Apple Really Is Different

Today’s disruption point is part “news-you-can-use” (if you own an iPhone), and part an exploration of how differently Apple thinks about user data privacy than other Tech companies. The genesis for this note came from a Fast Company article related to iOS12, which dropped on September 17th. A link to that piece appears at the end of this note.

The upshot: Apple doesn’t see the user as “the product”, the way most other technology companies like Facebook or Google have built their businesses.Instead of scraping all the data they can and monetizing that information with advertisers, Apple charges a (very) premium price for its gadgets. The offsetting benefit: the user has a tremendous amount of control over their data.

Some of the iOS upgrades simply make user security more convenient (this is the news-you-can-use bit):

• You know how annoying it is to have to enter a text-messaged security code into an app? iOS 12 now displays that code in the program so you can easily enter it. That’s called 2-factor authentication, and now you have no excuse to use it.

• Enhanced password security. iOS 12 lets you audit your passwords across websites to check how much you use the same one. That’s important, because if you have the same password for your bank and a small online retailer a hack against the latter means the former is no longer secure. [su_spacer] The operating system also now suggests crazy-strong passwords and lets you store them on all your devices (so you don’t have to remember a random alpha-numeric string).

As for the juicier bits of the iOS 12 upgrade, you need to remember that Apple has come to legal blows with governments (including the US) over how difficult it is to access the data on an iPhone. And with the most recent upgrade, it just got a lot harder for the world’s law enforcement/government agencies to see inside one:

• You can enable a wipe function on the phone that purges all your data if anyone enters an incorrect password 10 times in a row. In the past, law enforcement hired outside companies to algorithmically decode passwords on suspects’ devices. That approach now seems to be a dead end.

• Quick disabling of facial and fingerprint recognition, reverting to password entry to gain access to the phone. [su_spacer] In the US, biometric security doesn’t have the same 5th amendment protections as passwords. Authorities can point a phone at a suspect, for example, to unlock it via facial recognition. But they cannot compel a suspect to disclose their password. The new iOS feature makes it a less-than-5 second process to turn off facial/fingerprint ID, after which a password is required.

Summing up: expect Apple to come in for criticism when/if a western government needs to unlock a terror suspect’s phone or some other worst-case scenario. Tim Cook has made it clear he doesn’t see that as Apple’s problem; the company’s role is to develop secure devices and nothing else. But just as governments have beaten up on Google and Facebook for sharing too much data, Apple may find the other end of the spectrum is just as problematic.

Fast Company article: https://www.fastcompany.com/90254589/use-these-9-critical-iphone-privacy-and-security-settings-right-now