Apple 2022 year-in-review and 2023 challenges
Apple had an eventful year in 2022. Some of it was good, some of it not so good. In this post, we’ll take a look at three major developments for Apple over the past year, reflect on what they tell us about the company’s challenges in 2023, and say what it all means for user security and privacy in the future.
Apple tackles authentication
Perhaps the biggest Apple security story of 2022 was the company’s rollout of passkeys, a secure way to sign in to apps and websites without using passwords.
Developed in collaboration with the FIDO Alliance and other tech companies, passkeys solve many of the security problems associated with traditional passwords in a safe, cross-platform, user-friendly way.
Apple 2023 challenges: Passkeys are exciting. But we’re not going to be living in a passwordless utopia immediately. Passkeys rely on individual developers to support them, so universal adoption will take some time. In 2023, Apple will need to help developers implement passkeys, and continue its own work towards more secure logins and cross-platform credential management.
The outlook for users: In general, things are going to get better—and easier—when it comes to authentication on Apple devices. But expect some switching pains at first, especially among less tech-savvy folks. If you have friends and relatives that fall into that category, take a moment to show them how passkeys work!
Apple loses the fight over USB-C
In 2022, Apple finally lost the fight over USB-C in Europe. New European Union legislation mandates that by December 2024, Apple will have to abandon Lightning ports on devices sold in the EU in favor of USB-C.
The law is intended to reduce e-waste and make things easier for consumers. But the larger significance here is that international legislation has succeeded in driving technology changes at Apple.
Apple 2023 challenges: After losing the battle over hardware interoperability, Apple will find itself on the defensive in other areas as well. Currently, there are proposals to require tech companies to expand device repair options for consumers (so-called right-to-repair laws). More significantly, there are also calls to open up the App Store—giving iOS users the ability to install iOS apps from alternative app stores and websites.
The outlook for users: Hardware interoperability and right-to-repair are good things for users. And an open iOS app marketplace would arguably give iPhone owners more control and customization of their devices. But Apple’s argument against all of these things has always been user security, and there is some merit to that argument. iOS app sideloading in particular might expose iPhone users to a greater number of malicious apps and shady developers. If that happens, iOS users will need to educate themselves about threats and download safety in the same way that Mac users do now.
Apple expands E2EE for iCloud
At the end of 2022, Apple announced that it would greatly expand end-to-end encryption for iCloud. The new feature, called Advanced Data Protection, extends E2EE to iCloud backups, iCloud Drive, Photos, Notes, and more.
This means that for almost all types of user data stored on Apple’s servers, it will be possible to encrypt that data in such a way that no one but the user—not even Apple—will have the ability to read it. In the unlikely event of a breach, the scrambled data will be useless to the hacker. And if anyone tries to force Apple to hand over user data, they literally won’t be able to comply.
Apple 2023 challenges: The expansion of E2EE may put Apple in the crosshairs of governments and law enforcement agencies. These groups want backdoor access to users’ private conversations and other data to use in criminal and national security investigations. Previously, they had the option of asking Apple for access to users’ iCloud backups with a warrant, but with Advanced Data Protection, that’s no longer possible. The FBI has said that it’s concerned about user-only access, and encryption is already a topic of debate in Europe. Apple may face pushback over its embrace of end-to-end encryption.
The outlook for users: The fact that end-to-end encryption is now available for iCloud backups is excellent news—and not just for Apple users. In the words of Johns Hopkins professor of cryptography Matthew Green, “Apple sets the standard on what secure (consumer) cloud backup looks like. Even as an opt-in feature, this move will have repercussions all over the industry as competitors chase them.” It may not make the FBI happy, but all things considered, better encryption means better security and privacy for the average user.
