How Apple has tackled security leaks in iPhone and Mac factories

Posted:
in General Discussion edited July 17
Six years ago, an employee at Jabil, one of Apple's suppliers, stole thousands of iPhone 5c casings from a factory in China, prior to the product being announced. Since then, Apple has upped its efforts to reduce theft and leaks from the factory floors.

Apple iPhone


The employee was helped by a security guard and avoided security cameras as he drove a truck filled with iPhone 5c shells, according to an article at The Information.

At the time, the incident was one of the most devastating leaks to come out of Apple's supply chain. Images of the iPhone 5c appeared on the internet, spoiling the reveal for the September event.

In the following years, Apple created the New Product Security Team, known as NPS, to monitor security at sensitive China-based suppliers. Since then, the team has put a stop to most device leaks and has discovered some incredible theft attempts. This included factory workers who had tried to build a tunnel in hopes of transporting components outside of the building unnoticed.

Last year, Apple began to pare down its NPS team and contracted out some of the work, according to those familiar with the situation.

The leaks, however, are still a threat. Electronic leaks are particularly troublesome. CAD renderings and schematics leaks of the upcoming iPhone have showcased the suspected three-lens camera. Apple has shifted resources to preventing these sorts of leaks, with an team in Apple's headquarters allegedly spearheading the efforts.

Apple's competitors, such as Google, Samsung, and LG are now trying to replicate Apple's efforts. These efforts have become more significant, now that companies like Huawei have attempted to steal technology from competitors including Apple.

Stopping the leaks was not an easy task, and Apple had recruited former U.S. military and intelligence people fluent in Chinese, to be supplier security manager. It also performed weekly audits on factories to sniff out any suspected leaks before they became a threat.

Every year, Apple outlines suppliers' security responsibilities, including basic guidelines on physical and electronic access, how to operate security checkpoints, and the tracking of inventory.

Apple requires suppliers to provide security managers with unrestricted access to factories. Occasionally, they have been met with resistance. Samsung, the supplier of Apple's OLED displays for the iPhone X, refused entry to an Apple security manager on the basis that they may steal manufacturing techniques.

Apple continues to refine their security measures to prevent new methods of leaking sensitive information.

Suppliers must store parts in opaque containers, but all trash must be clear and scanned for metal before leaving the premises. Anything stored must be sealed in a container with tamper-proof stickers. All components have unique serial numbers that correspond to where they were manufactured. Inventory is taken daily, with weekly reports on scrapped parts.

To best electronics leaks, Apple requires suppliers to operate physically separate computer networks. For CAD renderings, Apple requires an additional network walled off inside the first network. CAD files are watermarked to discourage employees from taking screenshots.

Apple does not allow the use of third party services, such as Google Enterprise and Dropbox, and prohibits public email services from communicating with Apple.

If a leak were to occur, suppliers must reimburse Apple for investigations and pay a penalty if a leak is traced back to them.

Jabil, for example, is liable for $25 million in penalties if leaks occur, according to someone familiar with the matter. Because of this, the supplier has spent millions of dollars to upgrade its security since the iPhone 5C theft. This includes facial recognition cameras, an extensive network of security cameras, and 600 security guards overseeing their favorites.

Foxconn was, at one point, the largest source of iPhone enclosure leaks. Because of it's strong leverage against Apple, Foxconn cannot be fined for leaks.

Comments

  • Reply 1 of 8
    radarthekatradarthekat Posts: 3,130moderator
    Fascinating.  A shame all that money and effort must be expended. 
    watto_cobra
  • Reply 2 of 8
    gatorguygatorguy Posts: 21,095member
    "Foxconn was, at one point, the largest source of iPhone enclosure leaks. Because of it's strong leverage against Apple, Foxconn cannot be fined for leaks".
    ! :/

    Here's another set of interesting security issues Apple has encountered connected with product leaks, and from the same Information article sourced by AI:
    • Factory workers who tried to build a tunnel to transport components to the outside without security spotting them.
    • A factory worker caught hiding parts inside his belt buckle, hoping security guards wouldn’t pat down that area.
    • A woman once hid dozens of glass screens in her bra but was caught by security guards after they noticed her unusual style of walking.
    edited July 17
  • Reply 3 of 8
    AppleExposedAppleExposed Posts: 1,501unconfirmed, member
    gatorguy said:
    • A woman once hid dozens of glass screens in her bra but was caught by security guards after they noticed her unusual style of walking.





    racerhomie3FileMakerFellerneilm
  • Reply 4 of 8
    SpamSandwichSpamSandwich Posts: 31,396member
    Replace everyone with robots and the problems magically go away.
  • Reply 5 of 8
    "...the team has put a stop to most device leaks and has discovered some incredible theft attempts. This included factory workers who had tried to build a tunnel in hopes of transporting components outside of the building unnoticed." Who are these guys - Hogan's Heroes?
    watto_cobra
  • Reply 6 of 8
    NumbuhOne said:
    "...the team has put a stop to most device leaks and has discovered some incredible theft attempts. This included factory workers who had tried to build a tunnel in hopes of transporting components outside of the building unnoticed." Who are these guys - Hogan's Heroes?
    No they are Wang’s Warriors. :)
    FileMakerFellerronnwatto_cobra
  • Reply 7 of 8
    racerhomie3racerhomie3 Posts: 1,153member
    Replace everyone with robots and the problems magically go away.
    Problem with that. Those machines go out of date every 3-5 years. Still much cheaper & scalable with $1.5/hr employees.
    FileMakerFeller
  • Reply 8 of 8
    Fascinating article. Daily inventory reports, weekly trash reports, water-marked CAD drawings, LAN within LAN... Cook really has doubled down on security.
    watto_cobra
Sign In or Register to comment.