iOS 9 is finally here, and rolling out several security improvements, under-the-hood refinements and developer-designed features that promise better user privacy and security.
In a bid to boost security, iOS 9 stacks up nine useful features. Here is an overview:
- Improved two-factor authentication
Apple improves two-factor authentication by building it directly into iOS. The operating system “uses different methods to trust devices and deliver verification codes, and offers a more streamlined user experience,” Apple said. “The current two-step verification feature will continue to work separately for users who are already enrolled.”
- Six-digits passcodes
The passcodes you use on your Touch ID-enabled device will have to be six-digits long, to counter brute forcing attacks.
Several key developer-related features introduced in iOS 9 focus on developing safer, privacy-friendly apps.
- Mac Address Randomization
Randomizes MAC addresses to prevent intrusive location-tracking via Wi-Fi networks.
- VPN open-source API
Allows tunneling device traffic via a custom VPN service to prevent people, governments and companies from eavesdropping or tracking your location, much like Tor.
- HTTPS-enforced connections
A new feature called App Transport Security (ATS) encourages developers to implement HTTPS to secure communication between apps and web servers. Apple also enforces the newest security protocols and standards (TLS 1.2 and PFS cipher suite) on app developers.
- Certificate Transparency
Apple’s SSL library (SecureTransport) has support for Certificate Transparency. This reduces the chances of users being duped with mistakenly or maliciously issued certificates.
- Safari 9.0 Updates
The Safari extensions are now hosted and signed by Apple, which means users can trust their authenticity. Also, a new content-blocking functionality embedded in the Safari browser will block cookies, images, resources, pop-ups and other content.
- Open-sourcing crypto-languages
Labeled ‘the most-loved programming language of 2015,” Swift is used to develop iOS apps. By making Swift open-source, developers will soon be able to develop iOS and OS X apps on non-Apple systems and have assurance of 100% compatibility.
- Admin vs. Kernel
It appears that Apple also implemented “Rootless,” a kernel-level security feature that limits admins’ access to certain kernel-level files. This makes the system more robust against attacks, advanced persistent malware and jailbreaking software, known to rely on root kernel exploits to do its job.
In view of the above, do you think Apple “cares about privacy”? Are you upgrading to iOS9?