In the 2013 indie romance, “Her,” Joaquin Phoenix’s on-screen lover wasn’t another stunning A-list actress, but something less expected and certainly less traditional; “She” was an operating system. A what? Commonly referred to as an “OS,” Phoenix’s romantic partner was the software that powers a computer’s basic functions. Ahhh, romance. In reality, most of us probably wouldn’t fall in love with an OS, but it certainly seems like a possibility with the sense of anticipation that fills much of our society in the days leading up to Apple’s special breed of OS updates, iOS. This Fall brought the computer giant’s biggest release yet: iOS 10. As with any big tech unveiling, it was met with cheers, trolls, and security snafus.
Word of a security weakness quickly spread following the rollout—researchers uncovered a flaw in the updated file’s local backup systems, the type created when the device is connected to iTunes. iOS 10’s updated systems leveraged an outdated password protection algorithm, one which is highly unlikely to withhold today’s attacks. You see, security systems have to plan ahead, knowing that threat actors are always evolving their methods to further penetrate mobile devices. Should such criminals access your iTunes backup after download, and use a brute-force cracking tool, your device, and your data, could be in their hands quicker than you can get that new workout playlist from your computer to your mobile phone. Pitbull won’t be saying “Dale” about that!
Luckily, this weakness doesn’t affect iCloud backups and the folks at Apple work quickly, with plans to tighten up the flaw in an upcoming update. There are further steps you can take to keep your device safe when updating to iOS 10 or any advanced software update:
- Protect with secure passwords. The good news? This hack is only successful should an actor hijack both your computer and your mobile device. You should always keep both secure, of course! Protect all of your devices with strong passwords and grant access to authorized users alone. Remember folks, when it comes to cybersecurity, sharing is not caring.
- Patience is a virtue. We get it. As soon as an update is released, you can’t help wanting to see what your coworkers are chatting about! But before downloading blindly, take a deeper look at the update. Head online to read the chatter, check if there is any buzz surrounding security flaws, and read reviews to know what other folks are saying. By doing your research and holding off on the download initially, you could avoid a zero-day attack—the kind that crooks launch on the day of a tech release. There’s no need to worry about missing out: many OS releases are followed by updates and patches to security issues. You’ll stay up to date if you pay attention to your software’s notifications alerting you to future updates.
- Back, back, back it up. Before performing any kind of software update, always back up your device to a secondary source. This can be a (secure) computer that you know and love, a (secure) cloud, or a (secure) hard drive. The key here is, you guessed it, keep it secure! Before downloading updated software, you want to know that your data is safe and sound, so take the extra time to back up your device.
- See what your security settings are up to. Once you download an updated OS, resist the urge to play around with the cool new features and head to the device settings instead. Updated software often results in tweaks to your device’s security settings. See if anything looks unfamiliar here, and don’t be shy about saying “no” when your mobile device asks for new privileges.
Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.