Got confused??
Yes, Apple's robust security practices have
made malware a virtual non-factor; iOS device owners should still take care to
ensure that they themselves do not become the weak link in the security chain.
Before going into detail, let’s first know what is an Apple ID?
Apple
ID
An Apple ID is the username of yours for
everything you do with Apple: Whether Shop the iTunes Store enables iCloud on
all your devices, buy from the Apple Online Store, make a reservation at an
Apple Retail Store or access the Apple Support website.
According to the reports, Apple marketing
Chief Phil Schiller paints third-party apps as a leading cause for concern when
it comes to security on mobile devices. Malware is not Cisco's biggest worry
when it comes to mobile apps. The honor goes instead to age-old social
engineering techniques such as phishing, in which malicious individuals try to
dupe users into giving over their personal information like usernames,
passwords and other financial details by pretending to represent legitimate
businesses — the notorious "Nigerian prince" e-mail scam is one
popular example.
The problem is compounded by the implicit
trust users often place in content from the App Store. This week also saw Apple
settled with the Federal Trade Commission over in-app purchases, a dispute
which made parents blindly supply their Apple ID password to their kids without
taking the time to understand the implications. In such situation, the parents
simply saw a few more charges on their credit cards. This same action in a
different context could have much more far-reaching consequences and this issue
has been the subject of a recent chaos in the iOS developer community.
The Apple ID has become a de facto key to
many iPhone and iPad users' lives. Imagine what happens when an iOS device is
restored from an iCloud backup: iMessages, email accounts, calendars, contacts
and data-filled apps are all easily retrieved from the cloud. Attackers need
not even go to the trouble of sneaking a phishing app into the App Store. Many
services stores access credentials on the cloud servers, which present an
incrementally larger number of attack vectors — Sunrise was the victim of an
attack on its web infrastructure last November, and thus was forced to warn
users to reset their iCloud passwords.
Fortunately, these potential problems are
easily mitigated by the application of common sense. Just as users would not
provide their social security number to a stranger on the street, they should
carefully judge which services have access to their Apple ID. Apple allows for
the use of multiple accounts on a single device — one can be used for sensitive
information such as iCloud keychain, while the other could synchronize less
important data like calendars.
Author : Iman Majeed Source : appleinsider
0 comments:
Post a Comment