Dec 08, 2022 12:19:00

Apple announces the addition of three security functions such as adding a security key to two-factor authentication and expanding the encryption target of iCloud

To improve security, Apple has announced three new security features: iMessage Contact Key Verification , Security Keys for Apple ID , and Advanced Data Protection for iCloud .

Apple advances user security with powerful new data protections - Apple

https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/

◆iMessage Contact Key Verification
iMessage is end-to-end encrypted, meaning that only the sender and recipient can read the message, but users who may be subject to cyberattacks, such as government officials, journalists, and human rights activists, are even more vulnerable. This is a function that allows you to confirm that you are only communicating with the intended party so that you can use it with peace of mind. Get automatic alerts when other devices try to intercept conversations between users with Imessage Contact Key Verification turned on.

◆Security Keys for Apple ID
Introduced in 2015 to sign in to Apple ID, two-factor authentication is used by 95% of iCloud accounts. Now you can add a physical security key to your sign-in factor. This increases the strength of two-factor authentication and prevents even sophisticated attackers from breaking two-factor authentication with phishing scams alone.

◆Advanced Data Protection for iCloud
According to Apple, iCloud by default protects 14 types of sensitive data, including keychain passwords and health data, with end-to-end encryption, but the scope of protection is limited to iCloud backups and It expands to 23 types including notes, photos, etc.

Matthew Green, who teaches cryptography at Johns Hopkins University, said of the change, ``For those who see Apple as a leader in security, it feels like something important has happened within the company.'' It seems that Apple, which was hesitant to deploy the function, decided to step on the accelerator.'

This is a big deal. Maybe you don't obsessively follow and tweet about what Apple does all day, like I do.

But for people who watch Apple as a leader in the security space, the feeling I get is that something important has happened in Cupertino.
— Matthew Green (@matthew_d_green) December 7, 2022

Where Apple was hesitant about deploying encryption features last year — maybe even backsliding a bit with CSAM scanning proposals — it now feels like they've decided to put the gas pedal down.
— Matthew Green (@matthew_d_green) December 7, 2022

Related Posts:

Dec 08, 2022 12:19:00 in Security, Posted by logc_nt