> It's possible the chips could be modified before manufacture, or after, to contain a flaw.
Wouldn't Apple be able to detect such an attack, if they were looking (e.g. decap sample chips, image at high magnification, and compare to the original design files)?
I don't think such an attack would work very well as a tailored access sort of thing. If the backdoored chips got into the supply chain, the general public would be affected. If the NSA wanted to only target certain people, they'd have to have a huge amount of control over Apple's supply chain, which would surely be noticed.
Depends on how you buy it. If the phone is mail ordered, it would be possible to swap with a compromised device during shipping. NSA's Tailored Access Operations group is known to perform this sort of attack [1].
If you want to ensure you get a phone from the standard supply chain, buy it in-person at a store where you can see someone take it off the shelf.
Wouldn't Apple be able to detect such an attack, if they were looking (e.g. decap sample chips, image at high magnification, and compare to the original design files)?
I don't think such an attack would work very well as a tailored access sort of thing. If the backdoored chips got into the supply chain, the general public would be affected. If the NSA wanted to only target certain people, they'd have to have a huge amount of control over Apple's supply chain, which would surely be noticed.