Apple Releases iOS 15.7.1 and iPadOS 15.7.1 to Fix Security Vulnerabilities on Older Devices

Josh,
Good day to you sir!

Did apple change the backup process of an iPhone to a Mac by adding a requirement to enter the password on the iPhone before the backup to begin?

Or maybe TidBITS knows a way to make this requirement go away?

Sincerely,

Lee

Yes. Since 15.7.1 I’m seeing that I have to authenticate my iPhone before it backs up. Even over wifi. Hope this will eventually go away again, or at least become a user setting.

Simon,

Thank you. NOT going crazy! I thought I had screwed up some setting therefore getting this alert. It is a PITA as I back up each time I sync.

Than you again
Lee

Yes, same problem here. I have it set up to sync over wifi when I plug it in before going to bed. That triggers a backup too (as it should).

But now instead of just plugging it in, I also have to authenticate for any of this backing up and syncing to actually take place.

What I find particularly annoying is that it rerquires me to type in the password even if the iPhone is already “on” (via FaceID auth). I’m already authorized, so why in the heck should I be authenticating again? Ugh.

If I had known about this change I would have held off on the update. But once again, not a single report on this update I read anywhere online pointed this out. Waiting for those reports to come in was the reason I held off on updating a couple days in the first place despite all the usual “super important security updates, exploits in the wild, update ASAP or your cat will die” drama.

Online reports on these updates have really become mediocre. And this despite all the betas and public betas and yada. Not that good reports would somehow absolve Apple of properly documenting with actual quality release notes in the first place, especially when they feel like changing workflows.

I’m starting to rethink when to update Apple software regardless of what all the “experts” are suggesting. I’m starting to think that unless there is a bug that is a problem to me personally and I have 100% confirmation that the update will remove it, I will not update and risk breaking something else. That does indeed suck because it also means missing security updates. But this combination of Apple not warning about changes in workflow (lack of detailed update description) along with their lately very shoddy software quality control leading to new bugs with nearly every “update” is really starting to get to me.

This sort of thing is super frustrating. We tend to encourage moderately conservative updating practices except when a security fix addresses a vulnerability that’s being exploited in the wild. But if people generally adopt a conservative approach, fewer people will have a chance to discover bugs like this and report them, such that waiting even longer will become necessary for everyone else.

It does seem that connecting iPhones and iPads directly to Macs is becoming an edge case such that Apple isn’t paying as much attention to it. Which is a shame, given that otherwise you pretty much have to pay for iCloud+ storage.

Curious. I updated my iPhone (first 2nd gen SE) and iPad (6th gen) to 15.7.1 a couple of days ago and haven’t been asked to authenticate, even though they’re frequently plugged into my iMac, where I can see them in iTunes (my iMac is still running Mojave), and they backup to iCloud, which they’ve each done at least once. So it’s not universal, but I agree, it would be extremely annoying. I’m glad whatever the bug is skipped me…

This issue pertains to backing up to a Mac, not iCloud. But it’s an iOS issue, not iTunes (interference with iMazing has already been reported)

I can understand being uncomfortable with having your data backed up to the cloud rather than your own device. I agree that Apple should have a larger free iCloud storage tier. However, the cost for 50GB is only $1 per month ($12/year). If you are not using your iCloud storage for other large data sets, your backups should comfortably fit in 50GB. The backup does not include the full contents of your iPhone, but only content that can’t be loaded from other sources. For example, my iPhone claims that it uses about 95GB of internal storage, but the iCloud backup is about 4GB. My iPad using 111GB internally backs up to 14GB.

I use Apple Photo Sharing and Apple Music, so that no photos stored on the device and very little music are directly backed up. If you have a lot of photos or media on your phone that are not otherwide available via Apple Music (not counted as iCloud storage) or Apple iCloud photos (included in your iCloud storage), then your backups will need to include them.

I can see this as a security feature. Malicious USB connections are known to exist - you plug your USB cable into a “charge port” at a public location, and without your being aware, some server at the other end of that port is downloading your phone.

Preventing USB access after the phone has been locked for a few minutes (added many iOS releases ago) was one fix for this. I think blocking backups without authentication is another important step to protect against this, because people often plug into chargers while they are using the phone (in other words, when it is unlocked). So this will mean that something trying to download the phone’s content will cause that popup to appear and (hopefully) you will realize that something strange is going on, allowing you to disconnect before any data has been compromised.

Of course, the real “fix” here is to not plug into a USB port that isn’t connected to a device you control. When on the go, carry a small charger brick and plug into a power outlet instead of into a USB port.

The problem is that this should not pertain to pre-authorized automated backups over WiFi, which is what the reports seem to be indicating is affected.

That is, I have already authorized my iPhone to periodically backup wirelessly to my Mac when they are on the same local WiFi network. The trigger for this backup may be plugging the device in, but the backup doesn’t actually take place over that cable, because the cable isn’t necessarily connected to the Mac that’s authorized.

If I understand the reports correctly, that’s what’s frustrating people here—you shouldn’t have to repeatedly authorize backing up to a known device over a known WiFi network. If the authorization protocol is sufficiently secure, authorizing my iPhone to automatically back up wirelessly to my Mac should be a one-time thing (maybe needing refreshing periodically or if a certain amount of time has passed since the devices last connected), not an every-time necessity.

I can absolutely see requiring authorization for backups over a cable to a not-yet-authorized device—which the existing setup already took care of. This new behavior doesn’t seem to serve any useful purpose, which means it’s most likely a bug, not a feature.

Since my devices back up automatically over WiFi to iMazing daily, whether plugged in or not, I’m not going to move up to 15.7.1. I don’t need that headache. (Both my iPhone and iPad are too old for iOS/iPadOS 16, and I simply can’t afford to replace them right now.)

That’s exactly right.

This has nothing to do with plugging in to some random USB port.

We’re talking about initiating a backup & sync between an already authenticated iPhone and a previously authenticated Mac. And it’s not just affecting USB, it’s wifi too which makes it even more non-sensical.

iMazing posted about the backup passcode prompt issue introduced in iOS/iPadOS 16.1.x and 15.7.1.

Some of their key points:

iOS/iPadOS 16.1.x and 15.7.1 make automatic local backups awkward

…

While the new security measure Apple introduced is intended to protect user data, it also makes automatic backups less seamless and more disruptive. These obstacles could lead to a reduction in backup frequency, which would actually put user data at risk.

…a better approach to this issue would be to prompt the user for a device passcode before every backup only if backup encryption is disabled…

It is our hope that Apple will be listening to the user community on this subject, as backing up iOS and iPadOS devices locally has become more difficult than it should be.

https://imazing.com/blog/ios-backup-passcode-prompt

I find iMazing unusable now because I have to authenticate repeatedly for each backup, presumably because the WiFi connection breaks and has to be re-established

UPDATE December 2, 2022

I unpaired/re-paired my iPhone and the multiple-authentications-per-backup have gone away. No one else in my family was having this problem. So, apparently it was due to pairing corruption of some sort.

Imazing published a detailed explanation about iOS change that now requires authentication for each and every backup (other than those going to iCloud).

I am very surprised that this issue hasn’t got more widespread, general attention, especially as it also affects the latest current iOS 16.1.1. Is it, what, everyone has switched to iCloud for backups? (I note that you can still use iCloud for backup even when syncing media—you don’t have to use both simultaneously.)

It’s already had a long discussion here. Suddenly having to enter passcode when backing up an unlocked iPhone?

Thanks. Yes, I recall seeing that thread when I was looking for discussion about it at the time, but it was already closed (understandably, IMO, since it went a bit off the rails). But I meant in general, i.e. not in the usual Mac circles.

As I think I said in that thread, I saw a few complaints on Reddit. Not many, and not many lately. I really think that almost everyone backs up to iCloud (or, tragically sometimes, doesn’t back up at all, because they don’t want to pay for iCloud storage.) I haven’t backed up to a computer for a few years now.

This board is full of iMazing users. Plus several people who refuse to backup to iCloud as long as they can maintain local control of their iOS backups. If Apple thinks we’re nobody, oh well.

There are dozens of you. Dozens.

Still not seeing it complained about much on other forums/boards/etc. I saw one on reddit yesterday.

Give Apple your feedback.

Rest assured, I did that weeks ago.

At least 118 of us, in fact. I started this thread on “Communities” some time back, and the thumbs just keep ticking up …
https://discussions.apple.com/thread/254335452

Fun fact: Apple disappeared censored a post I made on that thread that linked to the original Tidbits thread. Or maybe it’s the sneering way that I used the word “apologia” to describe other comments made on Apple’s “Communities” when describing other supposedly inevitable changes Apple made, like the move from Contacts/Calendars sync from iTunes to iCloud, which you may recall Apple forced everybody into when they initially released 10.9 Mavericks, only to roll it back, when contrasting them to other posts on this issue. Just as then, some of the comments on this question make me a little bit worried for the future of our species. Sigh. One does not wish to be divisive, but one cannot help feeling that some of Apple’s customers are going to defend the indefensible, no matter what, and make it harder for everybody else. iCloud backups are clearly problematic for some people, for a number of reasons, and local backups were a great way for those people, with only a little bit extra inconvenience, to still have backups while keeping them local, with the added benefit that they were very secure and also complete. Now they’re unusable. If there is a reason why they aren’t working now, I hope it’s a very good one, and that Apple intends to bring out a solution that resumes or improves on what we had.

And yes, I sent feedback to Apple, and I hope everyone else affected does too. I’m still astonished that there really isn’t much of a stir coming from elsewhere, but if we can get Apple to see sense on this, I think we should.

So, one thing that I thought about is whether this is literally the only way that Apple can stop some sort of attack (by a company like the NSO Group, for example) that somehow allows one of their devices to access a phone that hasn’t yet trusted the device, and forcing a passphrase from the phone prevents this from continuing. I could see Apple not wanting to admit that this is the reason, though I don’t know why they wouldn’t - why they wouldn’t want to warn users on older versions to upgrade. (In other words, NSO Group, or some other company, had some sort of attack against the iPhone that allows their connected device to force a backup without intervention from the device itself, including an initial trust relationship.)

The fact that this was delivered with updates to both iOS 16 and iOS 15 suggests to me that the was intentional and not just an accidental change to something in iOS.

I agree that this seems like something Apple would do. Obviously, the full story is only known to Apple, of course, which makes this all very difficult to talk about, but we know a couple of indisputable things. As iMazing explains, the backup encryption is very strong (AES 256 with PBKDF2) rendering it practically secure for all purposes, and Apple added this “fix” after a security researcher reported a vulnerability concerning the way backups were stored on Macs, once they had been streamed from iOS (which is ultimately in control of backup encryption). The discussion thread goes over this in a bit more detail, but I find it … difficult … to credit Apple with adding such a draconian change to iOS, rather than fixing macOS, unless they felt a sudden and irrational sense of duty to its Windows users, and/or it saw a revenue opportunity from iCloud backups being de-facto required (my favourite), or they thought the benefit of local automated backup was outweighed by the possibility of malware backing up phones (possibly unencrypted, possibly encrypted with weak passwords) to locations where attackers could get at them (the reason I think they actually did this). Let’s hope that Apple invents new UI to explicitly allow the user to trigger a backup on demand, preferably without relying on a computer, but in any case giving the user choice to permit automatic backups when they are encrypted, and manual backups with FaceID/TouchID. Otherwise there is realistically no choice for those of us who sync, but to use iCloud.