This article first appeared in the Cult of Mac Newsstand magazine
Just because you’re paranoid doesn’t mean they aren’t out to get you. But short of installing an air-gap, what can you really do to improve security on your iDevices?
The good news is that your iPhone is probably the safest phone you can use, but you would be correct not to trust any U.S-based company with your data, even Apple (which makes its money selling you shiny toys and may therefore be less interested in selling your data).
But if you want to move as much of your data as possible away from iCloud, here are some service and products to help you. You won’t find them as convenient as Apple’s built-in services, but they might keep your data a little safer.
Mail is somewhat ironically one of the least secure services you’ll ever use, thanks to the fact that it is sent in plain view over the internet. You can encrypt the connection with your email provider, but even then it is sent in the open once it leaves your provider’s servers.
If you want to keep sending regular email, but wrapped up in an un-openable enveloper instead of in the form of an easy-to-read digital postcard, then you need to encrypt it.
The “easiest” way is use Mail’s built-in support for mail encryption. This involves going out to get an S/MIME certificate from a certificate authority, installing it on your iPhone or iPad using Profiles, and then manually adding the recipient’s own public key to your device in order to send encrypted mail to them.
This is done by adding the certificate to your Mac’s keychain (in the Keychain Access app), and then exporting it in “p12” format, which iOS can understand. Then you just mail the certificate to yourself (whilst praying that nobody intercepts it and adds anything along the way) and open it on your iOS device. The full instructions can be found at the Feinstruktur site (along with tons of useful screenshots).
The main problem here (apart from usability when it comes to installing other people’s public keys) is that you have to rely on a third party to provide your certificate, which is clearly less secure than making your own.
The other option is to use a PGP app like iPGMail ($2), which allows you to use a key you already made, or to generate one right there on your iOS device. And because it is a standalone app, you can choose which mails you send signed and/or encrypted (iOS’s native encryption can’t be switched on and off on a per-email basis).
Once you’re set up, you can encrypt and decrypt mail messages as well as files (and attachments), share your keys between devices using Dropbox (which may or may not be a good idea) or via iTunes sharing (better and local), iCloud or (in the latest version) via AirDrop.
The app also can also open any encrypted mails you’re sent via Mail using the standard “Open in…” dialog, which is pretty neat, and the app has just gotten an iOS 7-style makeover, making it look pretty good (pun intended) on both the iPad and iPhone.
There are of course other PGP options out there, but part of the responsibility of making your communications secure is to research them all properly before using one.
Whichever option you choose, you’ll still be left with one big problem: you can only send encrypted mail to someone who is able to decrypt it, which for most people means around zero percent of all your contacts. So maybe it’s better to just send sensitive stuff via snail-mail.
Another thing you should think about is your email provider. Google might not be evil, but it is in the U.S, and can be compelled to hand over information about you just like any other U.S-based company. But the alternatives are pretty grim, right? After all, Gmail is integrated into pretty much everything these days.
Gmail users might want to give Fastmail a shot. It doesn’t integrate into so many third-party services as Gmail, but it does offer very similar server-side filtering, lots of storage, a fantastic webmail interface (a lot like Gmail used to be before Google got all caught up fighting Facebook and turned itself into a social network) and — best of all — it’s owned by Australians.
Fastmail was recently bought back from Opera by the folks who sold it in the first place and is now back under Aussie control. The servers are in the U.S, but as the company itself has no presence in the U.S, it’s subject to Australian law.
We use Fastmail for our Cult of Mac e-mail, and I’m all but ready to move over myself. Potential switchers might want to take a look at this guide from Max Masnick.
Safari has its own Privacy mode which switches off the history function and disables identifying information like cookies. This is fine if all you want to do is hide your porn addiction from a shared iPad, but what about hiding all your internet browsing? You need a Tor-capable browser like the Onion Browser, which will obfuscate all traces of who and where you are, as well as what you’re viewing.
Tor is a network of computers which pings your internet traffic around the world, making it impossible for anyone to work out where you are physically, and therefore keeping you anonymous (as you’d expect, the NSA has ways around this, although they’re mostly centered on vulnerabilities in the Firefox browser).
The problem with Tor is that using it is dog slow thanks to the fact that all your traffic is being routed through so many other computers. But that’s the old security/convenience tradeoff. In short, keep using Safari in Private mode for your NSFW surfing and use Tor for anything you really need to keep secret.
BitTorrent is getting into the IM game with a secure messaging service that does away with the server entirely and send messages directly between peers. Details are thin, and the app is currently in closed beta, but the intentions are clear from the blog post announcing the experiment:
This year alone, more than 6 million people have been impacted by data breaches. The right to own your own conversations online: it’s not a given. It should be.
Pretty unambiguous, right? You’ll have to wait for this one, but IM sounds like a perfect fit for instant messaging: you get the network that you need in order to be able to find and contact people, but with encrypted peer-to-peer transfers like those in the BitTorrent file-sharing protocol.
If ever there was a clear example of the tradeoff between security and convenience, it’s iCloud backups. They happen automatically when you leave your iDevice to charge, and they can restore your device to its exact state, including all your passwords and even your home screen wallpaper.
The best way to keep yourself secure, though, is to ditch cloud backups entirely and just back up to your Mac or PC. This is also the fastest way to restore all your apps and data, as it’s done over the wire. But what about something in between?
iDrive Backup (free for up to 5GB) is Universal app which lets you back up your contacts, photos, videos, and calendars. The free version comes with 5GB storage which can be shared among any number of devices (just like iCloud) and all your data can be accessed from your desktop machine (iDrive backup can also be used to backup your Mac).
So how is this more secure than iCloud? Well, it’s not, unless you pick the private-key encryption option, which encrypts everything before it even leaves your device, making sure that nobody can see any of your data (including you, if you lose the password).
Then again, you might just stick with iCloud. Apple encrypts your data in transit and on the server and if you have the right settings enabled, your iPhone is also protected by whole-disk encryption.
This is the first category in which I’m not going to suggest an alternate app. The built-in Contacts app is so fundamental to the use of the Mail, Phone and Messages apps that a sheet of paper is just as convenient an alternative as any other app. But that’s not to say you’re lost. First, just switch off Contacts syncing in iCloud and just store them locally. If you have ever synced your contacts with a third-party app, then make sure that the iCloud backups for that app are also switched off, in the iCloud preferences (inside the Settings app).
If you have contact details you really don’t want in the Contacts app (say Edward Snowden’s private cellphone number) then jot them down in a secure note inside 1 Password (more info below) and copy/paste them when you need them (make sure any clipboard-monitoring apps like EverClip or Pastebot are switched off first, just in case).
So far we’ve looked at replacements for existing services, but who says you need to use those services at all? After all, just because I want to “email you a photo” doesn’t mean I need to actually use email. If we divorce the intent from the accepted method used to achieve it, we get to apps like BitDrop.
BitDrop is an iOS app which lets you share anything securely and without the recipient needing to do anything but paste a password into a browser. It works by encrypting your file right there on your device and then uploading it to Bitdrop’s servers (the company is based in Zurich, Switzerland, so it’s out of reach of the NSA). The recipient receives a code so they can download the file and as soon as they do the file is destroyed (you can set a time-bomb to erase the file, too.)
Just be careful you send the link to the right person.
Notes are a lot easier than the other iCloud services to replace with something secure, as they can be perfectly useful when left on your device and you can use secure IM or email to send them from place to place. However, if you want to sync your notes between devices, a great way to do it securely is by not using a notes app at all.
Instead, try 1Password ($40 for Mac, $18 for iOS), a fantastic Mac and iOS password manager. It has a built-in notes section, and anything stored in here is as safe as anything else it manages.
Syncing is done over Dropbox or via iCloud, but this isn’t as insecure as it first seems; the sync file is itself encrypted so that even if somebody managed to pry it from your Dropbox then they’d still need you password to open it. And you have, of course, picked an excellent and strong master password for 1 Password, right? New in v4 for Mac is the ability to sync over your local Wi-Fi network, which is perhaps best of all unless the NSA is already parked in a van outside your building.
The other option is to just keep your notes local, but keep them in an app that is great at sharing. Drafts (from $3) is billed as a kind of universal inbox for text, letting you jot down a quick note before sharing to anywhere and everywhere, but it is also pretty great as a standalone notes app. Not only is search instantaneous, but thanks to URL schemes you can send your notes direct to many other apps. Thus, you can easily get your notes into your secure e-mail and IM clients, ready to be secretly sent.