Apple has made some important security upgrades with the iOS 8 gold master, making it harder to scrape data from iPhones and iPad. A number of iOS services are more guarded, and a couple of wireless vulnerabilities have been addressed. For example, third-party application data can no longer be dumped across Wi-Fi. This curtails much of the threat from wireless surveillance of an iOS device, according to iOS forenics researcher Jonathan Zdziarski:
It appears that the threat of persistent wireless surveillance – my biggest concern – has been sufficiently addressed in iOS 8. Apple has also greatly reduced the exposure of Apple devices to commercial forensics tools. While I'm not yet sure how Apple now controls access to these deeper functions, it does appear that they have been better protected from abuse. Props and thanks to Apple for tackling a very complex and subtle problem that was difficult to explain.
What do you think of the fixes that Apple has made to device security in iOS 8, and what other issues do you think still need to be addressed? Leave your thoughts in the comments.
Source: Jonathan Zdziarski