How to stay as private as possible on Apple's iPad and iPhone

Credit to Author: Jonny Evans| Date: Fri, 08 Feb 2019 09:39:00 -0800

Apple believes in your right to privacy. Here is some advice on how to use the tools it has given you to protect your privacy on an iOS device.

You probably already use a 4-digit passcode, but you can improve that with a 6-digit or alphanumeric code.

You change this in Settings>Touch ID/Face ID & Passcode, select Change Passcode and then tap the small Passcode Options dialog. Alphanumeric codes are harder to decipher, just make sure you remember the code.

Once you have protected your device with a solid passcode, it makes more sense to use Touch ID or Face ID, unless security policy forbids you doing so.

What happens if someone gets their hands on your device and wants to get at the data it contains? Given there are just 10,000 combinations for a 4-digit code (and many more passcodes start with ‘1’, rather than any other number), it makes sense to at least reduce the number of chances a miscreant has of guessing your number.

To so, open Face/Touch ID & Passcode and ensure the Erase Data option is on (Toggle to green). This will erase all the data on your device after 10 failed passcode attempts.

Privacy isn’t just about what people can see when you are online; it’s also about protecting your device when it’s alone, visible to others, or unprotected.

One of the big bugbears here is the habit of allowing people to access Siri from the Home screen or allowing message previews to appear on the lock screen.

You can control this behavior in Settings>Face ID & Passcode, in the Allow Access When Locked section. If your iPhone does not have Face ID, the section is labeled Touch ID & Passcode.

Here you’ll find controls for the following:

For maximum protection you should disable all of these, but that is a trade-off between convenience and privacy. I keep Notification CentreControl Centre and Return Missed Call active myself. I do limit the number of apps that can send me Lockscreen Notifications.

Maximize privacy by disabling Show Previews for any app notifications so your communications won’t appear on the lock screen.

Finally, why not reduce the auto-lock time to 30 seconds in Settings>Display & Brightness>Auto-Lock?

You should always use a VPN (virtual private network), as this makes it much harder for others to monitor, track, or intercept your internet traffic.

Your company may provide you with one of these, and you should use it. If they don’t, then be sure to reach for reputable services, as a VPN service provider will actually have access to all your traffic and many free services cannot be trusted.

Reputable services include NordVPN, CyberGhost, and ExpressVPN. Both Windscribe and TunnelBear seem to be respected. Some of these services can be accessed using the built-in VPN inside your device, while others rely on apps. In general, the built-in VPN is the most reliable approach.

Browser fingerprinting is a process that uses publicly shared information about your device to identify and track what that device does online.

This is information such as platform, screen resolution, browser – even fonts or accelerometer info. (It is worth noting that the more browser plug-ins and extensions you use, the easier you make it for fingerprinting systems to identify you.)

Combined, this lets unaccountable analytics firms develop an extremely accurate picture about site visitors and what they do.

So, how much information are you giving away right now? These two sites will show you: AmIUnique.org and Panopticlick.eff.org – I think you’ll be surprised.

Apple is taking action to prevent this kind of activity.

Safari has a range of privacy settings you can access in Settings>Safari>Privacy & Security.

They include:

Apple still insists on making Google the default search engine for Safari on iOS.

You don’t need to wait for Apple to change this; you can do it yourself in Settings>Safari>Search Engine and change this to DuckDuckGo, a website search engine that does not collect information about you.

iOS now has a very useful password auditing feature that you can use to ensure that all the passwords you use are different across all your services and devices. The feature is very easy to use.

In brief:

If you care about online privacy, you’ll migrate to more private alternatives to Google. Apple provides lots of these across its ecosystem. Replace Google Docs with Pages, and dump Gmail for Mail, for example. You can also use other secure email providers, such as Mailfence.

One good way to prevent rogue apps from uploading data they find about you in your Safari History is to use Private Browsing mode whenever possible.

Access this mode in Safari as follows:

Another Safari feature worth taking control of is its collection of website-related data.

Open Settings>Safari>Advanced>Website Data and you will find a list of all the sites that are gathering such data.

This information includes history, cookies, and other browsing data. You can delete this information one item at a time, or tap “Clear” at the bottom of the window. Alternatively, you can tap Clear History and Website Data on the Settings>Safari screen.

NB: This will delete information across all your signed in devices.

Go to Settings>Privacy>Advertising and turn on Limit Ad Tracking in order to make uniquely identification of your iOS device more difficult for location trackers.

You should then tap the Reset Advertising Identifier tool to anonymize you all over again.

Apple’s mobile operating system does gather some information about you, including your Significant Locations.

This data is used to provide you with “useful location-related information in Maps, Calendar, Photos and more.”

Apple does stress that this information is encrypted and cannot be read by the company.

Despite this reassurance, you can limit this activity in Settings>Privacy>Location Services>System Services and then Significant Locations, which you can turn off. You can get rid of historically collected data by tapping the Clear History button.

You can also take a look at which Apple system services track your location in Settings>Privacy>Location Services>System Services. Here you can review those able to get this data and disable those you don’t wish to use – but don’t disable Find My iPhone.

There are so many apps that want to know where you are.

Some of these offer features you may want to use that require this information; other apps have less of an excuse. You are not the product, and you can choose to limit such access whenever you choose.

You can review what permissions you’ve given and to which apps in Settings>Privacy>Location Services, where you can assign location permission access to each app.

Ask yourself questions as you do so. For example, do you ever use Facebook’s Check-in feature? If not, then why are you enabling what many call a surveillance capitalist with access to where you are? Limiting access to this data may limit what some apps can do, but the trade-off is privacy – you can always change it again when you want to use your app.

You know that iMessage conversations in Messages are encrypted, right? SMS conversations are not. How do you tell the difference? A blue message window means the conversation is encrypted, while green means it is not.

Of course, just because a conversation is encrypted doesn’t mean someone with access to your device is completely unable to get at it. You can reduce this risk in Settings>Messages where you can change Message History so the communication is deleted after 30 days.

Apple also offers a Messages in iCloud feature. If enabled, your messages will be stored in iCloud, protected by your iCloud password. However, if you also use iCloud Backup your stored messages can be accessed by anyone who gets access to your iCloud account, so if increasing your communication security matters to you, then you should disable Messages in iCloud in Settings>iCloud toggle to off.

Some apps like to access your camera and microphone, as well as Photos and other personal items. It’s pretty clear why this is useful some of the time, but you’d be surprised how many apps request such access even though there’s no clear reason for them to do so. You can check which apps are collecting information for no good purpose in Settings>Privacy, where you’ll find sections for

It’s good practice to go through each of these sections and check which apps have access. If you don’t want/need to use that app, then disable their access.

Most iOS users end up with dozens of apps on their iPhone, many of which they never make use of.

We keep hearing more and more horror stories concerning apps quietly monitoring what we do without overtly asking for permission – including the recent screen recording surveillance scam the originators of which claim is “for your convenience.”

To protect against such apps that surreptitiously grab data about you without you knowing they are doing so, it makes sense to limit which apps you carry with you.

There are two ways to achieve this:

Not only have you now reduced your attack vulnerability, but you’ve also saved yourself a bunch of space which you can fill with your favorite Sneaker Pimps albums.

Some apps exist almost entirely to monitor you and your data. To maximize privacy protection you should at the least avoid installing social media apps such as Facebook or Twitter. Not only can you access both services more securely via your browser, but a look inside Settings>Battery Health should show you how much energy those apps are using. Why?

The rather excellent Restore Privacy website recommends that you remove so many categories of app it’s a little ridiculous; however, if privacy matters to you, it’s possible you will follow that advice.

You know what I have to say: I recommend use of Ad Blockers, but I implore readers to consider that ads sales models are the only way most of the publications you read stay in business. So I urge you to find a way to support the titles and authors you enjoy. I guess everyone needs to eat from time to time.

http://www.computerworld.com/category/security/index.rss

Leave a Reply