Security

Apple Device Security: Big Temptation to Dumb-Down

Merlin Mann — Tue, 22 Jul 2008 13:42:33 -0400

Chairman Gruber recently discovered (via his sharp-eyed reader, Earl Misquitta), that the aforementioned iPhone Remote application can also be used as a virtual keyboard for entering search text, login information, and what have you on your AppleTV. Seeing the typed characters appear on the TV screen as you type them is simply magical. So, if, like me, you’re in the amazingly tiny sliver of the Venn diagram for people who own both these products, this is hugely convenient, and what a welcome trick it is.

As I’ve alluded to before, the AppleTV’s torturous keyboard entry (via the hardware Apple Remote’s 4-way joystick) is abysmal. In 21 uninterrupted years of using Apple products, it’s probably the most consistently frustrating and poorly-designed interface I’ve encountered. I literally hate using it.

The ability to enter text via the superior (but far from perfect) iPhone keyboard is wonderful but it doesn’t and can’t address a deeper problem with the keyboard-challenged devices Apple are focused on vending right now: assy and annoying text entry encourages the use of crap passwords. This is bad, and here’s why.

Sliding backward

We’ve all heard the lectures about not using your ferret’s name as The Single Password™ for everything you do, and my sense is that, over the years, a lot of us have tried to get better about password hygiene — especially as more of our stuff moves into an online cloud.

But my entirely anecdotal opinion is that the iPhone, the iPod Touch, and the AppleTV each tempts their users to slide back to dumbing-down their passwords in exchange for better ease-of-use. The most annoying device in your chain ends up driving the passwords you use for everything. Right now, it’s such a pain to enter a secure password on a device like the iPhone or the AppleTV, that I’m betting a few of you have already fallen back on your ferret. Or “pencil.” Or your ATM PIN.

This is an unbelievably bad idea, but what are the options if this is a device you need to use a lot?

A real-world problem

I’m a fervent 1Password user and (unpaid) evangelist, so I don’t suffer from this conundrum quite as badly when using Safari on the iPhone. 1Password generates and remembers secure passwords for me, then lets me enter them on my phone in a few seconds via a password-protected bookmarklet. Imperfect, but a big step up over nothing.

Of course, I’m still SOL when the iTunes App Store wants me to (again again again) manually re-enter my password in order to download apps on my iPhone. I’m not made of stone. This sucks. I’ll even be the first to admit — solely on the basis of how vexing the AppleTV (and non-Safari on iPhone) password entry is — that I’ve been sorely tempted to move to a more trivial password. But I’ve held out.

If you’re using MobileMe, or Google’s apps like Gmail, or any of the other myriad cloud functionalities that store a lot of personal information, it’s just not worth assuming the risk in return for a bit of convenience.

”Four digits? What a pain.”

To make this nuttiness even more frustrating, every day I watch friends entering 4 or 5 character passwords over an iPhone that they don’t even bother to auto-lock (“Meh, I use it too much. It’d be a pain.”). Understand: this is a portable device on which all their email, contact information, and logged-in web accounts live. They’re one drunken taxi ride away from a potentially significant privacy crisis.

While leaving a phone unlocked in public does blow my mind, I think I understand how we got here. For 30 years now, banking customers have tolerated four-digit ATM PINs because a) they’re convenient, and b) our bank assumes some of the risk associated with replenishing a generic pile of money whenever anything goes wrong. After all, it’s not your money that gets stolen; it’s the bank’s electronic representation of your money. And that’s easy enough to replenish.

But is four digits (or a trivial password) enough to protect your irreplaceable private data? Are you willing to assume that risk? It’s unbelievable that the question even needs to be asked. But, I’m going to say, no. But, that’s where we are right now. In a place where ease-of-use is trumping the good sense we’ve developed to take this shit seriously.

Help a brother out, Apple

I think it’s time for Apple and its users to start treating a device such as the iPhone like the powerful little computer that it really is. That means having to risk introducing some inconvenience and complexity by looking at things like:

Default automatic iPhone locking - make the default an auto-lock of 15 minutes
Make iPhone unlocking easier - consider adding a complex gesture or other “secret knock”
Integrated password management - 1Password is great (I’d say it’s even essential), but Apple should step up to help with the heavy lifting from the moment a device is activated. They made the Keychain; they can make it easier to use on an iPhone
Look into novel text entry - Is QWERTY keyboard entry the only option people will understand? Are those alphabetical monstrosities on the AppleTV really the best they can come up with? Can the boffins in R&D not scare up some less soul-crushing options?
Empowering power users - Even if Apple’s devices ship with the current features exposed in the current default state, I’d love to see Advanced options that can be flipped on by nuts like me. I have to imagine that UNIX nerds, security gurus, and enterprise paranoiacs would welcome the introduction of tougher security. The best and easiest start would be the ability to allow an entirely user-configurable passcode for unlocking. Quick win.

How to Auto-Lock your iPhone

If you’re out and about right now consider doing this on your iPhone:

Go Home, then hit Settings > General
Hit Password Lock and Enter a memorable 4-digit code (then re-enter)
On the Passcode Lock screen set Require Password to After 5 Minutes (or whatever suits you)
Back in General hit Auto-Lock and set it to 5 Minutes (or, again, whatever you prefer)
You’re done; your phone will now lock itself automatically

At least now your screen door is latched. Go, moblog, and prosper with at least a bit more security in your life.

The Question to You

Has iPhone or AppleTV changed your practices around passwords? Any features you’d like to see to make your Apple device more secure?

”Apple Device Security: Big Temptation to Dumb-Down” was written by Merlin Mann for 43Folders.com and was originally posted on July 22, 2008. Except as noted, it's ©2008 Merlin Mann and licensed for reuse under CC BY-NC-ND 3.0. "Why a footer?"

Panic's stevenf: Time to Dump FTP

Merlin Mann — Mon, 14 Jul 2008 15:45:38 -0400

stevenf.com (“Don’t Use FTP”)

Steven Frank, one of the boys wonder behind Panic and their excellent Transmit app says it’s high time to dump FTP in favor of its smarter, sexier sister, SFTP. Of which Steven says “It’s secure, it’s consistently implemented, and it’s machine-readable.”

A lot of people who have used FTP daily for years are surprised to learn that they’re sending everything in the clear — that means the stuff you’re uploading as well as your actual password. Makes you think twice about what you’re throwing through the air as you update your blog templates via “free WiFi.”

Steven says:

If your host doesn’t support SFTP, you should find a different host. It’s not hard to support, and it’s ridiculous to force people into using insecure protocols in the year 2008. Ask them, for example, why they don’t support telnet. FTP is no better.

FTP has served us well, but it’s time to move on. You wouldn’t use a 23 year old computer to do your work, so don’t use a protocol from the same vintage. Demand modern transfer protocols from your host.

I agree. If you’re unsure whether your host will let you do SFTP (and SSH in general), ask. You may indeed need special permission (many providers “jail” garden-variety users in a way that disallows SSH without special permission). You may also need to find the correct port. On my host, A2, for example, you have to run SSH and SFTP on the unconventional port 7822, but it works like a charm once you’re up.

Great suggestion, Steven. Worth getting the word out.

”Panic's stevenf: Time to Dump FTP” was written by Merlin Mann for 43Folders.com and was originally posted on July 14, 2008. Except as noted, it's ©2008 Merlin Mann and licensed for reuse under CC BY-NC-ND 3.0. "Why a footer?"

1Password beta: Secure name and password filling for iPhone's Safari

Merlin Mann — Thu, 31 Jan 2008 13:31:45 -0500

Safari AutoFill for iPhone and iPod Touch (Switchers’ Blog)

Babies, iPhones and very-high-security passwords can be a bitter cocktail; it’s really hard to enter a 28-character/mixed-case/special character password on the iPhone while you’re holding 15 lbs. of undulating infant. Trust me.

So, if you caught video of my recent interview with Agile Web Solutions’ Dave Teare, you could see how excited I was to learn about a then-upcoming beta which would support autofill name- and password-entering via secure bookmarklets on your iPhone. Well, the day has arrived, and, brother, am I ever loving this.

click to view larger

From Dave’s post on the company’s blog:

Every iPhone and iPod Touch user has cringed when they realized that Mobile Safari does not remember web site logins. Coupled with the fact Copy and Paste is nonexistent on the iPhone, users were forced to type their login information every time they wanted to access any password protected site…

After browsing to a password protected website that requires you to login, simply bring up the Bookmarks menu and select “1Password Logins” to bring up the 1Password AutoFill window…

All the confidential information stored within the bookmarklet is encrypted using Strong Cryptography (448-bit Blowfish encryption) and can only be accessed once the correct Access Code is entered. The confidential information is decrypted within Safari on the iPhone and no communication with the 1Password web servers is required.

Dave tells me via email that the hosting service he’d mentioned in our interview is still being planned, but, personally I’m thrilled that this “just works” out of the box as well as it does from this first cut. I have seen a few problems in 1P seeming not to remember a login associated with a site, but more often than not, it’s been just spot-on — even when entered with my one, daughter-free hand.

Anyhow, check ‘er out. 1Password is shareware ($29.95) and a free download. The updated functionality appears to start with version 2.5.10 (build 6102).

One of my favorite Mac apps just made life a lot easier for iPhone users.

”1Password beta: Secure name and password filling for iPhone's Safari” was written by Merlin Mann for 43Folders.com and was originally posted on January 31, 2008. Except as noted, it's ©2008 Merlin Mann and licensed for reuse under CC BY-NC-ND 3.0. "Why a footer?"