As Apple rolls out one update after another, users are continually faced with the question, “What does the new version have to offer me?” This question is asked both with regard to the hardware and the software. Rightly so—hardware can be an expensive investment, and software updates can majorly change the interface and available options; they may even be incompatible with crucial apps.
Security is another matter entirely. In general, manufacturers always recommend using the most updated version of their software and devices for maximum security effectiveness. But is this always the case? Are there instances where updates can actually be bad? I’ll let you be the judge.
Of course, the update to iOS 10 is by far the most recent and relevant example, so we’ll be starting there. If you’ve already updated to iOS 10, you probably noticed the changes right away, but you may not have considered the consequences.
iOS 10 and the Lock Screen
Apple’s update to iOS brought a slew of new features to the lock screen. The original swipe-to-unlock feature is gone and replaced with the use of the home button either to scan your thumb or to enter your PIN. Widgets are also more accessible, and plenty of notifications can be seen as well—by anyone who turns on your device’s screen.
Yes, while the update does add some very useful features, it compromises heavily on security. Without your password or Touch ID, just about anyone can see what’s going on in your life by taking a closer look at your lock screen. In some cases, they can even access apps and features normally only accessible once your phone or tablet is unlocked, including iMessage.
The change naturally spells a mixed blessing. On the one hand, Touch ID is a highly secure way to access your device, but it’s also much easier to force someone to unlock a device with as well. Passwords and PINs can be kept secret, as we’ve seen with the previous Apple battle against the government.
Don’t despair if you’ve already updated though. Many of the new lock screen’s features can be turned off in the settings section.
Exploits and Vulnerabilities
No matter what side of the fence you fall, it’s an absolute fact that keeping your OS up to date is a great way to avoid falling victim to hackers using exploits in older iOS versions. If you know where to look, Apple even keeps a log of what problems were fixed with each new update.
By updating, you can avoid security loopholes in older versions, but you won’t be spared from hackers exploiting other vulnerabilities, such as those found in public WiFi and other unsecured internet connections. Third-party security software solutions, such as those provided by Virtual Private Networks (VPNs) and anti-virus apps, are what help to fill that gap.
It’s worth repeating that no iOS version is immune from infection or data interception without these tools. Although Apple was once thought to be malware free, the last few years have proven that false. In the meantime, the increase in WiFi use to navigate around limited data plans has led hackers to target iPhone users without secure internet connections, such as those provided by VPNs.
The Risk of Dated Devices
As a whole, Apple is one of the best companies at providing updates for their devices. Unlike the fragmented Android market that relies largely on a manufacturer’s desire to update for the latest candy-themed Google update, Apple continually pushes out iOS versions to nearly all of their users.
The sole exception is with seriously outdated handsets. Due to the sheer lack of device power, Apple at times must set an expiration date on how many updates it can offer. That means eventually users will be left without access to iOS updates and as such will slowly become vulnerable.
The investment is no joke either; the iPhone 7 retails for over $700, a significant cost considering a new handset comes out just about every year. Fortunately, Apple usually supports their phones for well beyond the typical two-year contract offered by most carriers, so that at least isn’t a big concern.
What’s even more costly is having your identity stolen for not updating. Stolen bank accounts, billing info and other personal data can cost the average person in the neighborhood of $5,000, not to mention time spent correcting fraudulent charges, possible criminal activity and canceling multiple accounts.
One thing that has improved with time on iPhones is the access system. As mentioned above, Touch ID adds a different level of protection that can’t easily be copied by the average thief. What I didn’t mention was the change to the PIN system that began in iOS 9. For a long time, PINs were limited to four characters.
While that’s not necessarily unsecure, the upgrade to a maximum of six characters increased the number of possible codes exponentially, and if that wasn’t enough, Apple decided to incorporate the option to use real passwords of just about any length. Though not as convenient as a PIN, a full-length password is incalculably harder to crack than a few digits given that it can be of considerable length and can incorporate letters in addition to numbers.
Sadly, the password feature is chronically underutilized just because it isn’t very convenient, unlike Touch ID, which works extremely quickly and without any real effort on the user’s part.
Ultimately, the choice to update or not is up to you, but be sure to consider carefully the risks of forgoing an update. If you’ve ever had to avoid updating for one reason or another, we’d love to hear from you in the comments section.
About the Author: Caroline is no stranger to Apple products, and she thoroughly enjoys their product line. Her other hobby is, of course, online security. She writes about the topic regularly, advising users and businesses on how best to protect their interests that reach into the net.