Sunday, March 20, 2016

IPhone Security - Two Simple Steps You Can Take To Protect Your Privacy

We have all read the headlines regarding the "FBI vs Apple" San Bernardino IPhone Case. It has become a political "hot potato". Each side has presented their case in the media, and unfortunately there are no easy answers. On the surface it may see simple - why not provide the IPhone data to the Government? Doesn't Apple want to help prevent Terrorism? What about privacy? Does the Govenment have the right to force a private international company to create a "master key" that potentially "opens thousands of doors." Valid government warrants have routinely been used in criminal cases - is this case different? Generally US courts have upheld valid warrants for "things", but not for what's in your head (self incrimination). You can be compelled to provide a fingerprint, but what you store in your brain is protected. These are complex issues and the US Congress will ultimately have to create new law.



Why new law? Because of Math. Modern methods of encrypting data rely on math - cryptography. The art and science of cryptography has evolved to the point where we can hide (encrypt) information, in such a manner, that no one can recover it, without knowing the "Key". This is an all or none, binary process - there are no "shades of gray". Supercomputers can "brute Force" encrypted data, but the math - crypto has managed stay ahead and win the race. Modern computers would take more than a thousand years to break standard encryption methods that are available to the public. Will our government outlaw encryption? Apple's latest IPhone 6 series, if properly. secured, would be impossible to decrypt by anyone other than the person that created the key - Apple included. Keep in mind that the San Bernardino IPhone was, from what we have seen, not properly secured. So, Apple, most likely could create a special OS or firmware in this case. Does that set a precedent?

So how do you secure your IPhone (IPhone 6 running IOS 9) against thieves, hackers and even governments? Two simple steps.

1. Use a good passcode - even if you use the fingerprint technology - Touch ID. What is a good passcode? To make it relatively convenient, choose a 12 - 14 digit numerical code. It would take over 1000 years to discover your key. Want to make it better - use a 12 - 14 character alpha-numeric key. This 
pushes it to hundreds of thousands of years, but it is much less convenient. To change your passcode to 12 - 14 digits, go to Settings > Touch ID & Passcode > Change Passcode > Passcode Options > Custom Numeric Code. Or choose Custom Alphanumeric Code if you want to use letters, as well. You should also turn on the feature to "erase your phone" after 10 incorrect tries.

2. Turn off iCloud Backups on your IPhone. Instead, use ITunes (via USB) on your Mac or Windows PC to make routine backups. When using this method, make sure you turn on Encryption within the ITunes backup and choose a good password. To stop backing up to iCloud – and delete your existing backup – go to Settings > iCloud > Storage > Manage Storage then select your device before pressing Delete Backup. When asked to confirm, select Turn Off & Delete.

Your IPhone data is now as secure as you can make it.