Apple Needs to Rethink its Convenience over Security Philosophy

| Analysis

When websites started showing how to use Siri on locked iPhones to access photos and contacts some people called it a Siri security flaw, others called it a poorly thought out feature. Either way, Apple addressed the issue quickly without requiring an iOS update. The problem is that the incident underscores Apple's tendency to favor convenience over security. 

Apple often sacrifices security for convenienceApple often sacrifices security for convenience

Turns out you could access photos and contacts by asking Siri from the lock screen to search Twitter for domain names like "," and use the responses to view an iPhone's contacts and photos. There wasn't any need to enter the device's passcode, which was convenient, but wasn't a smart security move.

TMO's John Martellaro summed up the situation nicely saying,

Apple is willing to spend millions of dollars fighting the FBI to protect our privacy. The company and FBI, together, just put us through six weeks of a national discussion about the importance of protecting our personal data. And yet, the iOS product manager and his management continue to allow these settings that claim great convenience and then allow easily found backdoors.

After demonstration videos hit the web, Apple quickly added a passcode requirement to the process. Since the fix was for Siri, Apple was able to make the change on its own servers instead of pushing a new iOS update out to users.

Apple's quick response was great, and making the fix on the back end, so to speak, was convenient for users—especially those who might not understand the ramifications of not requiring a passcode for certain lockscreen actions.

The situation underscores, however, a choice Apple often makes with its products: convenience over security. It's always a balancing act to find an acceptable level of security without becoming too inconvenient, and since that's a subjective point, there isn't any way for Apple to find a solution that's perfect for everyone.

Still, providing an unprotected opening into your iPhone's contact list and photos didn't feel like a decision in line with Apple's strong push to protect our privacy—especially in light of the company's recent fight with the FBI over a court order calling for Apple's engineers to create a hackable version of iOS.

At least Apple responded quickly after videos showing how easy it was to access contacts from a locked iPhone hit the web. Hopefully Apple will learn from these incidents and start thinking more critically about when it's appropriate to favor convenience over security and privacy.

Popular TMO Stories



The fact that it didn’t require a passcode suggests that contacts, calendars, and photos are not encrypted on the device. (So shouldn’t the FBI have been able to see those already?) This would be true of anything in Settings > Touch ID & Pascode > “Allow Access When Locked” section I think. I thought there was a warning on this page about storing some information unencrypted but I don’t see it.


Agreed, but then again, our entire society is happy to trade virtually everything for convenience. Until consumers are able to think further ahead than five minutes into the future, this will remain an issue.

Scott B in DC

Security cannot be defined as an absolute set of values.
Security cannot be defined as a product.
Security cannot be defined by a product.

Security is the mitigation of risks to its lowest possible levels while allowing the functionality. This requires a tradeoff of some security in order to access certain functionality. If you do not like the tradeoff that has to be made in order to access certain functionality, then don’t use the feature.

The more ways there are to access data, the more risk points are introduced.

If you do not want to accept the risks introduced by using Siri then it is your option to turn off Siri. You are not obligated to use Siri and can turn it off.

While Apple can provide the tools, you have to decide your level of risk toleration. If iOS cannot mitigate risks to your level of tolerance the only way to meet your requirements is to turn off the phone. After all, the safest computer is one that is turned off!


webjprgm: “The fact that it didn’t require a passcode suggests that contacts, calendars, and photos are not encrypted on the device.”

Not necessarily. Remember that the phone had previously been unlocked so the crypto keys were available. They probably weren’t cleared when the phone went to sleep - not really any need to.

I do expect that the data you mention IS encrypted in non-volatile storage, but that the keys are maintained in RAM even during sleep.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account