February 01, 2018
Following up on my post on browser privacy settings, here's a brief rundown of all the knobs I've turned on my iPhone in an attempt to improve my security and privacy on this device. If you have additional recommendations, please let me know via email or on Twitter.
Let's go through them in the order the menus are shown under 'Settings'. I'll skip over any submenu that's not security- or privacy-related. If you want to play along, unlock your iPhone, tap 'Settings', and then...
Tap your name to reach settings for Apple ID, iCloud, iTunes & App Store. Under Password & Security, enable Two-Factor Authentication and set a Recovery Key. Store the recovery key in your password manager.
Under Apple ID->iCloud, scroll all the way down to Share My Location and turn that off. (Note: there's another Share My Location under Location Services; see below.)
Toggle Bluetooth off. I rarely need Bluetooth, and have no problem explicitly turning it on (e.g. via Control Center / swipe-up) when needed. The tricky part here is that OS updates frequently re-enable Bluetooth again and again, so periodically check if it's still off. (Here are a few reasons why you want it off by default.)
Notifications: I have almost all notifications turned off. This not only seems like a much healthier approach to carrying around a constant-interrupt-machine, but it also avoids leaking private information on your lock screen. For apps that I do allow notifications, I usually have those to only show previews when unlocked, to not be persistent, and to have history turned off.
Software Update: always a good idea to check for updates. I'm subscribed to Apple's security-announce mailing list, so when I get the security advisory, I usually go and update my phone right away.
Under Airdrop, set Receiving off. Like with Bluetooth above, I can easily enable this when I expect somebody to airdrop something to me. Note: this may get switched on when you use Airdrop to e.g. send something, so may need to be toggled off again afterwards.
Siri & Search
Under Siri & Search, turn just about everything off. I never use Siri, so no need to have my iPhone constantly listen in on me.
Touch ID & Passcode
Touch ID & Passcode: Ok, here things get interesting. I happen to like Touch ID and use it to unlock, to allow Apple Pay, and iTunes and App Store. I also have multiple fingerprints stored, not all of which are mine, but all of which are actually fingerprints (even though you may choose other body parts).
If you still have a 4-digit PIN, you can change it to a longer PIN or a passphrase by going to Settings->Touch ID & Passcode->Change Passcode->Passcode Options:
Under 'Require Passcode', I select 'Immediately'. I then disable all access when locked -- if you get your hands on my locked phone, there's rather little you can do. (I let you swipe over to the camera, so you can take pictures until the storage is full, and you can make an emergency call, but that's pretty much it.)
Lastly, I set 'Erase Data' to be enabled. Remember: this is not 10 rapid failures, as you might easily have your kids trigger, but 10 successive failures over increasingly longer time intervals.
Privacy: Under 'Location Services', I disable 'Share My Location' and generally set all apps to 'Never'. The few apps that I grant 'While Using' might be Photos, Maps, and Weather. (Note: I have Twitter set to 'Never'; when I want to tag my location, I may then temporarily set it to 'While Using', but I turn that off again afterwards.)
Now you need to scroll all the way down under 'Location Services' to find the 'System Services' settings. In there, I disable 'Location-Based Apple Ads', 'Location-Based Suggestions' (seems obvious) and 'Share My Location (again, see above!). You will also find a setting for 'Wi-Fi Network', which, according to Apple:
If Location Services is on, your device will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers to Apple to augment Apple's crowd-sourced database of Wi-Fi hotspot and cell tower locations.
I also have 'Significant Locations' turned off, although Apple's Location Services and Privacy statement notes that that information is kept on the device. Other things I disable here are 'iPhone Analytics', 'Popular Near Me', and 'Routing & Traffic':
Back up in Privacy, check what sort of access all the apps have requested and off what's not needed. Then scroll all the way down to 'Analytics and turn all that off. Under 'Advertising' turn on, 'Limit Ad Tracking'. While here, 'Reset Advertising Identifier'. (I do this periodically whenever I happen to go through my settings.)
Under Mail, disable 'Load Remote Images'.
Under Phone, scroll down to 'SIM PIN' and reset / enable a PIN. (When changing it for the first time, you may need to provide the default of 1111.) This means that your SIM can't be used to make phone calls or to get e.g. addresses or contact information stored on your SIM.
Under Messages, I toggle off 'Send Read Receipts' and set the message history to 'Keep Messages 30 days'.
Under Safari there are a bunch of settings I change. Many of these mirror my browser privacy settings: I use DuckDuckGo as my default search engine and turn off the various suggestions. I 'Block Pop-Ups', enable 'Prevent Cross-Site Tracking', 'Block All Cookies', enable DNT ('Ask Websites Not To Track Me'), but do also enable 'Fraudulent Website Warnings':
While here, periodically 'Clear History and Website Data'.
As shown in the previous screenshot, I'm taking advantage of iOS's support for "Content Blockers". In particular, I have the following installed:
1Blocker. In the free version, you have to pick and choose which content you want to block (Ads, Trackers, Comments, Widgets, etc.). When in doubt (and when you're too cheap to buy the full-fledged version), enable blocking of all trackers.
Crystal. Note: you want to make sure to disable "Acceptable Ads" in Crystal's preferences. After that, it's also something you don't need to think about ~ever.
Of course I have my favorite password manager 1Password installed. I have it sync via VLAN with the 1Password on my laptop. Other than that, I disable Spotlight search (which leaks titles and vault names; not a major concern necessarily, but I also never had to search for 'em, so hey), set auto-lock to 1 minute and have it lock on exit:
For Duo Mobile, preferred 2FA app, I disable 'Send Usage Data' in the preferences.
As any self-respecting #infosec geek, I of course have Signal installed. Under 'Setting->Privacy, I toggle off 'Read Receipts', enable 'Screen Security', and disable 'iOS Call Integration'. While here, I 'Clear History Logs' every once in a blue moon.
Finally, there's WhatsApp, for which I have just about all the same settings under 'Settings->Account' toggled that you'd by now expect: 'Live Location' and 'Read Receipts' are disabled, 'Show Security Notifications' is enabled, and of course 'Two-Step Verification' is turned on.
And that's pretty much my iPhone setup. I try to keep the total number of apps installed at a minimum, and for any app I do install, I review the access it needs (e.g. access to the camera, microphone, location services etc.). If I don't use an app regularly, it's likely to get deleted quickly.
You can compare my browser privacy settings here, and if you have any comments or want to make suggestions or tell me that something I'm doing here is particularly stupid, reach out to me via email or on Twitter.
February 01, 2018