Why Doesnt Apple Include a Touch Id in the Power Button for the?

Why doesn't Apple include a Touch ID in the power button for the iPhones just as in the iPads?

Q. Why doesn't Apple include a Touch ID in the power button for the iPhones just as in the iPads? A. The Apple iPhone SE (2020) has TouchID in the Home button, just like in their iPads It is one of many security features in iPhones Additional Information. I have written about this before so I will quote myself here. There are attempts at making viruses, and hacker attacks, written for the Mac, iPhones and iPads, t do exist but t don’t work because Apple is successful at deflecting them; Apple expends a huge effort in keeping their customers safe, protecting customer privacy via an effective multi layer defense system built into many layers of the operating system (which deflects viruses, hackers and other malware). There is no other OS with anywhere near the protection level that Apple provides. That is why no one sees any active viruses or other hacks on Mac, iPhones or iPads, regardless of how many new strains are made. FBI Director Comey testified before United States Congress that the FBI, with the help of the other government agencies, cannot hack into iPhones, which also means that there is no way to bypass the Activation Lock/iCloud Lock, at all. He also testified that the FBI can hack all other operating systems and products, regardless of marketing claims. Companies like Cellebrite make false claims about being able to break into iPhones, the fact is that t cannot hack any iPhone that has the Secure Enclave chip, the same is true of the Manhattan District Attorney’s office who has a million dollar hacking lab, t also can only hack (All) Androids t cannot hack any iPhone that has the Secure Enclave chip in it. Cellebrite was given credit for breaking into the San Bernardino phone, the media even claimed that the FBI had paid Cellebrite anywhere from $1 Million to $20 Million USD for breaking into the phone, subsequent legal (court) testimony by the FBI clearly proved that Cellebrite never broke into the iPhone, proving that Cellebrite and the media’s claims had been false the entire time. Cellebrite never handled that iPhone at all, t were perpetuating a lie. This is why the FBI is continuously harassing Apple to install a backdoor in to iPhones, which Apple always refuses because Apple is the only high tech company that is actually dedicated to protecting each Apple-using person’s privacy. The reality is that Apple cannot unlock iPhones, even if t wanted to, only the owner knows the passcode to their iPhone and only that passcode will unlock it. Apple responds very quickly to new virus threats, automatically updating all Mac, iPhone and iPad users around the world immediately and invisibly. If “Automatic Updates” are turned on (which is the normal setting for all users), then users will receive updated virus protection, invisibly, the same day that Apple releases it. This is why there is no *Active* virus/malware in the Apple community, so there is nothing to worry about. Apple protects iCloud since has been offering online services since 1986, so Apple has many decades of experience securing online accounts. Apple also avoids hardware exploits in Intel’s CPU (which have multiple security flaws) with the implementation of Apple’s own Secure Enclave, T1, T2, etc. chips that boot completely securely, regardless of all the flaws in Intel’s CPUs. Apple expends a great deal of effort to make its operating systems (macOS, iOS, iPadOS, watchOS, tvOS, audioOS, etc.) secure, safe and private by implementing defenses in many layers of its core OS, which includes but is not limited to. • XProtect antivirus (scans for Windows malware as well) • Yara (users can even add their own rules) • Gatekeeper • System Integrity Protection (SIP) • Malware Removal Tool (MRT) • Core Suggestions • Incompatible Kernel Extensions (KEXT Exclusions) • Application Firewall (cannot be disabled) • pf Firewall (BSD firewall, optional) • FileVault (high grade encryption of all user data is standard) • Chinese Word List (SCIM) • Core LSKD (kdrl) • Flask Security Architecture for flexible mandatory access control • File quarantine • Deactivation of TPM (where applicable) on a hardware level • Safari Fraudulent Sites protection • eficheck • Messages (the only text app that is actually secure) • iCloud Lock (in addition to Passcode Lock) • Protection against “Juice Jacking” • POSIX Saved IDs is correct, inescapable • Encrypted swap is standard • Encrypted binaries, with decryption code in the paging path • Intentional page discards, so that an attack involving page modification can’t be successful • App Store scrutinizes all apps for privacy & security far better than all others in the world • Signed binaries • Refusal to run unsigned code downloaded from the Internet • “Rootless” mode, requiring substantial effort to escalate privilege in the first place • Common Criteria for Information Technology Security Evaluation is built-in (as documented. TrustedBSD - Documentation) • T2 Onwards ⁃ Passwords are hashed then the hash is stored in an inaccessible hardware encryption chip (T2 and Secure Enclave chip onwards) ⁃ Cryptographic Boot ⁃ iPhone ⁃ iPad ⁃ Mac • Secure Enclave (T2, etc.) chip ⁃ Is isolated so even if a host device is compromised the Secure Enclave remains secure ⁃ Provides hardware control of FaceTime camera • FIPS 140-2/-3 Conformance Validation Certificate ⁃ 2018 onwards FIPS 140-2 Security Level 1 ⁃ 2019 onwards FIPS 140-2 Security Level 2 ⁃ FIPS 140-2/-3 Security Level 3 in newer products • Immediate app revocation for fraudulent use of developer, enterprise, or any other digital certificate ⁃ Such as the Silver Sparrow attempts that were deactivated and which never were able to perform any malware activity due to to the other Apple defenses • macOS Mojave onward ⁃ Camera or microphone access requires user consent prompt (all but the oldest Macs have the webcam hard wired to the green indicator light so the camera cannot be on unless the green light is on); there is also a, physical disconnect that cuts the physical connection when the lid is lowered ⁃ Moving or reading files in the Trash (by an app) require user consent ⁃ Plug-in unapproved list, Safari extension unapproved list • macOS Catalina onward ⁃ Notarization ⁃ Mandatory app code signing ⁃ System Extensions (Apple replaced “kernel extensions” so third parties cannot extend the kernel anymore, for security purposes) ⁃ System files are stored in a separate read-only partition ⁃ Endpoint Security framework ⁃ Gatekeeper enhanced with random validation checks ⁃ Gatekeeper now requires a User Prompt and approval for changes (anti-ransomware protection) ⁃ Camera access, microphone access, screen recording or keyboard input monitoring requires user consent prompt (all but the oldest Macs have the webcam hard wired to the green indicator light so the camera cannot be on unless the green light is on) ⁃ Downloads require user consent prompting for each domain ⁃ Locked out ROOT account (not even Admin has access to ROOT) ⁃ Security & Privacy preference panel ⁃ Access control settings permissions for functions like Screen Recording, accessing Files and Folders, Input Monitoring, and Speech Recognition. ⁃ Activation Lock (like on iPad and iPhone) ⁃ T2 Security Chip-enabled Macs become nothing more than a brick until the proper credentials are verified, to unlock it • Apple led the industry to require that Safari only accept digital certificates that are not more than 13 months old • Address space layout randomization (ASLR) • Apple statement on privacy/security. “Every Apple device combines hardware, software, and services designed to work together for maximum security and a transparent user experience in service of the ultimate goal of keeping personal information safe … Apple is committed to helping protect customers with leading privacy and security technologies— designed to safeguard personal information—and comprehensive methods—to help protect corporate data in an enterprise environment. Apple rewards researchers for the work t do to uncover vulnerabilities by offering the Apple Security Bounty.” • Device management built into Intel CPUs (“Intel Management Engine”) is blocked and is completely inoperative • Root keys for all Messages/iMessage/FaceTime communications were destroyed in front of witness, many years ago, so no backdoor can ever exist • macOS - Security • Apple Platform security Fall 2019 PDF https.//manuals.info.apple.com/MANUALS/1000/MA1902/en_US/apple-platform-security-guide.pdf • Apple App security overview App security overview • Ability to deactivate hostile apps worldwide, immediately • Apple A12 Bionic and onwards corrects an unexploited hardware exploit in earlier Secure Enclave chips • Web browsers are sandboxed • Sign-in with Apple • iOS 14 forward ⁃ Generalized location in Maps App ⁃ Translate feature ⁃ Recording Indicators for Mic and Camera ⁃ Limited Photos Library Access for Selected App ⁃ Apps forced to offer Request to Track ⁃ Privacy Information in the App Store ⁃ Safari Password Monitoring and Privacy Report ⁃ Upgrade to Sign in with Apple capability ⁃ Enable WiFi Private Address ⁃ Enable Local Network Privacy Access ⁃ Sign-in with Apple (on apps) ⁃ Status bar indicator when app uses the microphone and camera ⁃ App Store self-reported privacy practices ⁃ All apps required to obtain user permission before tracking ⁃ App Tracking Transparency ⁃ Password Monitor & Compromised Password Alert ⁃ Random MAC address for each WiFi connection ⁃ Privacy Warning if actual MAC address is visible to a WiFi hotspot ⁃ “Weak Security” warning when Wi-Fi is using vulnerable technologies. ex. WPA or TKIP ⁃ Intelligent Tracking Protection (ITP) is mandatory ⁃ Blastdoor protection (precuts against zero click attacks, ASLR brute force, shared cache region attacks, includes advanced parsing of untrusted data in iMessages etc.) ⁃ iOS 14.5 onwards ⁃ Pointer Authentication Codes (PAC) to prevent zero-click and memory corruption exploits • Apple Silicon onwards ⁃ Write XOR execute (W^X) ⁃ Kernel Integrity Protection ⁃ Pointer authentication ⁃ Device isolation ⁃ Explore the new system architecture of Apple silicon Macs - WWDC20 - Videos - Apple Developer ⁃ Macs Only ⁃ Selectable security level for each instance of macOS that is installed (Full Security makes the Mac just as secure as an iPhone) ⁃ Secure Hibernation ⁃ Full At-Rest protection ⁃ Integrity and At-Rest protection ⁃ Low battery protection ⁃ APFS encrypted drive support iPhone/iPad enter password to access the content • Second Generation Recovery Key, prevents access to Apple devices even if the attacker has full access to iCloud and 2FA • Safari 14; Privacy Report • iPad Pro 2020 and newer disconnects hardware microphones when the lid of the device is physically closed • Hardware updates when needed such as. ⁃ A12, A13, S4, and S5 products released in Fall 2020 (and later) have a 2nd-generation Secure Storage Component ⁃ Devices first released in Fall 2020 or later are equipped with a 2nd-generation Secure Storage Component. The 2nd-generation Secure Storage Component adds counter lockboxes. Each counter lockbox stores a 128-bit salt, a 128-bit passcode verifier, an 8-bit counter, and an 8-bit maximum attempt value. Access to the counter lockboxes is through an encrypted and authenticated protocol. • macOS Big Sur onwards ⁃ SSV (Signed system volume) ⁃ Built-in Runtime Security ⁃ Encrypted DNS (DNS over HTTPS or TLS) • Apple Silicon onwards ⁃ Data Protection (encryption) class for each file • Weak Password Warning • 2021 Onwards. ⁃ A new encrypted protocol for Developer ID certificate revocation checks ⁃ Strong protections against cryptographic validation server failure ⁃ iCloud defense against malware embedded inside Pages/Numbers documents ⁃ AirTags anti-stalking protection, including. ⁃ Unwanted tag detection ⁃ Rotating Identifier ⁃ Audible Alerts ⁃ Android app to detect stalking ⁃ Completely randomized product serial numbers ⁃ End-to-end FaceTime encryption for non-Apple users via their web browser • Hidden IP addresses in eMail • Hidden IP assesses in web trackers • 3rd Party domain tracker reports (web tracker list) • iOS 15 iPadOS 15 macOS Monterey ⁃ On device voice recognition for Siri in Neural Engine ⁃ Family Recovery Contact List to get back into your account of you are locked out ⁃ Legacy Contact List if you pass away ⁃ Private Relay (Safari iOS and macOS Monterey) double relays (VPN) to obscure your web browsing (hide IP address from ads as well), not even Apple can see your activity; It protects. ⁃ All Safari web browsing ⁃ All DNS queries as users enter site names ⁃ All insecure HTTP traffic ⁃ Hide My Email to hide your real email address when filing out forms (and stops senders from using invisible pixels) ⁃ Mail Privacy kills tracking pixels ⁃ Mail Privacy Protection hides your IP address ⁃ Secure Paste allows users to copy/paste between apps without the apps being able to see what is inside the clipboard ⁃ Eliminates need for Authy and Google Authenticator by providing codes for app-based two-factor authentication ⁃ SMS Spam filtering Brazil and India now, other countries later ⁃ iPhone is still traceable through the Find My network even when the device is powered off via the Power Reserve feature which contains extra power to keep Find My running; location tracking will even keep working whilst the phone is reset to factory settings with Activation Lock enabled ⁃ Safari Intelligent Tracking Prevention ⁃ Safari automatically HTTPS upgrade where possible ⁃ iCloud Passwords (formerly iCloud Keychain) now includes a built-in authenticator will be able to generate codes for two-factor authentication ⁃ Advanced Fraud Protection to Apple Card, with a regularly changing security code ⁃ Safari Bookmarks end-to-end encrypted ⁃ Safari History and iCloud Tabs were already • macOS Monterey specific ⁃ ‘erase all contents and settings’ option for resetting your Mac, while maintaining the operating system currently installed, like an iPhone ⁃ Mail Privacy kills tracking pixels ⁃ “Erase all contents and settings” • HomeKit ⁃ HomeKit Secure Video (for security cameras) • Apple Platform Security Report February 2021 ⁃ Apple Platform Security • Security Certifications and Compliance Center February 2021 ⁃ Security Certifications and Compliance Center • Tim Cook on Privacy.