iOS 7 preview: New security features
Apple's iOS 7, announced earlier this week, brings a lot of changes to all areas of the operating system, and security is no exception. iOS 7, at least as much of it as has been publicly disclosed by Apple to date, includes a number of security-related enhancements, seeking not just to make your data more secure, but also make security more convenient.
Safari - Do Not Track & Private Browsing
Do Not Track is an optional header that can be sent along in HTTP requests, expressing your preference to not be tracked by websites. Already included in the desktop version of Safari (as well as most other major browsers), the addition to Safari in iOS 7 means people will have the option to opt-out of server-side tracking of their browsing. There is no enforcement of the Do Not Track system, but with a large number of popular websites honoring it, it's certainly a welcome addition to mobile Safari.
iOS 7 has also moved Safari's Private Browsing option to a more accessible place. Enabling Private Browsing means Safari doesn't save your history, record cookies, or sync your browsing data to other devices. Previously this option was hidden away in the Settings app, going unnoticed by most. Now Private Browsing appears in the Safari app itself, allowing you to toggle it on and off quickly from within the browser, rather than having to jump out to Settings every time you want a little privacy.
Per App VPN
VPN (Virtual Private Network) support allows you to create secured connections between your device and VPN provider, offering a layer of network encryption to help keep your traffic secure. iOS 7 will expand iOS's existing VPN functionality to support per app VPN. The details on this are sparse right now, but this will likely give enterprises (and their employees) more granular control over what traffic should be routed over VPN.
Cheaters be on alert, Game Center is also getting some security attention in iOS 7. If you've spent any amount of time viewing Game Center's leader boards, you've probably noticed that many of them are topped by individuals with impossible scores. Two items from Apple's keynote intended to help prevent cheating are "Secure game scores" and "Authenticated Game Center players". It wouldn't be surprising to see cheaters find new ways to top the charts, but it's good to see Apple taking notice and working to curtail those actions.
Currently if your iPhone is stolen, Find My iPhone can help you track it down, disable it, or erase it, but only if it's on and connected to the Internet. If a thief immediately powers your iPhone off, then restores it to factory defaults, you're out of luck. Activation Lock works by requiring your Apple ID and password to activate an iPhone, even after it has been wiped. This means that even if a criminal completely wipes your devices and reinstalls iOS, the phone can't be activated unless they also have your credentials.
This feature only works if Find My iPhone is enabled on the device. There has been some unwarranted concern on what Activation Lock will mean for users trying to sell their old devices, but iPhone owners need not worry. If you disable Find My iPhone (which will require your Apple ID and password), prior to resetting your iPhone, it will no longer be locked to your Apple ID.
The Keychain is where applications can securely store sensitive information like usernames and passwords on your device. Your keychain is one of the only pieces of data that cannot be backed up to or synced through iCloud. If you want to preserve your keychain when restoring a device, you have to use an encrypted backup from iTunes. Also, if you use multiple iOS devices, usernames and passwords will have to be entered manually on each separate device.
Keychain syncing in iOS 7 will allow users to enable syncing of their keychain to iCloud. This means that multiple devices will be able to share the same data and when you restore data from an iCloud backup, iOS will now be able to restore all of your saved passwords. In addition to syncing, the Keychain is also being extended to securely store additional data for users, such as credit card information for making online purchases. Of course users can still use third party apps like 1Password for this, but will now also have the option to make use of native functionality.
Defaulting to secure data
This change will go largely unnoticed by users, but will offer additional protection to their data. On iOS, if you have a passcode set on your device, your data can be encrypted with it. The catch is, developers have to specifically enable data protection in their applications to make use of this encryption. If somebody were to jailbreak your device and bypass the passcode, they could potentially access data in any application where developers had not enabled data protection. Starting with iOS 7, data protection will be enabled by default for all applications.
The above is not a comprehensive list of all security changes in iOS 7, but covers the ones we know about from the keynote. With iOS 7 in beta, and under non-disclosure, details may change before the public release, currently scheduled for this fall.