The iPhone Security Flaw That Apple Intentionally Creates

Apple includes certain convenience functions in iOS that make life better. Then, as a result, inventive users find workarounds that expose private information using special techniques. This is often labelled a "Security Flaw." Of course, it's nothing of the sort. But the bigger question is, what is Apple thinking?


For a long time, it seems to me, clever users have been cooking up schemes to bypass routinely expected iPhone security by exploiting what appears to be lax user practices that are created in the iOS Settings. What a slight sense of both dismay and mischievousness, these are called "security flaws" which in this day and age creates a highly clickable headline.

Of course, if you go on to read the article, it explains how if you had never opened the door in the first place, this security flaw would never happen. Typically, then as almost an apology, the way to reconfigure the Settings properly is explained.

Here's an example of this process: "Security Flaw in iOS 9.3.1 Allows Access to iPhone Photos and Contacts."

Now, to be clear, I can't blame websites for pointing out potential iPhone security problems. And every author struggles with article titles that are accurate but compelling. And so, upon reflection, I think the recurring problem is really caused by Apple.

Yes, Apple, I'm Looking at You

Apple is willing to spend millions of dollars fighting the FBI to protect our privacy. The company and FBI, together, just put us through six weeks of a national discussion about the importance of protecting our personal data.

And yet, the iOS product manager and his management continue to allow these settings that claim great convenience and then allow easily found backdoors. Worse, all these convenience settings just confuse the average user because it takes time and patience to understand the ramifications of each choice in the settings. Most users don't bother.

Typically, when I go to my iPhone to investigate these workarounds, I find that long ago, I had clamped down on such settings to take the most conservative approach. One may argue that I take security on my iPhone too seriously, but in light of all the fuss described above, that make no sense.

In other words, over the years, I've learned to use my iPhone in a very secure way, and that requires a mindful, minimalist approach.

So long as Apple continues to offer these crazy, lax, convenience settings, inventive people are going to keep finding backdoors into our iPhones. In my mind that's just as big a problem as the lax encryption and backdoor some government agencies insist that Apple implement more formally.

I would like to see Apple eliminate these so-called convenience features and better inform its customers that security is much more important than access to, say, Siri from the Lock Screen. In time, we'll all learn to live with and operate simpler, more easily understood, better secured iPhones.