“A rare, behind-the-scenes, and often unflattering peek at how Apple wields power.” — Slate
From Aaron Mak’s “The Most Embarrassing Revelations in Apple’s Antitrust Trial” posted Monday on Slate.com:
The Biggest Known iPhone Hack. As part of discovery, Apple released emails that surfaced worrying details about the largest known iPhone hack to date. In September 2015, researchers notified managers at the company that 2,500 apps containing malicious code had been downloaded 203 million times by 128 million iPhone users. (Further investigation would later reveal that 4,000 apps had been affected.) Of the victims, 18 million were in the U.S. and more than half were in China. Hackers were able to create a counterfeit version of Apple’s Xcode app development tool that deployed the malicious code and prompted iPhones to divulge information like device identifiers and network info. In the emails, Apple’s managers discuss steps for notifying all the affected users via email, which is best practice for data breaches and often mandated by state law. However, it doesn’t seem that Apple ever ended up sending that email. Instead, it published a blog post that vaguely outlined how the hack worked and only disclosed the 25 most popular apps that had the malicious code. The post has since been taken down, and it wasn’t until this year that the public learned just how many iPhone users the hack had managed to reach.
My take: Pretty damning, if true.