Apple executives: Explaining the key issues of the Xcode incident

Phil Schiller, Apple's senior vice president of global marketing, made a telephone call to Sina Technology in the United States and was interviewed about last week's "XCodeGhost Trojan infection incident" and answered some key questions related to this incident.

Previously, after many news events occurred, this company with its headquarters far away in Cupertino would usually explain everything in its own way and rhythm, but in this incident, the company's senior vice president personally took action at 10 o'clock in the evening, which shows how much they value this matter.

The whole story of XcodeGhost

Xcode is an official development tool produced by Apple. It runs on the Mac OS X operating system and is currently the most common way to develop Mac OS and iOS applications. In a sense, it is the foundation of the ecosystem that Apple is proud of.

This is also the reason why Schiller cares so much about this incident and personally accepted the interview.

Because the servers are located overseas, it is not easy for developers in mainland China to download Xcode from official channels. Schiller also specifically mentioned this during the phone call: "It only takes 25 minutes to download it in the United States, but it may take three times as long in China."

As a result, some Chinese developers had to download through some unofficial channels, which led to some developers downloading "copycat versions of Xcode" containing the XcodeGhost virus. Applications compiled with the copycat tools were injected with third-party code and uploaded to the Apple App Store, causing ordinary users to download infected applications.

Schiller said that Apple has always recommended that developers use secure development tools to develop programs, and that they have Gatekeeper and related signature verification mechanisms to protect them. However, the entry of fake apps and the closure of Gatekeeper combined with several factors to cause the XcodeGhost incident.

Improvements for developers

Due to server issues, the problem of difficulty in downloading Xcode has always existed, but this incident left a deep impression on Apple.

Schiller did not avoid the question. During the call, he mentioned that Apple is dealing with the problems that have occurred, including measures for developers and general users.

Specifically for developers, what Apple needs to do is to prevent the XcodeGhost incident from happening again from the beginning. Schiller confirmed that Apple will move the download of Xcode development tools from abroad to China.

Is there something wrong with the "perfect apple"?

Because of its closed system and the close integration of software and hardware, Apple has always been regarded as a model of security.

But this time, is there something wrong with Apple’s review mechanism?

Schiller admitted that "there is no perfect system, but Apple is always improving. Every time we experience something, we can continue to improve, and this incident is no exception. We learned a lot this time." Apple is also constantly improving itself.

For now, the entire set of security mechanisms built by Apple is still effective. If the listing review is missed, the infected app will be quickly removed from the shelves, and the developer will be contacted later to ask them to use the genuine Xcode to develop the app and update it. The processing flow this time is also the same.

How will users know if they are affected?

Apple will soon release a list of 25 infected apps on Apple's official Chinese website (apple.com/cn) for users to view and compare. If the apps have already been downloaded, users can simply update to the latest version of the app.

Outside of these 25 apps, the number of affected users dropped significantly.

What should general users pay attention to?

Before today's interview, Sina Technology had already made a comprehensive interpretation of the "XcodeGhost incident". In that article, we mentioned: For iOS users, first of all, there is no need to panic. The XcodeGhost virus currently only uploads some basic information of the product itself (installation time, application ID, application name, system version, language, country), etc., and does not involve personal information.

In addition, the server of the infection creator has been shut down, which no longer constitutes a substantial information leak. In a conversation with Schiller, he also confirmed that "there is currently no information indicating that these malware are related to any malicious incidents or have spread any personally identifiable information."

After a telephone interview, Sina Technology confirmed with some developers that due to Apple's excellent "sandbox" mechanism, XcodeGhost's influence is limited and will not lead to user information leakage, especially when your device is not jailbroken.

When asked whether the rumored XcodeGhost apps could also launch attacks such as phishing on non-jailbroken devices, Schiller said, "According to Apple's investigation, this has not happened yet."

What did Apple learn from this incident?

Apple does not tell the outside world about the future, and even if it occasionally gives a few words, it will not reveal the specific time.

During the half-hour conversation, Schiller still did not give a definite timetable, but he emphasized that he was already moving quickly, all actions were being carried out step by step, and follow-up processing "was already calculated in hours, not days." The only thing that would take a little more time was to download Xcode and put it on the local server.

As mentioned above, Apple is not perfect, but it has been trying to improve itself to be perfect. Through this incident, Apple has also learned a lot from it and will avoid similar situations in the future.

As a winner of Toutiao's Qingyun Plan and Baijiahao's Bai+ Plan, the 2019 Baidu Digital Author of the Year, the Baijiahao's Most Popular Author in the Technology Field, the 2019 Sogou Technology and Culture Author, and the 2021 Baijiahao Quarterly Influential Creator, he has won many awards, including the 2013 Sohu Best Industry Media Person, the 2015 China New Media Entrepreneurship Competition Beijing Third Place, the 2015 Guangmang Experience Award, the 2015 China New Media Entrepreneurship Competition Finals Third Place, and the 2018 Baidu Dynamic Annual Powerful Celebrity.