@jsnell @imyke Follow-up from the most recent Upgrade, which you've probably gotten 1000 times already now, but I was doing that thing where you talk-back to a podcast…
On transferring apps from one device to another: You got real-time follow up that said it but you misunderstood the comment. It IS NOT that the apps are special to your model of phone. Each app is cryptographically signed for YOUR SPECIFIC DEVICE.
You can't transfer apps even between identical models.
@jsnell @imyke This is a security feature. It prevents man-in-the-middle attacks where an app is modified maliciously by a bad actor on the network between you and the App Store, or after download on your device's storage.
It is very similar to how macOS is cryptographically locked to your particular Mac, except that it happens for every single app on your iOS device, and not just the OS. This has been true for years (perhaps since the original App Store, though I'm not positive on that).
@jsnell @imyke I don’t necessarily disagree with that point, for sure. Myke had asked if, for example, the 15 and 16 were really that different, though and that’s when I was talking back to my podcast.
I’m honestly not enough of a security expert to know the answer. Overall, it is good because it makes attacks on the certificate chain less valuable. But would account level work too? 🤷♂️
I don’t know. It isn’t simple, though.
@jsnell @imyke There's sometimes a temptation to say "but isn't it secure enough for most people?”
But IT security isn't like that. They aren't trying to stop someone from breaking into your house. They're trying to defend against well-funded actors who are trying to simultaneously break into everyone's houses, and then automate it. The weak link breaks the chain.
That said, you are 100% right about the prompts. That's not more secure, it is just bad design, and LESS secure.
glynor
Jason Snell