How iOS 8 and OS X 10.10 Need to Fix iCloud Keychain

Rene Ritchie at iMore:

…there are two big problems with iCloud Keychain, one conceptual, one architectural, that make it so that I — and anyone concerned with security — can’t use it.


The first problem with iCloud Keychain is that it doesn’t demand re-authentication before it works. That means, as long as your iPhone, iPad, or Mac is unlocked, anyone using it has access to your stored passwords and credit cards. That also means, if iCloud Keychain is enabled, I can’t hand my iPhone, iPad, or Mac over to a friend, colleague, acquaintance, family member, or anyone else, at all, ever, without having to worry about my passwords and credit cards being accessed.

I can’t help but think this is a bit misguided. If I can’t trust someone to not start buying shit on my phone, then I’m not going to give them my phone. Who is Rene hanging out with that he can’t give his phone to without fearing that they’re going to go apeshit on Amazon?

For people who obtain my phone through theft or misplacement, I have Tough ID on my 5s, which requires a password to access the phone because it requires the use of a passcode to unlock the phone. Same on my MacBook Air. Same on my iPad, although I can have the latter devices not require a passcode if it’s been a certain amount of time since I last unlocked them, so there is a very small window there where someone can get access.

Having said that, there is always Find My iPhone/iPad/Mac that I can use to lock down the devices or wipe them entirely should they get lost or stolen.


Better Cryptography

I agree that if Apple should use the best cryptography available. Apparently they’re using second-rate cryptography. Granted, this should be addressed.

If Apple can use rock-solid crypto throughout the rest of the system, it’d be great if they could use it for something as important as iCloud Keychain in iOS 8 and OS X 10.10 as well.


I’m not worried about the NSA (yet), as I’m sure they couldn’t give 2 shits what I do and what I have on my phone. The issue is other people who may have access to my keychain on the internet. Obviously, these types of people I would not want to have access to my passwords, credit cards, etc.

So, Apple, please update the keychain cryptography to the highest available. But I don’t really want my passwords to have passwords. Before long, my passwords’ passwords will need a password.