Tag Archives: iPhone Security

Apple iOS4.2 – What are the security benefits?

Apple released iOS4.2 in late November and it is applicable for the iPad, iPhone, and iPod Touch. From a functionality perspective the upgrade provides a lot including the ability to create folders and multitask on the iPad (features previously lacking) plus the AirPlay feature for all three devices that enables streaming of content to the Apple Tv or Airplay enabled features.

These features are intriguing but since this site specializes in information security my primary focus is to discuss the security implications of the iOS4.2 upgrade.

What is the most significant security benefit of iOS4.2?

The Find My iPhone, iPad, or iPod touch application is now available as a free application and this is an important breakthrough because these services typically were subscription only in previous iOS’s via the Mobile Me service. Once the Find My app is installed an owner of one of the devices mentioned above can perform the following security functions:

  • Find the location of a lost device on a map
  • Display a remote message on the device screen (with hope it will be returned to you if found so perhaps offer a reward as incentive)
  • Remotely set a passcode lock so your device and data can not be accessed inappropriately
  • Wipe the device remotely if it is stolen or lost for good and you are not likely to recover it.

These security features are significant and go a long way to help prevent loss of data confidentiality on a loss or stolen device and possibly may even with the recovery of your device itself.

How do you upgrade your iPad or iPhone to iOS4.2?

First back up your data and then connect your iPhone or iPad or Ipod Touch to your computer and load up iTunes and click check for updates. Download and install the upgrade.

How do I activate Find My (iPad/iPhone)?

Here is a nice Apple instruction video showing how to configure your device on Me.Com

* Be sure to set this up right away if you wait until you need the features it will be too late.

What security vulnerabilities are corrected by iOS4.2?

In addition, to the Find My functionality there is a big list of other security vulnerabilities fixed in the iOS upgrade. In scanning the list several of the vulnerabilities mention arbitrary code execution that could lead to a lack of security integrity of the device. If you have not already done so an upgrade to i0S4.2 is highly recommended to close these vulnerabilities and take advantage of the new Find My capabilities. Install it and configure your device on Me.com as soon as possible.

iPhone Security – Tips for keeping your iPhone Secure

The iPhone has been easily winning the battle vs. Google Android and other mobile devices for market share but is it leading the pack in security? Out of the box the iPhone has some security gaps but if you follow these iPhone security tips you will be ahead of the game in protecting your device.

iPhone Security Settings

1. Set up a pass code to help prevent unauthorized use of your iPhone. By default no password is required but that kind of setup greatly increases the chances of someone snooping on your phone (the most probable scenario) if you leave it unattended or if it gets lost. If you forget your pass code you must do a restore so be sure to remember it.

Select General > Passcode Lock and enter your 4 digit passcode

2. Set how long before passcode is required (how long iPhone can be locked before passcode needs to be entered). A setting of 30 minutes should be good here.

Select General > Passcode Lock> Require Passcode then select the value you desire

3. Disable Bluetooth if you do not plan to utilize it. If Bluetooth is active it is another potential vulnerability source so if you are not using it shut it off.

Select General > Network and turn Bluetooth off

4. Set your voicemail password to prevent others from accessing your voice messages. Select a pin that will be easy for you to remember but not easily guessable by others (much like your ATM pin)

Select phone > Change Voicemail Password

5. Lock your SIM card to help provide additional security around your sensitive information.

Select phone > SIM PIN and turn it on. The manual mentions the default iPhone SIM PIN is 1111 unless the carrier has changed it.

6. Turn Pop Up Blocker On to enhance security and browsing experience (note that this stops only entry/exit induced pop ups not click through pop ups)

Change security settings: Choose Safari, then turn pop up blocker on

7. Backup your phone data periodically so that you will not lose your phone lists and other customized settings. This will come in handy if a firmware update ever goes haywire.

8. Install iPhone firmware updates when they become available. The recent passcode bypass vulnerability will be updated in a November update and in general when hardware or software is updated by a vendor it is often is due to security vulnerabilities so it is best to stay current with these important updates.

9. Only join WiFi networks that you trust to lower your chances of having passwords and other sensitive data intercepted by those seeking to steal your credentials.