Do iPhone Versions Really Differ in Security?
What exactly is it that makes one iOS version different from the next? Is it the updated icons, the additional features or new apps? Some users even advocate against upgrading to the newest version, fearing the loss of an older, more familiar interface.
But in truth, the biggest changes are hidden in the pages and pages of patch notes that go along with each new release put out by Apple. Each time Apple decides to update iOS, they include multiple bug fixes and improvements to security. These security improvements are highly subtle; we rarely notice them at all. Some fixes relate more to hardware-software relationships. Other updates are not so great for security.
iOS 10’s “Today”
When Apple updated our iPhones and iPads to iOS 10, there was one major change that stuck out. The addition of “Today” to the lock screen meant much of your personal information was available to anyone who decided to turn your screen on. Even without your passcode, they could see your schedule and other bits of private data.
This was more a case of good intentions gone bad. Features advanced by Today were certainly convenient, but convenience often goes both ways (for the bad guys as well). Luckily Today can be disabled by those more concerned with their privacy, but it still stands that this feature was enabled by default.
Longer and Better PINs
When iOS 9 was introduced, Apple advanced its security features by implementing a new 6-digit PIN code; as many of us know, they still allow for 4-digit PINs, but the upgrade to 6-digits was a massive jump in possible combinations.
Beyond that, allowing users to select a long ID to use with TouchID (which incorporates letters as well as numbers) further increased the security of Apple lock screens, assuming users take advantage of strong password rules (non-dictionary words, longer than eight characters, both numbers and letters, etc.)
Paradoxically the same change to Apple’s password system also put select users at risk. Newer iPhones with thumbprint security could run into trouble with authorities, who can force users to unlock their phones by simply placing the phone against their thumb. What seems at first glance to be a novel security feature actually falls apart when physical coercion comes into play.
Most of Apple’s real security improvements are fixes to security loopholes. These updates are the primary reason for users to upgrade their phones and iOS versions because as time passes, hackers find new ways to sneak into users’ devices. Even if the new interface or features aren’t desirable, backend security fixes are.
Of course, taking steps of your own to improve security can further Apple’s efforts. For instance, using a Virtual Private Network (VPN) service helps combat hackers by encrypting and defending against the one thing Apple can’t—unsecure internet. According to Secure Thoughts, public WiFi (which is chronically unsecured) is a prime way for hackers to infiltrate your devices; it’s also a problem easily solved by third party apps, such as VPNs.
The Problem of Old Devices
If you’ve ever read over Apple’s extensive list of fixes included with an iOS version update, something particular stands out: these updates are predominantly for more recent pieces of hardware. In the list above, all fixes relate specifically to iPhone versions 5 and on; the same goes for iPads and iPods.
Much like their competitors, Apple only extends support to their devices for so long. Microsoft, for instance, recently terminated support for Windows XP; no further updates will be provided, meaning users are to fend for themselves against hackers and security exploits.
Thus with time, it becomes necessary to update to a new device even if the old device is working well simply because new patches to the operating system will stop being available. Some of these updates are incredibly vital, minor as they seem on a long list of fixes.
Take the issue credited to Antione M of France; before iOS 10, the iOS keyboard was “caching sensitive information.” What information that might be Apple leaves out, but it could be that when a user typed credit card information, addresses, passwords, etc., that the keyboard app was reading that information and storing it for predictive purposes.
Without that fix, hackers could potentially hack that stored information and use it to steal users’ identities. It isn’t hard to see why a fix to this is very important!
The Bottom Line: Upgrade
It isn’t always easy to deliver the news that “out with the old, in with the new” is the best course of action, but it’s definitely true when it comes to Apple’s technology. As new software and hardware are developed, it replaces the old; engineers and authors typically don’t support their previous creations for long.
That fact is what cybercriminals count on. Running security software makes a big difference in your device security, but you’re only as safe as your weakest link in the chain. Do yourself a favor: stay up to date. Even if you don’t want to purchase a new device, at least make sure your software is as new as can be (particularly the operating system). Do that, and you’re much less likely to be hacked or burdened by malware.
About the Author: Cassie is an internet security expert who specializes in ways to protect your devices and identity from hackers and malware.