Slashdot Mirror
In a Leaked Memo, Apple Warns Employees to Stop Leaking Information (bloomberg.com)
Apple warned employees to stop leaking internal information on future plans and raised the specter of potential legal action and criminal charges, one of the most-aggressive moves by the world's largest technology company to control information about its activities. From a report: The Cupertino, California-based company said in a lengthy memo posted to its internal blog that it "caught 29 leakers," last year and noted that 12 of those were arrested. "These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere," Apple added. The company declined to comment on Friday. Apple outlined situations in which information was leaked to the media, including a meeting earlier this year where Apple's software engineering head Craig Federighi told employees that some planned iPhone software features would be delayed. Apple also cited a yet-to-be-released software package that revealed details about the unreleased iPhone X and new Apple Watch. Leaked information about a new product can negatively impact sales of current models, give rivals more time to begin on a competitive response, and lead to fewer sales when the new product launches, according to the memo.
Apple doesn't claim to have decryption keys for everything that goes through iCloud, nor have they ever. Quite the contrary, in fact, since they explicitly state in their security white papers that they don't have the keys for much of it. For instance, iMessages, which go through iCloud, are end-to-end encrypted, with the sending device encrypting the message once for each receiving device. Likewise, FaceTime and many other services are end-to-end encrypted.
There are some things that they can decrypt (e.g. iCloud Backup contents, documents stored in iCloud, etc.), but those are mostly the items actually being stored there, rather than merely passing through it.
Except Apple has never claimed anything like that. The FBI claimed that. Apple can grant access to user's iCloud account given a warrant; however, the problem is that data on the phone is encrypted using device level keys that Apple does not have access nor ability to get.
In the San Bernandino case, the FBI wanted data off the phone. So Apple advised that they should allow the iPhone to automatically sync up and backup tothe iCloud account. Instead the FBI instructed the police to reset the password which then locked Apple and the FBI out of the phone's data.
Well, there's spam egg sausage and spam, that's not got much spam in it.
I work in the videogame industry, and so I've worked my entire career with the knowledge that absolutely everything I was working on was covered under the blanket NDA everyone signs before they're hired. There's a lot of people interested in the stuff we're working on, and so I guess human nature being what it is, it's hard not to tell people what neat stuff you see being worked on. But leaks tend to kill the careful marketing plan put in place for the game you may have spent several years developing.
So, I guess I'm sort of used to that. You simply don't talk about what you're working on unless you have express permission, or you risk get disciplined or fired. Given that there's a lot of interest in what Apple does, I can see why maintaining internal secrets is important to them as well.
I'm actually fairly impressed when I've worked at a company with several hundred people and there WEREN'T leaks. I can imagine how difficult that must be when you have many thousands of employees.
Irony: Agile development has too much intertia to be abandoned now.