I write a lot of stuff about Apple and MacOS in part because I’m a user and a fan. A skeptical fan, mind you, but a fan.
I’ve been critical of some of their recent designs. I think the company tends to favor what looks good in a 10-minute presentation over what people have to live with for half a decade—leading to “innovations” like the Touch Bar, the Butterfly Keyboard, and the trash can Mac. And I think they use privacy as a shield to make decisions that favor their business, from soldering components to locking down the OS to limiting access to the App Store.
I’ve actively used a Hackintosh as a daily driver partly as a silent protest against some of these actions. And I feel fine about being critical about them to this degree.
But I’m really not sure if I feel all that comfortable with the idea of rewarding a hacker collective that is holding an Apple vendor for ransom by publishing the scoops attained from said hacking. It feels like the motivations are all off.
This week, a group named REvil revealed that it would leak data related to upcoming Apple product releases unless a $50 million ransom was paid—initially by the vendor attacked, Quanta, and now by Apple itself. It’s effectively extortion, and it plays into the hands of the leak-friendly Apple press.
Some media outlets (specifically 9to5Mac) made the choice to release some of these early leaks to the public, which to me seems like a questionable move from an ethical standpoint. It effectively strikes me as careless journalism.
There is a calculus to be played with leaked documents—call it the Edward Snowden rule: Does the information help improve the public interest? Could it save lives? Does it endanger people? Or could we live without it?
And as much as I love Apple leaks, this kind of information clearly does not rise to the level of traditional whistleblowing. (And given that a whistleblower-driven story is in the news at the same time that puts this story to shame, it further puts the saga in bad light.) Like many ransomware attacks, it comes with legitimate harms that the leaks contribute to in this specific case. All it does is reward some hackers that want Apple to pay them lots of money.
(For what it’s worth, MacRumors struck a more delicate balance—not posting the images but reporting their existence. While admitting it’s not perfect, it feels more right than what 9to5Mac did. The Verge did one better by saying it wouldn’t report on the leaks in-depth.)
As you may be aware, Apple leaks have been a famously fraught cottage industry for years—the company had a notably icy relationship with ThinkSecret, and the infamous Gizmodo iPhone 4 leak still remains to this day one of the most interesting events in the history of technology journalism. (And there was a lot of back and forth around the ethics of Gizmodo paying for that iPhone, including accusations of extortion.)
But nothing along the lines of a scoop-driven ransomware attack has ever fallen upon this segment of the technology journalism industry before, and I think the looser standards around the leak-based beat that is Apple reporting could cloud judgment over what might be the right thing to do in this situation.
Ransomware is a bad thing, and it affects many regular companies, too. It could even hit a publication like 9to5Mac at some point. I think the short-term gains of another day of leaks don’t topple the long-term decline of standards that attacks like these threaten. It’s bad policy and media outlets in the tech leaks space need to really think hard about what they publish right now.
After all, we’re not talking about the Pentagon Papers here. We’re talking about whether a laptop we’re going to see in two months has an HDMI port or not.
Time limit given ⏲: 30 minutes
Time left on clock ⏲: Alarm goes off