What if our Macs are intercepted and compromised while in transit?

Discussion in 'MacBook Pro' started by iBrooker, Mar 8, 2017.

  1. iBrooker macrumors 6502

    Joined:
    Nov 20, 2016
    Location:
    Wales
    #1
    The latest Wikileaks is concerning, but we seem to forget that our machines are manufactured in China and go through several countries before they are delivered to us.

    What if some sort of snooping hardware or software changes are 'slipped in' at the actual manufacturing plant? What if the unit itself is intercepted while being shipped through one of the several countries it passes through and then compromised?

    Maybe I am just being paranoid but nothing would surprise me these days. What I'd like to know is what Apple is doing to make sure this doesn't happen. (That is, if they are not complicity themselves!)
     
  2. jerryk macrumors 68020

    Joined:
    Nov 3, 2011
    Location:
    SF Bay Area
    #2
    Send a message to Tim Cook and ask. Also, remember your machine could also be intercepted in the UK, the back cover popped off and ... . Or when you take it in for service. Also, you can get hacked by plugging your phone into a USB charger at school, airport, coffee shoppe, etc.
     
  3. Mobster1983 macrumors 6502a

    Joined:
    Sep 8, 2011
    #3
    Just accept that the government and hackers read and see everything you do. That's the fun of our world today. ;-)
     
  4. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #4
    It is certainly possible. I remember this a couple years ago when the NSA was intercepting CISCO routers destined for foreign countries and placing "beacons" in them. I recall reading this was done without CISCO's permission or cooperation. I think I read something about CISCO tried to sue the US Government because this had harmed their reputation.

    So I don't see what would be stopping the government from intercepting your MacBook en-route and installing monitoring software on it.
     
  5. Hieveryone macrumors 68020

    Joined:
    Apr 11, 2014
    #5
    Meh...I heard about something like that in the past. I think Snowden had helped reveal something about it?
     
  6. ZapNZs macrumors 68000

    ZapNZs

    Joined:
    Jan 23, 2017
    #6
    The revelations that a (presumed) group affiliated with the NSA was attacking the firmware on both computers and accessories, along with many Makers' refusal to consider cryptographically signed firmware on their various devices/accessories (along with successful efforts to bypass those that do), is something I find terrifying, considering detecting such attacks seem nearly impossible and the most practical removal method may be destroying the entire device.

    Given the government could be using common adapters as vectors to infect firmware, it seems like they get you just about anywhere these days! :p
     
  7. Spudlicious macrumors 6502

    Spudlicious

    Joined:
    Nov 21, 2015
    Location:
    Bedfordshire, England
    #7
    Some things you just have to take on trust, because you have no choice. What if the VPN company I rely on to ensure my privacy is actually a CIA front, and I may as well echo my screen to a huge display on the side of my house? I just don't think I'm important enough for anyone to be interested in my internet activities, I take refuge in sheer insignificance. But I assume that if a state actor targets any individual then little David has no chance against Goliath. Don't worry, be happy :)
     
  8. Samuelsan2001 macrumors 603

    Joined:
    Oct 24, 2013
    #8
    What if they do?? they can snoop on you in a million different ways if they want. Hell they can just get your ISP to tell them what you do online anyway so why bother. Unless you are staging a coup or smuggling vast quantities of contraband I doubt you have much to worry about.
     
  9. meteoreos macrumors regular

    meteoreos

    Joined:
    Nov 8, 2016
    Location:
    Midlands, UK
    #9
    Why would they want to snoop on you anyway?

    Remember that Snowden said these entities probably wouldn't check up on you unless of course you're sending worrying messages/searching dodgy stuff.

    The moral of the story is that they COULD snoop in on you if they wanted, quite easily, but it's highly unlikely unless you give them a reason to do it. So why even worry about it?
     
  10. EnderBeta macrumors 6502

    EnderBeta

    Joined:
    Aug 5, 2016
    #10
    The simplistic solution I guess would be to look for signs of tampering on the case and wiping the drive then reinstalling the OS if it is a concern.

    You could also use it for misinformation if you prefer to make a fool out of the spy.

    You could also keep full records about all your trips to Las Vegas and complain about your expenses to the boss. Unwittingly becoming the FBIs way to arrest all the bosses and cause the collapse of your mafia group. Ala the Casino. ;)
     
  11. willmtaylor macrumors G3

    willmtaylor

    Joined:
    Oct 31, 2009
    Location:
    A Natural State
    #11
    Anything indeed is possible. Alas, the probability that the Chinese government (or some other state agency) is able to or interested in intercepting your laptop to spy on your Amazon shopping activity and fantasy football league trade negotiations is quite slim, I'd imagine.
     
  12. snaky69 macrumors 603

    Joined:
    Mar 14, 2008
    #12
    Chances are you're likely neither important nor interesting enough to warrant being snooped on.
     
  13. jerryk macrumors 68020

    Joined:
    Nov 3, 2011
    Location:
    SF Bay Area
    #13
    This is not a new issue. People have done data fishing for decades. There was a scam were people left USB drives lying around colleges and when installed they loaded programs that created vectors for the intruders.
     
  14. wackymacky macrumors 68000

    wackymacky

    Joined:
    Sep 20, 2007
    Location:
    38°39′20″N 27°13′10″W
    #14
    What if, what if.... You can't really do anything about it. As stated above above Cisco routers were intercepted by NSA. WE know that some Huawei phones had Chinese government spying firmware. Internet Exchange hardware has been interfered with. Boxes along oceanic cables have been inserted to listen to traffic.

    Could there be something nasty sitting inside my shiny new mac book. Perhaps.

    Yes I am wary about my electronic communications, however there is a limit to the number of layers of foil I can wrap around my head, before it becomes to impracticable and difficult to go about my day to day life.
     
  15. Badrottie Suspended

    Badrottie

    Joined:
    May 8, 2011
    Location:
    Los Angeles
    #15
    Please don't make me 100% paranoid! I want a peace with my trusty rMBP!
     
  16. boss.king macrumors 68040

    boss.king

    Joined:
    Apr 8, 2009
    #16
    Even if your stuff is being intercepted, 99.9% of the population has nothing of value to anyone. This isn't a movie, your lives aren't that interesting.
     
  17. Ray Brady macrumors 6502

    Joined:
    Dec 21, 2011
    #17
    What I find difficult to believe in this scenario is that this kind of snooping could go unnoticed for long. There are small armies of tech enthusiasts who spend the bulk of their day monitoring what's going on in their systems, and looking for unexpected activity. I don't doubt that a foreign agent could plant spyware in a large number of random machines, but I'm skeptical that this would be undetectable. Sooner or later, some white hat somewhere is going to notice what's going on. The repercussions of this kind of breach of trust would likely not be worth the benefit.
     
  18. iBrooker thread starter macrumors 6502

    Joined:
    Nov 20, 2016
    Location:
    Wales
    #18
    This is the route it has taken so far - not due until Tuesday...

    Screen Shot 2017-03-10 at 23.48.12.png
     
  19. mfram macrumors 65816

    Joined:
    Jan 23, 2010
    Location:
    San Diego, CA USA
    #19
    The only people who "they" might be interested getting information from are the same set of people who would not want to publicize they are being tracked. You're being paranoid.
     
  20. willmtaylor macrumors G3

    willmtaylor

    Joined:
    Oct 31, 2009
    Location:
    A Natural State
    #20
    Almaty, KZ? Really? Interesting. I've been there.
     
  21. iBrooker thread starter macrumors 6502

    Joined:
    Nov 20, 2016
    Location:
    Wales
    #21
    What I find interesting is that the first three MBPs only showed The Netherlands as the dispatch location - so from there straight to the UK. I get the feeling they went there to be inspected. Not sure why the route would change otherwise.

    For those saying we shouldn't care, that we're not important enough, etc. That's besides the point - our private stuff is our private stuff and I'd like to know what Apple is doing to make sure our computers are not compromised on route to us... such as what happened with those Cisqo routers that @wackymacky mentioned above.
     
  22. Spink10 macrumors 601

    Spink10

    Joined:
    Nov 3, 2011
    Location:
    Oklahoma
    #22
    Post #2 seems the best option for you.
     
  23. ZapNZs macrumors 68000

    ZapNZs

    Joined:
    Jan 23, 2017
    #23
    What about an attack like Thunderstrike2? It would presumably be almost impossible to detect (even for Apple), OS X reinstall, attempted firmware updates, and even tossing the hard drive would fail to do a thing to remove the infection. It seems unlikely this scenario would play out, but I think it would be a disaster if it did. Imagine the crapstorm of dongles infecting Macs, and infected Macs infecting dongles! :eek:
     
  24. MrGuder macrumors 68020

    Joined:
    Nov 30, 2012
    #24
    Well I heard that the clicking, popping and sticky keys we are hearing from on the 2016 MBP is really Morse code being transmitted back to the bad guys. :D
     
  25. Calby macrumors 6502

    Calby

    Joined:
    Dec 30, 2015
    Location:
    Sweden, Gävle
    #25
    Thats because Apple have a storage in the Netherlands and they did maybe have your device in stock there, if it ships from china it's brand new and shipped directly from the factory (almost).
     

Share This Page