Apple Inc. (NASDAQ: AAPL) has spent a good portion of the past year positioning itself as the consumer-friendly, privacy-respecting leader of the smart device market. Earlier this year, the company released its App Tracking Transparency feature on iPhone, iPad and Mac, giving people the power to deny app developers access to their activities on the web.
Not so fast, says Amnesty International and Forbidden Stories, a France-based nonprofit that provides threatened journalists with a place to store their data in a secure location. In a report released Sunday titled “The Pegasus Project,” the two groups claim to have discovered “a massive wave of attacks by cyber surveillance company NSO Group’s customers on iPhones, potentially affecting thousands of Apple users worldwide.”
The attacks, known as zero-click attacks, do not require any action by the owner to infect a device with malicious software. According to the Pegasus Project report, NSO Group’s Pegasus spyware “gives clients access to the entirety of a phone’s contents and can even remotely access the camera and microphone.”
Danna Ingleton, deputy director of Amnesty Tech, commented in a press release Monday:
Apple prides itself on its security and privacy features, but NSO Group has ripped these apart. Our forensic analysis has uncovered irrefutable evidence that through iMessage zero-click attacks, NSO’s spyware has successfully infected iPhone 11 and iPhone 12 models. Thousands of iPhones have potentially been compromised.
These attacks have exposed activists, journalists and politicians all over the world to the risk of having their whereabouts monitored, and their personal information … used against them.
NSO Group is an Israel-based cybersecurity company that “sells it[s] technologies solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts. NSO does not operate the system and has no visibility to the data.” The company denies that its software had any role in “the heinous murder of Jamal Khashoggi,” a charge made against the company by the Pegasus Project report and one that NSO Group has denied in the past.
Apple also issued the following statement:
Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.
The Financial Times has an interesting story on the development of self-driving cars and who’s winning and who’s losing. The basic question about whether self-driving cars are safe has been answered in the affirmative. The remaining question is how self-driving cars achieve scale?
Alphabet’s Waymo, GM and Microsoft-backed Cruise, and others plan to offer fully autonomous vehicles or no vehicles at all. As the Financial Times puts it, these companies are “betting on a ‘moonshot’ solution with no plan B.”
The other, incremental approach is being developed by technology firms that plan to sell or license their technology to automakers. This approach is commonly known as advanced driver-assistance systems, or ADAS, an example of which is Tesla’s Autopilot that the company markets as a path to full self-driving FSD technology at some future date.
The moonshot group, among which the Financial Times counts Apple, could be in trouble:
So if the evolutionary approach to building driverless technology proves successful, the upshot would be startling: the world’s biggest, most sophisticated companies — Alphabet, Apple, Amazon and Microsoft — would have all backed the wrong horse for a future technology widely expected to earn revenues in the trillions of dollars.