How is Apple’s record for personal security? It depends upon who you ask. Security experts say OS X and iOS are not as secure as Windows or Android, yet most of the PC or mobile device malware exist on both, not on Macs, iPhones, or iPads. What’s up with the disparity?
It’s the age old issue of vulnerability vs. exploit. Those who count the former insist Apple’s devices have security problems. Those who count the latter find far fewer problems, which helps to explain why both Windows and Android have far more malware than Apple devices.
When it comes to personal security, Apple’s decision to add encryption to select iOS apps and services has the government’s spooks crying from the hilltops; “Apple is helping terrorists!” Of course, those same government spooks didn’t have any trouble hacking into and spying on German politicians, so, go figure.
When it became public that the U.S. government was snooping on everyone, Germany responded with Volksverschlüsselung. Loosely translated, Volksverschlüsselung means ‘Encryption for Everyone‘. Germany’s government now wants citizens to have more security, thanks to U.S. intrusions, and launched De-Mail for ordinary internet users. De-Mail is end-to-end encrypted email.
Caveat? Obviously, everyone needs to use De-Mail to make it fully effective. Apple has something like that already with Messages, whereby text messages from one Messages user to another are encrypted and Apple throws away the key. The U.S. government’s spooks don’t like that, of course, and that’s the point. Personal privacy and security should be more important to individuals than to the government.
What can Apple do to enhance personal privacy and security for Mac, iPhone, and iPad users. How about end-to-end encrypted secure email? Email encryption is nothing new, but deploying such security is the challenge; people have multiple email accounts, which means multiple email servers, which means encrypting most email messages is next to impossible.
First, Apple could and should start the ball rolling by employing end-to-end encryption with Mail between Mails users; Mac, iPhone, iPad. Second, whatever standard Apple employs to encrypt email messages should be available to Google, Microsoft, Yahoo!, and other major email services, and made available to the server community to be deployed for other email services, personal and business.
Sara Zaske explains how the Germans launched and then improved Volksverschlüsselung and how they’re moving it to popular services and email apps.
If Apple remains truly and steadfastly on the side of personal security then end-to-end encryption needs to move beyond text messages between Messages users.