Archive 4 min read

Apple, WWDC, and Your Privacy

As usual there was a host of announcements at WWDC this year. No major spotlight stealers, what does that mean for security?

Apple, WWDC, and Your Privacy

Watch this episode on YouTube.

Reasonably Accurate 馃馃 Transcript

This week, Apple is hosting their annual WW DC or the worldwide developer conference and of course, they have big announcements galore. Um And it's all software focused. So they're talking I Os Mac O STV Os and the Watch Os. Um And you know, there's a ton of features announced nothing massive, um which is indicative of some of the work that they're really doing under the covers.

Um And that really ties back to a lot of security topics and I'm gonna touch on that in a second. But what they did announce from a feature um perspective um tied to security and privacy is around safari and the API S in uh Mac Os. So the um information access API S in Mac Os, far more line up with I Os.

So they're gonna ask permission to access your camera, your microphone, um male database, certain areas like that, that's far more um like the I OS experience, we're used to where it's like, hey, someone's trying to access this data, yes or no. Um And then you can revoke that at any time.

That's a wonderful step forward for personal privacy for security. Um But the big sort of shot across the bow is that the intelligent tracking protection is getting ramped up to 11 in Safari. In that they are going to do generic fingerprinting for the browser. So instead of presenting like exactly what your browser is capable of, they're going to give you basically a generic mac browser presentation, your browser will still be capable of a ton of stuff, but it's not going to be able to be easily tracked by a unique device fingerprint.

And they're also getting a lot stricter around ad blocking now that really gets to the heart of the matter in the publishing industry. But from a security and a privacy perspective, we've seen a spike in malware delivered through ad networks. We know for personal privacy and data tracking that uh that browser is a, you know, it's an access mode, there's um really some challenges around there that we want to address.

So this is all positive things for users of Apple products. It's going to kick off a turf war. Um And there's gonna be some challenges there. It'll be interesting to see how it plays out. But I think what I really wanted to dive into in this episode ties to last episode and I was talking about um moving left left, moving left um in uh development process from security, moving more towards where developers are building things and planning things and coding things to increase the overall quality.

And that's really the theme from Apple's keynote this week was that what wasn't, there was just as important as what was there? Um This is one of those releases for all of the OS s across mac devices where it's not about cool new features. It's about quality. It's about building resiliency into the systems because software security and security in general, failures come from a lack of quality.

They come from vulnerabilities, they come from mistakes that are made earlier in the process. Nobody sets out to write bad code. So having a year where there's not as much glitz and glamour in the Apple ecosystem, but they're actually doubling down and looking into quality that they're looking into resiliency, they're looking into stability.

These are all huge wins for security. So yeah, there's the overt privacy stuff like the API requests um as well as the um the reduction in the ability for websites to track you, which is excellent. That's a great privacy step forward. But I think this is going to be a phenomenal um move for security in that by investing in quality and stabilizing all of these technologies.

We're going to see less security vulnerabilities. Apple's had a significant spike for them over the last 18 months in security issues. Um Traditionally, they've been pretty consistently low um as far as addressing that kind of stuff and having that stuff and having to address it, but we've seen a big spike lately and that's a part to do with scale, but also sort of the general feeling within the community was that quality was um so for them to be able to double down and push really hard on quality, um That for me is sort of reading between the lines, there wasn't as many big features like, hey, cool, check this out.

Um There was some interesting stuff for sure. As an Apple user, I'm like, hey, cool, that'll be fun. Like Emoji will be interesting. Um But there's nothing uh substantial that you're like, I have to upgrade because of this feature, however, quality and resiliency stability, those are massive wins to know that you can rely on your tech.

But from a security perspective to know that there's no opening up um that there's not gonna be new v uh as many new vulnerabilities because they're making better quality decisions. That's huge. And that's something we should all strive for because like we were talking about uh in the last episode of Mornings with Mark, pushing earlier into the development process to create better quality code has better security outcomes that we should all be pushing for.

So to see this kind of a release from Apple. Um Yes, it's disappointing as a user not to get cool new stuff or as much cool new stuff as we expected. But from a security perspective, it's a huge win. It's something you should be pushing for with your own applications as well as always this is a conversation.

This needs to be going two ways. Let me know what you think um online at marknca in the comments down below or as always by email me at Marc NC A. How are your efforts um working out when you're trying to help developers build quality code? What do you think of Apple's initiatives around intelligent tracking um protection, all this stuff lots to talk about.

Um I think it's uh we get better when we discuss, we work and collaborate together. Uh Let's see what your thoughts are and let's keep this discussion going. Hope you're set up for a fantastic day. I will talk to you online and tomorrow.

Read next