iOS 18 📱

Locking Apps

Many privacy-focused applications like Signal and Proton Mail can already require additional authentication when being opened. Apple has now baked this functionality natively into iOS 18. This means even if someone has your unlocked device, they'll need to bypass authentication requirements a second time to open each locked application.

To enable this:

• Hold down on any application
• Select 'Require Face ID'

Limitations:

1. Unlike other versions of this feature we find in Signal and Proton Mail where you can select a time window before requiring authentication again, this feature lacks that ability. It will prompt each time!
2. There's no fallback to your device's password. Signal and Proton Mail both have password fallbacks in the event you can't authenticate with your face, this feature lacks that.
3. One of our Signal group members who doesn't use Face ID let me know that this feature requires Face ID. If you don't use Touch ID, you cannot use the feature at all!

My Take

While this is a fantastic tool and I'm happy to see it...I think the overlap of sensitive applications that can benefit from this feature but didn't already offer it is fairly slim. Many banking apps, Signal, Proton Mail, Tuta, and other apps that require privacy already included this ability, and they still offer more flexibility with this feature than what Apple natively offers. What this is good for is the random app that stores sensitive data and didn't already include a feature like this. Maybe if Apple introduces more flexibility for this feature, then developers will push users to use the native version instead of developing their own.

Hiding Apps

You can now hide applications from the homescreen and app drawer. Pretty self-explanatory! Hidden apps won't be easily discoverable except in a few places like your settings. To access the app once it's hidden, you just go to your app drawer and scroll to the bottom where you'll see a 'Hidden' section. 

To enable this:

• Follow the same instructions as locking an app, but instead of selecting 'Require Face ID', select 'Hide and Require Face ID'

Limitations:

• This is very all-or-nothing. If an app is hidden, you will not receive notifications, calls, or alerts for the app.

My Take

I can't figure out where I would use or recommend this feature. The only scenario that comes to mind is if you have an app you don't want to be discovered by someone who has frequent access to your phone. But as we covered, the app can still be discovered from your settings. And guess what? Apple doesn't allow you to lock the settings app. While this is a cool feature and I appreciate it existing. I can't help but feel that separate user accounts or work profiles found on Android devices is simply an upgraded version of a similar concept. I'll continue reflecting on this feature, and if you have suggestions on how to use it—send them to me!

Passwords

Apple now has a real password manager! This will include all of your keychain passwords and a few extra things, but in a dedicated password app.

If you are expecting some of your favorite features from one of our commonly used password managers, you'll still be disappointed. However, this seems like a great first step in Apple committing to one day offering a legit password manager that does more than what your browser can do.

One of my favorite features covered by Josh from All Things Secured here is this new app allows you to share WiFi credentials without needing to share the password itself! They just scan the QR code and their device joins the network, but the password is never shared.

My take

This is a welcome change and a good direction for Apple. It shows long term commitment to building a proper password manager. But, I'm more excited about the potential for this app than what the app offers in its current state. It's fairly locked down to Apple's ecosystem with limited options for easily migrating to alternative platforms. It also has no Android or Linux support with iffy Windows support from what I can tell. Apple's new Passwords app is another kick in the gut for anyone who (gasp) includes a non-Apple device anywhere in their workflow. If you're not already using a password manager, please use a better one so you aren't locked into Apple's walled garden. If you're already in the garden, then you now have a nicer app to use!

Contact Privacy Permission

Previously you could choose to grant apps either your entire contact list, or none of it. Apple is making this more granular in iOS 18 by giving you the ability to select only specific contacts to share with each application.

To enable:

• Go to Settings > Privacy & Security.
• Tap Contacts, then tap the app.
• Choose how much access to your contacts you’re giving the app
• Select or deselect individual contacts, then tap Done.

My take

This is great for situations where you have a single person using a messenger like Telegram or WhatsApp. Now, you can still have these apps manage a select number of contacts tied to that platform without needing access to other contacts. What I wish Apple would do to expand the usability of this feature is to add contact groups/buckets. As it stands, you have to manually select contacts on a per-app basis, meaning you have to redo your work on every app. I'd love to see an option to create contact buckets, like a 'family' bucket, so you can continually choose to share a specific group with multiple apps.

MacOS Sequoia 💻

iPhone Mirroring & Notifications

While this may not seem like a privacy feature per se, it can be utilized for some clever workflows that were never possible before!

As you can see above, you can now access and use your iPhone directly from your Mac to do cool things like access our Signal group from your phone. What this means is:

• You now have the option to use the more robust sandboxing of your iOS applications without needing to use desktop counterparts
• You now have the option to avoid syncing data between devices through centralized servers

As I said, this is not a privacy feature. But, I already know our team member Jonah is planning to ditch Signal for desktop in favor for only using Signal on his iPhone, as now he can access it from his computer. This means he gets a more secure experience, and it also means he can save on sync times as Signal desktop won't need to sync every time it opens. There are many other hypothetical situations where you may able to use iPhone mirroring in place of an otherwise insecure desktop client, or a situation where a provider doesn't provide E2EE syncing.

My take:

Very underrated tool that I'm sure many people will find interesting use-cases for! One workflow that may speak to many people is TOTP. It's generally best practice to keep TOTP codes on one device, and now you can do that with iPhone mirroring without needing to sync your codes between devices. If you use Ente Auth, just use it offline without an Ente account and use iPhone mirroring to access your codes on MacOS even if your iPhone is in the other room. Huge! Pro tip: Use the keyboard shortcuts in the 'view' menu to quickly access spotlight and the homescreen of your iPhone.

My only complaints with this feature:

1. I wish it was better integrated into MacOS. Imagine if spotlight on MacOS could open an iOS app and automatically open iPhone mirroring with the respective app.
2. While it's best for security, the connection timeout is fairly short, so this isn't as smooth as you may envision it to be. You can't just leave your iPhone open on your second monitor for hours on end. After just a few minutes it'll pause the connection and require authentication to access your phone again.
3. The window is too small. Even if you increase the window size in the view menu, you still don't fill the full vertical space of your display. I wish this scaled up more.

Passwords

Remember the passwords app from the iOS section? Apple released it for MacOS as well! It syncs via iCloud and my thoughts on it are exactly the same as the iOS section.

Gatekeeper Changes

This is a nerdier and more technical update, but Apple made some minor changes to how it verifies the security of applications you open. I wasn't aware of this, but previously you were able to open applications that were not approved by gatekeeper by simply right clicking the application, and clicking 'open' from the finder menu instead of double clicking the application as you normally would. I'm already used to having to go to System Preferences to force-open an app when gatekeeper blocks it, but now that's your only option. If you knew about this workaround, that's a bummer. If you're like me and you never knew, well that's it! I guess now everyone has to get used to opening the system preferences to allow apps that gatekeeper doesn't like.

Permissions that are pissing people off

MacOS is now giving you popup notifications every month if an app has permission to record your screen. It will do the same for any apps that require local network access. People are pretty pissed about this one, since most apps that have this permission were granted explicit permission to access screen content. I am not sure what the inherent security benefit is to this in most situations, but I guess you'll need to get used to it.

MAC Address Randomization

MAC randomization is making a comeback! to set this up go to System Settings > Wi-Fi > Details > Private Wi-Fi address 

I'd suggest using a fixed address for more established networks you trust, and using rotating addresses for networks you have less faith in. My only issue with this feature is there's no global default. You'll need to do this for every network you join and I don't believe there's a way to set a default behavior when you join. From what I can tell, when you join a new network it will always default to 'Fixed'. Not sure how I feel about this if I'm understanding the feature correctly.

Summary

Definitely some nice changes, though overall I can't say there's anything groundbreaking with these new updates. What I'd love to see are:

• Improvements to lockdown mode, particularly the ability to exclude web apps in Safari for MacOS
• Apple committing to more platforms than just iOS, MacOS, and Windows for its new Password app. (iPadOS is not a different OS from iOS no matter how much Apple claims it to be! So I will not include it in the list of supported operating systems) Apple seems to acknowledge that Android exists with Apple Music, but not for its Passwords app?!
• I'd love to see improvements to iPhone mirroring so more workflows can exist. Like a longer timeout, and deeper integrations with MacOS.
• Apple has yet to fix it's bizarre issue of VPNs being completely unreliable on iOS. At this point I can't even say using a VPN on iOS is reliable enough to safely protect your IP address. The worst part is Apple seems committed to calling this intended behavior. I don't understand how a company dedicated to releasing a great feature like Lockdown mode can completely blow over the importance of safely protecting someone's IP address.
• I would love love love to see user accounts, work profiles, and other features to enable users to use multiple versions of the same app on their phones.

No bad moves, but no great ones either. Minor updates across the board, but welcome nonetheless. About what everyone is saying about the new iPhones.

Written by

Share

Copied