Insights For Success

Strategy, Innovation, Leadership and Security

iPhone

The free content blocker you should be using in Safari on IOS

GeneralEdward Kiledjian
fuu-j-KRztl5I6xac-unsplash.jpg

Apple’s Safari browser on IOS is a a solid browser but there are others that provide more privacy and tracker blocking. One of those browsers is Firefox focus.

In IOS15, Apple added support for Safari extensions on IOS. Firefox can now be used as a standalone browser or as a plugin for Safari.

What does Firefox Focus in Safari do?

Privacy

It blocks known trackers such as

  • ads, analytics and social trackers

  • Other content trackers – this category includes embedded videos, photo slideshows, and news article embeds that could track you.

Speed

Because part of the website is being blocked, pages will load faster and you will consume less bandwidth (especially important when on LTE).

Unobtrusive

Once you enable it, you will forget about it, use Safari as you would normally do and will gain all of the benefit without having to do anything else.

How to enable in Safari

Step 1

  1. Tap on Settings

  2. Scroll to Safari

  3. Tap Content Blockers

  4. Tap the switch to enable Firefox Focus

tempImage1Opx4y.gif

Step 2

  1. Open Firefox Focus

  2. Click on the cogwheel to open the settings menu

  3. Tap the switch next to Safari to enable it

IMG_9C57522DCD5B-1.jpeg

Tips to make your iPhone more secure

GeneralEdward Kiledjian
dmitry-ratushny-xsGApcVbojU-unsplash.jpg

Our smartphones are so much more than just internet access devices. They have become extensions of our brains. They remember our friends' contact information; they help us shop; they know where we have been and where we are going.

But what happens when someone gains access to this treasure trove of ultra-private information? I have written about how you can make your iPhone more secure here. This article will provide a handful of easy-to-implement tips.

In dots we trust

You may have noticed tiny coloured dots (green and orange) showing up on the top of your screen (upper right-hand side). 

A small orange dot means your microphone is active, while a tiny green dot indicates your camera has active. The purpose of these dots is to notify you can something may be watching or listening to you. If you are on a call, this is perfectly normal, but a little investigation may be warranted if you aren't actively using any apps. 

IMG_1825CA34E961-1.jpeg

Remember that you can change what apps have access to your camera and microphone by going to Settings > Privacy > Microphone or Camera. You can then turn off access on an app by app basis.

Peekaboo i see you


There are situations where your iPhone application must have your precise location, like when navigating with your GPS app of choice. 

There are other times when the application doesn't need a precise location, like looking for restaurants in a given area

IMG_3EE5F079ADF9-1.jpeg

If you go to Settings > Privacy > Location Services and then click on an app, on the bottom you will see a switch for Precise Location. Turning this off will only deliver an approximate location. This is useful for apps that you have to use but are worried they are collecting your location information and probably sharing it.

A weather app is a good example of something that doesn’t need your street level accurate location and where an approximate location would be just as good while improving your privacy a little.

Accessing your photos

There has been an incredible amount of discussion in online forums about Facebook using the metadata of your photos to build a more complete profile of you and they probably aren’t the only one. Your photos show where you have been and who you have been with. So make sure only app that truly require photo access are given it and then only to selected photos.

To change which apps can access your photos, go to Settings > Privacy > Camera

For apps you have granted photo access to, it is important to choose which photos the app can access:

  • None

  • All Photos

  • Selected Photos

IMG_39AED1E0D1EA-1.jpeg

To change this setting, go to Settings > Privacy > Photos, choose an app and then choose what level of photo access you want to grant. As an example Instagram for me has “selected photos” only and if I want to upload a photo, I change the settings to give it access only to that photo.

IMG_1758AA706186-1.jpeg

Local network access

With IOS 14, you have probably seen a message pop up asking you for permission to search your local network. If you are using an entertainment app that needs to cast content on a TV or a smart home control app, asking for this permission makes sense. You have likely seen this request from apps that that had no logical reason to request this permission and hopefully you denied them this request. This is one way apps will try to identify you by collecting information about your local networks.

You can find the configuration for this setting in Settings > Privacy > Local Network . Here you can see which apps you have granted access to this right and you can change the setting at any time.

As an example, Uber Eats asks for this permission yet there is no reason to grant it access to inventory my local network. Whereas my VizioTV app has a need for this permission so it can find my device.


OnePlus policy that makes it a better buy than Samsung, HTC or LG

GeneralEdward Kiledjian

As a security technologist, the security philosophy of the OEM is a crucial determinant of my decision to buy or recommend a device. This is where Apple shines with it's iPhone update strategy. Every single iPhone receives updates (security and version) at the same time. 

This is why I highly recommend Google's Pixel devices. The Pixel line offers the same regular and speedy update schedule. The other Android manufacturer that has shown it cares about upgrades is OnePlus. Until this week, it did a great job delivering updates quickly, but it didn't formally commit to a software upgrade schedule. 

All of that changes this week when OnePlus unveiled its new operating system (Android) maintenance schedule. It has copied the Google Pixel model and will deliver major upgrades for two years and security updates for three years. 

As per the maintenance schedule, there will be 2 years of regular software updates from the release date of the phone (release dates of T variants would be considered), including new features, Android versions, Android security patches and bug fixes and an additional year of Android security patch updates every 2 months.
— OnePlus OS Maintenance Schedule

Conclusion

OnePlus has always offered solid well-designed devices at competitive prices. This new software maintenance schedule commitment makes their offering that much more compelling. 

I can no longer recommend devices from manufacturers that do not regularly deliver security and version upgrades. This is why I only recommend Android devices from Google, Blackberry Mobile and OnePlus. 

Google launches New Tasks App (Mobile & Web)

GeneralEdward Kiledjian

In a blog post entitled "With new security and intelligent features, the new Gmail means business", David Thacker (Google VP Product Management, G Suite) announced, "We’re also introducing a new way to manage work on the go with Tasks."

The new refreshed Tasks system will be available on the web and have accompanying mobile apps (Android and IOS). The new updated Tasks system will allow you to create tasks & subtasks with due dates and notifications. 

The current tasks was an anemic stand-alone product that barely worked. The new one will integrate into the G Suite and allow you to drag & drop emails from GMAIL, files from Google Drive and more. 

Now you can quickly reference, create or edit Calendar invites, capture ideas in Keep or manage to-dos in Tasks all from a side panel in your inbox.
— David Thacker

The announcement is happening in the G Suite (Enterprise blog), but this update will flow to the free consumer-friendly version as well. 

The Google help centre provides additional information about how all of this will work.

Download the new Android version here and the IOS one here

OPSEC - Security when making calls

GeneralEdward Kiledjian

RELATED: OPSEC - Introduction to Malware

RELATED: OPSEC - How to securely delete files

If you are making calls using a cellphone or landline phone then you should assume that your conversation can easily be intercepted by the carrier (providing the service or a government agency that has control over that carrier). Security researchers have even proven that with $1,500 in parts, they can build a cell phone call interception device by pretending they are a cell tower.

Regular phone calls on your cell phone (including SMS and MMS messages) are easily intercepted and should be considered insecure.

What about VOIP?

VOIP stands for Voice Over IP and any app that allows you to make voice calls is typically using VOIP (Whatsapp, Skype, DUO, etc). Many carriers have started offering Voice Over WIFI and Voice Over LTE. VOWIFI and VoLTE have the same security (or insecurity) as making a regular call using your carrier's normal cell network.

Some VOIP software offers decent or good end-to-end encryption. These require both parties to have the same software and typically callout that they use encryption in their literature. But be careful, not all encryption is created equal. Telegram Messenger advertises that it is secure but a deep dive into its model shows it uses "bad" (my opinion) encryption and shouldn't be trusted. 

RELATED: Telegram Messenger isn't as secure as you think

So some VOIP services offer good reliable encryption and others don't. Here are the ones you can rely on.

Signal

I have written about the free open-source Signal messaging app for years. Signal is the defacto reference on how to build solid end-to-end encryption. Their model was so good, they helped Whatsapp when it wanted to improve its security. 

RELATED: Whatsapp to become more secure than Apple Messages

Signal is cross-platform (Windows, Mac, ChromeOS, Chrome Browser). Signal offers a simple encrypted text messaging service and secure encrypted calling service. 

Signal uses your existing number and address book to simplify your authentication and connection with other users. Therefore there is no separate username or password to remember.

I have to highlight the fact that a motivated attacker can still collect metadata from signal calls because the central management servers are still owned by Whisper Systems. Whisper Systems does not have a way to listen in on calls or read messages but they do know who you spoke to, when and for how long. Having said this though, they still offer the most secure and best build encrypted messaging app around, and it is all offered for free.

Jitsi for encrypted video chats

If you want a free open-source tool for encrypted video chats (does audio too) then take a look at Jitsi. It also supports group chats. There is no requirement to sign-up for anything and therefore your personal information isn't sitting on some third-party server, 

You visit the site, enter a meeting name (without spaces and difficult to guess) and share that link with the other participants. It's really all there is to it. Safe, Easy and Secure.

What about Skype or Google Hangouts?

Most VOIP solutions offer transport encryption (which means a third-party like your carrier can't eavesdrop) but the data is managed unencrypted once it reaches the provider's network. In most cases, I discourage the use of these services for situations where security is the utmost priority. One caveat is that Skype has announced that it will work with the Signal team to implement end-to-end encryption (like Whatsapp did) but that is still many months away.  

There are dozens of products that use security to differentiate themselves and most have not been independently reviewed. I recommend you stick to the 2 products mentioned above.

Conclusion

Good security requires some planning but is well worth the effort. Hopefully, this article helps