Top Security Features Apple Announced at WWDC
Amidst hundreds of new iOS, watchOS, tvOS and macOS features announced, it was the security ones that told Apple’s story best to me. Apple’s narrative as the security and privacy-focused company continues to solidify. In the same way that Google cannot suddenly stop tracking our search and email data, Apple cannot stop paving the way to better secure our devices and lives. Here are the top security and privacy features that Apple announced at this year’s WWDC.
It’s not all in the cloud
One of the most impressive demonstrations of the conference was when Apple’s senior vice president of Software Engineering, Craig Federighi, demonstrated iPhone iOS 10’s ability to sort and search through entire photo libraries all on device. He claimed that each photo requires 11 billion computations in order to recognize scenes and objects in addition to faces. So in iOS 10, users can ask Siri to show them all pics containing Aunt Gertrude standing in front of a mountain, for instance.
Of course critics say that companies like Google and Facebook have been doing photo recognition of this magnitude for a while now and that Apple has fallen behind in the AI race. But Apple leapfrogged these claims at this year’s WWDC by announcing not only an advanced object recognition system but one that works without the use of the cloud and deep learning networked servers. It’s doubtful that a company other than Apple could pull this off even if they wanted to. Since Apple has complete control over the hardware (they designed their own A9 ARM-based silicon) and the operating system, they are in a unique position to deliver maximum performance enhancements wherever they want. And by keeping all of this photo metadata and object recognition data on an encrypted device like your phone, they minimize points of attack that others could suffer from. Once again, Apple responded to AI criticisms by doubling down on security all while introducing new features.
I might be a cybersecurity expert but some of the math going into differential privacy is still over my head. This is not a new concept but Apple has given new life to it by promoting it in this year’s biggest developer conference. Essentially, differential privacy is a technique that allows Apple to see patterns in mass data analysis by introducing noise and then extracting out only the patterns that matter while the noise cancels itself out. It’s Apple’s own approach to something like Google’s anonymous data approach, but the difference is that differential privacy cannot be reverse engineered to reveal the participants.
In a post-keynote interview with John Gruber of Daring Fireball, Apple’s senior vice president of worldwide marketing, Phil Shiller, called Google’s promise of privacy, “crap”. He went on to describe a scenario in which certain anonymous data points could be collected and engineered to reveal each user of those data points. In the case of differential privacy, the user can never be revealed through the collection and manipulation of that data, it’s mathematically impossible. This is similar to how encryption works and what cryptologists have been trying to explain to law enforcement agencies ever since Apple began their fight with the FBI over the terrorist’s iPhone data.
Encryption from the ground up
And speaking of encryption, Apple also introduced their own APFS (Apple File System) for all Apple products. This is a longer term migration so they gave a preview to developers so that they can start thinking of how to integrate this new file system and replace the aging HFS+. Besides the benefits of scaling between every Apple device from Apple Watch up to the Mac Pro and being optimized for Flash/SSD storage, APFS is engineered with encryption as its primary feature.
9to5mac gave a great rundown on the benefits of APFS including native encryption support for file system metadata. There are also multiple levels of encryption support. It’s not something users need to be concerned with, but developers looking to secure user data and their own apps will surely adopt APFS. For example, APFS supports multi-key encryption which keeps data secure even if it physical security is compromised. Remember the whole FBI kerfuffle that led to them hacking the terrorist’s iPhone 5c without Apple’s help? They were able to do this for 2 reasons, they had physical access to the iPhone and paid an anonymous security firm to teach them how to crack it. Had this new APFS been in place on that phone, the FBI (and likely no one else) would have been able to crack it without the key. It would seem that has Apple has kept their vow to increase security measures and the new APFS is just the ticket.
All about the continuity
Apple also introduced some clever features as part of their push for continuity. Continuity is simply Apple’s way of locking in customers to the Apple ecosystem of computers, mobile devices and wearables. Using the new macOS Sierra, users will be able unlock their Macs simply by sitting down in front of the computer while wearing an Apple Watch. No password entry necessary and no unsecured bluetooth dongle or handoff to fool the security. In that same interview with John Gruber of Daring Fireball, Federighi also revealed that Apple is actually making incredibly precise ‘time of flight’ measurements from device to device. They are measuring Wi-Fi signal speeds so they know when your watch is 5 feet away from the computer versus 15 feet away and they also know if that connection is being handed off from another device nowhere near your Mac.
Customer lock-in has always been a successful business model for tech companies but it appears that Apple is counting on this same strategy to also secure and privatize their customers’ data as well. Let’s hope their technology and marketing message continue to stay on the same course too.