Bigger isn\u2019t always better<\/p>Tweet<\/a><\/blockquote>\n As I was struggling with the unavailability of Apple\u2019s website, the weird live Chinese synchro translation, and a video stream going back and forth in time, I had enough time to sum up all the recent security issues around Apple ecosystem:\u00a0Celebrity hack<\/a>. Increasing amount of data stored in\u00a0iCloud<\/a>. Bad reputation of fingerprint identification. At the same time, there is no doubt that Apple is still a great company making great devices and services. Therefore, while making this overview I adopted a two-sided approach, starting with a highly skeptical headline, but trying to be fair afterwards. So here we go.<\/p>\n Apple Pay. Next time cybercriminals will not mess with celebrities\u2019 pics, but their money.<\/strong><\/p>\n Apple is trying to simplify the process of electronic payments (be it online or in-store via credit card). All you need is your iPhone. Or Apple Watch. No credit cards, no need to punch those numbers in online stores, remembering CVCs and expiration dates.<\/p>\n The only concern is that your iCloud account controls not only your private photos, app data, messages, but also your money. You lose your password \u2013 you lose everything and as the celebrity hack showed us, there isn\u2019t even a need to hack Apple\u2019s servers. Social engineering, phishing, trojans \u2013 all cybercriminal tools will now be targeted at people\u2019s electronic wallets. Of course, Apple took a lot of security measures, it can be seen even from the not-so-technical keynote. But we are witnessing the fact that our electronic devices are becoming even more important parts of our life. The problem of protecting those devices should be taken very seriously.<\/p>\n Apple Watch. How dangerous is your heartbeat data?<\/strong><\/p>\n Next time cybercrime will not mess with celebrities\u2019 pics, but their money.<\/p>Tweet<\/a><\/blockquote>\n A smart criminal can make use of every type of personal data that is available. The greatest example is spear-phishing \u2013 an attack that includes sending e-mail to potential victims with tailored content, based on the specifics of a company or a person. How dangerous could it be to leak not your credit card number, but your heartbeat statistics? Such data could certainly be useful for your competitor: simply to evaluate the level of confidence, for example.<\/p>\n So what should we do? Get rid of all tracking devices? Recently we explained<\/a> that sticking with obsolete technology is not the best strategy. Yes, the industry of mobile devices is still in its early stages of development (see analysis here<\/a>), but all one has to do is just think twice before storing or sharing some sensitive data. Leave your corporate documents in the encrypted vault on your PC or Mac, don\u2019t share everything on your iPhone or other mobile device. And don\u2019t panic. At least until \u201cearly 2015\u201d we still\u00a0have time to live without\u00a0potential spies on our wrists.<\/p>\n Bigger isn\u2019t always better<\/strong><\/p>\n Introducing two king-size iPhones seems like a radical departure from Apple\u2019s previous messages. Actually, this is not a problem at all: consumers have adopted big-screen mobile devices already and there is no indication that Apple\u2019s choice is the wrong one. But lots and lots of applications will require upgrades. New screen resolutions, new version of iOS and new 64-bit architecture will eventually divide the current range of apps into \u201cactual\u201d and \u201cobsolete\u201d. Thanks to the fragmentation of Android platform, many developers have gotten used to this situation already, but some dedicated corporate apps could be at risk.<\/p>\n Judging by the Twitter feed, many people see today\u2019s event as a mere evolution of Apple\u2019s ecosystem. But it\u2019s wrong to view it that way. Wider adoption of electronic payments, even more user data collected, processed, and shared via the cloud means a lot and makes the attack surface larger. That\u2019s progress. I hope that Apple took all precautions against all that user data ending up in the wrong hands (and did better at security than at doing live streams). We know that hardware vendors cannot make our data 100% safe. They just make the tools that have to be used thoughtfully with all necessary precautions.<\/p>\n To end the blog post on the positive side: Apple\u2019s new OS X Yosemite is way better in terms of compatibility with Windows-based corporate infrastructure. Not enough to conduct a special event, but good news for IT pros and users alike.<\/p>\n","protected":false},"excerpt":{"rendered":" The biggest concern about Apple Pay is that one’s iCloud account now controls not only private photos, app data, and messages, but also money. You lose your password – you lose everything and as the celebrity hack showed us, there is no need to hack Apple\u2019s servers. Social engineering, phishing, trojans – all cybercriminal tools will now be targeted at people\u2019s electronic wallets.<\/p>\n","protected":false},"author":53,"featured_media":15963,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3021],"tags":[14,2177,806,218],"class_list":{"0":"post-15002","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-apple","10":"tag-applelive","11":"tag-icloud","12":"tag-mobile-security"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/thinking-of-security-over-apples-live-stream-bummer\/15002\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/thinking-of-security-over-apples-live-stream-bummer\/15002\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/thinking-of-security-over-apples-live-stream-bummer\/15002\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/apple\/","name":"apple"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15002","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/53"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=15002"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15002\/revisions"}],"predecessor-version":[{"id":26330,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/15002\/revisions\/26330"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/15963"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=15002"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=15002"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=15002"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2014\/09\/06020126\/Screen-Shot-2014-09-10-at-00.43.39-1.png\")
<\/p>\n![\"\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/103\/2014\/09\/06020125\/Screen-Shot-2014-09-10-at-00.44.57-1.png\")
<\/p>\n