The Apple iOS 7 'security flaw' is only a problem if you make it so

Sep 20, 2013 by Bruce Baer Arnold, The Conversation
It didn’t take long for someone to figure out how to get around the lock screen on Apple’s newest operating system. Credit: Janitors

Are you worried about reporting that the new Apple iOS 7 update – officially released on Wednesday – already has a "security flaw"?

If you're overwhelmingly concerned about security, write your secrets on a piece of paper, place the paper in a safe, wrap the safe in a ton of concrete and then drop it in the deepest part of the ocean. Comfort yourself with the unlikelihood of disclosure and ignore the inconvenience of a trip to the Marianas Trench every time you want to update the secret information.

Don't ever confide information. Don't ever share with the National Security Agency (NSA), the British Government Communications Headquarters (GCHQ) and other government agencies by using telecommunications. Don't use a bank account, given the potential for unwanted disclosure.

Few people will go to those lengths to protect information. Instead many people seek to identify and thereby manage risk. In the we need to recognise that absolute security equals absolute unusability.

What's the flaw?

The user-friendliness that makes mobile phones, pads, laptops and other handy devices so useful results in potential dangers. Not all dangers are equally severe. Some are readily fixed. We thus shouldn't be too frightened by hyperbole about the iOS, the software used in the latest generation of iPhones.

Exploiting the flaw is actually quite complicated. While the steps are easily found online, they require a series of quick, specific actions to access a phone's apps from behind the lock screen.

Easy if you're Rubik Cube expert. More difficult if you're an ordinary human … and Apple's coming to the rescue with a fix.

Technology watchers and enthusiasts have warned that the flaw allows people to illicitly bypass the "lock" on the iPhone screen and thereby gain access to photos stored on the device.

The bypass also enables unauthorised access to the email and social network service accounts (for example Facebook) that the phone's owner uses to share those images. Not everyone has linked their phone to Twitter, Facebook, Tumblr or other services.

Bypassing will thus often result in embarrassment – you really didn't want anyone to see that selfie – but not allow an offender to hijack your email and Facebook page.

An easy fix

The isn't "new". Instead it is a software fault that has been discovered by enthusiasts and will presumably be fixed by Apple, in the same way that flaws in software for a range of devices are detected and fixed.

The reality of consumer software development is that users are part of a security ecosystem. They discover problems – sometimes accidentally, sometimes deliberately. Many software vendors welcome that discovery, but others do not, such as controversy about vehicle protection software.

The iOS 7 flaw reflects the complexity of the software, attributable to Apple's emphasis on usability. It is regrettable but such flaws are inevitable.

Does the flaw pose a fundamental threat? Is it time to throw your new phone in the ocean or ask for your money back? We should be wary about hyperbole.

If you are truly concerned about mobile phone security a simple and practical solution is don't leave the device unattended. Keep it in your pocket or desk or in a bag that isn't accessible without your knowledge.

In the security ecosystem, safety involves you sharing responsibility. Don't expect Apple or government to come to the rescue if you are careless and ask for trouble.

Explore further: Web users reward Palestinian who exposed Facebook flaw

add to favorites email to friend print save as pdf

Related Stories

Georgia Tech uncovers iOS security weaknesses

Jul 31, 2013

Researchers from the Georgia Tech Information Security Center (GTISC) have discovered two security weaknesses that permit installation of malware onto Apple mobile devices using seemingly innocuous applications ...

Recommended for you

Android gains in US, basic phones almost extinct

Apr 18, 2014

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

gopher65
5 / 5 (1) Sep 22, 2013
What a ridiculous article. Putting aside the issues with the author's philosophical stance on information sharing, the issue isn't that there is a flaw with iOS (flaws happen), it's that Apple takes so bloody long to put out fixes for these problems.

Months, sometimes years go by with no fix issued for serious issues. Can you imagine the enraged screams if Google or Microsoft went that long without issuing a fix for a problem like this? And people would be right to call out those companies. Don't jump to Apple's defense on an issue like this. Fixing *any* security flaw should be top priority for them... and it clearly isn't.
Sinister1811
1 / 5 (4) Sep 22, 2013
It still isn't out on the 4S yet :/

What I've heard from a few people is that it looks like the Android.

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

A homemade solar lamp for developing countries

(Phys.org) —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

UAE reports 12 new cases of MERS

Health authorities in the United Arab Emirates have announced 12 new cases of infection by the MERS coronavirus, but insisted the patients would be cured within two weeks.

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...