The Complete iOS Privacy & Security Guide: Your Best Protection!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] iOS devices are advertised to be some of the most secure and private devices on the market and sure maybe out of the box they are a decent option but that doesn't say very much in our modern day world out of the box Apple still trance you as well as your cellular provider and ISP third-party applications advertisers and more your data and privacy matter we live in the world where everything there is to know about you is just a click away from people you know companies governments and everyone in between we have a whole lesson covering why privacy is important check it out we also recommend Glenn Greenwald's TED talk on this it's fantastic today I'm going to show you exactly how to make your iOS experience as private and secure as you need it to be from beginner to extreme to make that happen we have three zones Zone one shouldn't impact day-to-day usage so I recommend you implement everything within it zone two will require small changes that may impact from vini ins and zone three is 7/3 it's for those looking to go above and beyond this is mostly a guideline and your specific needs may vary depending on your threat model if you want to learn how to threat model and develop a plan in deciding what you want to protect refer to this great source in the description no more chatter it's a big video so let's get into zone 1 your devices password is your first form of protection on your device making it not only an important thing to secure but it's also easy to implement use a strong password if your device is locked out and requires a password by hitting the power button five times a tip you should remember having a strong password will be your first line of defense like Margaret Thatcher is a hundred and ten percent sexy Wow as a side note make sure notifications as well as Siri are not publicly accessible on your lock screen once you set a strong password you then have the option to utilize biometrics these typically suffer three major issues one they can be cracked fairly easily two they fall under different legal jurisdictions in some countries meaning you can be forced to unlock your phone if it's utilizing biometrics in the u.s. specifically passwords have historically been protected under both the Fourth and Fifth Amendment's but this rarely if ever extends to biometrics and three while there's zero evidence of this I don't personally believe this to be true some users have privacy concerns behind biometric data on iOS devices Apple does store this locally and doesn't allow third-party access with no evidence of wrongdoing but this is a concern to some people if you want the convenience of biometrics feel free to use them just remember that power button tip for emergencies and I'd recommend disabling biometrics in high-risk areas like airports protests borders and other places with heavy law enforcement where you may be forced to unlock your device passwords you use on websites are a commonly left out part of your security if you use the same password or similar passwords for all your services one breach can very easily lead to the other thing breached since they utilize the same or similar credentials weak passwords are in general very easy to crack make sure at least in zone one that you are using strong unique passwords I'll leave a source on what that means and different methods of doing it zone two will go further into this your browser has the ability to track everywhere you go on the internet ensuring you are using something with proven security and privacy is paramount to protecting your web traffic anything outside stock Safari is still using Safari and really only adding attack surface potentially decreasing your security however there are reasons to use other browsers mostly to separate your traffic and add additional features having a browser like docked ago used for non personal disposable searches which auto-delete when you're done away from your normal browser is a benefit not to mention DuckDuckGo ads tracking and AD protection I recommend having at least one disposable browser like DuckDuckGo in your arsenal and more is always an option brave has an iOS app with similar benefits to DuckDuckGo and although there is no official tour app onion browser is the iOS app recommended by the Tor project to help anonymize web traffic significantly I'll have a guide on our channel talking about mobile browser compartmentalization and how to do it so subscribe to check that out but hopefully this at least gets you thinking about separating a searches and web traffic across different browsers that are designed to do different things similar to your browser your search engine also has the capability of tracking everything you do on the Internet which major companies like Google do iOS doesn't allow you to set that many custom search engines for Safari but they do offer duck that go as one of the four default options other browsers may have other search engines you can utilize the two main recommendations being duck let go and start page your IP address uniquely identifies you on the Internet and can be used by websites to track you not can it is a simple way to prevent this is by utilizing a trusted VPN provider to not only hide your IP address from sites but to also gain some additional protection on public Wi-Fi networks to prevent attackers from snooping on your web traffic as for which VPN to choose you're in luck because we do systematic community driven VPN reviews on our channel I'll leave our most current top 5 best VPNs video as a card and in a description our current highest rated is proton VPN so I'll leave a link for that below which even has a free limited plan for you to try out if you want to know more about VPNs check out our video where I break down what a VPN is and why you should consider using one as well as the cons and what it doesn't protect against DNS is a domain name service and they are like a phonebook for the internet directing you to the sites you visit every day the problem is most default DNS providers track your browsing so try using a DNS provider with privacy in mind if you're using a VPN service it likely includes its own DNS server meaning you don't need to worry about this other double-check that if you aren't using a VPN check out the DNS servers on privacy tools IO and to manually set them on your phone I'll leave instructions below on how to do that inside of your devices settings this is gonna be broad but less is almost always more when it comes to security privacy every additional application and setting you utilize increases attack surface and the possibility of abuse with your personal information if you're a person with pages and pages of apps that you mostly never use they are likely not just doing harm in the background with your data but also negatively impacting other things like battery life and storage space so just get rid of it some applications of Twitter have amazing mobile sites so if you can utilize the web application within Safari and add it to your home screen that's a great way to separate the app and keep it within your browser which is typically safer than using the application outside apps try to frequently clear data you don't need like old text messages phone calls and especially temporary data like browser cache history cookies and other temp data within your applications time into minimalism there are lots of settings on your phone and within applications you may never use and are pointlessly collecting data about you as an individual I made a PDF you can find in a description with some recommendations and things that you can turn off in your settings do not forget to go through each individual application in settings as well to ensure nothing is needlessly tracking you outside of the Apple ecosystem on a similar note app and OS permissions should not be taken lightly calculator apps don't make your contacts at the FBI workout app it doesn't need your location true story dig into the privacy settings and revoke any permissions that seem questionable keep in mind there are workarounds to abuse permissions that you disable check out some of the research being done at Berkeley they are Android specific but have confirmed similar attacks are possible on iOS as well so again it's better not to have the app at all if possible web apps will prevent this kind of abuse like we talked about in the minimalism section one of the most forgotten things to do is set a password on your SIM card if it's store in your contacts someone can just pop out your SIM card and view this information even without contacts if your phone is stolen someone can send fraudulent messages using your phone number and no one would know it isn't you you can do this quite easily within your settings so make it enable it and get it going most things you read about like the newest iOS exploits that dramatically impact your privacy and security are almost always patched through updates the best thing to do as much as we hate them is utilize automatic updates for iOS as well as your applications I personally like reading changes being made screw every app developer who doesn't include a change log and if you're in that boat or you simply prefer the manual route make sure to at least check for updates frequently I'd say at least once a week if you can to finish zone 1 jailbreaking just don't do it it only opens things up for exploitation there is an argument that you could disable things you couldn't authorize disable before the jailbreak I am going to recommend to the overall me majority if you don't know what you're doing just don't jailbreak don't worry about it your phone is predominantly used for communications so ensuring you're communicating as securely and safely as possible is quite important the biggest know is to avoid SMS aka the green messages and standard phone calls at all costs SMS can be unencrypted and they are stored by your cellular provider indefinitely meaning probably government entities as well so any random person can likely intercept them phone calls are in a similar boat the great thing about iOS is that it includes iMessage and FaceTime out of the box they both utilize end-to-end encryption and most people with an iPhone or Apple device use them however not everyone uses iMessage and while being significantly better than SMS it's also not quite the best option I highly recommend is just a simple recommendation signal it's easily the best thing for just a simple cross-platform option that implements some of the strongest security standards and least amount of metadata collection check out our go incognito lesson on metadata for more info on what this is and why it matters because it really does matter signal also supports audio and video calling similar to the Apple ecosystem but for everyone even your green Android buddies outside texting and phone calls if you're looking to implement encrypted emails check out protonmail and to denote a-- both have very generous free plans and offer a fantastic user experience i'll leave links to both of those in a description Foss stands for free and open source software this means the software's code is publicly viewable and theoretically modifiable by the community this ensures you can verify the security and privacy behind the software we have a whole video covering this more thoroughly in general I'd advise moving from proprietary to Foss applications as much as possible signal as fast as well as some VPNs like proton VPN and I VPN I'd recommend having that high on your priority list when deciding what applications to download as well as which services to switch over to Foss will typically honor you and your data much better than proprietary solutions because you can verify that they do to find fossil turn ative to apps you use check out alternative to.net for some basic recommendations avoiding Apple's iCloud and general cloud storage of your data is a great step as there have been several instances of abusive user data you don't need some celebrities to tell you that although for most people this is quite inconvenient and increases the possibility of data loss because of less frequent backups for zone to disable as much as possible related to high cloud like iCloud backups device syncing and ideally other cloud providers as well this will require manual backups so you'll have to either find ways of backing up your raw data or use iTunes and do a manual encrypted device backup on your computer to ensure you are in full control of your data outside using strong and unique passwords which we covered in zone 1 where and how your passwords are stored can be incredibly important password managers are a commonly recommended way to go we have covered what password managers to use in a lesson of go incognito in shorts avoid storing your passwords within your browser if you want simple cloud syncing between your devices check out bit warden if you want a more DIY password manager there's key pass with the best clients on iOS being strongbox and key pasión I have a whole guide to keep ass on our channel for those who want to learn how it works beyond having a strong password implementing two-factor authentication is arguably just as important 2fa combines something you know a password with something you have ideally a code generated locally on your device at the very least SMS 2fa which are those texts you receive with a code is better than nothing although there are a couple issues with SMS 2fa such as the risk of sim swapping the better more recommended option is a local event occator app that uses a QR code not every site supports this but many do so look for it and amuse it instead of SMS when available some notable iOS apps are authenticator tofu and ethey authentic carrot and tofu both open source but avi has a user interface and experience that may be more appealing to some radios applied to anything that gives off a signal on your phone this means predominantly cellular Wi-Fi Bluetooth NFC aka Apple pay and GPS will cover the more extreme solutions in zone 3 but for zone 2 try disabling Bluetooth and NFC when they aren't being used bluetooth for one is an insanely insecure protocol not to mention Bluetooth being an instrumental tool used to track your movements it's even being implemented in stores like Target Walmart and likely more where beacons are used to track where you walk throughout the store which is then fed to advertisers who target you with products you viewed in the store it's just totally creepy as for Wi-Fi it's good practice to disable it when you are using cellular and a vice versa for GPS leaving it off when not in use and disabling as many permissions related to it in the settings for both the operating system and specific applications is highly advisable the general rule of thumb is if it doesn't need to be on turn it off most people are aware of this one but covering your cameras can prevent the theoretical camera hack where someone spies on you through your camera this is possible and a recent vulnerability showed just one way this could be abused if you never use your cameras and don't want to just use tape if you are a standard user who uses cameras on your phone I'll leave some sliding camera covers in a description that will allow usage of the cameras while blocking them when not in use the last step for zone 2 is another physical mod and it's a privacy screen protector these make it so it's very difficult to view your phone screen from side angles protecting your personal information from snoops and shoulder attacks the main downsides to these as they can affect the image quality slightly making it an annoyance for anyone needing to work with color sensitive tasks or photography I'll leave a link in the description with some privacy screen protectors I cannot recommend them more and the peace of mind they give me in public spaces is fantastic this is it everybody zone 3 and like I said earlier this is for the extreme users looking for the most security and privacy on their devices first disable GPS and location altogether it is easily abused by applications to track everywhere you go throughout the day as well as the operating system when disabled entirely you have to manually enter addresses for navigation and or relying on a separate device this will obviously mean Find My Phone will not work so again zone 3 is for extreme usage which can oftentimes have negative consequences keep in mind that just because GPS is turned off doesn't mean apps can't access a general location of where you are as your IP address can there are you down pretty well again go to zone 1 for VPNs which comboed with disabling GPS will prevent most people from tracking your location most people if you want a guaranteed method of cutting out all radios from your device without just using airplane mode look into Faraday patches and backpacks these are designed to fully eliminate communication your device has with the outside world they do have to be used properly and I'd recommend looking at these sources for some tips on doing so I'll also leave some products to check out in a description that seemed to be great options especially this really nifty backpack to take iCloud and your Apple ID a step further you don't even need an Apple ID to use your iOS device you can fully log out and it will still be a usable phone you will lose iMessage FaceTime the App Store and more but just know it is possible to fully log out if this is too extreme at the very least ensure you've handed over as little personal information as possible to Apple disabled all the necessary analytics performed by them in the settings and disabled as many features as possible like iCloud and more which we covered back in zone 2 similar to some cards your cellular provider is likely something you forget about in the u.s. they all more or less track you some more than others but they are all universally bad for privacy your best bet is to at the very least sign up with as little information as possible my personal favorite provider is mint mobile which is a prepaid cell plan meaning you pay for however long you want up front no contracts or payments and all they require is an email payment method and an address to send you the SIM card I was able to use a mail drop a pseudo email and a non reloadable vanilla Visa card paid for in cash too Tayna SIM card I use every day mint has no direct information about me and I'd recommend you go this route or a similar one as well you can find them in a description the last thing is those pesky cameras and mics if you really don't want them consider removing the cameras depending on your iPhone model this may be extremely simple you can also snip the microphones and stick to only using the microphone on your earbuds these are for very extreme threat models but the option is available note that opening up your iOS device will surely void its warranty so don't expect support for your device after doing this that my viewer is the complete guide to iOS privacy and security I hope you learned something today and if you implemented even one thing I'd consider that a success so congrats and taking ownership of your personal privacy because again it does matter and we need to fight for it so keep up the good work if you enjoyed this guide make sure to give it a like below and especially share to help us in reaching and educating more people and subscribe to watch our newer content including an Android version of this guide coming soon if you want to support us further we have a patreon where you get to directly give back to what we do and enable us to help spread privacy and security to the masses by funding things like the editor who produced this video a set of patreon we are on brave rewards as well as many supports methods you'll find on our site that's it for this video thank you for watching and I hope you're leaving here a bit more prevent secured than when you got here so peace out and have a fantastic day [Music]

Info

Channel: Techlore

Views: 85,615

Rating: 4.9534883 out of 5

Keywords: ios privacy, techlore, ios security, apple privacy, go incognito, iphone privacy, iphone security, iphone privacy settings, apple iphone privacy, iphone privacy settings to turn off, the hated one, switched to linux, how to, guide, tutorial, secure iphone, iphone analytics, phone security, privacy settings, best vpn, deep web, surveillance report, edward snowden, open source, anonymous, password, faceID, touchID, VPN, duckduckgo, firefox, 2FA, protonmail, encryption, Tor, security, privacy

Id: d2bJVKcIEg0

Channel Id: undefined

Length: 18min 13sec (1093 seconds)

Published: Tue Jun 30 2020