Hacker News new | comments | show | ask | jobs | submit login
In a Leaked Memo, Apple Warns Employees to Stop Leaking Information (bloomberg.com)
555 points by jsmthrowaway 8 months ago | hide | past | web | favorite | 254 comments

Martin Minow liked to tell the story of the time he got a call from Steve Jobs right after Steve's return to Apple. Martin was working on Copeland which hadn't been cancelled yet.

Steve called out the blue one afternoon and said "Hi Martin, this is Steve." Martin had worked with Steve in his early days at Apple before Steve's departure. "Hi Steve." "Look, we know you've been sending emails to Henry Norr who works at MacWeek. We can't read them because they are encrypted, but you better have an explanation of why you are talking to journalists." "He is in my running group. That's it." "That's it?" "Yep, that's it." "OK, make sure it stays that way." and Steve hung up. Martin was flustered by this call so got up and left his office. In the hallway were his manager and a couple security goons just standing around. "Hey." "Hey." and he went off to the restroom. When he came back the goons were gone. It never came up again.

I miss Martin.

edit: [Spellcheck corrected "Minow" to "Minnow" and I failed to notice. You should find plenty more hits on "Martin Minow"]

And forever after, iPhone refused to support S/MIME.

It is supported, and works well.

hmm, the first result in google for "martin minnow apple" that contains all those keywords is your comment

Things were different in the 1990s, not everything was on the internet.

Yeah I can't find anything either, good fact-checking. Hopefully just a misspelled name.

Spellcheck had indeed "corrected" the spelling of his last name from "Minow" to "Minnow". Now fixed.

sounds like he was a pretty cool guy to work with https://tidbits.com/2001/01/01/the-passing-of-martin-minow/

That even mentions the running club!

thanks! was just interested in finding out more about him

Somewhat ironic that this memo got leaked but I think in this case it actually serves their purpose for it to be read by everyone (including potential employees).

I think this part is key and is something I've always wondered about:

>While it may seem flattering to be approached, it’s important to remember that you’re getting played. The success of these outsiders is measured by obtaining Apple’s secrets from you and making them public. A scoop about an unreleased Apple product can generate massive traffic for a publication and financially benefit the blogger or reporter who broke it. But the Apple employee who leaks has everything to lose.

I completely understand what's in it for the reporter, but I've never understood what the employee gets out of it. I've been reading Mark Gurman's scoops about Apple for years so I'm definitely biased in wanting that to continue. It just seems like there's tons of upside for the reporter and only downside for the leaker.

Also I wonder what goes through a reporter's head when one of their sources get fired because they leaked to them. I'd feel extremely guilty if someone was fired or prosecuted because of me. Not sure how they do it.

>I’ve never understood what the employee gets out of it

The intelligence services have done a great deal of research into the persona of the press leaker/Wikileaks leaker (as distinct from the more traditional espionage leaker). A common trait is for the press leaker to be either highly over-qualified for their job or believe themselves to be over-qualified for their job. The belief coming out of that research is a sense of being under appreciated and a deep need to be recognized by someone (even themselves) for something they’ve done is the primary motivation for this class of leaker. The “leaking good and important things” blanket that the leaks are wrapped in then becomes a secondary factor that is used by the leaker to justify their actions to themselves in their quest for the recognition they need. I doubt if corporate press leakers have been studied as heavily as intelligence sector leakers, but the chances are good there are some similar motivations at play.

I'm a little skeptical. The intelligence services would say something that would make you skeptical of the motivations of leakers. If they're selfishly motivated the public doesn't mind them being locked up and put into isolation and tortured in ways that don't leave a mark.

The leakers that come to mind immediately are Edward Snowden and Chelsea Manning whom both suffered greatly for their leaks (Snowden had to leave his life behind and Manning was kept in isolation and had her medical needs neglected amongst other things). While they both may have wanted to be recognized as having done something good, they also clearly wanted to let the public know what the government was doing in their name.

The notion that leakers are driven in part by ego was not invented by the CIA. It's well-known and exploited by reporters.

As an example there's a short discussion in the recent movie The Post where Post reporters are trying to figure out who leaked the Pentagon Papers. Ben Bagdikian says something like these guys are always a bit of a showboat and it leads him to remember Ellsberg at Rand.

EDIT to add: the CIA is interested in why people leak because the #1 job of the CIA is to create leakers in other countries.

You mention locking people up, but that is not the CIA's job. The FBI is the counter-intelligence lead in the U.S.

The Post is a movie about the Washington Post, which has a large undisclosed financial conflict of interest with the CIA. Jeff Bezos's AWS has a large CIA contract, and Bezos owns the Post. Getting a take about leakers in such a movie is not the best way to acquire a real picture of the world.

The CIA only locks up brown people and tortures them in Thailand (star). It refers US leakers to the FBI which throws them into lonely prisons, terrifies, and abuses them.

EDIT: (star) Or rather it did. That's what Gina Haspel, our new CIA director nominee, is famous for.

EDIT2: https://www.huffingtonpost.com/norman-solomon/why-the-washin...

You understand that The Post is about the Pentagon Papers, and takes place in the 1970s, when Jeff Bezos was like 10 right?

I was curious so I looked it up, Wikipedia has Jeff Bezos born in 1964, and the Pentagon Papers leak in 1971. I'm too tired to bother with months, so for the sake of convenience we'll go with Jeff was 7 when this happened. In response to the parent post here-- I know Jeff is an impressive guy, but using technology that wouldn't appear for half a century or so to create a conflict of interest with the CIA at 7? Holy shit! If I were 1/100,000th that awesome I'd have a Turing Prize to go with my Fields Medal :P

All three of you missed my point. Please read my response in one of the adjacent subthreads.

Yes, but the movie was filmed this year and the quote was included in the movie. It might be a real quote, but framing and selection are tools of propaganda.

You understand that while The Post takes place in the 1970s, it was written and filmed in the 2010s, right?

...that was my point. The quote was cherry picked from a movie that was filmed in the 2010s. The quote would have been selected to be included by modern film makers to expose to a wide audience. People say a lot of things, which things to include in a movie? Without looking, I'd even say it's probably a real quote. That doesn't affect my point, which questions that statement's truth value.

> The Post is a movie about the Washington Post, which has a large undisclosed financial conflict of interest with the CIA.

A conflict of interest would be relevant, in different ways, if it was current with the events that the movie is about, or if the movie was produced by the Post.

But neither of those is true, sonit seems to be a non-sequitur.

This is the one compelling argument in this subthread. Thank you.

Hollywood has a long history of entanglement with the CIA and DoD in general. (How do you think so many war movies get access to equipment?) The Post was produced by Stephen Spielberg, an entertainer, not a typical careful documentarian. The social purpose of the movie is to soothe liberals at a time when their minds are being fractured by DJT and cries of "fake news". I wouldn't put it past Hollywood and the military to take this prime opportunity to insert propaganda via framing and selection of quotes.

Of course, I can't prove it that this is how this quote came to be, but what I can with certainty is to be skeptical of taking away core moral and factual positions from mass political entertainment and be doubly skeptical of claims (referring to the original claim sans movie) that come from the intelligence services (whose job it is to lie cheat and steal, duh).

EDIT: Here's an example of the CIA getting involved in the movie business https://www.salon.com/2015/09/11/the_cias_insidious_hollywoo...

God three letter agencies are terrifying.

No you can read the declassified analysis of why people leak on the CIA website https://www.cia.gov/library/center-for-the-study-of-intellig...

The point, I think, was that CIA is biased, not that they came to these results. You cannot really trust their research, since they analyze their «enemies». It is like when a skin care company cites that «9 out of 10 said this is the best skin cream (in a survey of 30 people)»

The CIA is interested in leakers because it uses them to get information from foreign intelligence agencies. They are not enemies.

The CIA has also had a lot of high profile failures and appear to be a hotbed if groupthink derived from their current political masters.

They are a great example of an organization hiring the best and brightest, only to be dimmed by org and political structures.

This is not a recent thing. I believe they blew up a Russian refinery with a sweet exploit in he 80s. But other than that, I’m not sure why anyone would see them other than a bumbling comedy of politics.

> The CIA is interested in leakers because it uses them to get information from foreign intelligence agencies.

To be fair, that is also a reason why they would have a motive to spread misinformation about what they believe motivates leakers, since information about their beliefs on that matter give target nations clues to both actual vulnerabilities and CIAs likely means of attempting to exploit them.

By the same arguments their world fact book may be incredible.

I would agree with you that it's quite extraordinary. :)

Joking aside. I think the difference lies in how easily an adversary can refute the information. You can just call up a library or an embassy to verify most claims in the world factbook. How would you get access to a wide selection of leakers?

the world factbook is unbelievable.

also, just because an adversary is denying information does not mean that they themselves are being truthful.

> It is like when a skin care company cites that «9 out of 10 said this is the best skin cream (in a survey of 30 people)

After throwing out the all but three of the original 100 people saying one of the other 9 were the best skin cream.

Statistics are like bikinis: it’s not what they reveal, it’s what they conceal.

Why does your response start with the word No?

I did think immediately of Edward Snowden. I could imagine it applying to him - he quickly went to high global significance by standing for something he may not believe in (though it seems like it & is still important), but satisfies his want to do something right. It does not make him less credible to me, but rather more because it presents him in a very non-selfish light.

People have been trying much harder and more successfully to discredit Snowden using other arguments.

The characterisation actually makes me more hopeful for the future of whistle blowing.

Didn't Manning leak classified information that threatened the lives of foreign operatives?

I never understood why Snowden and Manning are put on equal footing in that regard.

I don't know, but I can speak from experience as a former enlisted soldier in a deployed military intelligence section of the US Army: 95%+ of the "secret" stuff I had access to wouldn't even have been of great interest to the local insurgents, to be honest. The line soldiers going out on mission everyday openly talked in chow halls about their mission schedules and things that would have been far more interesting to the insurgents than what I had on my computer.

Now granted, the mission plans would have been pretty interesting to the other team (I almost wrote the word enemy, but I don't believe that to be accurate, but that's irrelevant to this post), but those were printed out and ended up laying around on desks, all the platoon leaders / platoon sergeants had them, and despite best efforts to keep track of that stuff it is never 100%.

Granted, Chelsea may have had WAY more access than I did, I'm not trying to speak about things I have no facts regarding. I am trying to say that I find it VERY hard to believe that an E-4 intel soldier (or even most O-6's, to be honest) would have access to anything that could compromise field intelligence activities or actionable information about the goings on with special forces teams. The overwhelming majority of the information we had on SIPR (basically the 'secret' internet for USG, the computers with red cables coming out of them) relevant to the local theater of operations was an insanely disorganized mess of reports following missions, almost none of which had anything juicy in them.

Having become a software engineer and math guy after getting out of the service, looking back on the "information" available to US and allied commanders in Afghanistan I'm 100% certain that my current boss would fire me for delivering such a mess.

EDIT Looked up Manning's unit level: Full Disclosure: Chelsea Manning worked in a Brigade level S-2 (intel section), and I was only at Battalion, so she definitely had better systems / access than I did. I still doubt she could find out what Jason Bourne was up to.

> Didn't Manning leak classified information that threatened the lives of foreign operatives?

No. Foreign agents or sources working with US intelligence (which are not the same as operatives) maybe.


Private Manning did not, at least as far as I know. Their motives were not necessarily pure, but let’s leave the FUD to FB and the feds.

Because it is equally important that the us invasion be seen for what it is, as it was for nsa to be seen for what it is. Collateral murder itself was probably big enough to warrant the risk to us spies

Citation needed.

I believe that. Anecdotally, I know people from past work experience, the ones who rattle to an outsider (either to another department or to the public) are generally the "frustrated asshole" type with a huge sense of entitlement and god syndrome.

Ego and narcissism are perhaps the most common and strong traits in leakers and betrayers of confidence. Financial motives and motivations to avoid scandal pale in comparison. So much so that I find it laughable clearance investigations focus on the latter at all.

And then there is the occasional upstanding citizen.

So if a man that sacrifices his life and career for the common good is an egoist and narcissist, what does an altruistic and giving person looks like? Like a corporate drone? Like a conspirator in an effort to control the minds of all free citizens?

The strongest common trait in leakers is belief. They believe in something. They aren't willing to sit back and witness some people damage society as a whole.

Maybe it's because scandal and money are the low hanging fruit that the current process successfully picks. Skepticism is warranted, laughter is not.

I’d put Snowden in a different camp because he fell on the sword. Would Manning have leave if she thought she would be caught?

Wait what? Snowden never turned himself in. Snowden ran for the hills right into the arms of rival intelligence. Please don't confusing cowardly running with the act of committing suicide by sword to the stomach. Whether you agree with Snowden or not, he still committed a crime and broke a contract he signed and swore to.

Manning at least spent her day in court. Yeah they are different, Snowden was a coward. If he truly did it for the good of the world, he'd turn himself in because of the reward he has already gotten by sharing information he felt like the world needed.

You call someone who threw away their future,their peace of mind, and any hope of a normal life to expose wrongdoing a coward for not also throwing away his life.

" If he truly did it for the good of the world, he'd turn himself in because of the reward he has already gotten by sharing information he felt like the world needed."

This is offensively manipulative nonsense. Wanting to avoid being thrown in a hole and tortured is a normal human response and utterly orthogonal to whether his motives were pure or not.

He ran to Hong Kong and immediately leaked a list of compromised Chinese computer systems to the SCMP. He wanted protection from the Chinese government, but he didn't get it. Instead, he ended up getting protection from Putin.

Do you have a citation for the chinese matter?

You can read the articles published by the SCMP itself, to whom Snowden provided a list of Chinese systems targeted and the dates of compromise: http://www.scmp.com/news/hong-kong/article/1266777/exclusive...

Here is some stateside coverage analyzing why he did something so stupid: http://theweek.com/articles/463249/why-edward-snowden-spilli...

From the first article

"In the bigger scale of things, Sino-US relations outweigh any information Snowden may have. It is also impractical for China to hope Snowden will co-operate with us. If he wanted to do that, he'd have flown to Beijing," said an expert in Shanghai who requested anonymity."

Looks more like he revealed that we were spying on everyone and ran to Hong Kong because they were a neutral party and you want to spin this into he sold us out to the Chinese to me.

> Looks more like he revealed that we were spying on everyone and ran to Hong Kong because they were a neutral party and you want to spin this into he sold us out to the Chinese to me.

Why did he reveal Chinese telecom targets then? The "expert in Shanghai" is clearly wrong from Snowden's perspective. Hong Kong is outside the Great Firewall and so Snowden felt less hypocritical living in Hong Kong, but it is still under Chinese rule, so he hoped to get Chinese protection by leaking state secrets to them.

I’m stunned someone with the intelligence to type and use a computer could hold this view.

You must be heavily influenced by things you’ve read/heard others say.

As a human being - just imagine what you might do... Perhaps you’ll begin to realise how palpably absurd your suggestion that someone must be a coward for not taking their beating is.

> I’m stunned someone with the intelligence to type and use a computer could hold this view.

Shocker, people have different opinions on the internet. Most intelligent people do in fact think for themselves.

> You must be heavily influenced by things you’ve read/heard others say.

I'm heavily influenced by taking the same oath as he once did and Manning did. You are given a choice to have a TS/SCI clearance, you can say "no thanks" at many many points in the process. Once given that choice it is up to you do decide whether or not you follow the rules you signed up for. He chose to be treasonous, much like Manning. I'm not arguing about whether that choice was the right one or not, that does not matter. Unlike Manning, he gave intelligence away to foreign countries in hopes they would protect him and he didn't have his day in court. He life is ruined because his plan backfired, that is on him, no one else.

So yes, I'm heavily influenced, but by experiences I know about, unlike most. He committed treason, that fact is inarguable, and I believe he should've stayed home and argued his case in court. Manning did, she is now a free woman.

I know I'm not going to change your mind, that isn't my intention, but I'm also going to defend my own intelligence. Lifetip: not everyone who disagrees with you is a moron. Have a nice day.

Snowden knew he was going to get exposed (and likely caught) and he did it anyway. And I certainly don’t blame him for running. The system was never going to give him a fair shake.

I don't think that's fair to Snowden. Doing something altruistically does NOT preclude skipping the step where you throw yourself into the belly of the most powerful beast in the world, which also happens to be incredibly pissed off at you.

In no way does forfeiting one’s freedom unnecessarily validate their righteousness. Doing so would be foolish.

The ego argument doesn’t make me skeptical of the leakers, why would it. It sounds like a plausible explanation. What is a better explanation that accounts for the tremendous downside?

I don't think ego plays no role but you can interpret it positively or negatively, and as a dominant factor or a secondary factor. For instance, if ego is predominant, then a leaker would find something to leak, but if it is secondary, it may motivate them to leak when the public interest is at stake when they might otherwise be afraid to.

Snowden became one of the most famous people in the world, and a hero to millions, and a villains to millions. Without knowing his personal utility function it’s hard to say whether he feels that this was a net positive for him, but some people care deeply about their legacy and “going down in the history books.”

This has nothing to do with setting public perception of leakers. It's about researching what motivates them so they can both exploit people like this in other organizations and help protect against it in internal organizations.

> The intelligence services would say something that would make you skeptical of the motivations of leakers.

I'd assume most intelligence services love leakers. They just want to be the recipient, not the source.

> >I’ve never understood what the employee gets out of it

> The intelligence services have done a great deal of research into the persona of the press leaker/Wikileaks leaker

Taught in a counterintelligence 101 type class, there's generally four types of intel leak. Not always mutually exclusive, sometimes there's a combination of factors influencing the behavior of any single person.


Money - for financial gain. Robert Hanssen would be one example.

Ideology - Typical cold war stuff, a person that deeply believes in the political ideology of power group A becomes a mole inside opposing political group B.

Conscience - Something happening is deeply wrong and unjust in the view of the leaker. Snowden.

Ego - Sometimes combined with the Money part. The persons receiving the intel find a way to flatter the ego of the leaker, about how important their role is on a grand strategic level.

I can come up with plausible reasons for why intelligence leakers do what they do (sense of duty, serving public interest, etc). I can't come up with any for an Apple employee.

The leaks an Apple employee makes is about inconsequential stuff like what features the next iPhone will have. It's not even in the same ballpark as someone who is leaking something illegal going on at the company or someone at Facebook leaking the Boz memo, for example.

Perhaps Apple employees get tired of not being able to talk about what they do at work in social settings. Leaking provides an outlet so that their friends and family might have an idea of what they're up to. It's still sort of an ego thing, but having to hold your tongue at parties can get really exhausting.

So what do you do?

option A: “I’m working on really cool / inconsequential shit. But I can’t tell you about it. Maybe we can catch up next year and I can tell you what I did”

option B: “I work at Apple”

option C: just stay home.

Its Money one of the classic reasons to leak

Are media organizations like 9to5mac (mentioned in Apple's memo) paying Apple insiders for the information they provide?

Personally, I wouldn't think that the leakers were getting paid. Even if they were, I imagine the amount that these particular online web sites are able to pay is very much -- especially when compared to the average Apple employee's salary.

This makes me think that money isn't the primary motivating factor, if it is a factor at all.

I agree that money probably isn't the thing. I would imagine the average Apple engineer would realize that the payment for leaking would have to be massive to offset the damage to career / loss of earnings from the damned good job they already have. Maybe it's the sense of getting away with something? Like a super lame, mundane version of Thomas Crown--life is going well in pretty much every category so raise a little hell just to see if you can?

One can be smart enough to work at Apple and also be dumb in a lot of ways. It's easy being manipulated ("nobody will know it was from you! you're a confidential source"), and it's definitely easy to think of yourself above all laws, or at least too smart to ever get caught.

That's completely fair.

But being cynical the journalist would want to give the source some money as it locks them in

seeing something that you said show up on the front page of a popular website... and knowing that it was you and only you, with your underutilized expertise in your under appreciated role, that made that possible...

you can’t really buy that

Perhaps an ego thing? Like "I know something, I'll show you what I know and how important I am to know this"

What if the leaker is offered $100,000?

I addressed that in a comment below. It makes sense for an employee of a supplier in Asia to leak for money, it makes less sense for an employee in Cupertino.

Also somehow I doubt that newsrooms are making enough money to pay $100,000 (or any money for that matter) for random tidbits about products that don't really matter in the grand scheme of things.

Depends on the leak. Leaking new product info is different from leaking incriminating info. And I'm sure there's lots of grey in between those two extremes. Susan Fowler's motivations seemed pretty pure.

>research into the persona of the press leaker


This talks about at least a few of things that OP mentioned


I’ve been looking for a source to cite on this and my google-fu isn’t pulling it up. Most of the multiple discussions I’ve read on this research were probably around 18 months ago. I’m pretty sure some of the work has been discussed on HN before so hopefully someone else will be able to pull up a link.

I think here you should probably distinguish between leaking a cool tech gadget plans/prototypes (those are likely ego driven or just by childish joy of sharing), and those leaks that expose some atrocities (that might be instead moral outrage-based).

It doesn’t seem to far fetched to speculate that money is involved.

Dear Lordy, this is such a wonderful read.

The cyberpunk dna in me thanks you for this.

>The “leaking good and important things” blanket that the leaks are wrapped in then becomes a secondary factor that is used by the leaker to justify

Sounds like how a sociopath would interpret the motivations of a good person.

> the motivations of a good person

Edward Snowden and someone who leaks an upcoming iPhone's rounded edges are not in the same category.

Maybe I'm simple but I'm sometimes at tradeshows as an engineering authority. Its hard at times not to say too much, because it's just kind of natural. You have questions and I want to help. I want to share knowledge. I can absolutely appreciate why I can't tell people everything they want to know but it's not my natural state to decline to do so.

An example from this week. Someone was asking about the usual questions. Stuff on our website that I can comfortably answer. Then they casually led the conversation to the tech side in appreciation that I'm an engineer doing a great job. He eventually asked, "what feature in your latest release are you the most proud of?" I badly want to tell you because it's fucking cool stuff. But I won't because you're an investor for our competition.

You'll learn more than you ever expected to know by hanging out at hotel bars during tradeshows.

Another great source is the airplane ride to the show. I've heard of at least one tech columnist that would watch people working on laptop presentations on the flights and pick up all kinds of scoops.

As an ex-smoker, I’ve heard some highly sensitive stuff in publicly accessible smoking areas.

People like to talk about themselves, but they need to remember that the person they're conversing with might use it against them. In my opinion, it's a very important trait to learn, both how to prevent yourself from giving out information and how to get it out of someone.

Pay attention to someone if they keep stuttering or "forgetting key" parts of the statement they're making, getting others to fill in the blanks is one of the easiest ways since our minds just want to do that. So you intentionally pretend to have difficulty remembering what you're saying and let the other person tell you.

This is a classic example of the "E" in MICE.

People leak/gossip/whistleblow for a variety of reasons:

1. Immediate Financial - They either have a direct quid-pro-quo with the leak recipient, or stand to benefit directly from the leak.

2. Disagreement with the direction/decision-making - They want Apple to do something different, and internal (legitimate) attempts to influence this decision have failed; usually because the leaker doesn't have the political capital.

3. Vanity/Ego - More of a contributing factor to #2, but they want a feeling of power that comes from leaking.

4. Trolling - A subset of #3 really. Some people just want to watch the world burn.

5. Revenge - Feeling screwed out of a promotion, or otherwise neglected? Leak!

6. Low self-esteem - If you're approached by a reporter or blogger, having something of value is a way to boost yourself.

Can we not group whistleblowing, a usually-legal heroic action of reporting immoral/illegal behavior (to the extent that you can be awarded millions of dollars by the government for whistelblowing) with leaking trivial product details?

If you think the motives of whistleblowers are as pure as the driven snow, we'll just have to agree to disagree. #2 covers their actions, but not all whistleblowers are related to Mother Teresa.

You're making a strawman argument. I'm not arguing "all whistleblowers are good people," I'm citing the definition of whisteblowing is "a person who informs on a person or organization engaged in an illicit activity."

Reporting a CEO embezzling is whistleblowing. Announcing apple is working on a new gizmo is not. Don't conflate them.

You're conflating leakers and gossipers as bad. If they're operating under #2 in my list, their motives wouldn't be considered bad, though perhaps misguided.

I think your definition is of a whistleblower is too narrow, and I prefer the fuller definition from wikipedia:

"A whistleblower (also written as whistle-blower or whistle blower)[1] is a person who exposes any kind of information or activity that is deemed illegal, unethical, or not correct within an organization that is either private or public."

"not correct within an organization" clearly applies to the #2 in my list.

> not all whistleblowers are related to Mother Teresa

so some of them are good?

Please don't do this here.


It doesn’t really matter much to the point, does it?

Personally, I’d be interested if someone leaked the CIA’s research into online trolls. Something tells me you wouldn’t consider that person a saint ;)

> I completely understand what's in it for the reporter, but I've never understood what the employee gets out of it. I've been reading Mark Gurman's scoops about Apple for years so I'm definitely biased in wanting that to continue. It just seems like there's tons of upside for the reporter and only downside for the leaker.

There's four reasons people leak information:

1. Out of moral responsibility to report unsafe or illegal activity.

2. To cause direct harm to the root organization because they feel slighted by some action in the past.

3. The "leak" is officially sanctioned as part of a submarine.

4. Ego.

Numbers 3 and 4 are the biggies.

Somewhere on there should be personal vendettas. More than once I’ve seen screenshots of internal conversations on Business Insider that were clearly motivated by a desire to get that person fired.

I think that's sort of related to #2, "to get even for some perceived slight" although parent is specifically mentioning organization and not an individual in the org.

I'd consider that part of #2.

5. Personal profit. In a lot of such leaks the employee is paid by an outside source.

I'll repost a comment I made a few moments ago [0] again here:

> Are media organizations like 9to5mac (mentioned in Apple's memo) paying Apple insiders for the information they provide?

> Personally, I wouldn't think that the leakers were getting paid. Even if they were, I imagine the amount that these particular online web sites are able to pay is very much -- especially when compared to the average Apple employee's salary.

Let's take the memo linked in TFA, for example. Just how much can we expect Bloomberg might pay for a copy of this memo? I can't imagine that it would be very much at all -- certainly not enough to make it worth the risk of being caught.

> This makes me think that money isn't the primary motivating factor, if it is a factor at all.

[0]: https://news.ycombinator.com/item?id=16834397

You're only talking about one specific kind of leak.

How much would a hardware manufacturer be willing to pay to get specs of the latest iPhone in advance so their accessories can be out in the market before anyone else?

What about a competitor who wants to know more about the company's future releases.

All of this happens, and companies have to work to prevent it.

> You're only talking about one specific kind of leak.

Yeah, you're right.

I was focusing on leaks to media/news sites but that's because the Apple memo seemed to focus on that as well (e.g., "The employee who leaked the meeting to a reporter ...", "Instead, people who work for Apple are often targeted by press, analysts and bloggers ...", and so on), although they did specifically mention leaks "in the supply chain" too.

Leaking/selling company information to a competitor or rival is obviously a concern as well but I think this memo is pretty clearly aimed at those who might consider leaking to the press.

>Just how much can we expect Bloomberg might pay for a copy of this memo?

I'm guessing that it's very much against Bloomberg's ethics policies to pay anything at all.

I thought about that as all.

In addition, paying sources for information could lead to "fake" or incorrect information being provided to the media by "leakers" who are simply in need of money.

It's now too late to edit my comment (above) but

is what I intended to write.

I think it’s a lot more complicated than your oversimplification. For example, where does a quid-pro-quo relationship fit into your categories?

Saying leaked out of “ego” is equivalent to saying it was leaked “because”. We know it was something internal to the leaker’s psyche, but research should help us understand what led up to that point and how it could have been avoided.

For example, would you say a gossiper gossips because of “ego”?

A gossiper gossips to raise their status; having inside information (and revealing it) shows that they are more knowledgable than the person they gossip to.

Reporters trying to get leaks can also be extremely charming, flirtatious, and often use alcohol to get people to open up.

They can also be extremely manipulative. Like pretending they know something already, and so its ok to comment on it, OR they say they are going to print with something that is wrong and damaging for the company. For example the next iPhone only has 6 GB of storage. You can either not confirm that, or you correct them, and say "I think you mean 600 GB", at which point you just leaked a major new feature.

Yeh why do you think TLA's have used journalistic cover in the past its a similar sort of job when it comes down to it.

On the contrary, we all are carrying around GPS tracking devices in our pockets that almost every modern worker in most contexts needs to have.

So if Apple or Facebook wants leaks to stop happening they need to reverse course and stop the unofficial mandate to connect the world or get a device into every person’s hands.

These things are becoming global phenomenon pervasive in nearly everyone’s lives and yet they demand a near total lack of transparency of how they operate. Seems hypocritical and unfair at best and maybe unethical or immoral at worst.

Massive organizations and businesses, people and families rely on these things so they at least should have some insight into their operation.

Sometimes the leaker might think they have an upside. I worked (generally, in the same floor/area) with one such person[0]. The actual emails are available for the public, the leaker wanted some coverage for the new startup she was going to move to.

[0]: https://www.mercurynews.com/2015/08/18/ex-yahoo-employee-adm...

Man that site is bad. First thing on mobile is a full ad.

I chose it after I tried to google for a better article. The other ones are paywalled[0] or scribd[1]

[0]: https://www.bloomberg.com/news/articles/2015-05-08/yahoo-sue...

[1]: https://www.scribd.com/document/275069641/Yahoo-vs-Cecile-La...

Maybe they just want people to know the thing they're leaking. I'm sure there are people who find corporate secrecy policies annoying (somebody finds basically every corporate policy annoying) and would view a chance to flout them as an upside in itself.

Back during the dot com boom, I worked at a small, but public company. Wall Street analysts (or people that worked for them) would randomly call people up on their office phones (back during the days when people had their own office phone number) and try to befriend people. If they got a hook, over the course of a few phone calls, they would totally stroke their egos, and then ask them for information about the company.

For employees it was like they were doing favors for their friend, and the things they were asking were generally pretty small, but could increase over time.

We were warned about this happening since it happened before, so I'm sure similar techniques that worked 20 years ago still work today. It's just a form of social engineering.

Not all leaks are unauthorized. Organizations often want to put information or misinformation out without taking responsibility for it. The media has paper and airtime to fill, and may or may not be picky about its sources. It is not unusual for an organization to do authorized leaks and try to chase down unauthorized leakers.

I'm not sure how many reporters have done jail time to protect their sources, but I'm sure that more than a few have been threatened with it.

There are a number of reasons even if there's no formal quid pro quo such as money under the table or even a nice meal.

Reporters cultivate relationships with sources and sharing some inside information can come to be seen as just helping out a friend with some tidbit that doesn't really hurt anything.

Furthermore, there can be an ego thing around sharing things you know that other people don't.

Who says the employee is not being rewarded?

Maybe they are? But I think that would magnify the downside of leaking by 10x for limited upside? Note I'm talking about people who work in Cupertino. It makes complete sense for someone working at a supplier in Asia to leak for money, doesn't really make much sense for a software engineer.

Having worked with the tech press a lot, having written in pubs myself, and knowing quite a few reporters well, I think I can confidently say that payments for inside information are pretty rare. In a previous job, I knew lots of information about many companies under NDA and never had a whiff of this sort of thing.

And downside for the organization -- first to market is important, and rewarding thieves over the innovators - giving thieves resources over the innovators, is not good overall for society.

I think IMB's question was just limited to understanding the employee's motivations, I don't think they were implying there are no other affected parties.

Didn't mean to imply that if I did, essentially just wanted to add to their comment.

> but I've never understood what the employee gets out of it

They may get money?

Some of these companies have valuation in hundreds of billions, and a small bit of news can nudge that +/- 0.5-2% or more which could be a couple billions dollars. If you own just 0.1% of the stock, that would be several $m opportunity . So, paying your informer, say, $100K or something, sounds reasonable, if you can execute it properly, even accounting for fake informers.

I've never understood what the employee gets out of it

Revenge against a real or imaginary slight, by senior managers, or even their own line manager.

That's funny wording because Steve Jobs management philosophy was all about "playing" his employees and partners, to extract world-changing inventions for minimal compensation.


The employee may get paid by the reporting agency, or have friends in journalism who are also enthusiasts.

I assume theyd be sad they lost a source of income. Some people are good at surpressing their conscience.

> I've never understood what the employee gets out of it


I think Apple obsesses too much about secrecy and attributes too much of it to its success. Except for the iPhone launch, almost nothing they've launched hasn't been leaked ahead of time, and yet, it is still the most valuable company in the world and their sales are through the roof.

It seems they are still pining for that "shock-and-awe" of Steve Jobs original 2007 iPhone introduction, but don't realize that's no why people buy Apple products these days.

Think of the negative repercussions of this. Creating a hermit kingdom, with chilling effects where people worry about collaboration with the outside world. It has certainly had some effect on the ability to recruit AI researchers.

There's a huge advantage in your competitors not knowing what your focus is, particularly if you're working on something out of left fields.

The more you can hide from them, the more of a head start you can have over them.

Does Apple have a head start on most things they do? Most observers acknowledge they aren't usually the first to do something, rather, they're good at execution and polish. They were beaten to market on pretty much everything: watches, bezelless displays with notch (e.g. Essential Phone), smart/speakers (Amazon, Google, Sonos), Streaming/TV (Roku, Amazon, Chromecast), etc.

Really, I think the world would be better if they published more openly and were more open, and I don't think it would really hurt their ability to outsell their competitors at all. Let's say they're working on AR glasses (which they probably are) and Samsung catches wind of this and rushes to market with Samsung AR glasses. How many Apple fans actually think this will make a difference to people in the Apple ecosystem buying Apple AR glasses?

At this point I think the secrecy does more harm than good.

Maybe there's zero business value in keeping secrets (I don't believe that at all), but even if that were the case and Apple were just overly obsessed with "the prestige" [1][2], why would that change anything? They should be free to operate the company in anyway they want. Apple's a 40 year old business and everyone knows their culture. Employees know what they're signing up for (and I think their first day is an orientation about this topic specifically).

[1] https://youtu.be/gZY1mB9m9b0?t=19s

[2] https://techcrunch.com/2012/09/13/the-iphone-5-event/

If they told the world that the solution for touch screen phones failing in the market was this little idea called the “proximity sensor”, Google would have beaten them to the market with Android and the iPhone would be far less successful.

Apples success is built on unique inventions, in design, software and hardware. They rarely are first to market in any category. They are almost always first to market with the first mass market useful combination of features in those categories.

Except that wasn't at all what Android was when the iPhone was released. Android was still a Blackberry clone at that period in time due, in part, to the secrecy surrounding the technology in the iPhone.

TouchID and FaceID come to mind.

Both of those were on other phones before Apple did it.

And other people made smartphones before Apple did. The details and the secrecy thereof matter far, far more than the features themselves.

The technology used on both of those was not on other phones before Apple did it. "Face recognition" and "fingerprint scanning" are not the same thing as "Face ID" and "Touch ID".

Which phone had actually usable/secure fingerprint auth before the iPhone?

The fingerprint sensor made by Authentec, was the centerpiece of a Motorola Moto X1 and slated to be in Google's Nexus 6 before Apple bought their supplier, effectively preventing the release. That's why those devices were released with a dimple where the fingerprint sensor was going to be, even though there was nothing in that spot where the finger rests.

That is to say, TouchID capacitive fingerprint scanning was going to be shipped in Android first and Apple delayed the market introduction with a strategic acquisition.

Prior devices like the Motorola Atrix and Toshiba G500 also had fingerprint biometrics.

I did say "usable" though, and the fingerprint sensors before the iPhone were not.

I would know, I had the same style fingerprint sensor that you see on the Atrix or the G500 on my laptop, and it was terrible.


Literally the only Google results for a search regarding Authentic and the Moto X1 is this thread and your comment.

I found a lot, here's one: https://9to5mac.com/2015/01/26/nexus-6/

Are the Moto X1 and the Nexus the same phone? The parent comment seemed to suggest that they were 2 different phones. Even in that case, what Apple released was slightly different from what AuthenTec had created at the time so I don't see how anyone can say that Touch ID was out before Apple brought it to market.

Wow, I didn't know this story, thanks!

> It has certainly had some effect on the ability to recruit AI researchers.

Well, Apple had to backtrack there and allow its researchers to publish because otherwise nobody would work there.

To be fair, Google and Microsoft are also quite secretive about their products.

everyone copies apple's designs (not the rest, thankfully). they would rather people copy products that are already out at least

No, everyone is accused of copying Apple, and Apple gets a pass when they come out with something that other companies already did. But the least similarity to anything Apple does is often labeled a copy, sometimes even requiring time-travel as the supposed copy was released first.

Take for example the idea that other companies copied Apple's thin bezels. The predecessors for that were the Sharp Aquous, Xiaomi Mix, Samsung Galaxy S8, and Essential Phone. Samsung even had "True Tone" long before Apple started marketing it, but were accused of copying it.

I favor Kirby Ferguson's take on this (https://www.youtube.com/watch?v=wq5D43qAsVg), and we are better served by companies taking designs from others and improving on them, and open publishing and sharing, and the incessant cry of "Redmond Start Your Copiers" is really wearing thin.

Great video, thanks! Interesting how people are ok with copying others but hate to be copied (in part 4 of the video series). I never really thought about this issue the way that author presented it.

Weird, a friend at Apple received the same email, but with different numbers.

(giving leakers heart attacks is a hobby of mine)

Easy way to narrow down who is leaking eh?

Always thought that’s the best way to narrow down the leaks. Give variations of info to subgroups, and target the group based on which variant was leaked.

As I was reading the memo in TFA, I thought "I wonder if this memo has slight differences in it based upon who is viewing it".

Specifically, I noted one place where I thought a comma should normally have been. Perhaps it's "paranoia", but it seemed like that is one possible "variation" that could have been used.

I don't know how many Apple employees would view this memo (it seems unlikely that all ~135,000 would) but it doesn't seem like it would take very many slight differences like this to be able to generate a unique version of this memo for each viewer.

At that point, Apple just has to sit back and wait for the memo to leak. Compare the version of the memo posted in TFA to the "unique versions" rendered to the employees and you've either identified the leaker or, at the very least, significantly narrowed down the possibilities.

If Bloomberg were being careful, they would attempt to obtain copies of the memo from multiple "leakers" and compare them very carefully before publishing, making sure to look for these minute differences between them. If any were found, they'd have to be very diligent when posting the memo for all the world to see -- if they were being careful and if they cared about protecting the leaker's identity (one would assume they do but I think it'd be safe to assume there's a limit to how far they're willing to go).

Regardless, it's pretty clear that this is a huge attempt by Apple to deter any leakers or potential leakers from doing so.

> As I was reading the memo in TFA, I thought "I wonder if this memo has slight differences in it based upon who is viewing it".

> Specifically, I noted one place where I thought a comma should normally have been. Perhaps it's "paranoia", but it seemed like that is one possible "variation" that could have been used.

This is one of the methods taught in "counterintelligence 101" type classes at intel agencies. Create something hot and surprising, salt it with specific phrases, grammar or punctuation, and then leak it into a number of different compartments. If you have access to where the intel is leaking to, obtain a copy after it gets leaked, and figure out which of your compartments it came from.

If people are aware of this, what if someone finds the variations, and modifies the document and then leaks it, framing someone else for the leak?

You would have to be in possession of the index of which unique modification correlates with which person or group it was distributed to, which is usually knowledge only held by the creators of the salted documents.

Not necessarily. You don't need to randomly change the structure of the memo. You just need to leak a version of the memo that someone else received. It's not that hard to believe that someone would leave their account unattended for a moment.

> (it seems unlikely that all ~135,000 would) but it doesn't seem like it would take very many slight differences like this to be able to generate a unique version of this memo for each viewer.

18 differences would cover it. A few less people and they could get away with 17, which would yield 131072 combinations.

That's assuming each combination is binary, if they have more variations you'd need less, of course.

There was a somewhat interesting ELI5 on Reddit the other day about leaked films, with people on the production and distrubution side explaining how things work so that leaks are prevented.

Here are a few of the interesting bits:

Watermarks https://www.reddit.com/r/explainlikeimfive/comments/86rkbq/e...

NDAs https://www.reddit.com/r/explainlikeimfive/comments/86rkbq/e...

Splitting films in reels https://www.reddit.com/r/explainlikeimfive/comments/86rkbq/e...

Tom Clancy called it the Canary Trap. Each document had very slight differences, and were tracked to each recipient so leaks could be found.

Thanks, that's the first time I've heard the term.

Apparently Elon Musk tried this same technique at Tesla but "it backfired hilariously on the brilliant entrepreneur" [0,1]. According to Wikipedia [0]:

> After a series of leaks at Tesla Motors in 2008, CEO Elon Musk reportedly sent slightly different versions of an e-mail to each employee in an attempt to reveal potential leakers. The e-mail was disguised as a request to employees to sign a new non-disclosure agreement.

[0]: https://en.wikipedia.org/wiki/Canary_trap#Known_canary_trap_...

[1]: https://web.archive.org/web/20131020092330/http://gawker.com...

Also commonly used in digital watermarks: each copy has an unique variation.

See also inserting zero-width characters in text that don't show when you copy and paste: https://medium.com/@umpox/be-careful-what-you-copy-invisibly...

zero width is a good idea as engineers are less likely to leak info as they livelihood is affected by them, unless they are already trying to jump ship.

I wouldn’t be surprised if you were right.

My favorite take on Apple’s culture of secrecy and how it harms everyone comes from the illustrious Bret Victor: http://worrydream.com/Apple/

In short, your personal goals and the goals of the corporation and its executives rarely align as much as you think.

I don't really understand what you're trying to get at. That just sounds like sour grapes from someone who didn't totally grok that what you do on company time belongs to the company.

The notion that "what you do on company time belongs to the company" is one possible relationship between labor and capital, but far from the only one. And even that phrasing is a little misleading, because executives often get much more latitude here; the principle in practice seems to be less about serving the collective interest of all stakeholders (that is, the company) as serving the power structure's current occupants.

Many companies are pretty flexible about what you talk about as long as giving out the information doesn't cause immediate harm. It's not unreasonable for people at much stricter companies to complain that their company is being unnecessarily strict in ways that are detrimental to the employees.

I learned recently of the formal approvals needed at $LARGE_TECH_COMPANY that I don't think of (as an outsider) as being especially super-secretive to give an external presentation. I was probably more surprised than I should have been. But it did shock me a bit compared to where I am--which is admittedly pretty far on the open side of the spectrum.

I did drugs on company time and that excuse didn't work.

> Leakers do not simply lose their jobs at Apple. In some cases, they face jail time and massive fines for network intrusion and theft of trade secrets both classified as federal crimes. In 2017, Apple caught 29 leakers. 12 of those were arrested.

This is an email they sent to employees? It sure doesn't sound fun to work there.

You can also go to prison for insider trading. Is this also too onerous for you?

What reason is there for leaking information about the company you are currently working for?

I think the tone is heavy-handed. Leaking can happen accidentally--for example, by leaving an iPhone in a bar--and sending the message that this could result in criminal prosecution doesn't seem good for morale.

Of course, every employee at Apple knows the culture of the company, so it's not like it should be any surprise.

The guy who left the iPhone 4 at a bar was never fired because it was an accident. In fact he stayed at Apple until 2017 [1].

[1] https://www.linkedin.com/in/graypowell/

>Of course, every employee at Apple knows the culture of the company, so it's not like it should be any surprise.

I used to work at Apple (both at the retail stores and briefly in Cupertino) and, out of all the jobs I've had, it's still my favorite corporate culture. It's the only company where I felt like I wasn't just a number. It wasn't uncommon for opportunities to open up for people all throughout the company and, as long as you weren't stealing or doing something else (like leaking info) that could harm the company, there seemed to be a mutual respect between upper management and even low-level employees.

I wonder how many ex-intelligence-agency counterintelligence people Apply employs. Probably at least a few.

Question for those who've gone through CI training: Do Apple leaks all fit into one of the MICE categories? I don't think there is any new motivation.

(Money, Ideology, Conscience, Ego)

Would be very interested to see what programs they have developed to intentionally generate false but plausible information internally, get it into the hands of specific people or workgroups, and see if/where/how/when it leaks. Usually done for the purpose of identifying specific leakers or compartments that are leaking.

They do, As it was published by Bloomberg in a previous article on leaks. Some ex-CIA, FBI etc works there.

As of a CI would respond haha

Given the scale/size/financial scope of Apple I would be entirely unsurprised if they had an entire TSCM group recruited from ex-three-letter-agency people and a group of HUMINT experts functionally equivalent to CI, but with a different name.

There is also a possibility, that at least some of the "leaks" are in reality marketing ploys orchestrated by the company.

It really seems like a company with the resources and obsessiveness of Apple would have counterintelligence teams to manipulate public perception with false leaks.

I am interested in what criminal activity warrants an arrest for leaking company information. Seems like it would be a civil issue?

18 U.S. Code § 1832 - Theft of trade secrets

Carries a fine or up to 10 years in jail, and yes - that US Code part means it's a federal offense.

The Computer Fraud and Abuse Act casts a pretty wide net, stealing credentials, abusing shared access, etc.

Also IP laws, industrial espionage laws.


Cupertino doesn't have its own police or fire department. Get real.

However, they have a division of the county Sheriff's department.


I can't comment on their loyalties though...

They are probably just a normal set of people that show up and do their job in a non-conspiratorial sort of way.

If you remember the iPhone 4 prototype left in a bar, stolen then leaked to Gizmodo case from a few years back, I believe Apple hired an off-duty SFPD detective to "accompany" company security officials when they went to go talk to the guy who had it.


Many wealthy people & companies hire off duty cops or "retired" federal agents as security.

> Cupertino is a company town

Apple might be the largest employer in Cupertino, but that doesn't mean that they own the city…

I'm going to go out on a limb here and hypothesize that the local police force doesn't investigate many felonies, regardless of who reports them. Just a theory. :)

This highly contrasts Netflix, which barely has any leaks, although discloses almost all their information to employees.

Is it Apple's company size and culture that make leaks inevitable?

It's possible, but I don't think that's the primary factor.

Netflix is a software/service company. When they've got something new, they can just ship it right away. Or if they decide to change something at the last minute, they can do that.

Apple is a hardware company, and they produce everything at volume (millions of units). Their products, by nature, have long lead times. The design must be finalized well before it ever ships.

If I were a tech reporter looking for leaks, I wouldn't place much trust in anything I heard from Netflix, because it'd be too easy for them to change it completely before it ships. Also, if the final product might be released to everyone tomorrow, my incorrect info will still be fresh in everyone's mind.

This applies with Apple, too. I hear a lot more rumors/leaks regarding the shape of the next iPhone, than I do rumors/leaks about the on-screen visuals of the next iOS (which could easily change).

Aside from new shows (which are pretty much announced once they're green-lit), it's a bit hard for me to think of much at Netflix that the tech press is waiting to find out with baited breath. We're rolling out a new recommendation engine that gives even worse results than before?

I'm sure there are some things but there are very few tech company announcement details (outside of financial results) that so many people are anxious to learn ahead of time as specs and features of upcoming Apple products.

That's true, too. Because Netflix is software/service-based, all of the new tech I hear about from Netflix (like Chaos Monkey) tends to be developer-oriented, not consumer-oriented.

That's kind of the nature of the business. Users want Netflix to be basically invisible -- they just want to watch their favorite show.

There are about five comments saying there is nothing Netflix employees can leak that people care about. You’re all thinking too tech centric.

Nielsen, studios, and the press would love to get their hands on Netflix’s viewer numbers and associated demographic data for a given show or movie.

Sure, but how would we know if those did get leaked? I'm sure it happens all the time. We just know about consumer-product leaks because they're being leaked to us, the public.

That's fair. It's certainly true that business data associated with any high-profile company is going to be of a lot of interest, especially if it's something that a lot of people want to know but the company has refused to make public.

And listen to just about any earnings call and you'll hear lots of financial analysts trying to extract some more "color" from behind whatever numbers were released.

Maybe. You have a big company where practically everything is a secret and a huge number of bloggers/press outlets that are desperate to publish any information about future Apple products however trivial and unconfirmed.

What would Netflix leak? Apple leaks are much more valuable because people are excited about how the hardware may evolve.

> What would Netflix leak?

Off the top of my head: viewership and engagement by content, new content deals currently being negotiated and their terms, how much they spend on infrastructure and what they spend it on. It's valuable info for investors and traders, agents, tech industry analysts.

Maybe Netflix is a young company with a lot of growth. Maybe Apple has a proportion of disgruntled employees because everyone has been suffering their secrecy for 20 years and some might be upset about their career paths, without being allowed to talk about it. It just takes 10 leakers for a full year of news.

They shipped their first DVD 20 years ago according to the DVD mailer I just received. So they're not that young. (Obviously, video streaming is more recent.)

> The crackdown is part of broader and long-running attempts by Silicon Valley technology companies to track and limit what information their employees share publicly

The contrast between the aggressive privacy of companies (and government) and the non-existent privacy of individuals is shocking. Apple claims to have people arrested for violating its privacy; practically, I have no power - they can take almost whatever they want and do whatever they want with it, and there's nothing I can do.

In fact, the complete lack of privacy by individuals may the means by which companies find who released the information.

Finally, these moves are counter to an open society. In an open society, it's the powerful people and public institutions who need to be transparent - they are the threats to democracy and liberty - not the everyday private citizens.

I don't understand the article's assertion in the context of this being something unique or new to Silicon Valley. Companies have always tried to keep trade secrets behind closed doors and limit what employees share about them. They wouldn't be "secrets" if they weren't limited to select individuals and had information that was ok to disclose publicly.

The idea that this is some new Orwellian culture shift is so stupid...

I was going to address this comment until I read the last two words, which just shut down intelligent discussion.

Why? Intelligent people can't use the words "so stupid"?

We need to elect people that write laws that will protect the public.

Although, seeing how well that's worked out for labor, I'm not holding my breath.

>In 2017, Apple caught 29 leakers. 12 of those were arrested.

And what happened to the other 17 (the majority)?

Were they "just" fired, were they hot iron branded or obliged to wear at all times a scarlet L ?

> 12 of those were arrested

It's pretty weird to see the breach of an NDA in a corporate environment lead to an arrest rather than just a civil lawsuit between the two sides of a contract. Apple seems to be a bit eager here to play the fear card and I find it surprising that law enforcement would do more than take their statement and give them a copy of it. Breach of contract would be the worst that you could accuse a leaker of, which is not typically a criminal affair.

Is it normal to have people that break NDA's to be arrested?

I would guess that those who are arrested are the ones along the supply chain involved in leaks to countries who are economic rivals to the US (China, in particular).

But I wouldn't put it past Apple to try to prosecute anyone and everyone who leaks.

It could be that the leaks were not serious enough for discipline, or were accidental enough that management thought that lesser discipline would be enough that it would not happen again. We really don't have enough information to begin to know.

I worked at Apple in the past. I pride myself on having never told a soul what I really did there, as anyone who does know was informed through proper channels.

Perhaps if I had worked at some other company and saw highly unethical/illegal shit going on, I might consider whistleblowing, but I would never leak for the sake of leaking, even if it would cause a lot of hype or news commentary. It just seems sociopathic to do so.

Same goes for this memo. And if the leaker is reading this comment right now, then I ask, rhetorically, if you don’t feel comfortable with your employer’s preference for secrecy, then why are you working there?

Fortunately companies cannot yet control their employees completely, and so leaks will keep happening. This may be rather controversial, but I think that's a good thing. It pleases me to see people who do not completely toe the line getting themselves into companies for the purpose of eventually leaking something, effectively hindering the rise of total corporate control. Especially with a company so secretive and forceful in its mission of locking out devices against their owners (and attackers, ostensibly), it's good to see some "retaliation".

To all the leakers: we need people like you, who are not afraid of the consequences of doing what you think is right. Many thanks to those who leaked the schematics and service manuals for various products (including Apple's), the HDCP master key, the AACS key, the SD card specs, the memory stick specs, everything on SciHub, and the list goes on... countless people would not have gained the knowledge and skills they have without your neighbourly efforts.

Some related commentary:



Edit: interesting to see the points on this bounce up and down. It seems I've struck a nerve.

The most disconcerting thing about this is how effective their security measures appear to be. One has to imagine how pervasive their surveillance is to catch this many leakers.

Can they not tweak specific word variations to track down where the leak is coming from? You can narrow it down to which department the leak is coming from at least.

That's assuming the leaker is repeating what (s)he heard/read verbatim instead of paraphrasing.

Ah, the good old Canary Trap


Is there a name for that? Steganography? Watermarking? Both don’t specifically describe the idea of swapping words or homographs (rn = m) to embed the name of the person who received a copy of a document to bust the leaker.

Honestly, that requires a pretty gullible leaker. If the person leaking information cross-checks what information coworkers got and doesn't leak identifiable documents (others mentioned unique watermarks) it's probably going to be hard to track them down

You gotta love when real headlines are indistinguishable from The Onion

Can’t think of many relevant product leaks from Apple ... maybe stuff about their chip and display manufacturing? Their consumer products are pretty straightforward and all the leaks come from China anyway.

> Josh Shaffer, whose team’s work was part of the iOS 11 leak last fall.

Is leaking the reason it was rushed out the door? If not, I can't imagine why he's upset about it.

Yeah, how does it affect him at all? He worked on a great product and the leak didn't make it worse. Most likely just Apple trying to add a personal element to dissuade leakers, by also accusing them of hurting friends/colleagues.

For a moment, imagine the situation:

You show up to work each day. You've been working a lot lately, but you're really excited about the thing you're working on. You're looking forward to when it's ready and ships. But it's not time yet. It's not ready. You want the world to see it when you're ready to really show them something. Not just the idea of a thing, but the actual thing. When they can see it, touch it, understand it and breathe it. When they can really appreciate what you've been doing.

You've been working on this thing for awhile. You know there's still a long slog ahead. But you think—hey, one day soon, we'll get to talk about this thing.

Then one morning, you get into the office and you see some blog is talking about your project. They have a bunch of the details wrong, but it's definitely the project you're working on. And they're saying it's coming out in the next update.

Your work never has the chance to speak for itself. Someone decided to speak for your work instead. Just so they could feel important. It wasn't even their work to speak for. It was yours, and you and others had already been making decisions on how you wanted to talk about it, what things you wanted to show and where and how you wanted the work to speak for itself.

Wouldn't you be annoyed about it?

Wouldn't you be disappointed that someone leaked your work when later when you do finally announce it people don't let your work speak for itself, but just compare your work to whatever their minds imagined, made up and idealized about what you might be working on, doing or building?

> Apple trying to add a personal element to dissuade leakers, by also accusing them of hurting friends/colleagues.

Many at Apple enjoy the reveal of what they've been working on, so they can go and tell other people about it. It kind of takes the fun out if it leaks early.

What I find baffling is the difference in leaks pre and post Jobs era.

Perhaps management should look at themselves also why people are leaking now and weren’t before.

Nothing baffling about it - things leaked a lot when Steve Jobs was around. We all knew about the iPad before it was announced, we all knew they were making a phone, etails would leak about new MacBook Pros, etc. etc.

What we do see now that's different than it was 10 years ago are supply chain leaks. Apple has to have such a long ramp to manufacture it's first week worth of iPhones, that it's inevitable that some of the 10s of thousands of people in the supply chain will leak. Often for money, given the culture and pay scales in China...

I think there are difference. The leaks wasn't as detailed in SJ era, he will be pissed if things not go his way. Supply Chain were doing a lot more to cover up.

These days Tim takes a much more relax approach, comparatively speaking. You have employees that doesn't even know what you should or should not talk about. ( The Person responsible for NFC ).

Steve's era employees used to joke about Information leaking from the higher up management, which was true. Nowadays it seems to be going out everywhere.

> the difference in leaks pre and post Jobs era

There were leaks in the Jobs era, and pretty substantial ones too. Here's a notorious case: https://www.cnet.com/news/apple-settles-with-worker-bee/

> why people are leaking now and weren’t before

This assumes it's the same people. I would not know one way or the other, but my gut feeling is that newer employees are more prone to leaking, and Apple is a lot bigger than it was under Jobs.

There were plenty of leaks while Jobs was there.

The idea that the leaks were different during the Jobs era is such nonsense that's purely of the rose-colored glasses variety. The only difference is that now, once the leaks are out, every blog and their mother wants to put their spin and speculation on them to get those glorious clicks.

Now looking forward to the leak the memo about the leak of the memo about the leaks.

I wonder how the leakers mentioned in the memo were caught?

The irony...

Yo dawg! I heard you liked leak memos, so I put a leak memo out on your leak memo.

How much does a major leak of apple inside information cost?





I am assuming they dont leak the information for free. And if they do it for monetary reasons - the amount has to be large enough to justify risking your job (freakonomics 101). If they do it just for their ego boost (oh i got approached by so and so i must be very important) - then they are dumber than i thought.

This article sounds like it was written by Apple. “everything to lose”? Really?

Everything after the bolded "Here’s the memo:" is indeed written by Apple. That's kind of the nature of quoting a memo...

TBF, they should have worked the formatting so that it is easier to find for someone looking the said memo without having to scan through the whole article.

And the wording of the memo--quoting people and so forth--reads more like a news story than it does an internal memo. I had to go back through it to realize that the entire bottom section is a memo because memos are typically written in a single person's voice.

"You'll nevah woik in dis bidness again..."

Frankly, when you tell a room full of people about something it's practically guaranteed to leak. The exceptions seem to be (a) secrets nobody cares about ("We're rewriting our ductwork design software!") and things that involve government secrets (and that doesn't always work).

I had a couple of housemates who were in the US submarine service. They never talked about what they did, even 20 years retired, and were very upset when the book Blind Man's Bluff was published.

Whereas I was at university with a guy who was previously in the Navy and was stationed on a large sub (name escapes me) and he claimed when they were at port and bored, they'd look into hotel windows where the blinds were left open with the periscope.

Hopefully for Apple's sake, he never went to work for them.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact