Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Privacy and security war will go on for years, says Craig Federighi

Last updated

Maintaining security and privacy for Apple's users will be a "battle we will be fighting for years to come," according to SVP of software engineering Craig Federighi.

Privacy and security continue to be a major element of Apple's work in developing operating systems like iOS and macOS. In an interview, Apple's Craig Federighi went into detail about some of the changes, and App Tracking Transparency.

On the topic of security being a cat-and-mouse game, Federighi offered to Fast Company in an interview. "The incentives for innovation in the exploitation world are high, and so there is a lot of advancement in the art of tracking; a lot of advancement in the arts of security exploits."

Apple will still bring "a lot of tools to that fight, and we can largely stay ahead of it and protect our customers," but the executive believes it's a problem that will be around or years.

The development of Apple's new iCloud Private Relay feature, which expands on typical VPN features, is one that attempts to solve flaws that still exist with VPN usage. These include having to trust the VPN is legitimate and isn't performing any tracking or misusing data.

For iCloud Private Relay, a dual-hop architecture is used where Apple encrypts the URL of the website the user wants to visit, and anonymizes the IP address. The encrypted URL and the user's anonymized IP address are sent to an intermediary relay station operated by a trusted third-party partner, which then decrypts the URL and ferries data from the site back to the user.

"Core to the nature of the internet is that the IP address is traditionally exposed between the requester and the host - and that has some privacy knock on effects that aren't always understandable to users and certainly aren't always desirable to users," said Federighi.

He continued "VPNs are a technology that has sought to provide some of those protections, but they do involve putting a lot of trust in a single centralized entity: the VPN provider. And that's a lot of responsibility for that intermediary, and involves the user making a really difficult trust decision about exposing all of that information to a single entity."

Following the release of App tracking Transparency in iOS, reports claimed that the feature boasted an almost 95% opt-out rate. Federighi declined to confirm the statistic, but did say Apple wasn't hoping most users would opt out, nor to actively try to harm the advertising industry.

"The key for us is that users have a choice," he insists. "You know, whether if it was 50/50 or 95/5 or 5/95- that's all fine if it represents what the user actually wanted; that they had the opportunity to evaluate that decision and make whatever decision was right for them."

The interview shifted towards government regulation, and how they are reactionary rather than proactive about privacy. On whether Apple has a need to take the lead on privacy, Federighi said "I'd certainly like to believe that we're doing good and play a constructive role here, for sure, [but] I do think Apple has a set of different tools, naturally, than governments have."

These tools include "certain technology skills and a certain access to an end-to-end technology platform where we can innovate."

However, he also believes "there's absolutely a role where government can look at what companies like Apple are doing and say You know, that thing is such a universal good - such an important recognition of customer rights - and Apple has proven it's possible. So maybe it should be something that becomes a more of a requirement."

Follow all of WWDC 2021 with comprehensive AppleInsider coverage of the week-long event from June 7 through June 11, including details on iOS 15, iPadOS 15, watchOS 8, macOS Monterey and more.

Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get the latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.



5 Comments

OutdoorAppDeveloper 15 Years · 1292 comments

On device voice recognition is a major new security feature. Hopefully that will expand over time so that all of your high security activities, such as Siri commands and home security camera feed monitoring, can be moved to devices in your home or in your possession. That will make HomeKit far more useful. Lights that stay on only when someone is in a room. Robot vacuum cleaners that don't go into rooms that are occupied. Notifications when someone the security system does not recognize enters your home when you are not present. I don't trust a server on the internet to do these things but they could be safely done by a secure computer at home without direct access to the internet.

hypoluxa 22 Years · 619 comments

It's a never-ending arms race. Not surprised.

AppleZulu 8 Years · 2205 comments

On device voice recognition is a major new security feature. Hopefully that will expand over time so that all of your high security activities, such as Siri commands and home security camera feed monitoring, can be moved to devices in your home or in your possession. That will make HomeKit far more useful. Lights that stay on only when someone is in a room. Robot vacuum cleaners that don't go into rooms that are occupied. Notifications when someone the security system does not recognize enters your home when you are not present. I don't trust a server on the internet to do these things but they could be safely done by a secure computer at home without direct access to the internet.

I think the camera thing is already the case, if you're talking about the facial/object recognition feature. 

pslice 18 Years · 152 comments

I wish Apple would come up with something similar to Facebook. I know FB would probably sue them, but I am so tired of FB’s ads, etc. I would even consider a paid version of FB with ZERO ads and some ability to not ever again worry about loss of privacy. I can wish…

22july2013 11 Years · 3736 comments

pslice said:
I wish Apple would come up with something similar to Facebook. I know FB would probably sue them, but I am so tired of FB’s ads, etc. I would even consider a paid version of FB with ZERO ads and some ability to not ever again worry about loss of privacy. I can wish…

I was hoping for Apple to compete with FB's social network and with Google's search engine. But they didn't. It was a lost opportunity. We need some competition in these sectors.