A rather disturbing article was posted on Macworld.com on March 7, "Is Apple finally getting serious about security?" (See ) The author, Kenneth van Wyk, details serious flaws in Apple's 256-bit hardware AES encryption module. The key is protected by the device's PIN, which can be easily disabled with jailbreaking and other software. Same goes with the API for protecting sensitive files. In short, any developer using Apple's built-in security mechanisms in iOS isn't getting the security they think they are. My question is, does 1Password use Apple's security mechanisms? Is Agile aware of the flaws?