Skip to main content
banner image
venafi logo

Apple iOS14 Boosts Privacy, but Can You Rely on Encryption Alone? [Encryption Digest 50]

Apple iOS14 Boosts Privacy, but Can You Rely on Encryption Alone? [Encryption Digest 50]

iphone-ios14-update-enhances-privacy-and-security-encrypted-messages
October 23, 2020 | Alexa Hernandez

If you’ve already downloaded the latest Apple iOS update, you’re undoubtedly loving the new interactive Home widget, customizable app icons, Picture-in-Picture mode, and similarly adorable new features. But as is always the case with Apple iOS rollouts, the star of the show should really be all the security and privacy enhancements packed into the latest release.

Yet even these innovative new features can’t keep users from wondering whether App Messengers and encrypted communications are truly as safe as they think. Recent events that saw the FBI intercepting plans of criminal activity do expose some uncomfortable truths. One organization that’s looking to bolster its credibility with users is Zoom, with the long-awaited release of end-to-end video encryption.

Apple iOS14 Boasts Major Privacy and Security Enhancements

Before we dive into encryption concerns, let’s look at privacy improvements such as how iOS14 enhances your ability to prevent specific apps from tracking your exact location, as well as having access to your entire photo library. Previously, users were limited to giving apps access to their specific location or blocking their location altogether. Location requests now include a Precise: toggle.

While easy to overlook, this addition is huge. When switched on, apps will have access to your precise location just as before. But tap it to switch off, and the app will only have access to your general location. This allows you to enjoy the benefits of seeing stores and restaurants near you without having to compromise your precise location. If you go into your iPhone Settings and choose Privacy > Location Services, you can make these specifications with every single one of your apps.

Apple seems to be moving in a direction that rejects an “all or nothing” approach with app access. Up until now, users were forced to grant apps access to their entire photo library just to upload a handful of pictures. A new privacy feature of iOS14 grants the ability to handpick specific photos and videos to give an app access to, while protecting the rest.

iOS14 also introduces a new password monitoring system. Under Settings > Passwords > Security Recommendations users can view all passwords that Apple has deemed too easy to guess, possibly compromised in a data breach, used too many times, or otherwise unsafe.

Do You Depend on Message Encryption for Private Communications?

Recently, the FBI arrested a group of men for conspiring to kidnap the Governor of Michigan. It’s a total relief that this plot was avoided and nobody was hurt, but the manner in which it was thwarted has raised some eyebrows. A confidential informant gave the FBI access to a messaging thread where the men made their plans, and this allowed the FBI to stay in the loop even after the group switched messaging apps.

Encrypted messaging works to “scramble up your messages as they travel across cellular communications systems and the internet to get to the intended recipient” (cnet). This means, in theory, the only parties that should have access to an encrypted message are the sender and the receiver. But as the incident with the Michigan Governor demonstrates, there are plenty of loopholes that users must take into consideration.

Messages sent on an encrypted service can be widely distributed once shared with a third-party, which is how the FBI foiled the kidnapping conspiracy. For all the positive updates that come with iOS14, the information stores on iPhones are only encrypted when the device is locked. If someone is able to guess your password, or if you don’t keep your iPhone locked, it’s essentially exposed. Another common form of malware called stalkerware has become dangerously popular for people wanting to spy on partners, spouses or exes.

Additional Steps to Keep Your Mobile Device Secure

Loopholes for accessing secure communications may be a good thing when it comes to law enforcement stopping criminal activity in its tracks, but they may be worrisome to a public that generally relies on the encryption and security of their devices to keep private communications private. Luckily, there are some steps you can take to bolster your security.

iPhone users should always keep it locked, and take advantage of Apple’s 6-digit passcode.  Android phones do require the additional step to manually enable disk encryption, but this option combined with a locked phone should keep things secure.

Always opt for unique, hard-to-guess passwords. If you currently use your pet’s name or mom’s birthday, yes, we are talking to you. Additionally, you can regularly run checks for malware that may have infected your phone behind the scenes.

Protecting enterprise devices? See how Venafi Endpoint Protect can help you install and protect machine identities on mobile devices.
 

Related posts

 

Like this blog? We think you will love this.
microsoft-office-macro-ban-backtrack
Featured Blog

Microsoft Backs Off Internet Office Macro Ban [Update]

Microsoft disabled macro years ago by default

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Alexa Hernandez
Alexa Hernandez

Alexa is the Web Marketing Specialist at Venafi.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more