Apple has made a new commercial on the importance of privacy and how their iPhone embraces the concept of privacy matters.
In a time where not only Facebook but many other companies are continually violating the privacy of the people, it is good to see a company that is making strong efforts towards confidentiality. Tim Cook, Apple CEO, made this clear at a conference of European privacy commissioners in Brussels.
At the same time not only the enforcement of privacy believes is not easy but also a privacy-focused device is a commodity that not everyone can afford.
A good privacy statement is nothing without actual implementation and enforcement in all levels of the company.
An by any means you can notice those efforts in privacy and security in Apple’s documentation.
There are many explanations, guides, white papers and transparency reports that demonstrate how Apple operates in the area of privacy.
Still, the road of protecting users is a bumpy one.
Apple for example recently came under fire for its critical bug that let users snoop in a call during FaceTime.
UNLESS THEY FACETIME YOU pic.twitter.com/OHt7340AGG
— SwiftOnSecurity (@SwiftOnSecurity) January 29, 2019
And as much as bugs are inevitable when tech improves in such vast and intricate companies, the biggest issue here was that the flaw was reported by a teen’s mother and no one in the company reacted until it got media attention.
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport…waiting to hear back to provide details. Scary stuff! #apple #bugreport @foxnews
— Michele Thompson 😊✌🏻 (@MGT7500) January 21, 2019
Additionally, Apple has not yet a bug bounty program for Macs, and this makes it harder for security researchers to help improve Mac OS security as there is no reward.
Fortunately, we still get people good people, but in such a profitable company it is not acceptable that there is no tangible incentive to do so.
I’ve decided to submit my keychain exploit to @Apple, even though they did not react, as it is very critical and because the security of macOS users is important to me. I’ve sent them the full details including a patch. For free of course.
— Linus Henze (@LinusHenze) February 28, 2019
But what is indeed broken is the app review process, for both Mac and iPhones.
Apple has not a clear way to enforce its privacy guidelines in such a crucial process.
As a developer, you need to follow specific security and privacy standards when you develop an app, but such measures can be bypassed.
Zack Whittaker reported at TechCrunch that many apps secretly recorded your screen without asking for consent.
Or Companies like Trend Micro were caught stealing user data, like web browsing history without the knowledge of its users. Trend Micro denied any wrongdoing, but it is curious that the apps didn’t reappear on Apple Store.
Fortunately, there are still companies that cover this gap creating fantastic tools, like Oversight for MacOS, that will monitor any process that initializes your microphone and camera.
Or Guardian app the first smart firewall for iOS, as advertised on their web page.
Objective-See tools are free, but the Guardian app comes with a monthly cost for users.
So again, privacy, in terms of apple, is a commodity only for the ones that can afford it.
And for the ones that can it is not always a smooth journey.