Apple is addressing security concerns in both iOS 12 and macOS 10.14 Mojave and outlined a number of new protections at its Worldwide Developers Conference, which is taking place in San Jose, California this week.
Among the new measures to be implemented is extending privacy protections to the camera, microphone, and other sensitive user data that includes mail database, message history, Safari data, Time Machine backups, iTunes device backups, locations and routines, and system cookies.
In the upcoming macOS 10.14 Mojave operating system, apps will need express user consent for all API and direct access to these resources, with users able to access their security preferences in the Security section of System Preferences.
As quoted from the session:
“Your information, your image, your voice — they’re yours and yours alone to share with apps. macOS Mojave requires apps to get your approval before accessing the camera or microphone on your Mac. The same goes for data like your Messages history and Mail database.”
Apple is also focusing on apps that are distributed outside of the Mac App Store and signed with a Developer ID. These applications will undergo a secondary “Notarize” review process that’s designed to detect malware faster and provide Apple with finer-grained revocation tools to revoke a specific bad release rather than a developer’s entire certificate.
Once an app has passed Notarization, users will know for sure that a third-party non-App Store Mac app has undergone intense scrutiny and is free from malware. Apple has also announced plans to eventually require all Developer ID apps to be notarized before they can be installed, the company stating that this is not an app review process and is used exclusively to analyze apps for security purposes.
In addition, Apple is introducing enhanced runtime protections that will extend System Integrity Protection features to third-party apps, protecting them from code injection and other tampering.
Both iOS 12 and macOS 10.14 Mojave will gain support for automatic strong passwords, with Safari automatically creating, autofilling, and storing passwords. Passwords on macOS Mojave will be flagged if they’ve been reused, making it easier for users to create unique passwords for each login.
An assortment of anti-tracking and privacy improvements will be including to help keep your Safari browsing habits private. At present, advertisers use browser and device characteristics to create a “fingerprint” for you to surreptitiously track you across the web.
Apple has stated that is wishes to stop this by sharing only a simplified system profile when you browse the web, giving advertisers less of your data to work with. Improved Intelligent Tracking Prevention also prevents social media Like, Share, and Comment buttons and widgets from tracking you without your permission.
Finally, macOS 10.14 Mojave will be the final version of macOS to support 32-bit apps, the transition to 64-bit apps helping to improve security in the years to come.
Stay tuned for additional details as they become available.
Via MacRumors and developer.apple.com