Apple’s much-awaited iOS 17 update for iPhones has landed today with several new and improved security features. The new features are aimed at protecting iPhone owners who are more vulnerable to cyber attacks and spyware, such as journalists, activists and human rights defenders. Other iOS 17 features are better suited for a larger population, including anti-web tracking and secure password storage and easy sharing of new phishing-resistant passwords.
Here’s what we’ve seen so far.
New protections in lockdown mode
The biggest addition to Lockdown Mode is that it now works not only on iPhones, iPads and Macs, but also on the Apple Watch. It can’t come soon enough considering recent exploits used to plant spyware have been able to compromise Apple Watch owners.
Lockdown Mode works by selectively turning off certain iPhone (and Watch) features that have been abused in the past by spyware makers like iMessage and HomeKit, making it more difficult to break into the device and steal its data.
Lockdown mode in iOS 17 automatically removes geolocation data from photos by default when sharing photos with other people, such as where the photo was taken, which could reveal where a person is.
Another nifty feature is that iPhones in lockdown mode will automatically block joining unsecured Wi-Fi networks that could allow someone on the same network to analyze the iPhone’s network traffic. Lockdown mode also blocks connections to 2G cellular networks. The goal is to block a range of cellular-based exploits used by cell site simulators, or “stingrays,” which law enforcement uses to connect nearby phones to fake cell base stations and track phone locations and snoop on calls and messages. . Stingrays are controversial because they operate over a wide area and are indiscriminate about what equipment they hook into.
More anti-web tracking features
iOS 17’s Safari browser now removes tracking information from web addresses that can be used to uniquely identify your device and track you around the web. This makes it more difficult for websites and advertisers to see what other sites you visit.
You can choose this feature in your Safari settings on iOS 17 to work when you’re using Private Browsing, or you can apply it to all browsing sessions to really make a dent. This should not affect or break your daily browsing experience.
Private browsing will also be locked by default, prompting the device owner to scan their face or fingerprint before opening their private tabs.
Check-in security features and avoiding scammers
PassKeys, the phishing-resistant password replacement that allows you to log in without worrying about your passwords being stolen, is getting an update. Many sites and services already support Passkeys — Apple, Google, Microsoft, PayPal, and many others. Before long, you’ll be password-free for good. You can now share passkeys (and passwords, if necessary) with friends and family. Passkeys and passwords are shared using end-to-end encryption, so no one else in the group can access them, not even Apple.
Check In is a new feature that lets iPhone owners share with friends when they plan to arrive safely at their destination. This feature monitors the person’s real-time location and will alert a friend if something seems amiss. This location data is end-to-end encrypted, negating the need for third-party apps that sell your location data to advertisers and data brokers.
And, finally: live transcription is an added bonus for people who never want to be bothered by spam or scam calls again. Instead of answering (or rejecting) the phone — both can notify the caller that the line is active — live transcription converts the caller’s voice into text displayed on the screen in real-time.