Apple to consumers: Trust us, our devices are secure

The day before Apple's next-generation iPhones become widely available, Apple is seeking to reassure customers that their devices are secure and that customers' information will not be turned over to either third-party advertisers or to government officials.

iOS 8, released on Wednesday, September 17, 2014 features a new "Recents" tab that gives quick access to all recent contacts.

Apple

September 18, 2014

As anticipation mounts in the hours before customers get their hands on the new iPhone 6, Apple is ramping up efforts to assure its customers that their data is secure. 

In a time of heightened security concerns, and in the wake of the recent iCloud hacking scandal, Apple chief executive Tim Cook has written a letter to customers detailing the efforts taken by Apple to protect users' privacy. 

"Security and privacy are fundamental to the design of all our hardware, software, and services, including iCloud and new services like Apple Pay," Mr. Cook writes. 

Apple has also added a new security page to explain to users the company's security policies and the features that are in place to safeguard users' data. 

This announcement comes just as Apple's new mobile operating system iOS 8 has been made available for download by users of all iPhones generation 4S and later – though reports have noted that putting iOS 8 on a 4S device might not actually be a good idea.

Moreover, the iPhone 6 and 6 Plus become widely available for purchase beginning Friday. Pre-orders for the new iPhones exceeded 4 million in the first 24 hours they became available to order online. That set a new Apple record and created a backlog of shipments; many phones are not scheduled to be delivered until October instead of the originally promised delivery date of Sept. 19. 

All of which means there are going to be a lot more Apple devices in people's pockets and a lot more people trusting Apple with their valuable information. Such information includes personal contacts, family photos, music, and now, thanks to the new mobile payment feature Apple Pay, valuable credit card data. 

For its part, Apple says it does not "monetize" users' information by turning it over to third-party advertisers. That is, with the exception of iAd, the company's mobile advertising platform that lets iOS developers stick ads in their apps. 

Can Syria heal? For many, Step 1 is learning the difficult truth.

As for issues of surveillance, Apple, one of the technology companies pinpointed by Edward Snowden as cooperating with the NSA's PRISM program, says it wants consumers to know their data is safe from government snooping. 

"I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will," Cook writes. 

But Apple will, in some cases, hand over a user's iCloud or iTunes information if requested to do so by a government court order. 

Apple states that "only a small fraction of requests from law enforcement seek content such as email, photos, and other content stored on customers' iCloud or iTunes accounts." It adds that "less than 0.00385 % of customers had data disclosed due to government information requests." 

Further, authorities can still extract users' text messages and call history from wireless carriers like Verizon and AT&T via search warrants and government requests, The Verge reports. And, as reported by Wired, law enforcement can still take information off of a locked iPhone, even without Apple's cooperation. So long as authorities can gain access to a user's iPhone and a computer he or she has used to transfer data, then authorities can extract valuable personal information, according to iOS forensics expert Jonathan Zdziarski. 

Regarding Apple's touting of its latest security enhancements, Mr. Zdziarski wrote in a blog post, "I am quite impressed, Mr. Cook! That took courage...but it does not mean that your data is beyond law enforcement's reach."

According to Apple's legal guidelines, last updated in May and still active on Apple's site, upon receipt of a valid search warrant, "Apple can extract certain categories of active data from passcode locked iOS devices," which means Apple can in fact retrieve data off of users' iPhones. Specifically, Apple can provide users' iMessages, photos, videos, contacts, audio recording, and call history, according to the guidelines. It cannot, however, provide e-mail, calendar entries, or data from third-party apps. 

Consumers have been worried about Apple security ever since hackers broke into the iCloud accounts of more than 100 celebrities and then leaked nude photos of them on the Internet. Apple has denied responsibility, but in the wake of those breaches, the company pledged to send new alerts to customers when their iCloud account passwords are changed, when accounts are logged into from new devices, and when new devices are used to back up a customer's account data. 

Apple has also introduced added security layers for customers when using their iCloud accounts. For example, customers logging into iCloud accounts customers are now encouraged to use two-step verification. Users now can also sign out remotely from all browsers where they are logged into their iCloud accounts.

However, the latest iCloud security features are only available for users of the latest iOS and desktop software, meaning iOS 8 and OS X Mavericks version 10.9.