Apple's big iPhone change
The iPhone maker is closing a threat that thieves exploited to take over people's digital lives.
The Wall Street Journal has an incredible piece about changes Apple is making in iOS 17.3, that will protect your iPhone from thieves by making it harder to use your passcode to change some security settings. It’s incredible not just because of the changes Apple is making, but because of the role Journal columnists Joanna Stern and Nicole Nguyen played in making it all happen.
In February, The Journal described an increase in sophisticated attacks where iPhone thieves swiped devices after observing the owner putting in their passcode. That step is the most important since the passcode is the literal key to everything on the device.
From The Journal:
With only the iPhone and its passcode, an interloper can within seconds change the password associated with the iPhone owner’s Apple ID. This would lock the victim out of their account, which includes anything stored in iCloud. The thief can also often loot the phone’s financial apps since the passcode can unlock access to all the device’s stored passwords.
The thieves were taking advantage of the fact that iOS allows you to reset your Apple ID with just the device passcode. If you know where to look, you could change that password in a matter of seconds, which is not enough time for a victim to do anything to stop it.
For a device that contains basically all of your personal information, it doesn’t make sense that it could be so easily compromised. On the other hand, there was a good reason Apple designed iOS this way—so that people who forget their AppleID password don’t lock themselves out. You could always use your iPhone to reset the password. People are a lot more likely to remember their iPhone passcode than a longer, more secure password.
Now, Apple is closing that threat by introducing a new optional Stolen Device Protection feature. The most significant difference is that changing your Apple ID password will now require biometric authentication (Face ID or Touch ID). Currently, you only have to enter your iPhone’s passcode to change what might be the most important password in most people’s digital lives. In addition, it introduces a one-hour delay after you make a request, at which time, a second Face ID scan is required to make the change.
This means that stealing an iPhone and shoulder-surfing the passcode will no longer be enough to take over someone’s entire digital life. Also, if your device is stolen, you now have more time before someone is able to do any damage.
The Journal’s article has this helpful charge that explains the changes:
Essentially, Apple has limited the scope of what you can do with just an iPhone passcode. Obviously, you can still unlock a device with just a passcode, meaning a thief would still have access to any information or app that isn’t protected with its own PIN. And, if you do lose your Apple ID password, you can still reset it with your iPhone, you just have to use Face ID, and wait an hour—which does seem like a small price to pay to ensure no one else can change it.
Stolen Device Protection is a part of the iOS 17.3 beta, and is an optional feature, meaning you have to turn it on in order to be protected. That makes sense—some people may not want the trade-off of having an extra layer of protection that comes with an inconvenience. If you feel confident that you won’t expose your passcode in public, maybe you don’t need the additional security. Regardless, it’s great that Apple has devised a clever way to stop thieves from exploiting what it meant to be a convenience for its users.
Netflix finally shares the numbers
On Tuesday, Netflix released a report detailing the total number of hours watched for more than 18,000 of its shows and movies between January and June of this year. Technically, it's not so much a report as it is a huge Excel spreadsheet with four columns: one each for the name of the show or movie, whether it was released globally, the release date, and something called "Hours Viewed."Â
"Starting today we will publish What We Watched: A Netflix Engagement Report twice a year," the company said in a statement. "This is a comprehensive report of what people watched on Netflix over a six month period." Â
I'm not sure whether I'd call the report comprehensive. Sure, it lists a lot of shows, and the view numbers are pretty big on some of them (more than 812 million hours viewed for The Night Agent: Season 1). Still, it doesn't say anything about how many people are actually watching a given show. Netflix, which has been notorious for not sharing much data at all, says that "hours viewed" is the right metric because it's the best representation of the popularity of a given show.
"It's easy to understand," said Netflix's co-CEO, Ted Sarandos. "It mirrors third parties like Nielsen in the US. It makes Netflix very easy to compare to other streaming services."
In its statement, Netflix suggested that it "provides more information about what people are watching than any other streamer except YouTube." That's a little misleading. I mean, YouTube literally posts view counts and "likes" on every video. That's a lot different than a spreadsheet with 18,000 shows and a column for "hours viewed." After all, it isn't It does not tell you anything about how many people are watching a given show.Â
Despite what it says about its top-watched lists, the company has traditionally kept its numbers secret, including from its creative talent. In a recent interview at The New York Times Dealbook Summit, Shonda Rhymes said that even she doesn't get a look at the ratings for her Netflix shows. Considering that Bridgerton is widely considered to be one of the most successful TV Shows on streaming, that's surprising.Â
Even now, the report says it includes every title with more than 50,000 hours of watch time, though it rounds all the titles to the nearest 100,000 hours. That means there could be a pretty wide range of view time for shows between 50,001 hours and 149,999 hours. In both cases, the report shows them as having 100,000 hours.
On the one hand, the obvious question is, why hasn't Netflix done this all along?
"In the earliest days, it really wasn't in our interest to be that transparent because we were building a new business, and we needed room to learn," said Sarandos. "The unintended consequence of not having more transparent data about our engagement was that it created an atmosphere of mistrust over time with producers and creators and the about what was happening on Netflix."
That's exactly what the Writer's Guild of America was asking for when it negotiated its most recent contract after a months-long strike. Netflix shouldn't be the only entity that knows how well a given show or movie is doing on the streaming service. If the company really wants to look to YouTube as the model, it has a long way to go, but more transparency is definitely better.Â
Trust, it turns out, is your most valuable asset. And trust is a byproduct of transparency. The more Netflix is willing to share with its creative partners, the more trust they build. It's just hard to believe it took this long.
Other stories you might like
Google just made an important step to protect your privacy from the police. (Forbes)
An inside look at how LEGO designs its sets. (The Verge)
Intel unveiled its AI-focused chips. (CNBC)
Maybe your iPhone really is listening to you. (404 Media)
Google is working on an AI assistant for the Pixel. (Engadget)
Chrome will finally block cookies next month. (CNET)