Posted October 11, 2018
It's finally here! On September 17, Apple introduced iOS 12, the latest version of the operating system that enables our iPhones and iPads ticker. Packed with lots of new features, it's more for iOS 1
- Slick new security enhancements
- Privacy and security changes
- What can you do with iOS 12 right now
So what do you need to know about what's new? in iOS 12?
Slick New Security Enhancements
Most of us just know how important two-factor authentication can be when it comes to keeping our accounts safe and secure from prying eyes. Even if someone manages to steal your username and password in violation of data, they will not be able to access your account if they can not get the one-time password sent to the phone when 2FA is enabled. Although it's not an impenetrable wall, it's an excellent way to secure accounts and apps right now. However, it can be a little annoying to use.
Let's say you sign in to the bank's website on your phone and when you enter your password, the bank will send you a login code. If you were not quick enough to remember the numbers before the message banner disappeared, switch to your message folder, copy the code, return to the browser, and then paste or type it into the two-factor field. Not only time-consuming, but sometimes it may create enough frustration as you wish you did not have to handle it at all. With the new security code autofill feature in iOS 12, you do not have to worry about it anymore!
Now, when you receive your two-factor code from the bank via a text message, if you're still on the login screen requesting the code, your iPhone will automatically paste the numbers. That's correct: iOS will automatically detect the presence of a two-factor code and deliver it to the site or app that needs it without further interaction on your part. It's so simple! Studies have shown that there is an abysmally low adoption factor for two-factor among most users, with ease of use is the biggest complaint people have. With this new iOS feature, Apple took an important step towards encouraging more widespread adoption.
There are some concerns about it, but first and foremost from researchers in Europe. Over the dam, the banks confirm the validity of transactions ordered from user accounts by writing a one-time code known as a transaction activity number. This number must then be placed in a form on the bank's website or app, confirming that a user wishes to send a particular transaction. Someone is concerned that Security Code Autofill can take this information and present it in a potentially vulnerable way – but for now there is no clear indication of risk, and US users do not have to worry. This is something to keep an eye on, though.
Next Up: Apple makes a move in iOS 12 to eliminate all your excuses for not using strong passwords. For a while now, iCloud Keyring has been able to suggest a password for you to use when you create an account on a webpage in Safari. Apple has gone two steps further now in an effort to reduce the problems that weak passwords often create. Firstly, automatically generated passwords generated by the key ring will be stronger, with a more complicated generation method and more variation regarding strings it produces. More importantly, though, Apple has made two other changes: better integration for password management applications, and built-in duplication of detection.
In the latter case, if you primarily use keychain as a method of secure login logging on iPhone, now you can see where you have used your password. Everyone who listens to the checklist for a while, knows that this is one of our most recurring advice: Do not use passwords at any time! Every service you use should have its own separate, unique password. When you see your saved keychain password now, you'll notice a small alert icon near entries containing duplicates. This is your hint to change them immediately.
Are you talking about password management, are you a big fan of 1Password or similar service? The convenience they offer is hard to beat, but so far there has been no direct way to access password heels in the same way as keychains. It changes with iOS 12, which now lets you adjust your settings to include access to password manager vaults right on the app or website. You simply click on the query that shows a photo of a key and the word "Password" to access the vault. With iOS 12, it's easier than ever to protect your online presence and log in safely.
On top of all this, Apple also included many bug fixes and vulnerabilities in this version of iOS. In fact, there are so many problems that it would be worth the upgrade, just to make the phone safer on this basis alone. Some of the biggest errors broken in iOS 12 include:
- An error in iTunes in iOS that could have allowed the guys to make fake password messages after a user visited a site with the malicious code lurking on it
- A Vulnerability which would have given anyone who has direct access to the device, an exploitation to display messages you had already deleted
- A similar error that affected deleted notes and even browse stories
- And dozens of league opportunities and loopholes that would Allow ne's do-wells to run arbitrary code, steal data or access parts of your system that should remain restricted.
We could probably acquire an entire show just to investigate the security fixes implemented in iOS 12 – but you could just so easily see Apple's changelog for yourself to see the laundry list with reasons to hit the "update" button today.
Privacy and Security Changes
Security is not the only thing iOS 12 does better than its predecessors. In addition to making it easier to use the Web safely, Apple has continued to respect its commitment to users' privacy, ranging from full deployment of USB-restricted mode, something we have occasionally discussed at the show, to several other privacy and security-related functions. USB limited mode has appeared on the show sometimes, but if you missed it, it's a short update:
Apple began to develop this mode after it became clear that third-party devices like GrayKey were used by police to break into iPhones that were locked with a password. Because it is still unclear exactly how these "black box" units work, Apple chose to close its primary infiltration route: Lynport. With USB restricted mode, "USB Accessories" can not transfer data over Lynport after 1 hour has elapsed from the last time you unlock the phone. You can still charge the device, but do not use any accessories.
Now with iOS 12, Apple not only talks more about the setting, but has gone as far as possible to enable it by default. Despite (or perhaps because of) the fact that law enforcement agencies were those who used GrayKey (see Episode 88 of The Checklist, GrayKey's Anatomy), they say that it's just another feature that's meant to be done users safer. Apple told TechCrunch the following:
" We continuously strengthen the security of all Apple products to help customers defend themselves against hackers, identity thieves and interference in their personal data. We respect the law enforcement and we design not our security enhancements to frustrate their efforts to do their job. "
For whatever reason, you can now be assured that if your locked iPhone falls into the gale hands, you do not have to worry that someone breaking into it – for now.
What more? Browsing becomes more private than ever and it is in the wake of some already significant improvements Apple has made in previous revisions of iOS. Cookie tracking, the annoying little pieces of data advertisers use to see where you go online so that they can target you more effectively, have already been locked in Safari on iOS for some time now; many are blocked by default, and cookies made by sites you trust are only kept for 30 days.
But social media giants like Facebook have another way to track you online: the ubiquitous "part" and "like" buttons you see virtually anywhere you go online today. Apple says "enough is enough" in IOS 12, completely blocking these boxes and their functionality when you're not directly interacting with them. You get the opportunity to allow them if you use them of course, but you do not have to worry about looking over your shoulder to look at Facebook.
Similarly, Safari will work to put an end to "fingerprints" when browsing the web. Without tracking cookies to be used, advertisers begin to look for other ways to identify the user's habits – and fingerprints, a particular device is a way to do it. Each device has a unique combination of information, from browser type to iOS version and more, that can be used to build a broader profile of your activity. iOS 12 will stricter control the transmission of this information. It will be easier to browse your phone with less concern for accidentally leaking private information!
What can you do with iOS 12 right now
So, with all these changes, what can you do to make your iPhone safer right? now? The good news is that almost all of these settings are already enabled by default in iOS 12, and the new behavior they introduce will be easy to spot. For example, password integration with your administration apps will occur directly in password messages and you do not need to do anything to make sure your browsing in Safari is exactly what Apple intended to be with this release. But for those who like to tinker with settings, there are a few places you can see to make sure everything is as you like.
Do you want to view USB restricted mode, or you need to temporarily disable it to be able to use one of your USB accessories for an extended period of time? Go to the Settings app, and then tap Verify ID and Password. A slider near the bottom labeled "USB Accessories" is what you're looking for; It is disabled, which means authentication is required to use accessories after one hour. Flip switch if you want USB accessories to access all the time, but remember that this mode is not recommended.
Apple has also thrown a convenient auto-update feature, which brings to iOS a tool that's more common on desktop. Now, when the company eliminates bug fixes and security updates between major versions, you can let the phone download and install them all on your own. No more worrying if you have protection against the latest threats! To check the setting or if you need to turn it off to make sure you do not exceed your data plan, select General under Settings, followed by Software Update. The setting can be changed from this screen.
Do not you have a two-factor on your Apple account yet? Take advantage of it and the new security autoclave by touching your Apple account name in Settings, and then go to the Password and Security screen. From here you can quickly activate two-factor. With the amount of info associated with our iCloud accounts these days, 2FA can not harm.
As a last word of advice, if you want to take advantage of the new opportunity to see duplicate passwords stored in keychain, it's easy to take steps to improve your security. Go to "Website and Appwords" under the "Passwords and Accounts" pane, and then connect your keyword. Then you can see all the passwords you let your device manage at the moment. Any sites that have a duplicate password from another post will be identified with a small warning sign – take this as a perfect opportunity to change your passwords and test out the new generation features Apple introduced. In this way, you can enjoy the easy access to your data anywhere without worrying from weak passwords.
With these tips in the bag, we will take this week's discussion in the end. It's certain that we'll see more customizations and changes when iOS 12.1 eventually makes it public, but for now you can enjoy the improvements and additions you can experience right now. If you have not upgraded yet, what are you waiting for?
While tinkering and playing with the new settings you receive when you upgrade to iOS 12, why not take up some episodes of the checklist you may have missed? You can also return to our archives to check out shows on a number of topics we mentioned today, including two-factor authentication, tracking caps, GrayKey and more. In addition to the full featured show notes, you'll find an easy way to listen to every show we've made up to this point – and you'll also find future show there!