Apple servers, you might find surprising, aren’t built by Apple and now the company thinks some may have been tampered with. According to Business Insider and The Information, the company suspects that servers they ordered from third-parties had additional chips and firmware added to steal customer and company data. Running a business the size of Apple with the services they offer takes a huge amount of computing power, and Apple has been out of the server building game for some time now. Servers are essential to running the App Store, iTunes, Apple Music, iCloud, iMessage, Mail and much much more.
Apple is also working on projects to design its own servers. At least part of the driver for this is to ensure that the servers are secure. Apple has long suspected that servers it ordered from the traditional supply chain were intercepted during shipping, with additional chips and firmware added to them by unknown third parties in order to make them vulnerable to infiltration, according to a person familiar with the matter. At one point, Apple even assigned people to take photographs of motherboards and annotate the function of each chip, explaining why it was supposed to be there. Building its own servers with motherboards it designed would be the most surefire way for Apple to prevent unauthorized snooping via extra chips.
“You can’t go take an X-Ray of every computer that hits the floor. You want to make sure there’s no extracurricular activity,” a person familiar with the server project said.
With the huge amount of attention Apple is getting with the FBI case, the world is watching how it is handling its customers security. In just the past few days we’ve learned of a new iMessage exploit (which has been patched in iOS 9.3) and a new exploit a third-party is working on with the FBI (not yet known by Apple). And now the Israeli security firm Cellebrite is assisting the FBI to crack Apple’s encryption.
Encryption, security, and privacy are weighing heavy on the minds of many Apple customers and if Apple servers are being compromised, that doesn’t give Apple’s public image any help. The good news is the company is pursuing the idea of making its own hardware in house. This way there will be no third-party involved to possibly compromise the security of Apple servers. But right now, it seems the damage may be done.
What do you think of Apple servers possibly being tampered with? Let us know your thoughts in the comments below or on Twitter, Facebook and Google+.