Security in Apple’s iOS 8

Discussing security and the privacy strengths and weaknesses in the Apple’s soon-to-be-released iOS 8.

As it always does, Apple unveiled the latest iteration of its mobile operating system at the World Wide Developers conference last week. The Cupertino, California computer company is calling iOS 8 “the world’s most advanced mobile operating system.” That claim is obviously debatable, but the platform does include some well-thought-out security and privacy features as well as a significant retooling of the application development environment.

The strongest security and privacy upgrade is also probably the least likely to be noticed by users: media access control (MAC) address randomisation. MAC addresses are unique identifiers that have been widely used to track devices and user behaviour across Wi-Fi networks. Retailers and others reportedly track MAC addresses to learn more about the behaviours of their customers as they connect to and interact with public Wi-Fi networks.

Problematically, many users have no idea this tracking is going on, which means they probably aren’t consenting to it, at least not in the traditional sense.

In iOS 8, iDevices will generate random MAC addresses as they are scanned by wireless networks. The move will quietly make it impossible for retailers to track in-store customer movement and other behaviours. MAC address randomisation is a huge privacy upgrade for many Apple fans who won’t even realise it is happening. 

Another nice security and privacy upgrade will let users establish DuckDuckGo as their default search engine in Safari. DuckDuckGo is an alternative search engine that does not collect user information based on search queries or any other information for that matter. Furthermore, when possible, DuckDuckGo also makes sure that users interact with websites securely via an encrypted HTTPS connection. Searches on DuckDuckGo are more organic – in a sense – because your queries are not tailored to your perceived interested, as is often the case with other engines.

Of course, the release is stuffed full of flashier and more utilitarian features as well. Photos will be shared across all connected devices, users will be able to easily add voice to text messages (which is what I thought phone calls were for), and the company is touting a new and cleaner notification interface. Obviously photo-sharing across devices could present privacy and security issues down the line, but there isn’t much of a security angle there at the moment.

However, some of the new keyboard features along with family sharing, deeper iCloud integration, and the new platform’s clear ambition to attract increased application development could have serious implications.

The company claims its new software developers kit (SDK) as the biggest ever since the App Store’s initial launch, with more than 4000 application programming interfaces (API). If we understand their press releases correctly, these moves along with a new app programming language will likely turn the App Store into a more open, Google Play like atmosphere (however, Apple’s premoderation policy is still in place). On the one hand that will mean more applications. On the other, this will mean further exposure to threats, which may or may not pose a risk to users depending on how Apple handles security in the changed environment.

One of the new developer kits that we’ll be keeping an eye on is “HeathKit”. This will let developers build health and fitness applications better suited to communicate with one another, sharing various sorts of information about users from their workout routines to their blood pressure. There’s been an explosion of health and fitness applications on the market in recent years. However, our interest was initially piqued last month when the United States Federal Trade Commission issued a report warning that these health and fitness apps are bit grabby when it comes to taking and sharing user information. Giving different applications the ability to share this data with each other – even if users are permitting them to do so, in as much as granting permissions actually counts as giving consent – can only exacerbate the problem. To be fair though, if shedding some personal data means you will exercise more, then this is probably a solid trade-off.

HomeKit is another one of these APIs of concern. It will empower developers to build applications that interact with the increased connectivity and “smartness” of modern homes. If you read Kaspersky Daily with any degree of regularity, then you know that home automation systems have a poor track record with security. Apple claims this is all securely paired – likely meaning encryption is used in some way – and configured, but it’s hard to say how secure something is before it hits the open market.

If the new App Store is open for business in the way that Android is, then we may see more malicious applications moving forward.

All in all, this new version really does seem like a complete overhaul of Apple’s existing development environment, which is exciting because it means newer and more innovative apps, including third-party keyboards, widgets, etc. However, it’s a bit frightening as well, because with innovation comes more attack surface and more troubling attacks. As we alluded to above, if the new App Store is open for business in the way that Android is, then we may see more malicious applications moving forward.

If you want to get into the real nitty-gritty of how all this new application development business will impact security – particularly in comparison to Android – then check out the second page of this extensive Ars Technica article by Andrew Cunningham.
Beyond what we’ve already discussed, when using the new keyboard “you’ll see choices of words or phrases you’d probably type next, based on your past conversations and writing style.” In addition to that “iOS 8 takes into account the casual style you might use in Messages and the more formal language you probably use in Mail” and “also adjusts based on the person you’re communicating with, because your choice of words is likely more laid back with your spouse than with your boss.” Altogether, these features mean that Apple will be gathering more information about you, which must count as a detraction from privacy, no matter how convenient. iCloud’s increased file storage capacity means you’ll be storing more sensitive information in a single place, which will increase the need to familiarise yourself with and enable the security features offered by that service. But is also means more avenues to back up and protect your sensitive data as well.

The new Family Share feature will give users the ability to essentially sync their devices with other users they have established as members of their family. Outside the fairly clear risks and further parental control benefits this sort of setup will enable, it also opens up a new potential attack vector – similar to recent reports in which attackers leveraged iCloud access to lock phones. We will be interested in seeing whether or not it is possible for attackers to surreptitiously establish themselves as family members in order to monitor user behavior and steal device data.