histats

Apple makes your iPhone more secure to fight nation-state hackers

Apple makes your iPhone more secure to fight nation-state hackers

Apple ( AAPL ) is increasing its commitment to user security with three new initiatives that it says will protect everyone from the average consumer to high-profile hacker targets such as diplomats and human rights activists.

The new security features — Security Keys, iMessage Contact Key Verification, and Advanced Data Protection — let you do things like make sure who you’re chatting with via iMessage is actually who they say they are and lock their iCloud accounts.

“Our security teams work tirelessly to keep users’ data safe, and with iMessage Contact Key Verification, Security Keys and Advanced Data Protection for iCloud, users will have three powerful new tools to further protect their most sensitive data and communications,” said Apple senior VP of software engineering, Craig Federighi, said in a statement.

Apple says no hacking incidents influenced the decision to create the new security features. In the past, however, organizations such as the NSO Group have sold software that was then used by governments to break into dissidents’ iPhones. The hope is that these improved security measures will significantly reduce such attacks.

Apple will soon allow you to sign in to your devices using physical keys in an effort to thwart hackers.  (Image: Apple)

Apple will soon allow you to sign in to your devices using physical keys in an effort to thwart hackers. (Image: Apple)

Security Keys, which will be available globally in 2023, ensure that you are the only person who can sign into your iCloud account by requiring you to use both your password and a physical key to access the service. Standard versions of two-factor authentication allow you to log into your account by entering your password and then approve the move via text message or a secondary app.

See also  Comment définir et contrôler ce qui se passe lorsque vous démarrez le navigateur

But sophisticated hacking operations can use things like phishing attacks to gain access to secondary apps. In some cases, hackers are able to clone victims’ SIM cards, giving them the ability to receive confirmation texts required to log into accounts protected by two-factor authentication.

With Security Keys, you must connect an actual key to the iPhone, iPad, or Mac associated with your account to authenticate your login. The idea is that by requiring a user to use a physical hardware key, Apple eliminates the possibility that a hacker who stole a user’s secondary app password or cloned their SIM card could gain access to the victim’s account.

The only way to get around the hardware key is to physically steal it from the victim. And since hackers generally want to be as discreet as possible, a real-world confrontation with someone is unlikely.

Apple's iMessage Security can prevent third parties from spying on your messages.  (Image: Apple)

Apple’s iMessage Security can prevent third parties from spying on your messages. (Image: Apple)

In addition to security keys, Apple is launching iMessage Contact Key Verification. The feature, which will be available globally next year, is specifically intended for the kind of nation-state hacks where attackers gain access to the servers that route iMessage messages across the web. While iMessage is end-to-end encrypted, Apple says well-funded hackers can gain access to routing servers and spy on individuals’ iMessages.

To prevent that, iMessage Contact Key Verification provides a popup at the bottom of iMessage telling you that an unauthorized device has been added to the account of the person you’re chatting with.

See also  Piratage de téléphone : comment savoir si votre téléphone a été piraté ? Et que peux tu faire?

If you want to make sure you’re talking to the right person from the start of the conversation, you can also compare your contact verification codes to find out if your contact is who they say they are. Apple says you can share each other’s codes in person, over FaceTime or another secure calling service.

Finally, there is advanced protection for iCloud. The security option, which will launch in the US this year and globally in early 2023, is meant to ensure that your iCloud data is only accessible through your device. Currently, data you store in iCloud is encrypted, but Apple keeps its own decryption key so that if you get locked out of your account, the company can help you get back in.

Apple's iCloud Advanced Protection lets you lock down your data.  (Image: Apple)

Apple’s iCloud Advanced Protection lets you lock down your data. (Image: Apple)

Now Apple is giving you the ability to take those keys back, ensuring that the only way to access things like iCloud backups, photos, notes and health data is through your own device. The purpose of all this is to ensure that even in the event that Apple’s iCloud servers are hacked, your data will not be accessible, as you are the only person with the keys to unlock it. To hackers, it will simply look like an incomprehensible mess.

But here’s the spark. If Apple doesn’t have access to your keys, you won’t be able to turn to them to regain access to your iCloud account if you ever get banned. If so, you’ll need to set up a method to recover your account, such as a recovery password you write down and keep at home or a contact you can contact to help.

See also  Qu'est-ce qu'un portefeuille crypto ? Types de portefeuilles crypto à connaître

Sign up for Yahoo Finance’s technical newsletter

More from Dan

Do you have a tip? Email Daniel Howley at [email protected] Follow him on Twitter at @DanielHowley.

Click here for the latest business news, reviews and useful articles on technology and gadgets

Read the latest financial and business news from Yahoo Finance

Elon Musk goes to war with Apple over App Store fees, moderation

Apple shares fall ahead of the holidays amid protests in China and a crisis in the supply chain

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *