The Latest Security Features in iOS 11: Part Two
Recently, in episode 66, we looked at the latest security features Apple has built into macOS. Last week, we began to explore what’s new and different in iOS 11. While the basics of iOS haven’t changed in some time, time and different development approaches mean that all kinds of features transform behind the scenes with every update. We looked at the innovative FaceID system, improvements to backup security, and new physical security features. This week, we’re returning to the topic of iOS 11 for one more dive into what’s new. Today we’ll hit:
- Better tracking cookie prevention efforts
- Improvements to photo privacy
- and a potential step backwards with the Control Center.
We’ll start with a look at how Apple is helping cut down on the creepy ways advertisers track your habits.
iOS 11’s tracking prevention improvements
Picture this scenario: you’re browsing the web like normal, and something on TV or an article you read piques your interest. It might be a product or a place or something else entirely, but you do what we all do today when we get curious: you go to Google, or maybe you look it up on Amazon. You plug in your search term, read up on what you want to know, and then go back to what you were doing. For the next few days or even weeks, you see ads for or related to that item everywhere you go. Have you ever experienced this? You’re not imagining it — these ads really are following you around based on what you looked up. You can thank tracking cookies.
We’ve hit online tracking before on The Checklist, so if you want to dive deeper into that subject, head into the archives to Episode 16. For now, though, let’s go over a quick recap on what tracking cookies are and how they work.
When you visit websites — in these days, pretty much any website at all — small bits of data called cookies get put onto your computer in a special folder your web browser uses. These cookies can keep track of a lot of important and useful things. For example, the first time you land on a page, you might see a special splash page welcoming you or advertising a sale. When you visit again later, a cookie tells the website you’ve seen the page already and don’t need the same splash graphic. Cookies also keep a record of your online shopping carts, so you can quickly resume your shopping if you close the tab by accident. They’re also widely used to keep users logged in to their accounts.
However, advertisers can use these cookies as well. When searching for a product or certain key terms online, advertising companies will create a tracking cookie that records that search term and tells their ad network to show you ads for that particular product. This will happen any time you hit a website that partners with that advertiser. Since there has been a large amount of consolidation in online advertising in recent years, that means you can see the same ads in all kinds of places. It can be a little unnerving and even unwanted — it feels like an invasion of privacy to many people.
One of the ways to take care of tracking cookies is to simply block all cookies completely. However, this is a brute force approach, and it often breaks your web experience more than it improves it. You might also choose a careful whitelist approach, specifically adding only the websites that you want to trust with cookies. This, too, has its drawbacks, as it can be time-consuming and frustrating to manage your trusted sites. In iOS 11, Apple has come up with an awesome way to take care of this problem for users with a brand-new feature called Intelligent Tracking Prevention. The best part? It’s enabled by default — so there’s nothing you need to do besides upgrade to iOS 11.
So how does it work? The method is ingenious because it uses a tracking cookie’s own functions against itself. It might sound like something straight out of fiction — like using an enemy’s strength to exploit their weakness — but that’s exactly how it works. To work, a tracking cookie needs to be stored on and interact with a third-party server; otherwise it won’t work correctly. Apple exploits this functionality by separating cookies by their origin.
First party cookies, or those issued by the domain of the site you’re visiting, receive different treatment than third-party cookies, which are the ones hosted on a different domain altogether. First-party cookies continue to work as normal, since their uses are all proper and normal. Intelligent Tracking Prevention allows any cookie to function in a third-party context for 24 hours after creation. Afterward, they no longer function outside of a first-party context. At 30 days, the system purges these cookies altogether. The result is that the cookies you need and want to use continue functioning, while tracking cookies lose their utility to advertisers almost immediately.
Ad agencies aren’t alone in tracking users, though; apps try to do it, too. iOS 11 takes steps to prevent the improper tracking of a user’s physical location via GPS as well. In previous versions, users could only allow or disallow GPS access in an all-or-nothing approach. Only if the app supplied the “only when using” option could you exercise greater control over GPS usage. As a result, some apps have been found to be engaging in shady tactics like tracking user locations even when the app wasn’t in use. Apple has decided to crack down on this behavior and has made the “only when using” option mandatory for all apps that want location access. Combined with the active notice displayed at the top of screen when an app is using your location, these are positive steps forward for user privacy on iOS devices.
Better photo privacy for all users
Putting users in greater control over their privacy on iOS is a major goal for Apple. With that in mind, they’ve also turned their attention to other areas of the operating system to shore up protections. Think for a moment: how many apps have you given permission to access your photos? For most people, the answer is at least one, if not more. There’s usually no nefarious reason for this request — it’s usually done so the app can use the camera to take pictures and save them to your device or to access older pictures for editing. That’s typical behavior for apps like Facebook, Instagram, Pinterest, and many others.
While it’s a common request, it’s also a potential avenue for abuse. Before iOS 11, photo permissions were also an “all or nothing” setting. There wasn’t a way to fine tune your control over an app to determine what you want to allow them to do once they have access to your pictures. It was simply a matter of trust — you just pressed yes and hoped that the app developers wouldn’t try to look through your photos or secretly send them off to a third-party server without telling you. Now, though, you no longer have to face this difficult dilemma as to whether or not to give photo permissions.
Apple’s choice has been to empower developers to participate in better privacy practices. Now, an app creator can choose to request write-only access — so all it can do is take and save photos to your camera roll. It tells your phone “It’s okay, I don’t need to access your pictures, I just want to add to them.” That’s useful for lots of apps that offer enhanced photo functionality, like some of the neat apps that are playing with the new Portrait Mode on iPhone X. By reducing the number of apps that look for wholesale permission to get into your pictures, Apple can improve your privacy.
Some backend changes have been made, too. In old versions, giving an app permission to access your camera roll was everything or nothing like many of these other old features. If you wanted to just put up one cute cat picture on Instagram, you’d have to give the app access to all your photos. Apple chose to remove that step and instead turns it into an individual user action. When an app wants to access a picture or video, iOS will prompt you to select which one you’d like to use. The operating system then handles transferring the data to the app, so no developer can let their software access all your photos anymore. That should give everyone some extra peace of mind!
While we’re discussing privacy issues surrounding the camera, we should note that Facetime has gotten some positive tweaks for privacy in iOS 11, too. Apple’s goal is to let people know more about how their image might be used when Facetiming. Now, when you’re having a Facetime chat, you have the option of taking a Live Photo to record a particular moment from the call. This is a cool feature that only works if both you and your Facetime partner have the setting enabled. When a user takes a Live Photo, both call participants get a notification about it — an important privacy signal. While this doesn’t stop someone from taking a screenshot of you surreptitiously, you do at least know that photos are taken during FaceTime sessions.
A change in the Control Center
While all the changes we’ve discussed today and last week have been for the better, there’s one difference in iOS 11 that’s a step backwards overall. We briefly touched on it previously, but since then it has become clearer that Apple actually intended the behavior we’re about to discuss. We’re talking about the Control Center, and in particular, its buttons for toggling Wi-Fi and Bluetooth connectivity.
Before iOS 11, turning off these wireless technologies was fast and easy. Just swipe up, tap the icon in the Control Center, and return to what you were doing — that’s all it took. It reduced the steps necessary to find the right switches in the Settings app and it put more power right at the user’s fingertips. Apple has decided this is no longer the way the Control Center buttons will function. Instead of switching off Bluetooth or Wi-Fi until you’re ready to use it again, the buttons simply disconnect your iOS device from these services for a temporary period. Now you do have to skim down into your Settings to find the specific Wi-Fi or Bluetooth page to fully disable the service.
Why did Apple make this change? We can only speculate. Chances are it was to improve user experiences — perhaps their internal testing revealed that too many people were turning off these services and leaving them off, leading to confusion about devices not pairing or Wi-Fi networks not connecting. In other words, maybe it was too easy for users to turn off these settings — but making it temporary can lead to some security concerns. For example, if you’re traveling and don’t want to connect to unsecured Wi-Fi networks, you might want to toggle your connectivity off. When it automatically turns back on, though, you could connect and become vulnerable without even knowing.
In response to concerns, Apple has added a pop-up message when a user first disables these services through the iOS 11 Control Center. This message informs you that the service will only be disabled until the following day. However, it can still turn back on in a variety of scenarios — such as after a device restart or even when you move to a new location. It’s concerning that Apple may be giving users a false sense of security when they believe they’ve completely disabled these settings; even with the warning, it may not occur to users that they could still be able to connect to a network. Going forward, we suggest you keep this change in mind, especially when you’re on the go with your devices.
Alright, that now wraps up our two-part look at the latest additions and tweaks to iOS 11. Apple has already released a few incremental versions and will surely continue to make changes as we slowly progress towards whatever ultimately becomes iOS 12. When we reach that point, you can count on being able to find out all about it right here. Need a refresher on something we discussed today or want to revisit an older topic? You can easily find all our previous episodes and show notes right here. As always, we’re always looking for your questions, comments, and even ideas for new episodes. Send us an email at Checklist@SecureMac.com to let us know what you want to know.