drive to bolster product security while touching on the unintended consequences of that approach. The analysis cites Citizen Lab’s senior cybersecurity researcher Bill Marczak, who explains that top-tier hackers have the resources and motivation to develop zero-click exploits that allow them to run their malicious code while users are none the wiser.
It’s not just malicious actors that do this. Companies like Israel-based NSO Group have been at it for years, and while they promise to only provide their tools to legitimate organizations such as law enforcement, there’s always a risk they could be misused. Additionally, companies like Facebook have tried to purchase NSO’s spyware tools specifically to gain the ability to monitor iPhone and iPad users.
Marczak was one of the first to raise awareness about the existence of NSO and notes that when investigating an Al Jazeera journalist’s iPhone last year, he initially found no evidence of hacking on it. As the investigation dragged on, the Citizen Lab team…