What if our Macs are intercepted and compromised while in transit?

iBrooker

macrumors 6502
Original poster
Nov 20, 2016
416
216
UK
The latest Wikileaks is concerning, but we seem to forget that our machines are manufactured in China and go through several countries before they are delivered to us.

What if some sort of snooping hardware or software changes are 'slipped in' at the actual manufacturing plant? What if the unit itself is intercepted while being shipped through one of the several countries it passes through and then compromised?

Maybe I am just being paranoid but nothing would surprise me these days. What I'd like to know is what Apple is doing to make sure this doesn't happen. (That is, if they are not complicity themselves!)
 

jerryk

macrumors 603
Nov 3, 2011
5,469
2,723
SF Bay Area
Send a message to Tim Cook and ask. Also, remember your machine could also be intercepted in the UK, the back cover popped off and ... . Or when you take it in for service. Also, you can get hacked by plugging your phone into a USB charger at school, airport, coffee shoppe, etc.
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
29,783
9,410
California
It is certainly possible. I remember this a couple years ago when the NSA was intercepting CISCO routers destined for foreign countries and placing "beacons" in them. I recall reading this was done without CISCO's permission or cooperation. I think I read something about CISCO tried to sue the US Government because this had harmed their reputation.

So I don't see what would be stopping the government from intercepting your MacBook en-route and installing monitoring software on it.
 

Hieveryone

macrumors 601
Apr 11, 2014
4,559
1,651
USA
Meh...I heard about something like that in the past. I think Snowden had helped reveal something about it?
 
  • Like
Reactions: iBrooker

ZapNZs

macrumors 68020
Jan 23, 2017
2,310
1,151
It is certainly possible. I remember this a couple years ago when the NSA was intercepting CISCO routers destined for foreign countries and placing "beacons" in them. I recall reading this was done without CISCO's permission or cooperation. I think I read something about CISCO tried to sue the US Government because this had harmed their reputation.

So I don't see what would be stopping the government from intercepting your MacBook en-route and installing monitoring software on it.
The revelations that a (presumed) group affiliated with the NSA was attacking the firmware on both computers and accessories, along with many Makers' refusal to consider cryptographically signed firmware on their various devices/accessories (along with successful efforts to bypass those that do), is something I find terrifying, considering detecting such attacks seem nearly impossible and the most practical removal method may be destroying the entire device.

Given the government could be using common adapters as vectors to infect firmware, it seems like they get you just about anywhere these days! :p
 
  • Like
Reactions: iBrooker

Spudlicious

macrumors 6502
Nov 21, 2015
450
264
Bedfordshire, England
Some things you just have to take on trust, because you have no choice. What if the VPN company I rely on to ensure my privacy is actually a CIA front, and I may as well echo my screen to a huge display on the side of my house? I just don't think I'm important enough for anyone to be interested in my internet activities, I take refuge in sheer insignificance. But I assume that if a state actor targets any individual then little David has no chance against Goliath. Don't worry, be happy :)
 

Samuelsan2001

macrumors 604
Oct 24, 2013
7,694
2,106
The latest Wikileaks is concerning, but we seem to forget that our machines are manufactured in China and go through several countries before they are delivered to us.

What if some sort of snooping hardware or software changes are 'slipped in' at the actual manufacturing plant? What if the unit itself is intercepted while being shipped through one of the several countries it passes through and then compromised?

Maybe I am just being paranoid but nothing would surprise me these days. What I'd like to know is what Apple is doing to make sure this doesn't happen. (That is, if they are not complicity themselves!)
What if they do?? they can snoop on you in a million different ways if they want. Hell they can just get your ISP to tell them what you do online anyway so why bother. Unless you are staging a coup or smuggling vast quantities of contraband I doubt you have much to worry about.
 

meteoreos

macrumors regular
Nov 8, 2016
200
182
Midlands, UK
Why would they want to snoop on you anyway?

Remember that Snowden said these entities probably wouldn't check up on you unless of course you're sending worrying messages/searching dodgy stuff.

The moral of the story is that they COULD snoop in on you if they wanted, quite easily, but it's highly unlikely unless you give them a reason to do it. So why even worry about it?
 

EnderBeta

macrumors 6502a
Aug 5, 2016
558
519
It is certainly possible. I remember this a couple years ago when the NSA was intercepting CISCO routers destined for foreign countries and placing "beacons" in them. I recall reading this was done without CISCO's permission or cooperation. I think I read something about CISCO tried to sue the US Government because this had harmed their reputation.

So I don't see what would be stopping the government from intercepting your MacBook en-route and installing monitoring software on it.
The simplistic solution I guess would be to look for signs of tampering on the case and wiping the drive then reinstalling the OS if it is a concern.

You could also use it for misinformation if you prefer to make a fool out of the spy.

You could also keep full records about all your trips to Las Vegas and complain about your expenses to the boss. Unwittingly becoming the FBIs way to arrest all the bosses and cause the collapse of your mafia group. Ala the Casino. ;)
 
  • Like
Reactions: Weaselboy

willmtaylor

macrumors G4
Oct 31, 2009
10,298
7,855
Here(-ish)
Anything indeed is possible. Alas, the probability that the Chinese government (or some other state agency) is able to or interested in intercepting your laptop to spy on your Amazon shopping activity and fantasy football league trade negotiations is quite slim, I'd imagine.
 

jerryk

macrumors 603
Nov 3, 2011
5,469
2,723
SF Bay Area
This is not a new issue. People have done data fishing for decades. There was a scam were people left USB drives lying around colleges and when installed they loaded programs that created vectors for the intruders.
 

wackymacky

macrumors 68000
Sep 20, 2007
1,528
42
38°39′20″N 27°13′10″W
What if, what if.... You can't really do anything about it. As stated above above Cisco routers were intercepted by NSA. WE know that some Huawei phones had Chinese government spying firmware. Internet Exchange hardware has been interfered with. Boxes along oceanic cables have been inserted to listen to traffic.

Could there be something nasty sitting inside my shiny new mac book. Perhaps.

Yes I am wary about my electronic communications, however there is a limit to the number of layers of foil I can wrap around my head, before it becomes to impracticable and difficult to go about my day to day life.
 

Badrottie

Suspended
May 8, 2011
4,317
332
Los Angeles
The latest Wikileaks is concerning, but we seem to forget that our machines are manufactured in China and go through several countries before they are delivered to us.

What if some sort of snooping hardware or software changes are 'slipped in' at the actual manufacturing plant? What if the unit itself is intercepted while being shipped through one of the several countries it passes through and then compromised?

Maybe I am just being paranoid but nothing would surprise me these days. What I'd like to know is what Apple is doing to make sure this doesn't happen. (That is, if they are not complicity themselves!)
Please don't make me 100% paranoid! I want a peace with my trusty rMBP!
 
  • Like
Reactions: iBrooker

boss.king

macrumors 68040
Apr 8, 2009
3,240
56
Even if your stuff is being intercepted, 99.9% of the population has nothing of value to anyone. This isn't a movie, your lives aren't that interesting.
 
  • Like
Reactions: jerryk

Ray Brady

macrumors 6502
Dec 21, 2011
290
244
What I find difficult to believe in this scenario is that this kind of snooping could go unnoticed for long. There are small armies of tech enthusiasts who spend the bulk of their day monitoring what's going on in their systems, and looking for unexpected activity. I don't doubt that a foreign agent could plant spyware in a large number of random machines, but I'm skeptical that this would be undetectable. Sooner or later, some white hat somewhere is going to notice what's going on. The repercussions of this kind of breach of trust would likely not be worth the benefit.
 
  • Like
Reactions: willmtaylor

mfram

macrumors 65816
Jan 23, 2010
1,059
141
San Diego, CA USA
The only people who "they" might be interested getting information from are the same set of people who would not want to publicize they are being tracked. You're being paranoid.
 

iBrooker

macrumors 6502
Original poster
Nov 20, 2016
416
216
UK
What I find interesting is that the first three MBPs only showed The Netherlands as the dispatch location - so from there straight to the UK. I get the feeling they went there to be inspected. Not sure why the route would change otherwise.

For those saying we shouldn't care, that we're not important enough, etc. That's besides the point - our private stuff is our private stuff and I'd like to know what Apple is doing to make sure our computers are not compromised on route to us... such as what happened with those Cisqo routers that @wackymacky mentioned above.
 

Spink10

Suspended
Nov 3, 2011
4,261
1,002
Oklahoma
What I find interesting is that the first three MBPs only showed The Netherlands as the dispatch location - so from there straight to the UK. I get the feeling they went there to be inspected. Not sure why the route would change otherwise.

For those saying we shouldn't care, that we're not important enough, etc. That's besides the point - our private stuff is our private stuff and I'd like to know what Apple is doing to make sure our computers are not compromised on route to us... such as what happened with those Cisqo routers that @wackymacky mentioned above.
Post #2 seems the best option for you.
 

ZapNZs

macrumors 68020
Jan 23, 2017
2,310
1,151
What I find difficult to believe in this scenario is that this kind of snooping could go unnoticed for long. There are small armies of tech enthusiasts who spend the bulk of their day monitoring what's going on in their systems, and looking for unexpected activity. I don't doubt that a foreign agent could plant spyware in a large number of random machines, but I'm skeptical that this would be undetectable. Sooner or later, some white hat somewhere is going to notice what's going on. The repercussions of this kind of breach of trust would likely not be worth the benefit.
What about an attack like Thunderstrike2? It would presumably be almost impossible to detect (even for Apple), OS X reinstall, attempted firmware updates, and even tossing the hard drive would fail to do a thing to remove the infection. It seems unlikely this scenario would play out, but I think it would be a disaster if it did. Imagine the crapstorm of dongles infecting Macs, and infected Macs infecting dongles! :eek:
 

MrGuder

macrumors 68030
Nov 30, 2012
2,726
1,673
Well I heard that the clicking, popping and sticky keys we are hearing from on the 2016 MBP is really Morse code being transmitted back to the bad guys. :D
 
  • Like
Reactions: slayerizer

Calby

macrumors 6502
Dec 30, 2015
332
40
Sweden, Gävle
What I find interesting is that the first three MBPs only showed The Netherlands as the dispatch location - so from there straight to the UK. I get the feeling they went there to be inspected. Not sure why the route would change otherwise.

For those saying we shouldn't care, that we're not important enough, etc. That's besides the point - our private stuff is our private stuff and I'd like to know what Apple is doing to make sure our computers are not compromised on route to us... such as what happened with those Cisqo routers that @wackymacky mentioned above.
Thats because Apple have a storage in the Netherlands and they did maybe have your device in stock there, if it ships from china it's brand new and shipped directly from the factory (almost).