Apple security faces biggest test in 2015

Chaos Computer Club claim suggests Apple Pay and Touch ID will be top security targets in 2015

chaos pay

In 2015 it’s possible Apple’s biggest technology investments will be things you never see, as this will be the year security becomes the company’s key product.

You see, criminal coders and maverick malware makers now recognize that while Apple’s platforms don’t have the market share, they are still better targets – and the hackers at Europe’s Chaos Computer Club suggest Apple is under attack.

Where things stand

Think about it, Apple’s platforms are where the money is: from access to corporate and enterprise data on iOS to the resurgence of the Mac across every market to the huge and growing success of Apple Pay and iTunes. In comparison, other platforms are where the money isn’t. I can hear the platform evangelists shouting against that assertion. But professional cybercriminals don’t care about platforms, they care about cash.

Phishing season

Apple users will have noticed a wave of seasonal phishing attempts across the last week, as criminals target new and unwary Apple owners who just found their first ‘i’ product under the Christmas tree.

These phishing attempts are becoming increasingly convincing. This Naked Security blog offers great advice on how to recognize these attacks and what to do about them.

Fingerprint subversion?

European hacker group the Chaos Computer Club is in the news today with claims a member has managed to subvert fingerprint authentication systems using photographs of a person’s finger (in this case, German Defense Minister Ursula von der Leyen).

I don’t believe the claims, as I can’t accept that accurate prints were achievable from images captured at a distance and don’t think the claims will stand up to testing. But in a sense it doesn’t matter – that these claims are being made at all represents an intensification of interest in subverting Apple platform security.

There are many people with a vested interest in doing so.

Criminals and hobbyists, competing companies and payment services all have motivation to punch holes in Apple security, overtly or covertly through paid third-party agents. In this brave new world of Orwellian state surveillance, government agencies unable to use legal process to force Apple to open the TouchID door will also want to break through it.

Apple gets more secure

What this all means is that Apple will become even more vigilant when it comes to securing its platforms. This means it will invest in the best people, the latest technologies and will need to examine every claimed security threat.

Apple will also be required to make constant improvements to security protection across its platforms. This will ensure future investment in new biometric solutions, including mind control. (SpeechTrans plans to release a solution that enables thought and gesture control of mobile devices in 2015, for example.)

Testing times

2015 will be the year Apple security goes on trial.

Apple’s recent move to ship a self-installing security update for OS X shows it is rising to the new security challenge. It must – arguably, it was Microsoft’s historical failure to deal swiftly with security problems as its platform became dominant that enabled Apple’s resurgence.

Meanwhile competitors will continue attempting to characterize relatively trivial security problems afflicting Apple’s platforms as far worse than they actually are, while also minimizing recognition of their own weaknesses.

This is why some of Apple’s biggest investments in 2015 may be solutions you can’t see, will not be told too much about and won’t really be able to appreciate -- unless Apple fails in its attempt. 

Google+? If you use social media and happen to be a Google+ user, why not join AppleHolic's Kool Aid Corner community and join the conversation as we pursue the spirit of the New Model Apple?

Got a story? Drop me a line via Twitter or in comments below and let me know. I'd like it if you chose to follow me on Twitter so I can let you know when fresh items are published here first on Computerworld.

Copyright © 2014 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon