José Adorno
Apple wants to be known for its privacy-first approach to hardware and
software products. While the company has successfully introduced essential
features to this matter, such as Sign In With Apple, end-to-end encryption
to iMessage and FaceTime, iOS 15s Find My function even with the phone off,
App Tracking Transparency, and more, there are some features coming to iOS
16 that will make the iPhone less secure. Here are them and how Apple could
fix this before this new OS is released.
The iPhone has become an essential part of peoples lives. Our photos,
videos, messages, contacts, bank information, and more are stored in one
single device. And even though regular users can be assured that theyre
protected with their two-step verification process, Face ID, etc, some
people just want to have an extra layer of protection.
9to5Mac already reported how criminals can access bank information with the
iPhone unlocked in just a few minutes.
And this is not the only problem. When someone has access to your four or
six-digit PIN, they can do anything on your iPhone.
For example, if you use Microsoft Outlooks app, you can add Face ID
protection to it, but at the same time, you can just type the six-digit
passcode and access the users messages. With these digits, someone can even
reset your Apple ID password on the device, which is a big deal.
With that in mind, one of the most interesting features I always loved is
the fact that you can lock a note, on the Notes app, with a different PIN.
In the same way, you can lock your iPhones SIM when the smartphone turns
off and then on, you can also do that with the Notes app.
But now with iOS 16, Apple is planning to add convenience over protection.
When you open the Notes app for the first time while running iOS 16, it
tells you:
Remember One Less Password: End-to-end encrypt your locked notes with your
device passcode. And while I get why this could be helpful, Im telling you
why this is a concern.
But thats not the only bad feature. iOS 16s Safari is also aiming for
convenience over security. Its been a while since users can store their
credit card information with Keychain, but Apple thought it was a great idea
to let users start storing the cards security code. Back in 2013, Apples
Craig Federighi said that Apple can help you fill most of your credit card
information but you have to remember your own security code, thats what
makes it secure after all. So why this change now?
How to solve these privacy concerns with iOS 16?
For these specific iOS 16 features, I would say Apple should just remove
them. While most of these functions come with the idea that no one knows
your six-digit pin, I dont see how Apple doesnt think that the raising
number of stolen iPhones in some regions is a problem.
While this might not be an issue across the globe thankfully it also
makes the iPhone experience less secure. Having the ability to, for some
apps, add different passwords is a great idea.
In addition to that, Id strongly recommend Apple stop letting someone reset
an Apple ID password on the iPhone with just a six-digits pin. Its too
risky.
While the company doesnt address these issues with iOS 16, Id strongly
recommend third-party apps that can better protect your data.
For example, 1Password and 2Stables Authenticator app let you save your
credentials with E2E without relying on the convenience of Touch ID/Face ID
as you can add a different password.
Apps that store photos and other documents with passwords are also a great
way. Personally, I still want Apple to introduce a Secure Folder like
Samsung so users can better protect their data.
===========================================================
The fb-exchange mailing list
Manage account,
List Page: https://www.freelists.org/list/fb-exchange
Subscribe: mailto:fb-exchange-request@xxxxxxxxxxxxx?Subject=subscribe
Unsubscribe: mailto:fb-exchange-request@xxxxxxxxxxxxx?Subject=unsubscribe
Archive: https://www.freelists.org/archive/fb-exchange
Administrative contact: insight@xxxxxxxxxxxxxxxxxxxx
===========================================================