Apple (AAPL) is upping the ante on user security with three new initiatives it says will protect everyone from the average consumer to high-value hacker targets like diplomats and human rights activists. man.
New security features (Security Keys, iMessage Ignition Key Verification, and Advanced Data Protection) will let you, for example, make sure the person you’re chatting with via iMessage is who they say they are and lock their iCloud accounts.
“Our security teams work tirelessly to keep user data safe, and with iMessage Ignition Key Verification, Security Keys, and Advanced Data Protection for iCloud, users will have three powerful new tools to protect more of their most sensitive data and communications,” the Apple official said. Vice President of Software Engineering Craig Federighi said in a statement.
Apple says no hacking incidents influenced its decision to create the new security features. In the past, however, organizations like NSO Group have sold software that was then used by governments to break into dissidents’ iPhones. The hope is that these improved security measures will greatly reduce such attacks.
Security Keys, which will be available worldwide in 2023, ensure that only you can log into your iCloud account by requiring you to use both your password and a physical key to access the service. . Standard versions of two-factor authentication allow you to log into your account by entering your password and then approving the transfer via text message or through a secondary app.
But sophisticated hacking operations can use things like phishing attacks to gain access to your side apps. In some cases, hackers are able to clone victims’ SIM cards, giving them the option of receiving the confirmation text messages needed to log into accounts protected by two-factor authentication.
With security keys, you’ll need to connect an actual key to your iPhone, iPad, or Mac linked to your account to approve your login. The idea is that by requiring a user to use a physical hardware key, Apple eliminates the possibility that a hacker who stole a user’s secondary app password or cloned their SIM card could gain access to the account of his victim.
The only way to bypass the hardware key is to physically steal it from the victim. And since hackers generally want to be as low-key as possible, a real-world confrontation with someone is probably out of the question.
In addition to security keys, Apple is rolling out iMessage ignition key verification. The feature, which will be available worldwide next year, is specifically aimed at the type of nation-state hack in which attackers gain access to servers that route iMessage messages across the web. Although iMessage is end-to-end encryption, Apple says well-funded hackers could access routing servers and spy on individuals’ iMessages.
To prevent this, iMessage Contact Key Verification provides a popup at the bottom of your iMessage telling you that an unauthorized device has been added to the account of the person you are chatting with.
If you want to make sure you’re talking to the right person from the start of the conversation, you can also compare your contact verification codes to determine if your contact is who they say they are. Apple says you can share each other’s codes in person, via FaceTime or another secure calling service.
Finally, there is advanced protection for iCloud. Launching in the US this year and globally in early 2023, the security option aims to ensure that your iCloud data is only accessible through your device. Currently, the data you save in iCloud is encrypted, but Apple keeps a separate decryption key so that if you get locked out of your account, the company can help you get back there.
Now Apple is giving you the ability to recover those keys, ensuring that the only way to access things like your iCloud backup, photos, notes, and health data is through your own device. The whole point of this is to make sure that even if Apple’s iCloud servers are hacked, your data won’t be accessible, since only you have the keys to unlock it. To hackers, it will just look like an unintelligible mess.
Here’s the catch, though. If Apple doesn’t have access to your keys, you won’t be able to turn to them to regain access to your iCloud account if you ever get locked out. In this case, you’ll need to set up a method to recover the account, such as a recovery password that you write down and keep at home or a contact that you can contact for help.
Sign up for the Yahoo Finance Tech Newsletter
More Dan
Do you have any advice? Email Daniel Howley at dhowley@yahoofinance.com. Follow him on Twitter at @DanielHowley.
Click here for the latest tech news, reviews and helpful tech and gadget articles
Read the latest financial and business news from Yahoo Finance
Elon Musk goes to war with Apple over App Store fees and moderation
Apple stock slips ahead of holiday amid China protests, supply chain crisis
#Apple #making #iPhone #secure #fight #nationstate #hackers