That Terrible Apple Security Flaw Probably Isn't an NSA Backdoor

The Citizen's Guide to the Future
Feb. 24 2014 11:32 AM

That Terrible Apple Security Flaw Probably Isn't an NSA Backdoor

Apple's iOS products like the iPad and iPhone have already received a patch for the encryption vulnerability, but there isn't a fix yet for Macs running OS X.

Photo by Mario Tama/Getty Images

NSA backdoors lurk in a lot of software, and presumably most remain unidentified. It's a creepy thought, and it makes sense that people would immediately wonder if the Apple encryption flaw revealed this weekend was formerly an open invitation for the NSA's prying eyes. But it wasn't, so everyone can chill.

Lily Hay Newman Lily Hay Newman

Lily Hay Newman is lead blogger for Future Tense.

Headlines like "Apple Gotofail bug: Simple mistake or NSA conspiracy?" from the Los Angeles Times, and mentions of "conspiracy," make it seem like something conspiratorial might be going on. But even those examining the vulnerability for signs of NSA involvement seem to be hedging heavily. (Programmer John Gruber lays out "five levels of paranoia," in which the NSA being unaware of the vulnerability is No. 1 and Apple working with the NSA to implement it is No. 5.)


First of all, if the SSL vulnerability in iOS and OS X were a backdoor, Apple would have been able to release patches for both at the same time. Instead it quietly released a fix for iOS on Friday night and then acknowledged on Saturday, after cryptograpers and security experts began expressing concerns, that OS X was compromised as well.

Even if the whole ploy were a fake-out in which Apple was covering the NSA's tracks by feigning surprise about the vulnerability, there wouldn't be a delay in releasing the OS X fix. It doesn't make sense because leaving OS X vulnerable seriously compromises a ton of Macs, especially now that the weakness is being so heavily publicized, and creates a potential PR nightmare for Apple.

Additionally, Apple categorically denied working with the NSA on a backdoor after Der Spiegel accused it in December of creating a way for the agency to access contacts and other data in iPhones. And documents leaked by Edward Snowden about PRISM and the NSA have not discussed Apple directly. On Dec. 31, Apple released a statement saying:

Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone ... We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them.

The "defend our customers" part doesn't seem to have totally panned out, but its statement about the NSA seems pretty clear. Of course, it wouldn't be the first time that a large U.S. corporation has lied about, well, anything, but it would be pretty dumb of Apple to make such a categorical statement knowing that it could eventually be disproven. At this point it seems like the vulnerability was just a dumb mistake. Time for that OS X patch, Apple. We want it now.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.



The Democrats’ War at Home

How can the president’s party defend itself from the president’s foreign policy blunders?

The Religious Right Is Not Happy With Republicans  

The XX Factor
Oct. 1 2014 4:58 PM The Religious Right Is Not Happy With Republicans  

How Did the Royals Win Despite Bunting So Many Times? Bunting Is a Terrible Strategy.

Catacombs Where You Can Stroll Down Hallways Lined With Corpses

Homeland Is Good Again! For Now.


Operation Backbone

How White Boy Rick, a legendary Detroit cocaine dealer, helped the FBI uncover brazen police corruption.


How Even an Old Hipster Can Age Gracefully

On their new albums, Leonard Cohen, Robert Plant, and Loudon Wainwright III show three ways.

The One Fact About Ebola That Should Calm You: It Spreads Slowly

Piper Kerman on Why She Dressed Like a Hitchcock Heroine for Her Prison Sentencing

Trending News Channel
Oct. 1 2014 1:25 PM Japanese Cheerleader Robots Balance and Roll Around on Balls
  News & Politics
Oct. 1 2014 4:15 PM The Trials of White Boy Rick A Detroit crime legend, the FBI, and the ugliness of the war on drugs.
Oct. 1 2014 2:16 PM Wall Street Tackles Chat Services, Shies Away From Diversity Issues 
Oct. 1 2014 6:02 PM Facebook Relaxes Its “Real Name” Policy; Drag Queens Celebrate
  Double X
The XX Factor
Oct. 1 2014 5:11 PM Celebrity Feminist Identification Has Reached Peak Meaninglessness
  Slate Plus
Behind the Scenes
Oct. 1 2014 3:24 PM Revelry (and Business) at Mohonk Photos and highlights from Slate’s annual retreat.
Brow Beat
Oct. 1 2014 3:02 PM The Best Show of the Summer Is Getting a Second Season
Future Tense
Oct. 1 2014 4:46 PM Ebola Is No Measles. That’s a Good Thing. Comparing this virus to scourges of the past gives us hope that we can slow it down.
  Health & Science
Oct. 1 2014 4:03 PM Does the Earth Really Have a “Hum”? Yes, but probably not the one you’re thinking.
Sports Nut
Oct. 1 2014 5:19 PM Bunt-a-Palooza! How bad was the Kansas City Royals’ bunt-all-the-time strategy in the American League wild-card game?