Apple Details Upcoming Privacy and Security Protections in macOS Mojave
Apple is beefing up security in both iOS 12 and macOS Mojave, and in a yesterday’s Platforms State of the Union event for developers, Apple outlined a number of new protections that are coming to the Mac with Mojave.
First of all, Apple is extending privacy protections to the camera, microphone, and other sensitive user data that includes mail database, message history, Safari data, Time Machine backups, iTunes device backups, locations and routines, and system cookies.
In macOS Mojave, apps will need express user consent for all API and direct access to these resources, with users able to access their security preferences in the Security section of System Preferences.
Your information, your image, your voice — they’re yours and yours alone to share with apps. macOS Mojave requires apps to get your approval before accessing the camera or microphone on your Mac. The same goes for data like your Messages history and Mail database.
For apps that are distributed outside of the Mac App Store and signed with a Developer ID, Apple is introducing a secondary “Notarize” review process that’s designed to detect malware faster and provide Apple with finer-grained revocation tools to revoke a specific bad release rather than a developer’s entire certificate.
Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it’s free from malware. Eventually, Apple plans to require all Developer ID apps to be notarized before they can be installed, but Apple says this is not an app review process and is used exclusively to analyze apps for security purposes.
Apple is introducing enhanced runtime protections that will extend System Integrity Protection features to third-party apps, protecting them from code injection and other tampering.
As in iOS 12, macOS Mojave is gaining support for automatic strong passwords, with Safari automatically creating, autofilling, and storing passwords. Passwords on macOS Mojave will be flagged if they’ve been reused, making it easier for users to create unique passwords for each login.
Multiple anti-tracking and privacy improvements are coming to Safari to keep your browsing habits private. Right now, advertisers use browser and device characteristics to create a “fingerprint” for you to surreptitiously track you across the web.
Apple is aiming to put a stop to this by sharing only a simplified system profile when you browse the web, giving advertisers less of your data to work with. Improved Intelligent Tracking Prevention also prevents social media Like, Share, and Comment buttons and widgets from tracking you without your permission.
As we covered earlier, macOS Mojave will be the last version of macOS to support 32-bit apps, another move that Apple is making to keep its Mac operating system secure and up to date.
Discuss this article in our forums