At the 2019 World Wide Developer Conference, like clock-work, Apple announced their next generation operating systems, watchOS, tvOS, iOS, OS X, and the new iOS-fork specifically for iPad, iPadOS. Each mew iteration comes with a massive list of new features and updates. However, I am more interested in new privacy features, which always set Apple apart from the competitors.
New Location Controls
Location data is one of the most important data points collected by applications. In iOS 12, there are three (3) options provided to control location data collection: Never, While Using the App, Always. The new iOS, iOS 13, adds another control setting: Once, which allows you to allow the application to access location just once, and that is it. In addition, Apple provides you a setting that prompts you to grant location access each time you use the application. Will this change the “While Using the App” setting?Maybe. Finally, Apple alerts users about applications that have “Always” permissions set. This makes sure that users are aware that there are applications collecting location data in the background.
Photos contain location metadata, stored in its EXIF header. When you share photos, the EXIF header is included, location and all, by default. I have a third-party application to strip off photos’ EXIF header before I share it, but Apple baked this in iOS 13. With iOS 13, it will prompt you whether or not to share the embedded location information on your photos. This is very useful specially when posting photos on social networks!
There are third party applications that exploit the use of WiFi and Bluetooth to find out your location. iOS 13 locks this down further by providing access controls to WiFi and Bluetooth.
The bottom line is, if you don’t want location recorded, there is no location history recorded for days, weeks, months.
HomeKit Secure Video
Home security camera systems often store recorded videos on the cloud. This allows manufacturers to apply image recognition techniques to identify objects and movements, and when necessary, issue alerts to users. To lock down on your personal security video recordings, Apple added a new service with its HomeKit system, Secure Video. It has the same cloud-based video recording. What sets this apart is that the video is offloaded from the camera, image recognition techniques done on the HomeKit hub (an iPad, HomePod, or AppleTV). The video is encrypted on the hub before it is uploaded to iCloud. The storage does not eat up on your iCloud storage, and is kept for several days before it is deleted. I am excited to get the update on my Logitech Circle 2 camera. If only the Wyze cams support HomeKit.
When Apple was announcing this, I was hoping for an Airport re-birth. Unfortunately, it wasn’t. Anyway, Apple is now providing HomeKit firewall services to broadband routers?—?their aim is to protect your HomeKit devices (and the rest of your home network) from malicious attacks. I am waiting for more details, and I am starting to regret my Asus router purchase. The HomeKit Firewall services will soon be baked in Linksys and Eero routers.
Safari has the Intelligent Tracking Prevention (ITP) feature, which is continuously improving. The next version provides more ways to prevent those pesky trackers from getting information from our devices. Safari continues to provide anti-fingerprinting features as well?—?this time, locking down on online browser fonts (frankly, I block these fonts forcing web content to downgrade to a default font).
Sign In With Apple
We are all familiar with Sign In with Facebook or Google or Twitter when signing up on online services and applications. The other day, I was thinking of an alternative service to use for an online service that we are developing?—?hoping that ProtonMail.ch can provide this service to ensure that there is no tracking. Yes, all applications that use Sign-in with Facebook/Google/Twitter tracks you, and in some cases, even siphon off more of your data from the third-party application (think health data, like menstrual cycles, being shared to Facebook!).
Apple, in a surprising move, announced Sign In with Apple, a cross-platform service that extends the privacy-oriented user verification and authentication from AppleID to others, including Windows, Android and the Web.
Sign In with Apple includes two-factor authentication, support for on-device authentication, such as TouchID and FaceID, and no tracking! Apple provides two (2) features not available on other similar services. First, Sign In with Apple provides an option to share or hide you e-mail address when you sign-up. Second, should you opt to provide an e-mail address, you can give your real e-mail address, or a randomly generated e-mail alias tied to your real e-mail address. This makes it more difficult for online services or application developers to track you across the web using your e-mail address. And yes, you can manage these aliases easily.
Apple continues to provide one of the best privacy-oriented platforms on the planet today! Not only does Apple provide you with more controls on who can access your data, Apple also collects as little personal data as possible, and when they do, they are often processed locally, on device, and encrypted when uploaded to iCloud. To date, Apple provides the best ecosystem for privacy-conscious users?—?it has the privacy-preserving features, and a healthy developer community (there are better privacy-oriented platforms available, but lack developer support).