Deep Dive
Shownotes Transcript
This is TechCrunch. This episode is brought to you by Factor.
Notice how the days are shorter but your to-do lists aren't? Here's a trick: Factor. From breakfast to dinner and anything in between, Factor has easy, nutritious options to keep you fueled and feeling your best. My box at Factor is on its way and it could not get here sooner. I'm so excited because you get to choose from six menu preferences to help you manage calories, maximize protein intake, or avoid meat, or simply eat a well-balanced diet.
Whether you like routine or you enjoy mixing things up, Factor has you covered with 35 different delicious meals every week and over 60 additional convenience options you can add to your box like keto cookies, pressed juices, and smoothies.
Don't let shorter days slow you down. Stay energized with America's number one ready-to-eat meal delivery service. Head to factormeals.com slash 50TCIndustry and use code 50TCIndustry to get 50% off your first box plus free shipping. That's code 50TCIndustry at factormeals.com slash 50TCIndustry to get 50% off your first box plus free shipping while your subscription is active.
Before the elections, the cybersecurity team of U.S. Vice President and then-presidential candidate Kamala Harris reached out to Apple asking for help, according to Forbes, after a tool that's designed to detect spyware on iPhones flagged anomalies on two devices belonging to campaign staffers. Apple declined to forensically analyze the phones, per Forbes. The company's response is no surprise to the digital defenders working with at-risk populations,
often targeted by spyware. In the last few years, Apple has been sending notifications to targets and victims of government spyware, alerting them that they may have been hacked and directing them to get help. Crucially, Apple doesn't tell the targets to get in touch with its own security engineers, but with the non-profit
AccessNow, which runs a digital helpline for people in civil society who suspect they have been targets of government spyware. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple account," reads a recent alert, which AccessNow shared with TechCrunch.
This attack is likely targeting you specifically because of who you are or what you do. Although it's never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning. Please take it seriously. While it may look like Apple is abdicating its responsibility to protect its users, cybersecurity experts who work with human rights defenders, journalists, and dissidents generally agree that Apple's approach in alerting victims to spyware attacks is the right one.
These notifications have been a game-changer for spyware accountability research, said John Scott Rilton, a senior researcher at the Citizen Lab, a non-profit that investigates spyware, and is housed at the University of Toronto Munk School of Global Affairs and Public Policy. When I look back over the past few years, I see so many of the most important cases that we know about – Poland, Thailand, so many others – began with an
Apple notification, said Scott Rilton. For people who investigate spyware, Apple sharing spyware notifications with victims represented a turning point. Before the notifications, we were just like in the dark, not knowing who to check, according to AccessNow's legal counsel, Natalia Krapiva. I think it's one of the greatest things that's happened in the sphere of this kind of forensic investigations and hunting of sophisticated spyware, Krapiva told TechCrunch.
Now, when someone or a group of people get a notification from Apple, they are now warned that something potentially anomalous is happening with their device, that someone is targeting them, and that they need to get help. And Apple tells them exactly where to get it, according to Scott Rilton, who said AccessNow's helpline is the right place to go because the helpline is able to do good, systematic triage work and support.
Krapiva said that the helpline is staffed with more than 30 people, supported by others who work in other departments of the nonprofit. So far in 2024, Krapiva said AccessNow received 4,337 tickets through the helpline. Scott Railton, Krapiva, and security expert Runa Sandvik, who runs her own digital security consultancy Granit for at-risk people and has been protecting journalists for a decade, all agree Apple should stop short of investigating individual attacks
after notifying the victims. "Big tech companies don't want to get into the business of doing forensics on people's devices or accounts," Sandvik told TechCrunch. "I think that should remain separate." Eva Galperin, the director of cybersecurity at the non-profit Electronic Frontier Foundation, who has been investigating surveillance on the internet for more than a decade, said that Apple could still do more to combat spyware.
Apple could write more detailed reports and file more lawsuits. These are the things that take massive amounts of money NGOs don't have and telemetry NGOs don't have, Galperin told TechCrunch. In its official page about mercenary spyware, last updated in October, Apple says that since 2012 it has sent notifications to users in over 150 countries.
Apple spokesperson Nadine Hajja told TechCrunch that the vast majority of users will never be victims of such attacks. We sympathize deeply with the small number of users who are, and we continue to work tirelessly to protect them, and reiterated that there are no known cases of mercenary spyware on Apple devices with lockdown mode. Our security teams are constantly working to track mercenary spyware attackers, and we send threat notifications to inform and assist users who we believe were individually targeted.
For anyone alerted by a notification, Apple tells those targets and victims of spyware to update their iOS software and all their apps. Apple also suggests the user switches on Lockdown Mode, an opt-in iOS security feature that has stopped spyware attacks in the past by limiting device features that are often exploited to plant spyware. Apple said last year that it is not aware of any successful spyware infection against someone who used Lockdown Mode.
Scott Railton called lockdown mode a game-changer in increasing the security of people's devices, especially people who are at risk. All the experts TechCrunch spoke with strongly recommend turning on lockdown mode if you think you may be a target, especially if you are a journalist, human rights defender, or dissident. And if you get a notification from Apple, take it very seriously.