Following last weekend's celebrity photo data theft, Apple's CEO, Tim Cook has spoken out about what can be done to better increase the security and protect the privacy of their customers. The steps include sending notifications for account changes, backup restores, and new device logins; broadening the deployment of two-step verification; and to ramp up efforts to educate customers about the dangers of social engineering and phishing attacks, and the importance of strong passwords. The latter of those steps was emphasized when Cook reaffirmed that iCloud servers hadn't been hacked, the individual accounts were hacked. The Wall Street Journal:
When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece. I think we have a responsibility to ratchet that up. That's not really an engineering thing.
We want to do everything we can do to protect our customers, because we are as outraged if not more so than they are.
While alerts don't help prevent attacks, they do help mitigate them. Customers receiving account notifications will be able to change passwords and even alert Apple's security team. That service should start rolling out in two weeks.
Cook also emphasized what most of us already know — Touch ID, for example, never leaves the Apple A7 secure enclave and is never stored on iCloud or any server, so fingerprint data can't be compromised online. If, as rumored, Apple rolls out a new mobile payments feature alongside the iPhone 6 and iWatch, it's expected that will tie into a new secure enclave on the new Apple A8 system-on-a-chip.
Apple has also informed developers that HealthKit data cannot be stored on iCloud, and any app trying to do so will be rejected from the App Store.
Hopefully Apple will also replace "security questions" with something less susceptible to social engineering attacks. (Unless/until that happens, fill those fields with strong passwords as well, and store those passwords securely.)
These are good next-steps from Apple, especially with the iPhone 6 event coming up in less than a week. Especially good having Tim Cook do it interview style rather than simply issuing another media advisory.
What do you think of Tim Cook's response? Any other steps you'd like to see taken by Apple?
Source: The Wall Street Journal
We may earn a commission for purchases using our links. Learn more.
Apple must pay $85M to WiLan after patent retrial
Apple has been ordered to pay WiLan the sum of $85M over a patent infringement, following a retrail of a case last year.
Tim Cook: Apple will donate to groups helping fight Coronavirus
Tim Cook has announced that Apple will be donating money to efforts to fight Coronavirus.
Apple killed The Apple Archive after just 10 days
The Apple Archive, a stunning, unofficial tribute to Apple history has been buried under copyright strikes over its video content.
Protect your iPad Air screen with one of these low-cost screen protectors
Keep your iPad Air’s screen protected and safe with some help from the best screen protectors out there!