• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K

Apple’s security bug: Five NSA conspiracy theories

By
Philip Elmer-DeWitt
Philip Elmer-DeWitt
Down Arrow Button Icon
By
Philip Elmer-DeWitt
Philip Elmer-DeWitt
Down Arrow Button Icon
February 23, 2014, 2:14 PM ET
Add Fortune on Google for similar content.

SOUCE: NSA via Edward Snowden

FORTUNE — You don’t have to put on a tin hat to find the timing of the “Apple” entry in the attached Powerpoint slide suspicious, although a tin hat probably helps.

The slide, marked TOP SECRET, was one of the first documents leaked to The Guardian and the Washington Post by NSA whistleblower Edward Snowden last June. It lays out the timeline for when the U.S. government’s top cyberspies gained access to user data on the servers of the major U.S. Internet companies: Microsoft (MSFT) in 2007, Google (GOOG) in 2009, AOL (AOL) in 2011 and Apple (AAPL) in Oct. 2012.

What makes that last entry so intriguing to conspiracy theorists is what computer experts discovered over the weekend about the security hole Apple patched — at least in part — on Friday. By comparing the original code to Apple’s fix, Adam Langley, a web encryption expert at Google, was able to pinpoint the problem.

The culprit, if you care about such things, was a short line of code — a “goto fail” without a corresponding “if” clause (see below) — in the software Apple uses to make sure a computer you are connecting to securely over the Internet is the computer it claims to be. This is critical when the website belongs to, say, a bank.

“It’s as bad as you could imagine, that’s all I can say,” Johns Hopkins University cryptography professor Matthew Green told Reuters. 

[Readers who know more about this subject than I disagree. “It takes an elaborate hoax to exploit,” henry3dogg wrote in the comment stream to an earlier version of the story. “Nobody is going to benefit from it accidentally. And it is unlikely that anyone would set up such an elaborate hoax, unless they knew that the loop hole existed.”]

Anyway, here’s where the timing gets interesting. According to Jeffrey Grossman, whose Confide iPhone app depended on Apple’s security protocols to deliver “off the record conversations,” the bug appeared in iOS 6.0 and was not present in iOS 5.11.

iOS 6.0 was released in September 2012, just before the NSA penetrated Apple’s servers .

To summarize:

  • Sept. 24, 2012: iOS 6.0 is released
  • Oct. 2012: Apple is added to the NSA’s list of penetrated servers
  • Dec. 1, 2012 to May 31, 2013: Apple receives 4,000 to 5,000 requests about 9,000 to 10,000 accounts and devices. (Per “Apple’s Commitment to Customer Privacy“.)

The evidence is purely circumstantial, but as Daring Fireball‘s John Gruber notes, “the shoe fits.” He goes on to connect the dots and offer “five levels of paranoia”:

1. Nothing. The NSA was not aware of this vulnerability.
2. The NSA knew about it, but never exploited it.
3. The NSA knew about it, and exploited it.
4. NSA itself planted it surreptitiously.
5. Apple, complicit with the NSA, added it.

Apple has explicitly denied No. 5. Gruber leans to No. 3, which leaves open the possibility that there are other, still undiscovered security holes through which user data is being funneled to the NSA.

The patch Apple released on Friday closed the “goto fail” hole for iPhones, iPads and iPod Touches. It remains open on the current version of OS X for the Mac.

“We are aware of this issue,” an Apple spokesperson told Reuters on Saturday, “and already have a software fix that will be released very soon.”

Below: The bug. (Can you spot the extra “goto fail”?)

LINKS:

  • A good write-up for security professionals: ThreatPost‘s Dennis Fisher
  • Analysis of the press coverage: AppleInsider’s Daniel Eran Dilger
About the Author
By Philip Elmer-DeWitt
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in

Best private student loans for medical school
Personal Financestudent loans and debt
Best private student loans for medical school
By Joseph HostetlerJuly 2, 2026
6 hours ago
Michael Burry just shorted Caterpillar’s 172% AI rally. One analyst says his bet won’t even matter
Investingstock prices
Michael Burry just shorted Caterpillar’s 172% AI rally. One analyst says his bet won’t even matter
By Marco Quiroz-GutierrezJuly 2, 2026
7 hours ago
Opti-Greens 50 Review (2026): Insights from Hands-On Testing
HealthDietary Supplements
Opti-Greens 50 Review (2026): Insights from Hands-On Testing
By Christina SnyderJuly 2, 2026
7 hours ago
U.S. Treasury Secretary Scott Bessent
EconomyDebt
AI’s $2.2 trillion deficit fix is already half fake, economists say
By Tristan BoveJuly 2, 2026
8 hours ago
s
Personal FinanceSports
The sports economy is unaffordable at the bar, let alone the stadium
By Catherina GioinoJuly 2, 2026
8 hours ago
m
Politicsfraud
Trump fights fraud by freezing funding for New York’s Medicaid Fraud Control Unit
By Ali Swenson, Geoff Mulvihill and The Associated PressJuly 2, 2026
8 hours ago

Most Popular

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
Big Tech
As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
By Marco Quiroz-GutierrezJuly 1, 2026
2 days ago
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
8 days ago
Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K
Success
Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K
By Orianna Rosa RoyleJuly 2, 2026
20 hours ago
Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii
Success
Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii
By Sasha RogelbergJuly 2, 2026
10 hours ago
Current price of oil as of July 1, 2026
Personal Finance
Current price of oil as of July 1, 2026
By Joseph HostetlerJuly 1, 2026
2 days ago
Americans are escaping the U.S. for New Zealand where house prices have hit a new low—but only wealthy Americans with $3 million spare can invest
Success
Americans are escaping the U.S. for New Zealand where house prices have hit a new low—but only wealthy Americans with $3 million spare can invest
By Emma BurleighJuly 2, 2026
12 hours ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.