Apple Watch Security Bug Overblown

The Internet lit up on Thursday with reports of the horrible security bug in Apple Watch that makes it an easy target for criminals. The real problem isn't that Apple Watch has a big security bug—it doesn't—it's that an intended feature of the watch is being presented as if it's a bug. The reality is that Apple Watch isn't more prone to theft than any other quality watch, although Apple could take steps to make it less desirable to steal.

Apple Watch security isn't the disaster the media claimsApple Watch security isn't the disaster the media claims

The security bug feature that caught the attention of news sites and blogs is the ability to factory reset Apple Watch should you forget your device passcode. The reset clears out all apps, data, and settings, leaving you with essentially an out-of-the-box Apple Watch ready to pair with your iPhone.

That makes it easy for people who routinely forget passcodes to still use their Apple Watch, but it makes it just as easy for a thief to reset your watch and set it up as their own. The idea, presumably, is that Apple Watch should be as easy to set up and use as possible. Adding in extra set up steps only takes away from that dead-simple experience.

Presenting this feature as a bug is disingenuous at best, and already has at least some people wailing and gnashing teeth over this world-ending security disaster. My response yesterday when asked my thoughts on the reports was, "Tell me about the security measures in your watch."

The begrudging answer I got was, "There aren't any." That's the key point people are missing: Apple Watch isn't, by its nature, any more or less susceptible to theft than other watches.

High end mechanical watches don't fair any better than Apple Watch when stolen. Should some one make off with your Zenith or Tag Heuer, for example, there isn't any easy way to track it, and there aren't any options for disabling a stolen mechanical watch. Android-based smartwatches don't offer remote kill switch features, either, so they're potentially just as easily targeted as Apple Watch.

The big concern should your Apple Watch disappear is personal data. If your watch has a security passcode, that data is locked away from the average crook and a reset will wipe your information, too. Either way, no one is getting at your phone numbers and messages.

You can also set your Apple Watch to erase all of its data after ten failed passcode attempts. To do that, launch the Apple Watch app on your iPhone, tap My Watch, tap Passcode, then enable Erase Data. Should Apple decide at some point to give us more options if our Apple Watch is lost or stolen—and I think they will—that can be delivered as a software update.

Apple could, for example, could give us features we already have on the iPhone that lock Apple Watch after a set number of failed login attempts. We could also see Find My iPhone for Apple Watch, although that would rely on the watch being in range of WiFi networks. Remote lock and Wipe could be an option, too, turning Apple Watch into little more than a glass and metal block on a wrist band for crooks.

The trick for Apple will be to find a way to effectively communicate with a rogue Apple Watch since the device relies on your iPhone for its Internet connection. Apple Watch can connect to WiFi networks it has already been on, which is an option, but may not be reliable since there isn't any guarantee whoever made off with your watch will be in range of the same wireless networks you've already joined.

What seems like a more reliable way to remotely connect to an Apple Watch is iCloud. Apple could offer a way to tag your Apple Watch as missing or stolen through your iCloud account, and then send a disable command when someone tries to pair it with their iPhone. At that point, your Apple Watch is useless to anyone but you because it's in a lockdown mode, much like we can already do with iPhones and iPads.

For Apple Watch owners, that's good news because Apple can make changes that make stealing your less enticing. The potential is there, and it doesn't require a new watch—just a software update.

Which brings us back to the supposed Apple Watch security flaw that really isn't. Apple can enhance the security options Apple Watch already offers and make is more difficult to completely reset the device, and in the process give criminals a big deterrent to stealing yours.

[Some image elements courtesy Shutterstock]