After several high profile attacks and embarrassing slip-ups, Apple’s perception as the secure consumer device is starting to crack.
iPhone Security- Earlier this month, in a dimly lit conference room in a swanky Las Vegas conference center, an Apple employee walked up on stage to pick up an award.
The ceremony was the Pwnie Awards, a largely tongue in cheek affair that celebrates the best—and in other ways the worst—hacks of the year. Winners receive a My Little Pony-style trophy, and get to reflect and joke about some of the pitfalls their product or company may have fallen into.
In this case, the Pwnie organizers highlighted a bug that allowed people to eavesdrop on others through Facetime. And when the Apple employee stood up, people seemed surprised. Apple certainly wouldn’t pick this up, they must have thought. (Traditionally, many winners or impacted companies don’t show up to the gala.)
“We’ll do better,” the employee, who did not identify themselves, said. The audience laughed.
Apple does take security and privacy very seriously; the iPhone is generally considered to be the most secure consumer device on the market. But after researchers from Google published details on likely the largest attack against iPhone users to date, in which websites with thousands of visitors a week were found to be infecting iPhones, it’s clear that this is one of the worst years for Apple’s security.
“This is going to follow Apple around for a long time,” Dan Guido, CEO and founder of cybersecurity firm Trail of Bits, which works on iOS, told Motherboard.
Ian Beer from Google’s elite team of researchers called Project Zero revealed the broad and long running attack against iPhones in a blog post on Thursday. The exact contours of the attack are unclear, but Beer wrote that the campaign was “indiscriminate,” with victims being hacked just from visiting a website. The malware could then steal the contents of WhatsApp and other messages, track the phone’s location, and siphon a user’s passwords.