Apple security now

Quite frankly, I see enormous security issues brewing with all mobile device platforms … and with desktop operating systems which try to “be friendly with” (read: “trust”) all such systems.

Among the problems:

  • There is no concept of a “user account.” Although no application is (supposed to be …) the all-powerful “root user,” even that level of access is not too hard to get. And in any case, every application that you install is more-or-less on equal footing with every other.

Applications are obliged to “request” access to various kinds of information on your phone … but it’s an “all or nothing” proposition. Either you “accept,” or you can’t install/use the app. Furthermore, the operating-system code that’s supposed to actually enforce the provisions is actually quite “soft.”

I am quite terrified of the many applications on your phone that are capable of detecting, within +/- 7 feet or so, exactly where in the world you are (where your kids are, and so on …), and to transmit that information you-don’t-know where, to be accessed by you-don’t-know who. For millions of individuals at the same time. Without their knowledge. Even when they are not, so far as they know, “running” that app.

I am also terrified of things like: banking with your phone, by photographing a check. Or, Apple Pay. Or, apps on your phone which have access to your bank account. The list goes on. IMHO, none of those technologies are secure, nor can they be secureable, because “a mobile phone was never engineered to be a ‘secure device.’” And yet, here they are.

We have plunged into an abyss of technical capabilities which never existed before, in all of human history up to this time, and we have done so with no skepticism at all. When the cliff materialized before us, we said: “Cowabunga!”

This is not (just) “an Apple problem.” It is a social problem, and it is international.

It’s an industrial problem, and it is intentional.