Trend­ing News

As Ap­ple faces up to its sec­ond em­bar­rass­ing se­cu­rity flaw in as many months, we ask: is Ap­ple win­ning the se­cu­rity war?

iCreate - - CONTENTS... -

In light of the re­cent se­cu­rity breaches, we ask: is Ap­ple win­ning the se­cu­rity war?

“We greatly re­gret this er­ror and we apol­o­gise to all Mac users, both for re­leas­ing with this vul­ner­a­bil­ity and for the con­cern it has caused,” said an of­fi­cial Ap­ple state­ment at the end of last year. “Our cus­tomers de­serve bet­ter. We are au­dit­ing our devel­op­ment pro­cesses to help pre­vent this from hap­pen­ing again.”

This apol­ogy was is­sued fol­low­ing a ma­jor se­cu­rity flaw that en­abled ac­cess to the root su­pe­ruser ac­count with a blank pass­word on macos High Sierra ver­sion 10.13.1. Ap­ple quickly re­leased a se­cu­rity patch to solve the is­sue, but the whole episode was deeply em­bar­rass­ing. What with the

“The bat­tle be­tween con­ve­nience and se­cu­rity is per­pet­ual; no mat­ter how hard Ap­ple tries, it will al­ways be a rag­ing war”

furore over re­duced bat­tery per­for­mance in iphones and the po­ten­tial le­gal ram­i­fi­ca­tions that holds, Ap­ple could’ve done with a quiet start to 2018.

What it cer­tainly didn’t want was a sec­ond pass­wor­drelated se­cu­rity blip in as many months. But that’s ex­actly what hap­pened, much to the dis­may of Ap­ple users all over the world. This time around, hack­ers re­vealed a se­cu­rity flaw in a ver­sion of macos High Sierra that en­abled the App Store menu in Sys­tem

Pref­er­ences to be un­locked with any pass­word. The bug, found solely in macos High Sierra 10.13.2, gives some­one with ad­min-level ac­cess to your com­puter the abil­ity to dis­able set­tings re­lated to au­to­mat­i­cally in­stalling macos soft­ware, se­cu­rity and app up­dates.

Ap­ple has fixed this is­sue in the beta ver­sion of 10.3.3. This isn’t as se­ri­ous as the root ac­cess bug in 10.3.1, but it does pose se­ri­ous ques­tions about Ap­ple’s au­dit­ing of its devel­op­ment pro­cesses. Ap­ple has al­ways made the right noises when it comes to se­cu­rity and pri­vacy, and we have no rea­son to view this as any­thing other than an­other em­bar­rass­ing over­sight, but that won’t stop its fiercest crit­ics hav­ing a field day.

No sur­prise then that Ap­ple was among the first com­pa­nies to of­fer im­me­di­ate OS up­dates to negate the threat of the so­called Melt­down and the Spec­tre bug, which is said to af­fect al­most every mod­ern com­put­ing de­vice from any man­u­fac­turer us­ing chip de­signs from In­tel, AMD and ARM. In­tel pro­ces­sors can be found in Ap­ple’s Mac lineup, and ARM ar­chi­tec­ture in its iphone, ipad, Ap­ple Watch and Ap­ple TV ranges. De­spite no im­me­di­ate or known threat, Ap­ple is urg­ing users to up­date their de­vices to the most up-to-date ver­sions. What, if any­thing, this goes to show is that se­cu­rity and pri­vacy isn’t an is­sue just fac­ing Ap­ple, but one that af­fects the whole com­put­ing in­dus­try.

In truth, it’s easy to see why there has been an in­crease in news­wor­thy se­cu­rity flaws. As the tech­nol­ogy in our de­vices gets bet­ter, so does the open risk to our pri­vacy and se­cu­rity. The bat­tle be­tween con­ve­nience and se­cu­rity is per­pet­ual – it will al­ways, no

“Our ad­vice is to al­ways keep your de­vices up­dated with the lat­est ver­sions”

mat­ter how hard Ap­ple tries, be a rag­ing war. Loop­holes will be found, fixed and the cy­cle will be­gin again. If Ap­ple stopped in­no­vat­ing and stopped mak­ing in­cred­i­ble prod­ucts we would rightly com­plain, but in­no­va­tion shouldn’t equate to a lack of prag­ma­tism when it comes to look­ing after our se­cu­rity. That’s a right that any Ap­ple user is en­ti­tled to, even if we take it for granted some­times. There’s a bal­ance to be found, and maybe Ap­ple just isn’t hit­ting the high notes it has done in the past. One cock-up can be for­given, a sec­ond can pos­si­bly too, but a third? That re­ally would sig­nal that some­thing isn’t quite up to stan­dard.

But, this story is not a way of scare­mon­ger­ing you, but merely high­light­ing that Ap­ple has had an in­dif­fer­ent record since macos High Sierra was in­tro­duced. Our ad­vice is to al­ways keep your de­vices up­dated with the lat­est ver­sions (this is where Ap­ple will au­to­mat­i­cally fix any prob­lems) and fol­low the ad­vice we’ve been writ­ing in this mag­a­zine for years – use com­plex pass­words, limit ex­po­sure to in­for­ma­tion on any lock screen, use fea­tures like two-fac­tor au­then­ti­ca­tion and keep lo­ca­tion and web brows­ing data pri­vate.

Ap­ple can – and will – do bet­ter; just make sure you do ev­ery­thing you can to put your­self in the best pos­si­ble po­si­tion when it comes to your own se­cu­rity and pri­vacy.

Face ID on iphone X in­tro­duces a revo­lu­tion­ary new way to se­curely un­lock, au­then­ti­cate and pay – and with it a huge amount of new se­cu­rity pro­vi­sions

macos High Sierra has seen two se­cu­rity breaches in as many months, much to the em­bar­rass­ment of Ap­ple’s devel­op­ment team

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.