Following the debut of the M-series chips and now the C1 cellular modem, Apple is consistently progressing towards total chip autonomy. The firm is also reportedly developing its own Bluetooth and Wi-Fi technologies, which are expected to debut with new Home products and the iPhone 17 lineup this Fall.
An apparent advantage of creating chips in-house is enhanced energy efficiency. Apple highlighted this benefit with the launch of Apple Silicon long ago, and again this week with its inaugural 5G modem, which provides the iPhone 16e with nearly 20% improved battery life compared to the flagship iPhone 16. While enhanced battery longevity is certainly enticing, there are less obvious yet more impactful advantages to Apple maintaining comprehensive control over both software and hardware aspects.
This is Security Bite, where I provide insights on data privacy, vulnerabilities, and emerging threats within Apple’s extensive ecosystem of over 2 billion active devices every week.
DMN Security Bite is exclusively presented by Mosyle, the only Apple Unified Platform. Ensuring Apple devices are work-ready and enterprise-secure is our sole focus. Our unique integrated approach to management and security combines cutting-edge Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM solution available. The outcome is a completely automated Apple Unified Platform that is currently trusted by over 45,000 organizations, making millions of Apple devices work-ready effortlessly and cost-effectively. Request your EXTENDED TRIAL today and discover why Mosyle is everything you need for Apple compatibility.
Apple has taken heed of previous vulnerabilities associated with third-party chips. In 2017, a researcher named Nitay Artenstein uncovered what came to be known as the Broadpwn flaw—a memory corruption vulnerability in the firmware of Broadcom’s Wi-Fi chipset that could permit an attacker to execute code remotely within a certain range. More than a billion Wi-Fi-capable devices and access points, including the iPhone 7 and older models, were impacted. Fast forward to 2020, another vulnerability was found within a Broadcom Wi-Fi chipset that left devices susceptible to eavesdropping. And that’s only concerning Wi-Fi chips…
The concerning aspect is always the duration of time the vulnerability was in existence before detection—hopefully by responsible parties—and the subsequent timeframe needed to issue a patch. While the former is beyond control, in both instances noted above, several months elapsed between flaw detection and patch release. Although Apple’s components are not infallible, the close integration of their in-house hardware and software teams should theoretically enable quicker response times than when depending on external vendors. Apple can simply initiate a Rapid Security Response, and just like that, it’s automatically patched across billions of devices overnight.
A second crucial advantage relates to the supply chain. Supply chain attacks—where attackers target vendors or suppliers with access to a company’s hardware, software, or network—have risen sharply in recent years.
On April 20, 2021, while Apple was conducting its ‘Spring Loaded’ event, the company was simultaneously navigating a situation internally. The group responsible for the REvil ransomware claimed to have infiltrated Quanta Computer, a significant Apple contractor in Taiwan, acquiring schematics believed to pertain to unreleased products, including MacBook designs. Even firms like Apple are only as robust as their most vulnerable link.
No matter how strong a company’s corporate security posture is, a breach at a supplier can be detrimental. For Apple, which depends on a global network of chip manufacturers and component suppliers (like Broadcom, Qualcomm, etc.), this poses a considerable security risk. By designing its own chips, Apple can reduce its vulnerability and lessen the likelihood of threats.
This summarizes my perspective on the company’s shift towards developing more components in-house. I see this as a major advantage for consumers, but I’d be interested in hearing other opinions! Feel free to leave a comment below.
Follow Arin: LinkedIn, Threads, BlueSky, X
