"Enter your passcode to trust this computer and start a backup." Every time iPhone is on charge.

Very interesting, thank you. So the change was made because a specific hacking method was detected. I assumed it was for security, but I didn’t have the details. Now here they are: CVE-2022-32929 - Bypass iOS backup's TCC protection

I am sure apple revenue management know more than you, specially as the pin on the telephone is not requested to back up in the apple’s cloud, which safety i question more than my personal computer which bybthe way was already authorized by my iphone. Try to understand that this is another dirty trick from apple

The reason it isn’t required for iCloud backup has nothing to do with absurd conspiracy theories; it’s because iCloud backups are protected by your Apple ID password and 2 factor authentication.

The reason it is required for computer backups is because there is an identified vulnerability that has been seen in the wild that would allow a bad actor to back up, and then gain access to the backup on a computer, as reported in the National Vulnerability Database→https://nvd.nist.gov/vuln/detail/CVE-2022-32929

and as described in a “how to" here→https://theevilbit.github.io/posts/cve-2022-32929/

Essentially, any computer that has been hacked (which is roughly half of all Windows computers, and a smaller, but significant, number of Macs) can be used to get a copy of the iPhone’s backup. If the backup is not encrypted it is trivially easy to get most of the content of the phone. If it is encrypted, it’s harder, but, as there is no limit to the number of guesses of the backup password it is always possible to set up an automated process to guess the password.

And the reason just asking for it once is inadequate is because the hacker can run their hack after the passcode has been entered that one time.

"Or it’s possible that they have information that you don’t. "

Ahh, the old, "It's not impossible," so we must treat it as if it's true," approach. It's called sophistry, and it's no substitute for facts. Saying that something is possible has no connection to it happening or not happening.

As for my qualifications for making my observations, I designed computers and computer systems for 40+ years, and learned programming on the LGP30, a desk size computer designed by Stan Frankel, who helped design ENIAC. I ended up as chief engineer of an industrial barcode reader company. I've also worked in quality assurance and product testing, so I'm not giving supposition and maybes.

If it makes sense for Apple to require a passcode when making a hard connection to the computer because the computer might be infected, that reasoning does NOT magically vanish when it also backs up to the iCloud.

And if facial recognition is safe enough to open your phone and grant access to everything on it, it's also safe enough to authorize backup—especially if allowing it would, at the same time, remove the need to manually type in those pesky numbers. One small change and two problems solved.

And, there is also absolutely no reason to back up a phone that has been used for nothing since the last backup. Time Machine doesn't. But disconnect the phone from the computer and reconnect it again, and the full process repeats.

The thing is, Apple programmers make mistakes, as we all do. It's the function of the QA department to catch those errors, via beta testing, and formal acceptance tests. But they didn't. They also apparently don't make use of a feedback resource like these forums. And that's a mistake.

It works like this: I present my views and you present yours. The fact that you disagree with my presented solution is irrelevant, unless you can present factual evidence that refutes it—in which case it's a discussion—which is the purpose of this area.

And since Mr. Finch made a snide comment belittling my level of knowledge it's perfectly reasonable for me to set the record straight—and certainly not a reason for you to attack.

I will say this, though, were my programmers to have screwed up this badly, and in so many ways, without it being caught, I would have been finding a new QA manager.

Apple’s backup encryption is strong, however, if you have the password (which is the encryption key) you can access the backup. And Apple gives you unlimited guesses, which is sufficient if the computer itself is secure. Further, the backup is in protected storage owned by iTunes or Finder, so the only way to try password guessing is with iTunes (or Finder for Mac OS Catalina or later), which makes it a manual process.

This hack, however, allows the bad actor to make a backup elsewhere on the computer, when it is not restricted to iTunes or Finder, allowing automated password guessing.

And, since the hack has been published widely it would be certain to be used to hack iPhone backups if the requirement to enter a password on the phone did not exist. I’m sure there is a more elegant solution that Apple is working on, but this was an emergency situation when the method of hacking a backup was made public.

Seems to me that if an outside party has control of your computer to that extent, they hardly need your phone data.

"This hack, however, allows the bad actor to make a backup elsewhere on the computer, when it is not restricted to iTunes or Finder, allowing automated password guessing."

And forcing the user to type the phone's access numbers would change what? You simply write the malware code to ask for the password, the user types it, and they own the data. The phone's password does nothing, so far as protecting the data.

Forcing me to type in my passcode to back up to a computer I am physically connected to and have previously trusted for syncing other content might make sense ONCE.

Requiring it EVERY TIME is beyond idiotic. It makes automatic backups to your Mac error-prone (miss the prompt and the backup times out, meaning you don't get a backup that day).

I'm sorry, but there's no way to spin this design change as a "feature" or "security improvement" when it breaks such a fundamental information security practice as maintaining current backups, and I've said as much to Apple in my feedback submission. If your "security improvement" makes the product overall worse you've improved nothing.

I guess you didn’t read the thread you posted to.

Michael Graziano wrote:

Forcing me to type in my passcode to back up to a computer I am physically connected to and have previously trusted for syncing other content might make sense ONCE.

Requiring it EVERY TIME is beyond idiotic. It makes automatic backups to your Mac error-prone (miss the prompt and the backup times out, meaning you don't get a backup that day).

The reason it is required for computer backups is because there is an identified vulnerability that has been seen in the wild that would allow a bad actor to back up, and then gain access to the backup on a computer, as reported in the National Vulnerability Database→https://nvd.nist.gov/vuln/detail/CVE-2022-32929

and as described in a “how to" here→https://theevilbit.github.io/posts/cve-2022-32929/

Essentially, any computer that has been hacked (which is roughly half of all Windows computers, and a smaller, but significant, number of Macs) can be used to get a copy of the iPhone’s backup. If the backup is not encrypted it is trivially easy to get most of the content of the phone. If it is encrypted, it’s harder, but, as there is no limit to the number of guesses of the backup password it is always possible to set up an automated process to guess the password.

And the reason just asking for it once is inadequate is because the hacker can run their hack after the passcode has been entered that one time.

It is a FACT that this vulnerability exists and has been used by criminal hackers.

"Essentially, any computer that has been hacked (which is roughly half of all Windows computers, and a smaller, but significant, number of Macs) can be used to get a copy of the iPhone’s backup."

First, if Windows machines are a problem, then you make Windows machines the ones requiring a password.

Next, saying "a smaller, but significant, number of Macs" have the invading malware problem is meaningless. What percentage actually have the problem? How many machines have actually encountered the problem, as against quoting statistics on malware, in general? And...since those compromised machines are unlikely to have decent protective software, they're inconveniencing everyone who uses their computer for backup, when the problem computers have already been compromised in every other way.

And finally, given that allowing facial recognation would both give the password protection you feel is necessary and eliminate any required typing on the user's part, there is no defense for keeping the situation as it is now.

This is everything to do with 16.1 because it didn't happen before I upgraded to 16.1 on my iPhone. Is there another solution as I need to "automatically sync when this iPhone is connected" every time I connect my iPhone to my MacBook Pro?

This is what I dislike about this community - answers rarely address the question and Apple ignores everything said out here.

The problem, simply put, is the upgrade to IOS 16 caused the automatic backups of my iPhone to my Macbook to suddenly fail spectacularly. And yes, I said fail because they no longer happen automatically. They require manual intervention.

Every morning, prior to the IOS 16 upgrade, I would put my iPhone on the magsafe, go into my office, start my macbook and go about my workday. Now, when I start my macbook, I get a message saying my iphone is locked and I need to enter a passcode in order to back it up. I have to do this every time.

I don't care about synch, I don't care about itunes and I don't care about "using a lot of battery". I don't want to turn off synch and I don't want to turn off show this iphone. What I want is my iphone automatically backing up to my laptop every day so that I always have a full, restorable backup of my phone. I should not have to enter a passcode for this to happen between two devices that trust each other.

And using the "It's in the name of security" excuse is a fallacy. By that definition of "security", we would have to enter a passcode every time we connected out earbuds or our magic mouse. Once I introduce my laptop to my phone, they know each other and should talk to each other without any intervention.

"...it is trivially easy to get most of the content of the phone"

If they have hacked my Mac, they don't need any content from my iPhone.

Emails? Texts? Contacts? Photos? Documents? All of that is already on my Macbook. What is also on my Mac are previous iPhone backups. What does the passcode for a new backup do to prevent them from accessing those?

Again, saying that preventing two devices that trust each other from communicating is a "security" thing is a lie.

The main factor of my moving from a Microsoft world into an Apple world was the interoperability of the Apple products. If Apple is moving away from that interoperability, calling it "security" and not providing a way for me to opt-out, it might be time to move on.