How secure is an Apple device? According to the latest reporting on yet another phone hacking scandal: not very. This investigation into the Pegasus project, a suite of spyware tools created by the Israeli spyware developer, NSO, and sold to authoritarian governments and other malicious organisations, who then used the software to spy on and repress dissidents, journalists and other opponents, has revealed just how vulnerable smartphones are.
Can you trust Apple? In spite of Apple’s repeated insistence that their products are secure and users’ privacy and data is safely protected, they are proved time and time again to be either lying, as in the case of Apple paying contractors to listen to recordings made by Siri, and also providing the encryption keys to access all Chinese Apple users’ data to the Chinese government, or completely false, like we saw with the iCloud hacks, and the many security risks identified in Apple AirTags and the Apple Find My app. However, according to security researchers, it is the opacity of the Apple iOS security architecture that is built into Apple’s closed system which is being used against Apple phones and their users. As this report points out, it is precisely because Apple insists on claiming its products are especially secure, and refuses to admit to the glaring flaws and vulnerabilities in their iPhones, that this problem is made even worse. The ex-NSA employee commenting on this very problem and quoted in the article is unequivocal about how Apple’s arrogance is a major cause of these kinds of security issues: “Apple’s self-assured hubris is just unparalleled”.
Is any mobile device completely secure? Since there is no such thing as a completely secure device – at least not for very long after a device has been released will it remain safe once it is connected to the internet and mobile phone networks, external software is installed and data sent and received – if handset manufacturers and software developers operate with this knowledge in mind and proactively engage with the security community regarding the risks, they can at least help themselves and security researchers to pinpoint the security risks and patch them as quickly as they appear. If companies like Apple continue to pretend that they are completely secure and mislead consumers into believing this lie, then the spyware software and authoritarian governments that use it will be able to stay one step ahead, and it is your data, your privacy and your safety that will forever be at risk.