Earlier this year, we saw Apple and the FBI embroiled in a legal battle over the issue of unlocking an iPhone belonging to San Bernardino shooter Syed Farook. The FBI wanted Apple to help unlock the phone. Apple refused. In came the lawsuit, and people around the world nervously awaited the outcome as the case would in part determine civil liberty law.
The legal battle was eventually dropped as the FBI hacked their way into the phone without any assistance, making the best out of a bad situation. However, the entire clash brought to light some important questions. How safe are iPhones at protecting your information? How effective is Apple’s security? And perhaps most importantly, what can you do to secure your iPhone?
This article will shed some light on these questions.
How Secure Are iPhones?
The good news is that iPhones are actually quite secure, for a number of reasons:
Apple’s Business Model
Apple takes consumer privacy very seriously, as evidenced above. It’s one thing for many companies to say they are, it’s another for them to support their privacy protection by defying the wishes of the FBI.
Compare Apple to Google. One company makes its profits from selling hardware; another makes its profit from selling data and information. That’s an important distinction, and underlies why Apple’s business model inherently benefits its users.
As stated on Apple’s privacy page:
Our business model is very straightforward: We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t “monetize” the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you. Our software and services are designed to make our devices better. Plain and simple.
In terms of software, iOS is heavily sandboxed, meaning apps have no way of communicating with each other and cannot access your photos, messages, location, etc. unless you give them permission to. This is where many people go wrong when it comes to protecting their data, as they install new apps and allow them to have free reign over their data.
Defense Against Brute Force
iPhones are also difficult to brute-force hack (where machines are run to guess hundreds of passwords in seconds) because of the built-in delay after you input a password wrong. The other preventative measure here is you’ll actually get locked out after six incorrect password attempts and lock-out period gets longer and longer the more you mistype. This is one reason why the FBI likely required Apple’s assistance in unlocking the perpetrator’s iPhone, as they couldn’t do it simply by brute force.
The iMessage platform we use to send SMS to people is actually end-to-end encrypted. This means only you and your conversation partner are able to read the messages you send each other. Third party apps and even Apple themselves can read or intercept messages. This is actually quite admirable, as the iMessage platform processes over 200,000 messages a second over a billion devices. That’s the sort of data that would make any tech company drool over.
iPhones after the 5c model come equipped with a security chip known as the “Secure Enclave.” This is where fingerprints and other security-related data are stored. It’s essentially a computer within a computer because it cannot be read or tampered with by other systems within the phone. It’s also believed to feature defensive measures that would erase encrypted data if new firmware tried to overwrite the Secure Enclave.
How to Further Secure Your iPhone
So if the iPhone is already quite secure, as we’ve seen, do we still need to take protective measures to further enhance its security? The answer is a resounding yes. While Apple does take security seriously, there are always methods out there to hack any operating system. It’s in your best interest to take security just as seriously by doing the following. Some of these may seem obvious, but are important nonetheless.
1. Keep Your iOS Updated
iOS updates are Apple’s way of patching up holes or flaws in their code. It’s important you make sure you’re running the most recent iOS version to avoid being targeted by hackers who exploit these bugs.
To update your iOS, go to the Settings app -> General -> Software update.
2. Activate Find My Phone
If you’ve activated “Find My Phone” on your phone, you’ll be able to log on to the app from another iOS device and remotely delete all the data on that device. This can be a great tool if you lose your phone or are hacked and need to erase your private information.
To activate this feature, go into your iCloud settings and simply turn on the switch for Find My Phone.
3. Make Your 4-Digit Password More Complex
With the standard 4-digit PIN, there’s a 1 in 10,000 chance that someone could guess your password on the first try. If the iPhone didn’t have security measures against brute forcing, it would take most computers only 4 seconds to unlock your phone with a 4-digit PIN!
To change your password into something more complex, go into the Settings app -> Touch ID and Passcode -> turn off Simple Passcode. We recommend using a longer password with letters and numbers at least.
4. Disable QuickType
QuickType is the successor to Auto-fill that finishes words and sentences for you. This can be a problem if you send any kind of confidential information over text or email that you wouldn’t want to fall into someone else’s hands.
To turn this off, go to Settings -> General -> Keyboard -> Turn off Predictive.
5. Use a VPN
Just like on a computer, there’s a chance that your Internet connection is unsecure. If you’re sitting at your favorite coffee shop, restaurant, or airport using public Wi-Fi, a hacker could easily compromise your device and access private info.
VPNs ensure your traffic is encrypted and not privy to third parties. You can rest assured your information on your iPhone is safe while using a VPN. The great thing is you’ll notice almost no loss in connection speed either.
One of the best VPNs for iPhones is Cloak. It currently has over 50 five-star ratings on iTunes.
Download it here: https://www.getcloak.com/
6. Use Private Browsers
To ensure your web history and searches are not tracked, use Private Browsing Mode in Safari or Incognito Mode in Chrome. You can also use DuckDuckGo, a search engine that’s committed to no-tracking policies, so you avoid leaving any trace behind for advertisers.
7. Modify Safari Settings
Even if you use Private Browser Mode in Safari, there’s a lot of other settings you can change to improve your privacy. Go to Settings -> Safari and do the following:
- Enable Do Not Track. Stops advertisers from following your every move.
- Block cookies. Prevents sites from storing your name, email, password, and other info.
- Enable Fraudulent Website Warning. Alerts you when you visit a potentially malicious site.
- Erase passwords. Within Settings -> Safari, go to Passwords and Auto-Fill and remove any saved passwords. It’s incredibly easy for a hacker to use your credit card if you have the info all saved on your browser!
8. Disable App Permissions
Despite the fact that apps are sandboxed and can’t communicate with each other, they can still glean a lot of information about you, your location, and your preferences if you give them permission to track you.
To turn these functions off, go to Settings -> Privacy and disable permissions to your camera, location and more on an app by app basis.
9. Stop Sending Data to Advertisers and Developers
Your phone routinely sends reports about your usage and issues to Apple. If you’d prefer not to send this information, which could contain confidential data, go to Settings -> Privacy -> Diagnostics & Usage -> Don’t Send. You can also switch off the option to send to App Developers.
In the same Privacy tab, hit Advertising and turn on Limited Ad Tracking and tap on Reset Advertising Identifier. You’ll prevent advertisers from gaining too much information on you by doing this.
10. Stop Your Phone Tracking Your Location
Since iOS 7, your phone keeps a tab on your most frequented locations. To stop this function, go to Settings -> Privacy -> Location Services -> System Services and disable Frequent Locations.
You can see my frequent locations below. My phone tracked how often I’ve been home, to work, and everywhere else. Pretty creepy.
11. Turn Off Location-Based App Suggestions
If you’ve ever found yourself at a Starbucks or 7/11 and get a suggested app alert, that’s your phone tracking your precise location. If you find this unsettling, go to Settings -> Privacy -> Location Services -> System Services and turn off Location Based Alerts.
12. Disable “Share My Location” Feature
You probably didn’t know this, but your exact location can be shared with someone for a specified amount of time through the Messenger app. This can be very troublesome if a third party were to hack onto your phone and turn this setting on remotely.
To disable this feature, go to Settings -> Privacy -> Location Services -> Share My Location and turn it off.
Do all of the above and feel comfortable that you’re not compromising any of your privacy or information!