Tuesday, February 27, 2018

Digitally Defending Yourself; Keeping Your Information Safe and Secure


These days, the selection of music, audio books, ebooks, apps, movies and more that you can enjoy on your iOS device is staggerring. So is the amount of personal information you'll soon have stored on the device if you make good use of it. Everything from addresses and contact information to health and other data. I remember reflecting after a year with my iPHONE about how much of my personal information and other things were store there. You don't tend to think about it in totality as you slowly start adding information so you can do this or that more conveniently. And then, one day, it hits you. The stuff of your life is contained in a light flat slab of high technology no thicker than a payne of window glass.

It is also in "the cloud", as people tend to think of it. In reality, that cloud is a bunch of theoretically secure data storage and servers where you can retrieve it whenever needed rather than storing absolutely everything on your device itself. This reduces the amount of storage space you need to have on your device. For as long as I've owned an iOS device, I have only heard of one case where someone's iCloud was hacked.

These devices are designed to be as light and portable as possible. They're supposed to be your digital companions at home and while on the go. This very portability makes them tempting targets for theft. It's in Apple's best interests to protect all that information from theft or abuse by others. This goes beyond personal information and extends to making certain that other people can't steel the books, apps, movies and music you choose to have on your device. To this end, Apple has gone to great lengths to provide a safe and secure environment for iOS users and those who provide digital content. These measures extend far beyond the obvious. For instance, all apps found in the app store must be checked and approved by Apple staff who are on the lookout for trouble-makers. Incidents of malware and viruses are very rare in the iOS ecosystem. No security is fool-proof, but Apple has done a remarkably good job in that department. All data on your device and stored in iCloud is encrypted in a way that even Apple can't break. In order to gain access to a dead terrorist's iPHONE, the FBI was forced to engage the services of a security company who were able to hack into the iPHONE at a high cost. Doing so is no trivial exercise. Apple was willing to go to court and refused to create any kind of universal back door to unlock iOS devices suspected of containing valueable information. They can and will help law enforcement in any way possible which doesn't reduce the security of innocent owners of their products.

This section will focus on elements of information security over which it is possible to exercise some direct control. These include privacy settings, passwords, passcodes, and restrictions you can activate or deactivate. This may seem a bit daunting for the non-technical people who might be reading this. By its very nature, security nearly always means a degree of inconvenience. In today's world of information, having at least a basic grasp of these measures is absolutely essential for a safe and happy experience in the iOS ecosystem. Apple keeps everything pretty simple from a user's perspective. You don't need to be a technology expert to put security features to good use. What I tend to worry about the most is for people who have a hard time rememberring passwords or numbers. You only need a few such items to be easily remembered when asked for. However, having them easily recalled and ready to be used is absolutely vital. I would strongly erge anybody with these difficulties to keep a recording or text file handy with that information clearly written or announced. Also, provide a copy of that information to someone who you trust. That will make it much easier to resolve security issues quickly and painlessly with a minimum of inconvenience and/or involvement from others who might not be as trust-worthy.

Over all, I have had a very positive and safe experience with iOS. Not once have I had to contend with a virus or data theft. While I don't go out of my way to court danger, I don't hesitate to follow links to search results which point to new items of interest. Having been online for over 25 years, I have a pretty well developed but not infallible sense of what's safe and what likely isn't. Were I ever to have my iPHONE stolen, I would be far more annoyed at the massive immediate inconvenience this would cause than concerned about my information falling into the wrong hands. I think Apple does a good job with security. There's a balance that needs to be struck between protection and annoyance. Apple has done a good job of minimising that annoyance while maintaining a good level of safety. Some people find the thought of Apple keeping an eye on things and limiting the apps available for your device to what they approve distasteful and worrying. Personally, I'm quite happy they're doing this. I have yet to be stopped from doing anything I personally wanted to do on my device. I have, on the other hand, been saved from having to deal with some of the nasty surprises people using other operating systems such as Android have found lurking on their devices.

Setting up or Changing Security:

If you don't skip the steps during initial setup of your device, you'll be putting security in place while completing the overall process. The steps wil be appropriate to the technology included in your particular device. At a minimum, you will be asked to create an Apple ID if you don't already have one. If you're setting up a secondary device or upgrading to a new one, you should use the same Apple ID. This gives you access to any personal information stored in iCloud plus apps or other things you've already purchased from Apple. For each device you own, you'll have the option to set a passcode. Next, depending on the device you have, you'll be able to set up Touch or Face ID. Apple strongly encourages the use of security features. However, it is possible to skip some of these steps during setup. You can always change your mind and turn on features later once you're more comfortable with using your device.

Some people will get these devices and then refuse to create an Apple ID or use other features due to a paranoia of big bad corporations watching their every move. Honestly, if you're that concerned about big data snooping on you, save a lot of money and get an oldfashioned dumb phone or cheeper Android tablet. In fact, you could theoretically get one of each if both were on sale and still come out ahead financially. Choosing not to create an Apple ID or not bother with a passcode will place drastic limitations on what you can do with your iOS device. Other than using the apps included on the device, you won't be allowed to get more apps, update the software on your device, etc. Also, any information stored on such an unsecured device would be available to anybody who got their hands on it. You're not saving time or protecting yourself from the big bad corporation. You're just being very stupid. Either the benefits of participating in activities one uses these devices for is worth the risk to your information privacy or it isn't. Don't shoot yourself in the foot over misplaced fear. Provided you're not doing anything criminal with an iPHONE or iPAD, Apple really doesn't care what you're up to. Take precautions using the security tools discussed here and enjoy what owning an iOS device will let you accomplish.

After setup is complete, you can go into areas within the Settings app in order to change security. These include the first item in Setttings labelled with your name, the Touch ID and Passcode area, the Privacy area, and the "restrictions" area found in "General" settings. Also, there is the "Autolock" setting found in the "Display and Brightness" area.

Your Apple ID:

In the process of setting up your device, you'll be asked to log in with an Apple ID you already have or create one if it's your first device. Ideally, each customer should have one Apple ID. It's your central account with Apple. When you create an Apple ID, it is used to keep track of all information of your dealings with Apple. You use it in the app store when you buy apps and in iBooks when you buy books. It's also used when making subscriptions to services like Apple Music. Any information you store in iCloud is also tied to your Apple ID.

An Apple ID consists of an email address and password. It is absolutely vital that you remember these. They're your way of prooving to Apple who you are. The email address should be one you actually check because there may be occasions where Apple contacts you. Also, you are sent receipts for any purchases via This address. The password you choose needs to be something you can recall while still being hard for someone else to figure out even if they know you. When deciding on a password, you should err on the side of it being easy for you to remember rather than being some complex alphanumeric sequence which confounds everyone including yourself. I've spent hours helping people start from scratch after forgetting their password or the code they've used to lock their devices. Apple's tech support staff cannot circumvent security. While there are recovery steps, they take time and are done by a separate department. Apple would rather deny you access than risk all of your information getting into the wrong hands. Remember your Apple ID and the password you picked for it. They're your ultimate key. Keep it handy and safe like you would do for the key to your home. These devices will be like a digital home.

When asked to enter your Apple ID and password, a form will appear on screen with separate fields for each piece of information. The email address will typically be filled in already and occupies the first field which is near the top of the screen.. You can double-tap on a field to go into edit mode allowing you to enter or change information. When in edit mode, you can find the "go" or "done" button which should be double-tapped to indicate you're finished with that field. The "delete" button will be above the "shift" and "go" buttons near the bottom right corner. The next field will be for your password. Enter that and then find the "go" button on the bottom right when finished.

Having a Passcode:

A passcode is a number or alphanumeric sequence which you can use to lock your device. Think of it as your first line of defence or the lock on your front door. A passcode also incripts mail messages and other data on your device so you can only access it if you know the number. You should choose a number which you can remember easily. Apple recommends a six digit passcode but you're not stuck with that. During the passcode setup process, find the "passcode options" button to opt for an easier four-digit number or a totally customised alphanumeric code of your choosing. Even if you use Touch or Face ID, you'll still need to use the passcode if you restart your device or don't unlock it for a while. You can set things up so that after ten failed attempts to enter the correct passcode, all of the data on your device is erased. If that happens, you'll either have to set up your device as a new one or restore from a backup. For the latter course of action, you'll definitely need to know your Apple ID and password.

Make certain you pick a number you can remember easily. This is especially important if you have things set so that everything is erased after ten failed attempts. I can't help people who are completely locked out of their device. Remember your passcode, Apple and password. They're your keys to everything.

To enter a passcode, input the digits using the number pad which appears on screen. There is a delete key near the bottom right if you make a mistake. If you touch a bit below near the top of the screen, VoiceOver will announce how many values you have entered. For instance, it might say "three of six". Once you've entered the correct number of digits, wait a moment. If you've entered it correctly, your device will be unlocked. If not, you'll be informed that the code was incorrect and may try again.

Touch ID:

Beneath the home button, there is a sophisticated fingerprint scanner which reads your fingerprint and unlocks your device if it matches one that you've authorised. This is what is known as "Touch ID". Instead of enterring your passcode to unlock your device or approve purchases all the time, you can simply touch the home button with a finger. You can set up more than one fingerprint for Touch ID. All prints are stored in a secure place on your device called a secure enclave which even Apple can't access. Apps and services using this data receive only pass or fail information. You can use Touch ID to approve purchases, use Apple Pay, and many other things. The chances of someone else having a print similar enough to your own is said to be one in fifty thousand.

To set up a fingerprint, place your finger on the home button and then lift it as VoiceOver instructs during the setup process. It will have you place and lift the finger several times and then have you change your grip before continuing this process. This makes certain that your device has an accurate recording of your finger. I have done this for one finger on each hand for greater convenience so I can unlock my phone using whichever hand works better at the moment. When asked to use Touch ID, simply touch your finger to the "Home" button on your device maintaining the contact until you hear a ding and feel a vibration. If you are inaccurate in your placement, it is possible that your finger won't be recognised and you'll have to make another attempt. I've never had to do this more than once to be properly recognised.

Overall, I've had a pretty good experience with Touch ID. It's handy to be able to unlock your iPHONE while it's in your pocket using one hand. I can then do things without ever removing my iPHONE from my pocket if necessary. For simple tasks like reading books or navigating music, this is a nice convenience. Also, it speeds up things like purchasing books or apps marvelously. Instead of enterring in passwords, you just touch your finger to the home button and your purchase is approved. I also use Touch ID a lot in combination with an app called Assist Eyes Wallet. This makes it possible to have sensitive information like passwords on hand while still having them require my fingerprint to access. One issue I do occasionally find annoying is that after I wash dishes or if I have wet hands, it becomes almost impossible to use Touch ID. Especially if your hands were in hot water. I often need to resourt to my passcode to unlock my iPHONE until my hands return to a dry normal temperature. Cold weather doesn't help either. You either have to remove a glove to unlock your device or have cold fingers which may not be recognised by Touch ID.

Face ID:

This technology is said to be more convenient and far more secure than Touch ID. On the more high-end advanced devices such as the iPHONE10, a group of cameras and sensors can recognise your face allowing it to be used instead of a passcode and Apple ID. It can even tell whether you're actively paying attention presuming you're capable of actually looking at your device. The chances are one in a million that anyone else's face will be similar enough to yours to fool Face ID. The chances are somewhat better if they're related or you're twins. Every so often, you'll still need to use a passcode to unlock your device such as after you restart it or if you haven't used Face ID in over 48 hours. The same is true for other things like approving purchases. For sighted people, it is very convenient since they need to look at their devices in order to use them. For blind people, it's easy to use but less convenient than Touch ID since you need to actually face your device rather than touch the home button while the device is in your pocket or pack.

Apple has taken blind people into consideration when designing this security feature. If you have VoiceOver enabled, it will guide you through the setup process telling you how to move your face so it can be properly scanned. It will also disable the part of Face ID which looks for attentiveness so that you just need to face your device rather than look at it. This does reduce how secure Face ID is. Someone could knock you out and hold your device up to your face for instance. However, take this in proper context. If somebody threatened you with bodily harm or worse, you'd probably much rather unlock the device for them anyhow. These things are only as secure as you are.

As I have no direct experience with Face ID, I can't offer additional guidance about its use. However, Jonathan Mosen has ample experience and has posted it on his web site and in his excellent book iOS Without the Eye. This is an excellent resource for keeping up to date with the latest changes and features in iOS. I highly recommend it for those familiar with iOS but needing to know about the latest changes quickly. To obtain this book and other resources, visit:

Www.mosen.org

Two-factor Authentication:

Designed to protect your Apple ID from theft rather than your device, two-factor authentication sends a verification code to trusted phone numbers or devices. If a new device tries to log in with your Apple ID, it will be asked for a verification code. Blind people will need to memorise this code long enough to enter it correctly when needed. If that number happens to be for the iPHOnE which has been stolen, it won't do much good. However, you will receive an email which would let you know of this occurrence. It would stop someone trying to log in via a web site and cause trouble using your Apple ID. They wouldn't have the verification number and you would be alerted to the danger. You could then change your password or take other precautions. You can use the verification code to recover control of your Apple ID and reset your password if you believe you've been compromised. Since only trusted devices and phone numbers can receive the verification code, you no longer need to remember the answers to security questions. You can have more than one trusted phone number or device set. Parents could have their phone number be a trusted number for their child's device. This would also be useful for people who have difficulty remembering things.

Taking Charge of Security with Settings:

To have a worth-while experience on iOS, it's vital to have a good idea how to set and manage security so that it doesn't inconvenience you unduely. The Settings area is where this management can be accomplished. Options related to security are concentrated in a few key areas of Settings. Lets begin our tour with the very first item past the search field.

Presuming you've set everything up and haven't skipped steps, the first item after the search field will be labelled with your name and email address you used to create your Appple ID. This is where you manage things having to do with your Apple ID, password, payment information etc. Think of this area is having to do more with your identity in the Apple marketplace rather than about securing your device. In the "passwords and security" area, you can change your password and also choose whether you want to use two-factor authentication. Unless you have major difficulties remembering a six digit code, I strongly recommend having it turned on. This way, you can use services which require top security like Apple Pay.

Device Security Settings:

To secure your device and its contents, you'll want to manage your passcode and Touch or Face ID settings. Those settings can be found in the "Touch ID and Passcode" area of Settings. If you have an iPHONE10, it's called "Face ID and Passcode". To enter the area, you'll need to enter your passcode. That's where you can set or change your passcode and make use of Touch or Face ID. For Face ID, you can only store one face on the iPHONE10 at a time. VoiceOver will guide you through the setup process. I don't have an iPHONE10 so I can't speak from experience here. However, Jonathan Mosen's book iOS11 Without The Eye takes you through the process. It sounds like it may be a little tricky for people so be patient with yourself and take it slow and careful. For Touch ID, you can store multiple fingerprints for unlocking your device. Touch ID also can be used to approve purchases without having to type in your password. Other apps can also use it. As with Face ID, VoiceOver will guide you through the process of scanning your fingerprints. You'll find headings in this area so the rotor set to headings may help speed you to where you want to be. You will first find options to determine what to use Face or Touch ID for including unlocking the device, paying for purchases, and Apple Pay. Below that, you'll find a heading to where your fingerprints or face data is stored. You can remove these if you wish or add new ones. Further down, there's a heading where you can choose what can be accessed while the device is in a locked state. For instance, you can choose whether recent notifications, the control centre, the Apple Pay wallet, home controls for lights and other smart household appliances, etc, can be accessed without unlocking the device first. This gives you lots of choice regarding how secure versus how convenient you want things to be.

Emergency SOS:

The Emergency SOS feature is built into iOS and is used on iPHONEs. It is supposed to make it easy to contact emergency services if necessary. The exact method to trigger it differs between iPHONEs. Clicking the side button five times quickly on my iPHONE7 would initiate the distress mode. It would start a siren sound and a countdown before calling 911 automatically. You can turn off that automatic call if you want to. Otherwise, if you trigger it accidentally, you'll need to manage to cancel the countdown before the call is made. You can also add contacts who will be notified via text message that you've called emergency services. This way, if you're incapacitated or are in need of trusted help from people you know, they can be automatically alerted that you've called emergency services and may need them.

The autolock feature:

To prevent battery drain and improve security, the Autolock feature will cause an iOS device to lock itself after a short period of inactivity. This setting can be found in the "Display and Brightness" area of settings. You can set it between 30 seconds and 5 minutes or set it to "never". Normally, I have it set to never lock automatically. It gets annoying having to unlock your phone to continue doing something after merely pausing for a moment's thought. It won't suddenly lock while you're reading a book since the cursor is constantly scrolling while that happens. As long as you're actively doing things, the autolock won't inconvenience you. I'd use autolock if I felt at all nervous that my iPHONE might be stolen or misplaced. That way, there would only be a short time before your device locked itself and required your fingerprint, face or passcode to be used.

The Screen Curtain:

To help protect your privacy, VoiceOver contains a feature called Screen Curtain. Since anybody using VoiceOver is likely to be totally blind and not looking at the screen, you can invoke this feature to make certain nobody else can see what you're doing without you knowing this. It will cause your screen to be blank. This doesn't save battery power so you'll still need to reduce display brightness in order to achieve that. I have mine set to 0 and maximise my battery life. However, you may be in a situation where you often want sighted people to be able to assist. In that case, having brightness set to around 30% or lower might be a good compromise. I don't mind having to go into the control centre and raise brightness on thos rare occasions I want sighted people to see what's on my screen. You turn screen curtain on or off by tapping three times quickly with three fingers. A three-finger trippletap.

Privacy Settings:

Privacy settings are used to allow or prevent access to information. For instance, you might choose to prevent an app from accessing the microphone or camera or access your social media accounts. 

In the Settings app, you'll find the "Privacy" button just past the Battery" button and before the "iTunes and App Store" button. These are all past the "General" button.

The first settings in the privacy area deal with access to data. Location services, contacts, microphone, camera, health, and other sensitive information each have a button. These buttons lead to lists of apps which have requested access to that specific data. You can permit or deny these apps access to the information and may determine cercumstances when this might be allowed. For instance, you can let apps only use location services when they're in focus and being used. No decisions made here are carved in stone. You can change these settings whenever you wish.

Below a note which explains that preceding options deal with access to data, you'll find a further set of buttons dealing with access to social media accounts. These work similarly to the buttons dealing with data. You can decide which apps may access your Facebook, Twitter and other social media platforms you might be using. For example, a game called Dice World has an option allowing me to post tweets about my victories in the various dice games it lets you play. If I chose, I could block this capability using privacy settings dealing with Twitter. Before a particular social media platform will appear, the app for it may need to be present on your device. 

Finally, you find two buttons dealing with advertising permition and whether to let Apple have data used to improve the user experience. I don't have a problem with this and hope my data will help app developers and Apple fine-tune things in future iOS updates.

I don't tend to adjust these settings often. IOS asks you as soon as an app requests access to these services so I don't need to go into the Privacy area unless I change my mind from my initial decision about what access an app should have. I mainly prefer apps to only use location services when I'm actually using them so I've adjusted those settings the most. I would certainly appreciate the capabilities they offer if I were going into a risky situation where I knew the danger of theft was greater.

Restrictions:

Restrictions are used to prevent actions from being taken without your permition on your iOS device. You can use these to prevent children from making purchases while they use your iPAD to play a game. You can also prevent people from browsing the Web or using iBooks among many other things. This can give you peace of mind of you allow someone else to use your device that they can't do anything potentially harmful to you.

To manage restrictions, go into the "General" area and flick right until you come to restrictions. The button is found to the right of "background app refresh" and to the left of "date and time". Double-tap on restrictions to enter the area.

The first thing you'll find in this area is a button which lets you enable or disable restrictions. When you double-tap it to enable restrictions, you'll immediately be asked to enter a four-digit restriction passcode. Choose a four-digit number you'll remember. You'll need to enter it a second time to confirm. Once that's done, you'll need to know that code to disable restrictions. The only other way to get rid of the restrictions would be to restore your iOS device from a backup. This isn't a step to be done lightly especially if you haven't backed things up in a while.

The restrictions area is divided up into headings. These are "Allow", Allowed Content", "Privacy", "Allow Changes", and "Game Center". Within these headings, flicking left or right will scroll through a series of buttons. Double-tap what you want to restrict and you'll either switch it from on to off or else get to different options. For example, double-tapping on the safari button in the "allow" heading will switch between on and off. If you leave it on off, you won't be able to even find the Safari browser since the icon for it disappears entirely. If you double-tap the "movies" button under "allowed content", you can choose the rating of movies which can be viewed on your iOS device. You can specify which country's ratings you want to use. It defaults to US.

All sorts of different kinds of content can have restrictions placed upon its consumption. Everything from podcasts to books to music to news. You don't always have a lot of flexibility. Choices are more often between allowing everything or disallowing things entirely. For instance, you can restrict explicit content in books so that your child won't even come across books featuring such material. However, you can't do more complex things like eliminate violence or taboo topics. Web sites are similar. You can restrict explicit adult content or only allow visits to certain sites you approve of. For apps, you can restrict apps by their age appropriate ratings. Using these restrictions, parents could make their children's iOS devices quite safe while still allowing for some exploration on their part. Without knowing the four-digit passcode, they may not even see what they're not allowed to access.

The setings under the "Privacy" heading withing the "Restrictions" area are the same as the ones in the "Privacy" area of Settings. However, if you use the settings within the "Restrictions" area, you will need the restriction passcode to change them later.

The options under the "Allow Changes" heading are six buttons which deal with important areas and give you the power to disallow any changes which might cost money or compromise safety. For instance, you can use the "accounts" restriction to prevent any changes being made to account information. This prevents anybody from adding a new user account to your iOS device to get around restrictions. Other areas include cellular data, volume limit, bakcground app refresh, and TV provider. A change in cellular data, for instance, might result in you inadvertently using expensive cellular data for things that you didn't want to be able to.

The settings under the "Game Center" heading allow you to restrict things like adding friends or playing multiplayer games. This will be especially useful for parents who don't feel their children are ready to deal responsibly with this unsupervised contact with strangers. There are three settings here. You can disallow playing multiplayer games entirely. You can disallow adding new friends. Lastly, you can disallow screen recording. Screen recording is often used in games to share proof of noteworthy accomplishment or other information during group play. However, it could also reveal sensitive information if used carelessly.

Parting Thoughts on Security:

Don't use extra security you don't need. I can't count the number of people I've been powerless to help because they've set restrictions and then forgotten the four-digit code. They'll disallow Safari and then wonder where their web browser went. They'll want to purchase an app or an in-app purchase but discover that they've restricted that ability on their iPHONE and then forgotten their code and can't disable the restriction. I've even had one fellow restrict his GPS app from using location services. There's simply no point of having a GPS app to help you get around if you prevent it from knowing where you are. People do some really stupid things getting all paranoid and hung up on security and privacy concerns. Take reasonable precautions but don't go overboard with this stuff.


No comments: