Someone at Apple may already be clearing their desk after the release of iOS 11 included a number of details about the company’s new devices, including the iPhone 8, a new Apple Watch and the super secret iPhone X.
While the release was initially attributed to an accident, new information suggests that the release of the code was a deliberate leak from someone within Apple.
In a blog post on Saturday, tech blogger John Gruber said: “As best I’ve been able to ascertain, these builds were available to download by anyone, but they were obscured by long, unguessable URLs. Someone within Apple leaked the list of URLs to 9to5Mac and MacRumors. I’m nearly certain this wasn’t a mistake, but rather a deliberate malicious act by a rogue Apple employee.”
The BBC confirmed that an anonymous source provided the publications with links to iOS 11’s gold master code that downloaded the software from Apple’s own computer servers.
Leaked Feature List
Developers around the world are now going through the code with a fine toothed comb, but so far revelations include:
- a reference to iPhone X – a high-end model to be included alongside more modest updates to its handset line
- a new Apple Watch, featuring mobile reception
- new AirPod headphones
- Face ID – an alternative to the Touch ID system fingerprint system – can be used to unlock handsets and make online purchases from Apple, among other uses
- the introduction of Animoji – animated emoji characters that mirror a user’s captured facial expressions
- Portrait Lighting. This appears to be an enhancement on the iPhone’s Portrait mode effect for creating dSLR-like shots using depth by simulating different lighting effects
Insider Threat Detection
This is the second leak Apple has suffered in the last several weeks, both of which have been attributed to company insiders.
DIGIT spoke to security experts ZoneFox, which specialises in insider threat detection. Company founder and CEO, Dr Jamie Graves, told us: “Apple’s second reported deliberate, major leak in two months will be cause for concern. The fact that all the signs are currently pointing towards an intentional act by someone on the inside is also alarming.
“Often companies who have large labyrinths of information think that if they don’t give anyone access to the bigger picture – just parts of it – they will be safe. Not so; it’s incredibly easy to fit the pieces together. It’s a startling indication that even the biggest, most advanced companies in the world can be caught out by an employee that wishes to cause harm.
Malicious insiders weave a complex web so it’s vital that companies ensure they have complete visibility into their data, who’s accessing it, where and if it is being diverted to anywhere it shouldn’t be, both stationary and in transit. Apple is aware of leaking within its organisation from a company culture perspective – now it needs to make sure it has the procedures and safeguards in place to avoid future incidents.”