Click to Skip Ad
Closing in...

Apple’s Craig Federighi explains the built-in security features of Auto-Unlock

Published Jun 27th, 2016 1:45PM EDT
MacOS Auto Unlock Security
Image: Apple

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

One of the more exciting new software features Apple introduced with macOS Sierra is Auto Unlock, a feature that allows users wearing an Apple Watch to quickly unlock their Mac and bypass the pesky password prompt altogether.

DON’T MISS: Leaked photos show off the Tesla Model 3’s beautiful interior

But of course, every new software advancement these days seems to be straddled with a new set of security considerations, and Auto Unlock isn’t an exception to this rule. During a recent episode of The Talk Show podcast, John Gruber of Daring Fireball brought up the issue of Auto Unlock security with Craig Federighi, Apple’s senior VP of Software Engineering.

Gruber asked Federighi what security mechanisms Apple incorporated to make the feature truly secure. Specifically, Gruber hypothetically asked how Apple might prevent someone from being able to open up Phil Schiller’s MacBook if Schiller just so happened to be in the same room. In other words, how will Apple ensure that a Mac will not be continuously unlocked just because its owner happens to be nearby.

Without missing a beat, Federighi explained:

It’s a continuation of the work we did with continuity to develop really low-power BTLE based discovery protocols so that your devices could discover each other continuously with acceptable overhead from a battery point of view. And also, all the authentication mechanisms we put in place as far as having your devices know that they’re your devices. So that’s kind of a foundation.

The unique challenge with auto-unlock is that you don’t want a kind of relay-attack, where Phil is actually well far away from his office and someone basically has a bluetooth listener that will forward a signal to you, because you’re now by his Mac, and this Mac is having a conversation with Phil’s watch over a very long distance. And so, we’re actually able to do time of flight calculations using peer-to-peer Wi-Fi where we literally can measure how long at the speed of light it’s taking for the signal to travel from your Mac to your watch and back.

And because of that, if you interposed any kind of relay, it would introduce a delay that would immediately tell us that there are hijinks afoot. So that piece is critical.

And so there you have it, straight from Hair Force One himself.

Yoni Heisler Contributing Writer

Yoni Heisler has been writing about Apple and the tech industry at large with over 15 years of experience. A life long expert Mac user and Apple expert, his writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and TUAW.

When not analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions.