All posts in “Leaks”

Apple’s historic iOS 11 leak may have been an inside job, report says

Image: Jaap Arriens/NurPhoto via Getty Images

We’re now accustomed to a minor hardware and software leaks in the weeks and months ahead of any major Apple event, but Saturday’s massive Golden Master version iOS 11 leak may be the worst ever suffered by the incredibly secretive company. 

Like, ever.

So now, just a couple of days away from Apple’s big iPhone event, we await the inevitable leak blowback, and it’s already begun: We now have new details on how the leaks may have made it to the public. 

That leak exposed a wide range of details ahead of Apple’s Tuesday event, including the names of the new iPhones, a new LTE Apple Watch, the name of Face ID and how it works, and a number of software goodies that would have otherwise wowed the audience in a couple of days. 

Now? Assuming all the information from the leak pans out, it’s difficult to imagine many surprises from Tim Cook when he hits the stage in about 48 hours. And you can bet Cook isn’t happy about that. 

Following the leak, Apple-focused podcaster and blogger John Gruber, who occasionally delivers insider details on the company’s products, explained how the leak information was likely obtained. And rather than pinning the leak on a hacker, he points the spotlight in a very surprising direction. 

“I can state with nearly 100 percent certainty that it was [leaked by an Apple employee]”

“As best I’ve been able to ascertain, these builds were available to download by anyone, but they were obscured by long, unguessable URLs,” wrote Gruber. “Someone within Apple leaked the list of URLs to 9to5Mac and MacRumors. I’m nearly certain this wasn’t a mistake, but rather a deliberate malicious act by a rogue Apple employee.”

Then on Sunday, the BBC reported that it had confirmed that an “anonymous source” had deliberately sent the leak information to 9to5Mac and MacRumors, allowing the publications to download the software “from Apple’s own computer servers.”

Gruber followed up on that report on Sunday by adding more intrigue to any questions around the leak’s origin.  

“The BBC doesn’t say definitively that the leak was sent by an Apple employee, but I can state with nearly 100 percent certainty that it was,” wrote Gruber. “I also think there’s a good chance Apple is going to figure out who it was.” 

That might sound ominous, but Apple has long been known for the lengths to which it will go to ensure the secrecy of its products, so Cook and his team are likely working overtime to track down the person who leaked the information, assuming that they haven’t already. 

“That person should be ashamed of themselves,” wrote Gruber, “and should be very worried when their phone next rings.”

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f81605%2f3e07624b 1ddc 4bc5 89c2 1f685b59044b

Apple iOS 11 leak reveals iPhone’s new Face ID set-up process

The epic leak of the Golden Master version of iOS 11 on Saturday continues to deliver surprises, and the latest offers more insight into how Apple’s new Face ID system may work. 

A Brazil-based iOS developer posted several screenshots and videos on Twitter not long after the initial leak, and the posts appear to show the process for setting up the iPhone’s new Face ID authentication

We get to see what appear to be the preference and settings screen for Face ID (a name indicated by earlier leaks on Saturday), which allows you to select whether you’d like to use Face ID for iPhone Unlocking, Safari Autofill, the App Store, or iTunes. 

And in the video, we also get to see what may be the Face ID authentication screen as it looks when you position your face in front of the camera for first time registration. 

Of course, none of this is confirmed, but the demonstrations and settings screens, when paired with the leak information from Saturday, are pretty convincing. 

We’ll know for sure in just a couple of days, when Apple CEO Tim Cook takes to the stage of the new Steve Jobs theater to reveal all. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f81605%2f3e07624b 1ddc 4bc5 89c2 1f685b59044b

The one iPhone 8 leak to rule them all

Image: Lili Sams/Mashable

For those who obsess about the iPhone, it was the mother lode.

After a long period without any substantive information (although plenty of whispers, speculation, and questionable photos), it finally happened: the biggest iPhone 8 leak so far. 

In what looks like an understandable but massive mistake, pre-release firmware for the Apple HomePod somehow got uploaded to a public server.

There’s a lot of interest in HomePod — the Apple “smart speaker” that’s meant for music and has Siri built-in. Apple plans to release it in December, so getting a look at the software four months early is definitely a big deal.

But that was just the beginning. The HomePod software actually included a lot of information about a new iPhone — what has generally been called the iPhone 8 — including details on the exact shape of its edge-to-edge screen, a new kind of biometric security that involves facial recognition, and other features.

One of the key people in deciphering the leak has been Guilherme Rambo, an iOS developer from Brazil. Rambo has been revealing the details he and others have discovered in the HomePod software on his Twitter feed, including references to something called “Pearl ID,” a virtual home button, and even an image of what the front of the iPhone 8 will supposedly look like (hint: get ready to hear the term “notch” a lot).

Rambo joins this week’s MashTalk podcast along with CNET Executive Editor and mobile analyst Roger Cheng and Mashable Senior Tech Correspondent Raymond Wong to fully unpack this huge leak, explore what this radically redesigned iPhone will mean (to users and Apple), and analyze the info to figure out what’s not in the leak.

You can subscribe to MashTalk on iTunes or Google Play, and we’d appreciate it if you could leave a review. Feel free to hit us with questions and comments by tweeting to @mashtalk or adding the #MashTalk hashtag. We welcome all feedback.

Listen on Google Play Music

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f80619%2fc2f33e39 3ec1 4643 8d80 e696388d73a4

Apple’s internal presentation about its fight to stop leakers was, wait for it, leaked

Apple is working to plug up all its leaks.
Apple is working to plug up all its leaks.

Image: Lennihan/AP/REX/Shutterstock

Apple reportedly uses an intensely secretive corporate culture, a screening system more thorough than the TSA’s, and a crack team of investigators with ties to the FBI and NSA to prevent leaks about its products from getting out.

Still, some secrets slip out, which is exactly how we know about these extreme measures. 

A recording of an internal briefing about Apple’s efforts, aptly named “Stopping Leakers: Keeping Confidential at Apple,” was itself leaked to The Outline earlier this month. 

The hour-long presentation, which was reportedly given to about 100 employees, revealed new details about the programs Apple has put in place to discourage its employees from sharing confidential information with the outside world.   

The briefing was bookended with video presentations featuring Apple employees discussing how the leaks affect their work, calling the breaches “gut-wrenching” and demonizing leakers as those willing to let everyone else in the company down.

Many leaks in the past have come from Apple’s manufacturing partners in China, where low-wage workers could earn as much for selling one secret as they could in several months or even a year on the assembly line, so there’s an intense focus on screening the workers to prevent anyone from smuggling out parts of the supply chain. Those physical leaks are typically housings — the metal backs of the iPhone.

The presenters claimed Apple’s 40 factories process 2.7 million workers a day, which is more than the TSA’s 1.8 million peak volume of screenings. The system has been effective, however: The presenters said, in 2016, four of the 65 million housings Apple produced were stolen which is a one in 16 million loss ratio. 

More leaks came from Apple’s HQ in Cupertino than China, which could explain why the briefing was held in the first place. Two US-based leakers in particular were singled out as having provided information to “bloggers,” serving as cautionary tales to the audience.   

Leaks in Cupertino and abroad are the focus of Apple’s Global Security team. The force is broken out into multiple groups, like the New Product Security (NPS), which works to prevent leaks before they happen, and the investigations team, which doggedly tracks the sources, even after the damage is done.

Some of the members of these teams boast backgrounds at the highest levels of the military, national security, and intelligence organizations; the report claims some of the Apple employees have ties to the FBI, the Secret Service, the NSA, the DIA, and the Department of State.  

Why does Apple care so much?

Apple’s focus on secrecy is as much a part of the company’s DNA as its emphasis on design and its commitment to “think different,” so it should come as no surprise that the company goes to extraordinary lengths to keep its work under wraps.

It also shouldn’t come as a surprise that those efforts are now out in the public, highlighting Apple’s constant battle to stay ahead of those who would expose the company to the curious world hungry for inside info about the next One More Thing. Tim Cook recently blamed leaks on a dip in iPhone sales directly, as the torrent of rumors flooding the news cycle about the iPhone 8 has incited speculation on a massive scale, as market analysts prep for an impending “super cycle” of upgrades.    

When we reached out to Apple’s reps for comment about the report, they declined to provide any statement. Unsurprisingly, it goes against the company’s PR policy to comment on rumors and speculation about its inner workings. 

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f80465%2f8f504795 903b 45eb b188 b5bb107a388b

Nearly 200 million voters exposed in GOP data leak, proving all political parties are susceptible to being hacked

Image: Shutterstock / Barbara Kalbfleisch

Registered U.S. voters dating back more than a decade have been exposed in what’s believed to be the largest leak of voter information in history.

A data analytics contractor hired by the Republican National Committee (RNC) left databases containing information about 198 million potential voters open to the public for download without a password, according to a ZDNet report.

The leak helps prove that any political party is susceptible to cybersecurity vulnerabilities, despite the GOP’s insistence that it ran a more secure 2016 presidential campaign than the rival Democratic National Committee (DNC).

The exposed databases belonged to the contractor Deep Root Analytics and contained about 25 terabytes on an Amazon S3 storage server that could be viewed without requiring a user to be logged in. In theory, this means that anyone knowing where to look could have viewed, downloaded, and have potentially used the information for malicious purposes.

The RNC worked closely with Deep Root Analytics during the 2016 election and paid the company $983,000 between January 2015 and November 2016, according to an AdAge report.

The RNC’s remarkably bad security was first discovered by researcher Chris Vickery of the security firm UpGuard. The security firm responsibly disclosed the vulnerability to the RNC, and the server was secured last week prior to making the news public today.

This vast exposure of voter information highlights the growing risk of data-driven campaigning used by both the DNC and RNC. The data in this case contained models about voters positions on different issues, including how likely it is that they voted for Obama in 2012 and whether they were likely to agree with Trump’s “America First” foreign policy talking point. 

The leak has essentially exposed more than half of the U.S. population, trouncing the second-largest leak of voter information, the 2016 exposure of 93.4 million Mexican voters.

Perhaps the worst part about all of this is there’s very little voters can do to ensure their information is stored privately and securely. Mashable has reached out to the RNC and Deep Root Analytics for comment, and will update when we hear back.

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f1012%2fa0fcbd3e 259f 4127 bea8 329b9f0afb7c