Apple introduced an array of additional privacy protections at WWDC 2019. Many of these both offer protection and help us better understand how our privacy is undermined.
Why does this matter?
Apple CEO Tim Cook is passionate about the need to protect user privacy, and this is by no means a one-man mission.
Speaking with Vector, Apple’s vice president of software technology, Bud Tribble, stressed the need to educate people into the needs and benefits of privacy, a topic he believes is much more widely discussed now than before.
“Back in the 90s security on the internet didn’t really come up as an issue, and at some point it flipped,” he observed. “Now I think [a similar flip] is happening over privacy.”
“Apple has done more than most in pushing our industry forward and being an example of how to do that. Privacy should be available in every device and in every service,” he said.
Sign In with Apple
Please take a look at this report for a detailed explanation of Sign In with Apple, a service that essentially replaces existing authorization systems with an ultra-secure, ultra-private, cross-platform sign-in system available to anyone with an Apple ID. Of course, when used in conjunction with Managed Apple IDs, this opens up opportunities for highly secure enterprise service models.
Apple is rolling out big improvements in Maps.
Not only does its service usher in maps it has built following 4 million miles of driving in Apple Maps cars, but it also launches a better than Streetview Look Around feature.
The newly designed and much-improved version of the app Apple is shipping this year has lots of new features, but one you might take for granted may be the most important: privacy. No one but you knows where you go, Apple won’t know, advertisers won’t know, and your Favorite places won’t be shared. That’s important because it means your car journeys won’t be tracked, and nor will you.
The company seems open to requests for how to improve its mapping system, with bike lanes a likely candidate for future inclusion. (Parking is another, but the balkanized nature of parking data – where it actually exists – makes this a challenge.)
Apple’s location data controls
Tightened-up privacy protection inside Maps is supplemented by yet more improvements in Location Services. Apple has recognized that location is sensitive to privacy, as knowledge of location can expose a person’s pattern of life and help identify them.
This year, Apple is introducing new enhancements to protect location data:
A new Allow Just Once option in Location settings will let a user choose to give an app just one data point in order to use the app.
Users will get better notifications when an app requests background access. When they are given this information, users will be shown what locations they have shared with an app in a visual way, and they can choose to revoke location access or set it to new states.
Better Wi-Fi and Bluetooth security
Some apps like to side step location data by using information about current networks and beacons to try to identify users and devices. iOS 13 will introduce new controls to limit the access third-party apps have to such information.
These controls will give us a better understanding of what information apps are hoovering up, empowering us to make informed choices as to which apps we trust.
Apple’s HomeKit Secure Video
Typically, connected security cameras send video to a third party cloud service for analysis. The thing is, though, once the video is online, users have no control over how it is used, shared, or otherwise abused.
HomeKit Secure Video means video will be analyzed on your HomeKit hub (HomePod, Apple TV, iPad) and if stored in the cloud, it will be encrypted with a secure key only you possess.
That means no one can look at that video, but you’ll still get notification alerts and can still watch the video on your device, as that device will know your secure key.
HomeKit for routers
The problem with smart connected devices is that they are connected to the internet, which turns them into a potential attack target. A smart home device that is successfully compromised can then act as a hub from which malware and other hacks can spread through other devices in the home.
To help protect the devices on your HomeKit network Apple has chosen to focus on the router with a new HomeKit for routers scheme. Routers that support the scheme will be able to automatically partition your smart home devices from each other and will apply firewall rules that restrict device-related internet communications to just those purposes necessary for the functionality of the device.
This both protects the devices from initial attack and protects other devices in your home/office against secondary attack in the event another device is compromised.
Find My iPhone and Find My Friends bundled together
Apple will bundle Find My iPhone and Find My Friends together into one app it is calling Find My.
It is also supplementing the original two apps with a third talent: Using Bluetooth, the Find My app will be able to find a Mac even if it is offline with the lid closed and is disconnected from the internet.
It works like this:
- The Mac will send out a periodic beacon (a rotating encryption key).
- This beacon will be picked up by other nearby devices, and these will encrypt the location they are in when they receive the beacon and broadcast it to Apple.
- This information is heavily encrypted and secured by the Apple ID of the original user, which means Apple cannot read or understand the location or have information on a finding device.
- The user of the Mac can log into the Find My app, download and decrypt the location data, and find their Mac on the Map.
Apple explains that the finding devices will not seek the beacon message until they are doing this kind of transmission anyway, such as when you ask your iPhone to look for Bluetooth headphones or when the device wakes from Sleep.
During the conference, Tribble revealed another way in which Apple strives to protect end user privacy: App reviews.
He said around 40% of the 100,000 apps submitted to the App Store every week are refused, often on privacy grounds. Those grounds may include apps that request unnecessary permissions.
Voice Control – Control your Mac with your voice
Apple’s new assistive technology, Voice Control, lets people who can’t operate traditional input devices control their Macs entirely with their voice.
This relies on Siri speech recognition tech, but what’s important is that at no stage is information about the user or what they are trying to do shared with Apple using the feature.
Enhanced Mac security: Gatekeeper
macOS Catalina now checks all apps for known security issues, while new data protections require all apps to get user permission before accessing user documents, a process that can now also be managed on Apple Watch.
The app security check is now mandatory and is called App Notarization.
Developers will be required to submit their app for a malware check by Apple. If their app checks out, they will receive a ticket that can be attached to the app to show Catalina Macs the app is OK to run.
The idea is that apps acquired from the App Store or online will all be secure and malware-free. It will still be possible to override this protection in order to install a non-notarized app, but this will be the default setting.
A little more protection
macOS Catalina introduces a range of additional protections for your files. The system will try to ensure apps have your permission before they can access files in the Documents, Desktop, or Downloads folders, or those stored on removeable media, iCloud Drive, or other cloud storage providers.
This won’t necessarily involve burdensome prompts, your Mac will instead try to figure out your intent – so if you are in an app, save something, and later want to open it in the same app, the system will assume this is OK. Similarly, if you’re using an app and navigate the standard, open and save dialogues through your file or folder structure and pick a folder or file to open, there’s going to be no security prompts to confirm that action.
However, apps (such as pro video creation and asset management tools) that root through your data in the background may require a prompt.
The idea is that in the event some malware happens to sneak onto your Mac, the amount of damage it can do in terms of stealing or destroying your data is severely limited.
What happens on the device, stays on the device
Apple continues to invest in on-device machine learning and offers developers models for vision, language sound, and speech that they can use in their apps.
Core ML 3 supports more types of advanced, real-time machine learning models and allows developers to update machine learning models on-device using model personalization.
The idea is that users will benefit from AI, but not at the cost of privacy, as analysis takes place on the device.
Photos is a great example of this. It introduces a range of image presentation and enhancement technologies, all of which rely on machine learning models stashed inside Apple’s neural engine on the device itself. The result? You get the convenience of AI, but information about you is not shared.
You can find some more on privacy and security at WWDC here.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.