In the wake the celebrity photo leaks, Apple is facing accusations of lax online security measures. In response, Apple CEO Tim Cook has announced the implementation of higher security measures on Apple iCloud accounts. Until this point, users would receive an email when somebody tried to change a password or log in for the first time from an unknown Apple device. Now, Cook assures users that the company will notify them via email and push notifications when somebody tries to “change an account password, restore iCloud data to a new device, or when a device logs into an account for the first time.” The company plans to initiate such notifications in two weeks time.
While Apple’s security enhancements are clearly in response to the leak of Hollywood iCloud data, Apple continues to deny that originally lax measures on their part allowed hackers to gain access to private property. Rather, Cook maintains the most important way to improve online security is through education, rather than technological improvements.
When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece,” he said. “I think we have a responsibility to ratchet that up. That’s not really an engineering thing.”
Apple has noted they provide a two-factor authentication system, offered to users who want to bolster their security. The system requires the user to have two of the three security options in order to access the account- a password, a four digit one-time code, or an access key given to the user when they registered for the service. This feature will now also cover access to iCloud accounts from a mobile device. However, many users currently do not choose to use the heightened security system. According to Ashkan Soltani, an independent security researcher,
There’s a well-understood tension between usability and security…More often than not, Apple chooses to err on the side of usability to make it easier for the user that gets locked out from their kid’s baby photos than to employ strong protections for the high-risk individuals.”
Apple’s security adjustments are an attempt to restore the company’s reputation in the face of public criticism and outrage over the hacked content. With the launch of its new smart watch looming, the company needs to prove they are able to protect consumer privacy, whether be it by heighten technology measures of further advocacy and education for their customers.
Read more here- “Tim Cook Says Apple to Add Security Alerts for iCloud Users,” (Daisuke Wakabayashi, The Wall Street Journal)