Night mode is an automatic setting which takes advantage of the new wide-angle camera that's in the iPhone 11 and 11 Pro models. It's equipped with a larger sensor that is able to let in more light, allowing for brighter photos when the light is low.
16" MacBook Pro Now Available
OpenID Foundation Claims 'Sign In with Apple' Could Expose Users to Security and Privacy Risks
At WWDC 2019 earlier this month, Apple announced Sign In with Apple, a new privacy-focused login feature that will allow macOS Catalina and iOS 13 users to sign into third-party apps and websites using their Apple ID.
The feature has been largely welcomed as a more secure alternative to similar sign-in services offered by Facebook, Google, and Twitter, since it authenticates the user with Face ID or Touch ID, and doesn't send personal information to app and website developers.
However the implementation of Sign In with Apple has now been questioned by the OpenID Foundation (OIDF), a non-profit organization whose members include Google, Microsoft, PayPal, and others.
In an open letter to Apple software chief Craig Federighi, the foundation praised Apple's authentication feature for having "largely adopted" OpenID Connect, a standardized protocol used by many existing sign-in platforms that lets developers authenticate users across websites and apps without them having to use separate passwords.
Yet it cautioned that several differences remain between OpenID Connect and Sign In with Apple that could potentially put users' security and privacy in jeopardy.
It also invited the company to use OpenID's suite of certification tests to improve the interoperability of the two platforms, publicly state their compatibility, and join the OpenID Foundation.
Shortly after unveiling Sign In with Apple, the tech giant told developers that if an app lets users log in using their Facebook or Google logins, then it must also provide an alternative Sign In with Apple option.
The company then raised some eyebrows when it emerged that its updated Human Interface Guidelines asked app developers to place its authentication feature above other rival third-party sign-in options wherever they appeared.
(Thanks, Jonathan!)
The feature has been largely welcomed as a more secure alternative to similar sign-in services offered by Facebook, Google, and Twitter, since it authenticates the user with Face ID or Touch ID, and doesn't send personal information to app and website developers.
However the implementation of Sign In with Apple has now been questioned by the OpenID Foundation (OIDF), a non-profit organization whose members include Google, Microsoft, PayPal, and others.
In an open letter to Apple software chief Craig Federighi, the foundation praised Apple's authentication feature for having "largely adopted" OpenID Connect, a standardized protocol used by many existing sign-in platforms that lets developers authenticate users across websites and apps without them having to use separate passwords.
Yet it cautioned that several differences remain between OpenID Connect and Sign In with Apple that could potentially put users' security and privacy in jeopardy.
The current set of differences between OpenID Connect and Sign In with Apple reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks. It also places an unnecessary burden on developers of both OpenID Connect and Sign In with Apple. By closing the current gaps, Apple would be interoperable with widely-available OpenID Connect Relying Party software.To remedy the situation, the foundation asked Apple to address the differences between Sign In with Apple and OpenID Connect, which have been recorded in a document managed by the OIDF certification team.
It also invited the company to use OpenID's suite of certification tests to improve the interoperability of the two platforms, publicly state their compatibility, and join the OpenID Foundation.
Shortly after unveiling Sign In with Apple, the tech giant told developers that if an app lets users log in using their Facebook or Google logins, then it must also provide an alternative Sign In with Apple option.
The company then raised some eyebrows when it emerged that its updated Human Interface Guidelines asked app developers to place its authentication feature above other rival third-party sign-in options wherever they appeared.
(Thanks, Jonathan!)
Tags: privacy, Sign in with Apple Guide
[ 114 comments ]
Top Rated Comments
(View all)
20 weeks ago
OpenID "a non-profit organization whose members include Google, Microsoft, PayPal, and others."
Someone's in panic mode, less customer tracking huh
Someone's in panic mode, less customer tracking huh
20 weeks ago
Am I missing something in that the headline doesn't seem to support this with more info in the MacRumors story?
"reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks."
Greater than what? Than no risk? Than not implementing 'Sign In with Apple'? Than Facebook?
"reduces the places where users can use Sign In with Apple"
Or is it just more risk in that it's not implemented everywhere?
Stating risk without actually reporting anything about the risk isn't really news and is kind of clickbaity...
"reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks."
Greater than what? Than no risk? Than not implementing 'Sign In with Apple'? Than Facebook?
"reduces the places where users can use Sign In with Apple"
Or is it just more risk in that it's not implemented everywhere?
Stating risk without actually reporting anything about the risk isn't really news and is kind of clickbaity...
20 weeks ago
They’re worries because their biggest source of income “selling customers’” info is in jeopardy.
Google, microsoft and PayPal?!!!
It’s like pharmaceutical companies becoming members of a non profit which is concerned about cheaper medicine.
Google, microsoft and PayPal?!!!
It’s like pharmaceutical companies becoming members of a non profit which is concerned about cheaper medicine.
20 weeks ago
I’m going to assume Apple knows what it’s doing here and purposefully chose to leave out parts of the OpenID standard that didn’t align with Apple’s security needs or vision.
20 weeks ago
The title sounds like Apple sign in is flawed but the article says that it’s just not available everywhere which somehow makes it a sercurity risk?
20 weeks ago
Not at all. I've already heard several Apple developers say they're concerned about the lack of interop with OpenID.
Not at all confirmed by your anecdotal story?
20 weeks ago
If you look in the document it’s all little things, like Apple not providing adequate documentation for their differences, not returning a nonce which is a standard to help protect from MITM attacks, some methods and calls are names like the openid standards but do something else, and in some cases their documentation just flat out being wrong.
Yeah, but as a dev just being able to reuse the same set of standards for Apple login as all the others makes my life easier and in general makes everyone more secure than having to hack together different code sets for every provider, more chances for me to mess up.
Doubtful Apple will agree to make their login system more interoperable since part of its strategic advantage is user lock-in.
Yeah, but as a dev just being able to reuse the same set of standards for Apple login as all the others makes my life easier and in general makes everyone more secure than having to hack together different code sets for every provider, more chances for me to mess up.
20 weeks ago
No where did Apple say they’ve implemented OpenID but they’re treating this as spec violations.
20 weeks ago
I’ve had an OpenID for maybe 10-12 years... got it not long after that project started.
I’d completely forgot about it, though, until seeing this story. I forgot because I haven’t really been able to use it anywhere at all. A well-designed and well-thought-out service is nice... but if it never gains any traction, it’s pretty useless.
Not that I’m clamoring for “Sign in with Apple”. I’m glad Apple is offering it for the people who would otherwise spew their Facebook and Google credentials everywhere, but I’ll keep setting up individual accounts with individual passwords as needed. With services like the Keychain, or LastPass, it’s just as simple as using these federated authentication services.
I’d completely forgot about it, though, until seeing this story. I forgot because I haven’t really been able to use it anywhere at all. A well-designed and well-thought-out service is nice... but if it never gains any traction, it’s pretty useless.
Not that I’m clamoring for “Sign in with Apple”. I’m glad Apple is offering it for the people who would otherwise spew their Facebook and Google credentials everywhere, but I’ll keep setting up individual accounts with individual passwords as needed. With services like the Keychain, or LastPass, it’s just as simple as using these federated authentication services.
20 weeks ago
Am I missing something in that the headline doesn't seem to support this with more info in the MacRumors story?
"reduces the places where users can use Sign In with Apple and exposes them to greater security and privacy risks."
Greater than what? Than no risk? Than not implementing 'Sign In with Apple'? Than Facebook?
"reduces the places where users can use Sign In with Apple"
Or is it just more risk in that it's not implemented everywhere?
Stating risk without actually reporting anything about the risk isn't really news and is kind of clickbaity...
Nope- a consortium made up of Google, MS & paypal is just mad that Apple is looking to upset the norm again. Hopefully Apple will do the 2 things they’re typically pretty good at doing:
1: NOT following the norm, & creating a new norm, &
2: doing all of it better than it had been done previously.
[doublepost=1561927448][/doublepost]
I’m going to assume Apple knows what it’s doing here and purposefully chose to leave out parts of the OpenID standard that didn’t align with Apple’s security needs or vision.
‘Zactly.[ Read All Comments ]
The biggest Apple news of this week was obviously the launch of the new 16-inch MacBook Pro, which debuted on Wednesday with a new "Magic Keyboard" and some other nice upgrades.
Other...
For this week's giveaway, we've teamed up with BluShark to offer MacRumors readers a chance to win a high-quality leather band designed for the Apple Watch.
BluShark makes a whole range...
In an ongoing effort to keep track of upcoming (and current) Black Friday sales, we've begun highlighting the biggest and best discounts offered by major retailers. Last week we started with Best...
A trio of retailers have begun discounting Apple's just-released 16-inch MacBook Pro, including Best Buy, Amazon, and Adorama. These sales follow discounts offered by Expercom, which are deeper...
As outlined in an Apple support document, the new 16-inch MacBook Pro features an adjustable refresh rate.
For professional workflows such as video editing, for example, Apple notes that you can...
Two weeks after Apple TV+ debuted, Apple today greenlit a new drama series called "Slow Horses" for its streaming service. The show is based on a book series of the same name by author Mick...
Apple today sent out emails highlighting its newest Apple Pay promo, which offers customers a 75 percent discount off of all cards purchased through Snapfish.
Snapfish is a photo site that...
Following the release of iOS 13.2.2 on November 7, Apple has stopped signing iOS 13.2, which means downgrading to iOS 13.2 is no longer possible.
iOS 13.2 was a major update that brought support...
