top | item 40410161

(no title)

throw20240511 | 1 year ago

Gah, I didn’t realize that iCloud Keychain was enabled automatically on ios17. I checked and it’s been on for months. Why would they do this?

I remember when Microsoft uploaded people’s personal wifi creds in Windows 10. It’s all highly suspect.

Stop it. This over sharing by default will doom us all.

discuss

crooked-v|1 year ago

> Why would they do this?

Because automatically sharing credentials between devices by default is what most people want, especially younger customers for whom this has always been the normal state of affairs.

jkaplowitz|1 year ago

What you say makes sense for new installs, although even there an explicit and optional consent screen is warranted before doing something as privacy- and security-sensitive as syncing passwords to the cloud. But it's not definitely what's wanted by most people who previously had the feature disabled before the OS update.

ChrisMarshallNY|1 year ago

Actually, I figured it out, when an app I wrote, that uses the keychain, started allowing me to log into the app, using Sign in with Apple (which has some stuff that is only available when the login is set up), on devices that were not the ones that I set up.

In my case, I liked that, and so will my users.

But I do think that it could be problematic, if this means that authorities could now get ahold of your keychain, when having it restricted to a single device, avoids that.