Skip to main content
  1. Home
  2. Computing

How Apple’s tight ecosystem of products can undermine its own security

Alex Blake
By

There’s an old belief that you can’t have both security and convenience, and that’s seen as especially true in your digital life. I’m sure Apple would dispute that assertion, pointing to things like Face ID as evidence it can do both.

Yet, as we’ve seen in recent months, there are actually times when Apple’s ecosystem, so tightly linked across its platforms, can actually undermine its own security. If your dwelling only has one locked door, it only takes one key to have access to the whole house.

Recommended Videos

Face ID, the iPhone, and the Apple Watch

Face ID is the best example of the security catch-22 a company like Apple can end up in. By itself, it’s superb, far outstripping anything Apple’s Android rivals can come up with, at least when it comes to facial recognition. It is fast, easy to learn, available on many of your devices, and yes, both secure and convenient. It’s exactly what you imagine when you think of Apple innovation.

Related

Under normal circumstances, it works great. But I don’t think anyone can claim the last 18 months qualify as “normal circumstances,” and for all the disruption the pandemic has caused, it has also exposed the weak point of Apple’s tightly bound ecosystem.

That’s seen in Face ID’s tie-in with the iPhone’s Unlock with Apple Watch feature. If you have an unlocked Apple Watch on your wrist, you can use it to open up your iPhone when Face ID doesn’t recognize you. It’s specifically designed for times when wearing a mask obscures your visage such that Face ID cannot identify you properly. It’s a slice of convenience for a pandemic world.

It’s a slice of convenience for a pandemic world.

The problem is that it seems incredibly forgiving. I have both an Apple Watch and an iPhone, so I end up using Unlock with Apple Watch on an almost daily basis. And nearly every day, there will be at least one time when my Apple Watch unlocks my iPhone when I haven’t even looked at it. It’s not like my face was obscured by a mask — I’m often facing another direction entirely. Face ID on my iPhone is set to “require attention” — in other words, I have to look at my iPhone to unlock it. Yet Unlock with Apple Watch apparently completely bypasses that requirement.

And with one weakness in the system, the whole ecosystem is at risk.

Sidestepping Face ID

Andy Boxall/Digital Trends

What’s worse is that this feature simply requires an unlocked Apple Watch to work — and unlocking an Apple Watch is child’s play. Instead of the complex security layers of Face ID or Touch ID, all that’s required to get into an Apple Watch is a simple four-digit passcode. Given how many of us use memorable, identifiable dates and numbers for this kind of lock-up mechanism, prying open an Apple Watch is beyond easy.

And that’s a problem because of how permissive Unlock with Apple Watch is at unbolting an iPhone. Apple claims the chances of someone fooling Face ID are one in a million. But when a simple four-digit passcode is enough to get into an Apple Watch, Face ID’s apparently watertight security becomes totally irrelevant.

All that’s required to get into an Apple Watch is a simple four-digit passcode.

It’s not just your iPhone that this affects. You can do the same thing with a Mac. An unlocked Apple Watch can log you into a connected Mac provided you’ve set up Unlock with Apple Watch. Once again, all you need is a four-digit passcode for the Watch and suddenly the Mac’s contents are all yours.

The security ecosystem implications

Ultimately, this wouldn’t be happening if Apple’s ecosystem were not so tightly bound. It’s only by having devices that closely interact and communicate with each other that an Apple Watch is able to unlock an iPhone when your face is obscured. But in giving users that extra step of convenience, the company is undermining its famous security.

That’s not to say Apple can’t work out a way to have both — to let users have their cake and eat it. But right now, anyone who steals an iPhone and an Apple Watch only have a trivial obstacle to surmount to gain access to all your personal files and info. That’s far from the security-conscious Apple I thought I knew.

Editors' Recommendations

Topics
Alex Blake
Alex Blake
Computing Writer
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Apple has almost 50% of the global refurbished smartphone market
The iPhone 14 Pro and iPhone 13 Pro seen from the back.

Apple captured about half of the global refurbished smartphone market in 2022, followed by Samsung, which shared 26% of sales, according to data from research firm Counterpoint.

The findings also revealed that refurbished smartphone shipments grew 5% globally year on year. That’s in notable contrast to shipments of new phones, which saw an 11.3% decline in 2022, according to research firm IDC.

Read more
Your iPhone has a secret feature that helps the environment — here’s how it works
iPhone 14 Pro showing Battery & Health

As Earth Day approaches, you may be wondering how you can help reduce your overall carbon footprint. You could use less disposable household items, get eco-friendly items instead, or drive an EV instead of a gas vehicle — there are plenty of ways to do your part.

But if you have an iPhone with iOS 16.1 or higher, you’re already contributing with a new feature Apple added called Clean Energy Charging. Here’s everything you need to know about how this eco-friendly charging option works.
What is Clean Energy Charging?

Read more
New leak reveals exactly how Apple’s VR headset will work
A man using a virtual reality headset with controllers.

Apple’s forthcoming Reality Pro headset hasn’t even launched, yet it’s already been plagued by negative stories and general skepticism about its prospects. Yet a new report claims Apple is going to come out swinging with a full gamut of blockbuster apps and games for its high-end device, all in an attempt to win over wary customers.

First reported by Bloomberg journalist Mark Gurman, Apple is apparently building a host of apps and experiences that will entice people to shell out around $3,000 for the mixed-reality headset. These will include games, workouts, collaboration tools, and much more, with a mixture of virtual reality (VR) and augmented reality (AR) options.

Read more