On Tuesday, WikiLeaks released “Vault 7,” a huge collection of documents that reveal hacking tools used by the CIA. While the dump paints the CIA in an unflattering light, the fallout may well be worse for some of the world’s largest tech companies, including Apple Inc. (NASDAQ:AAPL).
Specifically, the CIA has a long list of iOS exploits it has used to gain access to iPhones. Despite being named along with numerous other giants of tech, the latest WikiLeaks dump actually highlights a key advantage for Apple in particular.
And while its aura of security may emerge tarnished, the iPhone may actually come out ahead over the long term thanks to WikiLeaks.
What Was in WikiLeaks Vault 7?
The latest WikiLeaks dump involves 8,761 documents outlining a wide range of CIA hacking tools, including viruses, malware, zero-day exploits, trojans and remote control systems.
In addition there are 14 iOS exploits listed, several dozen Android vulnerabilities and methods for accessing encrypted chats (essentially reading the contents before they are encrypted by gaining access to the host device).
It’s not all smartphones, either. The CIA has developed malware to infect computers running macOS, Windows and Linux. It’s even capable of turning Samsung Smart TVs on their owners, using them as listening devices to record conversations.
This Doesn’t Look Good for Apple
Apple has long positioned itself as a privacy advocate. It has always played up the security of the iPhone and even refused an FBI request to unlock the iPhone used by a shooter in 2015’s San Bernardino terrorist attack.
Apple CEO Tim Cook released a written statement at the time, saying:
“… the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.”
The WikiLeaks Vault 7 release made it clear that iOS wasn’t as secure as Apple had thought.
How Apple Could Come Out Ahead
WikiLeaks is bad news for Apple in the short term. But the reveal of CIA hacking of mobile devices and consumer electronics could actually be good news for the company in the long run. Apple quickly went on record as saying many of the vulnerabilities identified in the WikiLeaks Vault 7 documents were already addressed with iOS 10. And it is working to identify and patch any new issues.
Apple and Google chose very different strategies when it comes to smartphones. Apple controls every aspect of iOS — its mobile operating system — as well as the hardware. It pushes out new major new iOS versions yearly and update releases (the kind that fix bugs or security issues) on demand. As a result, nearly 80% of all iPhones are currently running iOS 10.
Google also releases new versions of Android yearly, but largely relies on smartphone manufacturers and wireless carriers to approve and push updates. They have little incentive to do so, since lacking the latest Android features could be a reason to buy a new smartphone.
With such a wildly varying assortment of smartphones, updates can often be problematic, leading to support issues. As a result, the latest version of Android is on just 2% of all Android smartphones, while the majority are running software released in 2014 or earlier.
In other words, even if Google had addressed most of the issues in Android Nougat as claimed, right now, there are hundreds of millions of Android devices that could still be affected because they’re running old software. Most iPhone users, however, should be okay, and the rest can be assured that Apple’s consistent program of releases will address any outstanding issues.
Apple has a similar approach with macOS. It updates its Mac computer operating system regularly and pushes out security updates as issues are discovered. With the smart home, Apple takes extreme security measures, including costly custom chips, factory inspections and end-to-end encryption between connected devices. This approach has meant slower adoption for its HomeKit platform, but with the benefit of being far more secure than the competition.
As for smart TVs eavesdropping on you, that’s just another reason to buy a relatively inexpensive streaming box — like an Apple TV — instead.
The Age of Privacy Is Over
Many people had been living with a probably naive expectation that everything they did with their smartphone was private and secure, especially when using encrypted apps. The latest WikiLeaks dump should end that notion and leave people watching their TV, PC and even smart thermostat with suspicion.
But by the time this plays out, it’s also likely to make it clearer than ever before that some products are more secure than others, and some companies are in a better position to fix any vulnerabilities.
Apple may have been named as one of the victims of CIA hacking, but it was quick to respond and quick to make it clear many of the WikiLeaks exploits have already been addressed. Perhaps more importantly, Apple’s product strategy puts it in the position to be a leader in offering the most secure devices possible going forward.
As of this writing, Brad Moon did not hold a position in any of the aforementioned securities.
