It’s not the same Internet Everywhere
Investigating an iOS Hack
Last week, news broke of a security breach that implicated a number of apps on the iOS store. The breach, one of a number of recent high-profile cases, is particularly interesting as it shows how different cultures of internet use have developed in different countries and geographies.
Most of you will have heard of the Great Firewall of China. Facebook, Google, Twitter and a slew of sites visited everyday by users around the world are unavailable in China. However beyond this simple inaccessibility lays additional issues that shape a Chinese netizen’s behaviours. What many don’t realise is that international websites are often rendered inaccessible in China due to language, load speeds or licensing.
While language and licensing are big topics and worthy of their own considerations, it was the speed of foreign websites from within China that created the environment that allowed this hack to work.
In three sentences the scheme worked like this:
- Xcode is a tool that developers use to build apps for iOS, it is available from Apple and is around 3gb in size.
- Developers in China need this tool but can’t always wait for the large file to download from an international website. To get around this issue, links to XCode stored on third party, China-hosted, cloud storage sites are shared around developer communities.
- A fake XCode program (dubbed XCodeGhost) which inserted additional spyware in apps was uploaded to a Chinese storage site and shared among China-based developers.
This hack exploited a behavioural trait that exists in Chinese internet users. It seems audacious to target developers like this but exploiting an ingrained habit like this is an interesting way of slipping one past the professionals. Though their intended goal was less than admirable, the hackers showed creativity in this exploit.
The results were far reaching. A number of the most widely used apps in China, including WeChat and Didi Dache, were affected (nice list here). A number of international apps, that used developers in China, were also affected.
What this event serves to show internet professionals, from developers to digital marketers, is that users’ behaviour is far from uniform. It’s not enough to just not be blocked in China. If a user can find an easier way to access the service you’re offering, they will, and you might be left out. This is as true for downloads as it is for goods and services.
Find me on Twitter at @tj_griffiths where I tweet on China, the internet and things that catch my eye.
