In the latest instance of Apple looking to distance itself from government interference, it has announced that it is now designing its own servers in-house, because it’s concerned that someone is modifying its servers after they’ve been shipped from the manufacturer. In some cases, it believes hardware was added to provide backdoors and information harvesting functions for a third party.
As its services rely more and more on cloud infrastructure, making sure that it is in control of customer information is of paramount importance. So the fact that for some time it’s suspected an organisation was getting a hold of servers it ordered and changing their hardware configurations during transit (as per The Information, via Ars), is worrisome.
In the past it has had employees photographing chips and individual components, questioning manufacturers to explain the purpose of each and every one – but that is extremely laborious. Moving forward, it is looking to build its own systems in-house, thereby making it much harder for an outside organisation to modify the hardware in any way.
Microsoft, Facebook and Google have developed their own server platforms in the past too. Source: Wikimedia
Although Apple hasn’t made any official announcement about this – and therefore this should be taken with a small pinch of salt – it has long been known that the NSA has no problem installing backdoors and tweaking hardware before it reaches the consumer. In one of the more famous instances, Kaspersky claimed that the NSA had infected the firmware of major hard drive manufacturers, to prevent its malware from being deleted by full-drive formats.
This also comes at a time where Apple has ‘won’ its fight against the FBI to deliberately weaken the security on one of its devices. It seems keen to take steps to further improve security for its users, despite calls from government and intelligence agencies that encryption could prevent terrorist attacks from being detected.
This hardware hacking doesn’t sound that far-fetched in the UK now either, as the new Investigatory Powers Bill, currently being rushed through parliament, has provisions to allow for the large-scale hacking of hardware devices, possibly through physical modification.
KitGuru Says: Nobody is suggesting that intelligence agencies aren’t incredibly important, but when there is so little trust between them and the people they’re protecting, something needs to change.