Leaked Apple Record Tells Leakage Leaks at a Company

Former NSA agents, privacy managers in development teams, and a worker verification system are more powerful than the US Transportation Security Administration

Apple's internal briefing this month by The Outline magazine shows what the world's most expensive company is prepared to do to prevent information leaks about its new products.

The informational meeting, “Stopping People Opening Secrets — Keeping Apple Confidential,” was led by Global Security Director David Rice, Director of Global Investigations Lee Friedman, and Jenny Hubert, a global security communications and training team.

According to an hour-long presentation, the Apple global security team includes an undetermined number of investigators around the world engaged in preventing the transmission of information to competitors engaged in counterfeiting companies and the press, as well as searching for and trapping sources of leaks. Some of these investigators previously worked for US intelligence organizations such as the National Security Agency, law enforcement agencies like the FBI and the Secret Service, as well as in the US Army.

The briefing, which sheds light on the company's obsession with secrecy, was the first of many planned presentations for company employees. At it, Rice and Friedman openly talked about the attempts made by the company to prevent leaks, discussed how previous informants came across, and answered questions from about a hundred of those present.

The presentation begins and ends with videos laced with photos of Tim Cook, presenting Apple's new product at a public demonstration claiming that secrecy at Apple comes first. “When I encounter a leak in the press, everything inside me turns upside down,” says an Apple employee in the first video. “I feel sick of it.” Another adds: “When you divulge information, you let us all down. This is our company, our reputation and hard work of various teams. ”

Steve Jobs's passion for secrecy during his time as a company manager is well known. In 2004, Apple even tried unsuccessfully through a court to force tech bloggers to disclose their sources of information. Cook mentioned for the first timeintensification of work on keeping secrets at a technology conference in 2012, and this presentation is apparently intended to demonstrate the results of these attempts.

“This task has become very important for Tim,” said Greg Josvyak, Apple's vice president of marketing for iPod, iPhone and iOS, in one of the videos. "In fact, it should be clear to all people at Apple that we're not going to put up with this anymore." He later adds: “At heart, I believe that if we hire smart people, they will reflect on this, understand this and, as a result, do everything right - namely, they will keep their mouth shut.”

And to make sure of this, Apple created the infrastructure and team, “hunters for informants,” as Josvyak says, and “they work very efficiently.”

At the end of this video, Hubert addresses those present. “You heard Tim say,“ We ​​have something else. ” And what is it?" She asks. “Surprise and delight. Surprise and delight associated with the announcement of a new product about which nothing was known. This has a very positive effect. This is our DNA. This is our brand. But a code leak does happen, it has even more impact. It hits us directly. ”

“So today we will share with you the details of the leaks that occurred in the supply chain, as well as right here in Cupertino,” she says. “Let's outline the situation with this team, which we organized on behalf of Tim.”

She introduces David Rice, who reports on the team responsible for the safety of new products. This is part of a larger global security team, which, according to him: "is actually a group of secrecy - they called us not quite right." Rice worked for four years at the NSA as an analyst on the vulnerabilities of global networks, and before that, as a cryptologist in the US Navy. According to his LinkedIn page , he has led Apple’s global security team for more than six years. Hubert also represents Lee Friedman, who previously served as the head of hacking crimes at the US federal attorney's office and was an assistant to the US Attorney General in Brooklyn. He joined Apple to lead global investigations in 2011.

Hubert says the new product security team is “monitoring the supply chain very closely,” and this is where the first part of the presentation focuses.

Historically, it turned out that the largest leaks at the company occurred after the theft of spare parts from Chinese factories. These parts fell into the media - for example, a photo of the 5th iPhone leaked to the network in 2012 - or sold on the black market.

But, according to Rice, Apple has been so successful at preventing factory leaks that it now leaves more information from the company's California campuses than from overseas factories. “Last year, for the first time, leaks from campuses happened more than the supply chain,” says Rice. “There are more leaks from campuses than the total from all suppliers combined.”

Rice compares Apple’s work in verifying factory workers with what the US Transportation Safety Administration does. “Their peak load is 1.8 million [people] per day. Ours, for our 40 factories in China, is 2.7 million per day. ” This amount rises to three million when Apple ramps up production, and all these people need to be checked every time they enter and exit the factory.

“In total, we have 221 million passes per day. By comparison, 223 million is the maximum number of passes for the 25 largest amusement parks in the world, says Rice. - So we get one big amusement park. People come in, go out, billions of spare parts rush back and forth at any moment. Combine this bunch of moving parts with a bunch of moving people, and the leaks will no longer seem surprising. ”

The global security team in China is "tearing its asses" in trying to solve the problem of factory leaks, Rice says, describing these attempts as a "non-stop trench warfare."



“We have very talented opponents,” he says. “They are very inventive, and no matter how we trick with our security checks, they become even trickier.” Black market sellers seduce factory workers by putting up ads at bus stops and dormitories, he says, offering a good price for Apple parts.

Chinese Apple workers have many incentives to leak or smuggle parts. “Most of these people, 99.9% are good people who come to places where there are vacancies, they want to earn money, return home and open a business in their district, or do something else with this money, support their family Says Rice. “But there are people who succumb to temptation - what if I offer you an amount of three monthly salaries?” In some cases, the rewards for the theft of spare parts reached annual salaries. ” Workers at the Apple factory earn about $ 350 / month, not counting refining, according to a 2016 report from the Chinese Labor Supervisory Authority.

The most valuable part for the thief is the case, the metal back of the iPhone or MacBook. “If you have a case, you already know what the product will be,” says Rice.

Workers hide spare parts in the toilets, stick between the toes, throw them over the fence, flush them into the toilet to find them in the sewers, Rice says. “The 8,000 cases were stolen from us by women hiding them in their bras,” he says. “They do a lot for theft.” But this is not only the case, this is all that can tell about the product before its release. "

Often, stolen spare parts pop up at one of the largest Huaqiangbei markets in Shenzhen in southern China. The market employs half a million people and rolls around $ 20 billion a year, says Rice. A particularly “painful year” was 2013, when Apple tried to buy 19,000 cases before the iPhone 5C was announced, and then another 11,000 before the phones began to arrive. “So we buy all this at the maximum speed so that information doesn't leak into any blog on Earth,” says Rice.

Over the years since Tim Cook’s promise to redouble secrecy efforts, the Rice team has become better at managing corps security. “In 2014, 387 buildings were stolen from us,” he says. “In 2015, 57 buildings, 50 of which were stolen on the night of the announcement, it was terrible.” In 2016, the company produced 65 million cases, and only four were stolen. “Losses were about 1 in 16 million, which is unheard of in our industry.”

Later, while answering questions, Rice joyfully recalls a blog post by John Gruber, who has long been tracking the company's progress. In the recording, Gruber criticizes Mark Gourmet , now a Bloomberg hunter for unknown details , for not even having any details about the new HomePod speaker before it came out.

The presentation then moves from China to leaks occurring on Apple's US campuses. In the past, company employees were annoyed by draconian security measures, Rice said, due to leaks from the supply chain. “There were always those who were dissatisfied who asked why we needed all this security if we had so many leaks from supplies,” says Rice. “They were always noisy about this, and as soon as the situation with the suppliers improved, we realized that now our problem is here.”

Apple is embedding global security team members, privacy managers, in some development teams to help employees keep secrets. But when valuable information leaks out, Li Friedman’s investigators get involved and begin to sort out what happened and who is to blame.

“These investigations continue for a long time,” Friedman tells the audience. For example, one investigation that identified an informant on the Apple campus took three years. “We do not have a defeatist attitude, we do not say:“ Oh, well, there will still be leaks. ” We don’t think that “it will appear on blogs anyway, and you have to put up with it.”

Hubert asks him to talk about two major informants caught last year, one of whom worked for a couple of years in an online store, and the other worked in iTunes for about six years.

They “delivered information to bloggers,” says Rice. One of the informants began talking to the journalist via Twitter, says Friedman, while the other was friends with the reporter for a long time.

“Is there any general portrait for the informant, a general outline of their activities?” Asks Hubert.

“The general scheme is that they look exactly like you,” Friedman says to the assembled staff. - They go to work, do not differ from others, their motivation also begins with the fact that “I like Apple, it’s cool to work here, I want to improve the company.”

In the past, there have been cases in Apple where frustrated employees disclosed information after their performance was rated low. “But often it’s different. Often people are enthusiastic about a new product, and they want to share it with someone, and they say, “Look what we have done,” he says. "Or someone asks them a question, and they, instead of saying" I can’t talk about it, "dump too much."

Rice said Apple’s focus on secrecy did not translate into a bullying policy. “At Apple, it's unique that our culture doesn't resemble Big Brother,” says Rice. “None of my team reads the mail, sits behind you on the bus, we don’t do this.”

But the presentation makes Apple employees feel like they are CIA employees. At some point, Rice even uses such a phrase as “disclosure of personality.” The need to limit oneself in one's personal life is often mentioned. “I make a lot of efforts not to talk about what I do at work, with my wife, with my teenage children ... With my friends, family members,” one of the employees said in a video. “I'm not saying that you need to break all ties,” says Rice, “you just need to constantly monitor them.”

Active seduction is only part of Apple's secrecy. There is a risk of mentioning something passively. Apple employees must keep their secrets at work. Company corridors and the lobby are considered “red zones,” where “no need to talk,” Rice says. Perhaps because of the fear of breaking the privacy regime, some newcomers applying for a job will delete their Twitter accounts. Jonathan Zdziarski, security specialist, blocked his account after he was hired.

“We feel how the engineers of the company are worried:“ Oh my God, what if I say something in the park? It turns out I will violate the privacy policy? “Rice clarifies that the myth that everything that is not hosted on Apple.com is a secret is in vain. Employees can share information with outsiders - such as the negative qualities of their boss, their salary, or share information with law enforcement agencies, "if the company violates the law." Secrecy is associated with products, services, product availability that have not yet been released - the company expects that its employees will not talk about such issues with people without access.

Rice calls on employees worried about a possible breach of secrecy to contact him. 9 out of 10 times when people start having problems come from trying to hide their mistake.

"Our team was created because some people couldn’t say for three weeks that the prototype was lying somewhere in the bar," Rice said at a briefing, referring to the iPhone 4 prototype that was forgotten at the bar by an Apple employee and ended up with Gizmodo in 2010. It was such a catastrophic leak that Steve Jobs personally called the editor of Gizmodo asking for the phone. “The crime was hiding information.”

Other technology companies, following Apple, began to instill a culture of secrecy at home. According to the reportBusiness Insider from 2016, Steve Jobs's porter hangs in the office of Snapchat Director Evan Spiegel, and the company is cultivating the same obsession with leaks. Facebook is now looking for a “ Global Threat Investigation Manager, " while Google is facing a lawsuit in San Francisco over an internal employee tracking program .

Some of the discussed examples of leaks, hypothetical and real, seem insignificant - the release of watch straps, or the fact that the iPad will be larger. But Cook believes leaks harm the company's core. During a recent discussion of company performance with shareholders, Cook blamedin the fall in iPhone sales, "an increase in the number of messages about future iPhone." Indeed, in connection with the iPhone 8, the announcement of which is scheduled for autumn, there were a lot of leaks. “Apple is planning a major iPhone design change in 2017, a glass case, and an edge-to-edge OLED display with integrated Touch ID fingerprint scanner and camera,” says MacRumors .

Perhaps it is precisely because of such leaks that the company organizes such briefings in confidence. Rice says that he expects from each employee an “adult” life and work, that is, in fact, secrecy. “When I talk about adult responsibility, that’s exactly what I mean,” he says. “You need to realize - I hope you understand this - that Apple offers you tremendous opportunities.”