WWDC: Apple digs deep to secure its platforms

From built-in IP address masking to insights into how information is abused, Apple continues to secure Macs, iPhones, iPads, and everything else it can.

Apple, developers, WWDC, Mac, iPhone, iOS

Apple’s WWDC announcements included plenty for enterprise professionals. One area that deserves  particular attention relates to the variety of privacy improvements the copany is making, because they offer significant benefits for the security conscious.

Putting you in control of your data

The main thrust of Apple’s recent work on privacy is information. The argument is that everyone should know about data collection, what it means, and which apps collect what information — and have at least some understanding of how that data is used.

App Transparency Tracking, Privacy Nutrition Labels, and controls to limit what data apps can access will help enterprise and consumer users gain better insight into the data journey. Apple at WWDC enhanced this insight with a new App Privacy Report; it gathers information about each of the apps you use to show which ones follow the permissions you’ve okayed.

If an app has permission to use your microphone, you’ll be able to see whether the app has actually done so, revoke that permission if you choose, and vet with whom that data may be shared by seeing all the third-party domains an app is contacting.

Apple also continues to do what it can to prevent systems and services (its own and those belonging to others) from gathering data in the first place.

More on this below, but IP address masking, VPN-like browsing built-i,n and a ban on invisible pixels for marketing and mail tracking will all have significant benefits for many — though some advertising and marketing companies will be forced to adopt new practises.

Insight is nothing without control

The idea here is that not only do you gain better insight into app permissions as you install them, you also gain better control and better insight of that app in use. This also makes it much easier to identify apps that may not be keeping promises made in Privacy Nutrition Labels.

Apple hasn’t yet ramped up enforcement, but we know it’s coming, given the company continues to warn developers who attempt to evade these protections that they can expect consequences.

Apple isn’t going to stop focusing on privacy, promised Craig Federighi, Apple’s senior vice president  software engineering:

“Every year, we push ourselves to develop new technology to help users take more control of their data and make informed decisions about whom they share it with. This year’s updates include innovative features that give users deeper insights and more granular control than ever before.”

Apple’s efforts are having an impact. Google recently confirmed plans to anonymize identifiable data on Android.

Stopping email spies, and IP address tracking

Even MailChimp uses invisible pixels in emails to see whether and when a person opens an email. Marketers love this information: it helps them gauge campaign effectiveness, though it has also been abused.

Mail Privacy Protection stops senders from collecting such information and masks the IP address. This kind of protection should help build another barrier to prevent targeted phishing attempts. (Apple has also improved Safari’s Intelligent Tracking Prevention, which now hides a user’s IP address from trackers, which prevents this being used to track activity online.)

The thinking is that this protection relies on technology Apple built in collaboration with CloudFlare. This feature also means ISPs will be unable to easily track which sites you visit.

“Hiding information such as IP addresses, location and whether users have opened or read emails could severely limit the way many companies track and monetise users but will be welcomed by consumers who are becoming increasingly aware of how much data is being captured,” said CCS Insight analyst, Ben Wood.

"It will further Apple’s position as being a consumer champion when it comes to privacy."

When it comes to Safari, there are little security enhancements, too. Safari will now automatically connect to websites using HTTPS, even if they are loaded with HTTP. That small change may make a big difference, particularly around protecting users from accessing fraudulent websites.

Together, these many improvements should help blunt the impact of phishing on Apple’s platforms, an essential upgrade for every remote enterprise.

With a little +, iCloud brings security protection

I think we have more to learn concerning iCloud+, which seems to consist of iCloud as we know it coupled with new features such as iCloud Private Relay (which works a little like an Apple VPN), Hide My Email, and expanded HomeKit Secure Video support.

The first two are of interest to both consumer and enterprise users. Private Relay encrypts all traffic leaving a user’s device so no one can access and read it. Apple’s own description is the clearest:

“The first assigns the user an anonymous IP address that maps to their region but not their actual location. The second decrypts the web address they want to visit and forwards them to their destination,” the company said.

This should be mandatory when working remotely using public Wi-Fi.

Apple’s Hide My Email may be of particular use to enterprise users who find they build quite an email correspondence of spam once they share contact details with others to access reports and other business resources. This tool lets you use a random email address for such things to keep your personal email private. You can create and delete as many addresses as you need at any time from within Safari, iCloud, and Mail.

One more thing: Apple didn’t say much about it, but iCloud+ also lets you use a custom domain name, as mentioned on the iOS 15 preview page, where the company says:

“Personalize your iCloud Mail address with a custom domain name, and invite family members to use the same domain with their iCloud Mail accounts.”

I’m curious about whether this might be something that extends a little further than family and personal accounts. I’d quite like an iCloud+ for SMEs to take on Google, for example.

Finally, HomeKit Secure Video can now handle more cameras and keeps data encrypted in iCloud and analyzed at home – or to protect the Macs in your home office.

Hey Siri, I didn’t know you were listening

Apple announced that the audio of Siri requests will in the future be processed on the device, rather than in the cloud. This should mean an end to unwanted audio recording (though I’ll be looking at the user agreement for Siri once this new feature ships). It also means many requests can be processed without an internet connection and should make Siri much faster and more responsive. It is a testament to the power of the Neural Engine inside Apple Silicon.

BUT: I have since learned that Siri requests will not (yet, presumably) be processed on the device if made using a Mac, and you should know that.

These new improvements will debut on Apple’s platforms with iOS 15, iPad OS 15, macOS Monterey, and watch OS 8. All will ship later this year.

Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Copyright © 2021 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon