Lesson to Be Learned From Apple's Up and Down Security Developments
Apple has been on a bit of a rollercoaster over the past couple weeks in terms of internet privacy issues. After announcing a new feature to enhance security for Apple users, the company discovered a loophole that actually exposed its users to major security threats. That hole has thankfully been patched, but let's take a look at exactly what went down and see what lessons everyday tech users can learn:
On Mashable, tech writer Emily Price covered a new development that aims to make Apple's security stronger for all users. It's called two-step verification, something you may already be familiar with depending on what products and services you use online. Essentially, Price explains, this means that Apple has added an additional level of security for users attempting to access their Apple ID through a mobile device, computer or the iCloud. Let's say you own an iPhone and an Apple laptop. When attempting to carry out certain tasks with your Apple ID, such as purchasing a song in iTunes through your laptop, you'll be asked to verify your identity by entering in a certain set of numbers. This set of numbers would be sent to your iPhone, meaning unless a thief had accessed all of your Apple devices, he or she could not break in and use your account for nefarious purposes.
Unfortunately, only days after Apple rolled out this new system, a privacy vulnerability was exposed. According to The Verge, individuals who had not set up the two-step verification process could potentially have their password reset by someone familiar with their email address and date of birth. Typically more information is required to reset passwords, because these two pieces of background information are relatively easy to come by. For example, many people keep their birthdays and email addresses on their Facebook profile, which can be easy for members of the general public to view. As of today, however, the security flaw has been fixed, reports The New York Times.
These stories demonstrate that even well-established companies with advanced security techniques can make mistakes. That's why it's important for individual users to monitor their own privacy and take measures to ensure their data isn't compromised. There are many ways to do this, one of which is setting up your own two-step verification process. For example, smart phone users may be able to equip their devices with both a number password and a voice command in order to access the data stored within. If you use apps on your smart phone for banking, don't allow the app to "remember" your device - this only makes it easier for thieves to quickly access your information.
Installing a virtual phone number on your device can also be beneficial in times of trouble. Use one number strictly for family and friends. That way, if your phone falls into the wrong hands, you can disable the compromised number without having to give up the one you use for your nearest and dearest.
Big companies like Apple are always taking steps to enhance security, but no business is infallible to security flaws. Take your privacy into your own hands!