Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

Apple Boosts Security in iOS 12, macOS Mojave

At its Worldwide Developers Conference (WWDC) 2018 this week, Apple shared information on the security improvements that iOS 12 and macOS Mojave are set to bring when they arrive this fall.

At its Worldwide Developers Conference (WWDC) 2018 this week, Apple shared information on the security improvements that iOS 12 and macOS Mojave are set to bring when they arrive this fall.

While previewing the next platform iterations at the event, Apple revealed features that will change the overall user experience on both mobile and desktop devices, but also presented enhancements that should improve the overall privacy and security of its users.

One of the main changes impacts the Safari browser on both iOS and macOS, which will soon deliver improved Intelligent Tracking Prevention capabilities, preventing social media buttons (such as “Like” and “Share”) from tracking users without permission.

“Safari now also presents simplified system information when users browse the web, preventing them from being tracked based on their system configuration,” the iPhone maker says.

Other features the company previewed for the upcoming platform iterations include end-to-end encryption for Facetime group calls and password managers integrated into macOS and iOS, to help users employ stronger passwords, store them securely, and automatically enter them when needed.

“Safari now also automatically creates, autofills and stores strong passwords when users create new online accounts and flags reused passwords so users can change them,” Apple said.

On macOS Mojave, new data protections will require applications to ask for user permission before using the camera and microphone or before accessing personal data such as mail history and messages database, the tech giant also says. This should prevent malicious software from spying on users.

To further strengthen user privacy, Apple also appears set to roll out a USB Restricted Mode in iOS 12, a feature that was initially noticed in iOS 11.3 beta, but later removed, only to be introduced in iOS 11.4 beta again.

With this new feature, an iPhone connected via USB to a computer (or to an USB accessory) will ask for the passcode every week, or it will lock down the Lightning port in charge only mode, thus preventing access to the data.

“To improve security, for a locked iOS device to communicate with USB accessories you must connect an accessory via lightning connector to the device while unlocked—or enter your device passcode while
connected—at least once a week,” Apple described the feature in iOS 11.3 beta.

As ElcomSoft’s Oleg Afonin pointed out last month, this means that law enforcement agencies attempting to retrieve data from a suspect’s iPhone will only have a small window of opportunity before the device locks down. The same applies to thieves and anyone else targeting that data.

The new feature appears as a reaction to a clash with the FBI a couple of years ago over the unlocking of the San Bernardino shooter’s iPhone. The legal battle eventually sparked a debate between supporters of backdoors in user products to facilitate criminal and national security investigations, and those who want data to be properly protected.

Later this month, as part of iOS 12 public beta, users will also take advantage of increased control over notifications, and will get detailed information on the time spent on the phone, courtesy of a new Screen Time feature. There’s also an App Limits feature to limit the time spent in an app, which gives parents more control over their children’s use of a mobile device.

Related: Apple Touts Privacy Features of New Operating Systems

Related: Apple Patches Dozens of Flaws in macOS, iOS, Safari

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...