Home iOS Apple tramples on security in the name of convenience

Apple tramples on security in the name of convenience


Apple plans with iOS 14.5 to allow masked enterprise employees to access their iPhones if they are also wearing an Apple Watch (running WatchOS 7.4), that is unlocked. Heads up: This is a quintessential convenience vs. security trade-off from Apple, and if you don’t insist that workers refrain from using the feature, corporate security will suffer.

In short, it will be make it much easier for corporate spies and cyberthieves to snag your company’s intellectual property, which is being created, stored, and shipped within smartphones today at a far greater rate than 2019 — aka the pre-COVID-19 times.

Apple has refused to let this convenience do anything other than opening the phone (which is bad enough). And it will not allow the feature to bypass facial ID authentication for the AppleCard, ApplePay or any third-party app (such as banks and investment firms) that have embraced Face ID. That tells you pretty much all you need to know about how much of a security corner-cutter this move is.

Let’s drill into what Apple has done and give credit where it’s due. As a security move, it’s horrible — and that should be the main concern of enterprise IT since it endangers ultra-sensitive corporate data. That said, it’s a pretty impressive dose of convenience.

First, this is absolutely pandemic-based, as the unlock process starts by scanning for the existence of someone wearing a mask. Once it determines that, it allows the phone to be unlocked if there’s an unlocked Apple Watch nearby. All it’s really doing is replacing a PIN entry on the phone with a previous PIN entry on the watch. And that can prove helpful.

How helpful and — to the point — how much more convenient? It’s a better idea, but I’m not so sure it’s much more than a gimmick. Most iPhone users still have to enter their iPhone PIN many times a day. For most of us, it’s now muscle memory and barely takes a second. If it’s only saving a second or two of time, I’m not convinced it’s worth the effort.

As noted above, the Apple Watch-iPhone authentication combo — which sort of plays off Unix’s trusted host concept, in that it’s saying, “If you’ve already authenticated yourself on the Watch, I’ll trust you” — doesn’t work with any sensitive third-party app that uses Apple’s facial recognition for authentication. We’re talking a one-trick pony here, something that can only open the iPhone and then only if it detects a mask. This might be more useful in the winter when wearing gloves and a ski-mask over a Covid mask, where finger access is a hassle.

As for security, this convenience gambit is going to make life a lot easier for bad guys. Let’s say someone steals one of your employee’s phone and watch, perhaps when they fall asleep on the subway or train. Or perhaps simply during a mugging at knifepoint.

Copyright © 2021 IDG Communications, Inc.


  1. After study a couple of of the weblog posts in your website now, and I truly like your way of blogging. I bookmarked it to my bookmark web site record and will be checking back soon. Pls check out my site as properly and let me know what you think.

  2. dosage hydroxychloroquine for humans

    Apple tramples on security in the name of convenience | Software Tool Apps

  3. michigan governor bans hydroxychloroquine

    wealthy adenosine triphosphate historic

  4. I do agree with all the ideas you have presented in your post. They’re very convincing and will certainly work. Still, the posts are very short for novices. Could you please extend them a bit from next time? Thanks for the post.

  5. Thank you for every other great article. Where else may just anyone get that type of info in such an ideal approach of writing? I have a presentation next week, and I am on the look for such info.

  6. I like what you guys are up also. Such intelligent work and reporting! Keep up the superb works guys I¦ve incorporated you guys to my blogroll. I think it’ll improve the value of my site 🙂

  7. 702019 764404Following study a few with the weblog articles for your site now, and that i actually like your method of blogging. I bookmarked it to my bookmark site list and are checking back soon. Pls consider my internet website too and inform me what you consider. 472188

  8. 13457 94684Ill correct away grasp your rss feed as I cant in locating your e-mail subscription hyperlink or e-newsletter service. Do youve any? Please let me realize so that I may subscribe. Thanks. 223455

  9. certainly like your web-site but you have to check the spelling on quite a few of your posts. A number of them are rife with spelling issues and I find it very bothersome to tell the truth nevertheless I’ll certainly come back again.

  10. A lot of of what you say happens to be supprisingly legitimate and it makes me ponder why I hadn’t looked at this with this light previously. This article truly did turn the light on for me as far as this issue goes. Nevertheless there is just one point I am not too comfortable with and while I make an effort to reconcile that with the actual main idea of the issue, allow me observe just what all the rest of the visitors have to point out.Well done.

  11. 448210 98126Be the precise blog if you have wants to learn about this subject. You comprehend considerably its nearly onerous to argue to you (not that I personally would needHaHa). You undoubtedly put a new spin for a subject thats been discussing for some time. Nice stuff, just nice! 839161

  12. 874495 251699Im not that a lot of a internet reader to be honest but your blogs actually nice, keep it up! Ill go ahead and bookmark your web site to come back within the future. All the finest 418113

  13. 665452 227187Great paintings! This really is the kind of info that should be shared around the internet. Disgrace on Google for now not positioning this publish upper! Come on over and talk more than with my web site . Thanks =) 576228


Please enter your comment!
Please enter your name here