Tech —

Apple’s secret garden: the struggle over leaks and security

Employees tell us that leaks aren't coming from inside the house.

Apple's secret garden: the struggle over leaks and security
Aurich Lawson / Thinkstock

Apple engineers love the "big reveal." When a surprising new product they have been toiling over in secrecy finally bursts into public view during an Apple keynote, they enjoy seeing the public reaction. But the public wants its products details early, and it gets them in the form of leaks, rumors, and grainy cell phone shots of dubious authenticity. To the engineers, this is a bit like children who insist of spoiling the fun of opening presents by shaking them, squeezing them, and finally guessing exactly what's within. Increasingly, though, leaked products are the reality even for the famously secretive Apple.

Products have always leaked out of Apple. To the leaker, knowledge is a form of power, and people throughout Apple's massive corporate structure have long showed that power by sharing inside information with friends, family, colleagues, investors, and yes, even reporters. The secrecy builds team trust and camaraderie among product teams, but it also fuels the very situation it was built to stop; by making even basic product specs highly desirable, the company gives disgruntled employees a simple but powerful way to vent their frustration through leaking. (I find that employees are most eager to hand over information when they're displeased.)

Leaks are now so plentiful that it's hard to be too surprised when Apple shows us something new. But why? According to a handful of Apple employees who spoke to us on condition of anonymity, the leaks are simply a byproduct of globalization.

Blame the supply chain

The employees all told us that security at Apple remains as strict—if not slightly stricter—as ever. (Several engineers said that general security practices appear to be tighter now, a year after CEO Tim Cook took over, but "tighter" is a difficult metric to gauge at a place like Apple.) Prototypes have to be carried around on company grounds while covered in a black cloth so other employees can't sneak a peek. Those who take prerelease products off campus are heavily restricted when using them with other people (even other Apple employees) in the vicinity. Internal security teams covertly monitor which IRC channels employees like to hang out in. These practices aren't new, but stories often circulate internally about people being fired or moved to different groups as punishment after secrets get out—even if only to a broader group within Apple.

In the view of these employees, the majority of leaks that now get splashed across the pages of the Apple Rumor Site Du Jour™ in the months before a new product launch don't originate within Apple corporate anymore. Instead, leaks about the iPhone 5, the Retina MacBook Pro, and the (expected) iPad mini came from somewhere within Apple's lengthy global supply chain.

"Apple's security practices are targeted at making sure US employees don't leak stuff, but everything comes out of China now," one employee told Ars. "I think Apple's secrecy mode is really outdated."

"Clearly, the people who need the security training are not here," said another. "They're not getting the same level of scrutiny as we are, and it shows."

The leaks may be a result of Apple's impressive manufacturing operations—which are largely credited to the expertise of Tim Cook, who built his expertise in operations and supply chain management. The results for users have been impressive: do you want your new iPhone 5 assembled the minute you place the order online and shipped to your home days later, or do you want to wait six months before it arrives? (Complex questions about what the outsourced manufacturing means for workers persist, of course.)

Employees who work at Apple's Cupertino headquarters told us stories of developing team loyalty and project pride, to the point where Apple's secrecy wasn't just a corporate desire but a way to show respect for other employees' hard work. Suppliers overseas don't have that same level of loyalty, or that sense of accomplishment at creating interesting new products.

"You've got thousands of people working on manufacturing something who have no vested interest in keeping it secret," one employee said, adding that he believes leaks will continue to increase as Apple ramps up overseas manufacturing operations. "It will be increasingly hard to hide the industrial design we do because we manufacture things overseas. Since we don't do it in the US, it's may be hard to surprise people over anything in the future."

Among those we spoke with, people who consider themselves to be "troops on the ground" (generally those at the engineering level or below) get quite worked up about product leaks. "One of the great things about Apple secrecy is presenting something to the world, and then someone goes and ruins the fun for everyone," an employee told Ars. "It's really fucking rude to everyone who's worked so hard on it."

Tighten up

Leaks can also make Apple engineers' jobs harder. When secrets get out, Apple tends to react by clamping down harder on the employees it can control—mostly, those in the US—whether or not they were involved in the leak. "They keep tightening up things on us—there are code names upon code names upon code names," one employee said.

He described in particular Apple's system for testing prototypes off-campus in the real world. This program has been in place for many years but has been increasingly scaled back over the last year in order to avoid both accidental "demos" to friends and the infamous lost iPhone 4 prototype scenario.

The employee said that only a handful of people were recently allowed to take a new device off campus to use in real life. "That's really disturbing for something you're about to ship millions of," the employee said, adding that such restrictions have some worried whether they can "test things to the level we want to test them before they ship."

Apple retail has seen things tighten up as well. One person familiar with Apple's retail practices told Ars that stores used to get operating system updates—for both OS X and iOS—almost a week before public release, but that window has been reduced to as little as 12 hours in some cases now. The tight windows make it harder for retail employees to be intimately familiar with what they're about to support, which results in a poorer customer experience.

Ultimately, the Apple employees we spoke to were willing to accept tighter security coming from the top, even when they disagreed that it was beneficial. But they also know that in today's world, where Chinese employees on the manufacturing line have cell phones and access to Internet connections, secrecy will get breached until Apple figures out how to improve security on the other side of the pond. Even then, leaks will never be contained completely.

"I understand why people leak, because everyone wants to feel important and prove that they know things," one employee said. But "all these security measures [on US employees] are really only going to prevent accidents" such as the iPhone 4 prototype loss. "If people want to leak stuff, they'll find a way."

Channel Ars Technica