[go: up one dir, main page]
Scribd
Upload
6 views3 pages

Introduction To Cyber Security - Unit 24 - IOS SECURITY

Uploaded by

abiramisakthi45
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views3 pages

Introduction To Cyber Security - Unit 24 - IOS SECURITY

Uploaded by

abiramisakthi45
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

iOS Security

How to Encrypt Your iPhone


If you have an iPhone 3GS or later, an iPod touch 3rd generation or later, or any iPad, you can protect
the contents of your device using encryption. That means that if someone gets physical access to
your device, they will also need your passcode to decrypt what's stored on it, including contacts,
instant messages or texts, call logs, and email.

In fact, most modern Apple devices encrypt their contents by default, with various levels of
protection. But to protect against someone obtaining your data by physically stealing your device,
you need to tie that encryption to a passphrase or code that only you know. See below for
instructions on how to do this.

On devices running iOS 4–iOS 7:


1. Open the General settings and choose Passcode (or iTouch & Passcode).
2. Follow the prompts to create a passcode.

On device running iOS 8-iOS 11:


1. Open the Settings app
2. Tap Touch ID & Passcode
3. Follow the prompts to create a passcode.

If your device is running iOS 8, disable Simple Passcode to create a code that is longer than 4 digits.
With the release of iOS 9, Apple defaulted to a 6-digit passcode.

If you choose a passcode that's all-numeric, you will get a numeric keypad when you need to unlock
your phone, which may be easier than typing a set of letters and symbols on a tiny virtual keyboard.
However, we suggest choosing a passcode that's alphanumeric, and longer than 6 characters
because it's simply harder to crack, even if Apple's hardware is designed to slow down password-
cracking tools.

To customize your passcode, select "Passcode Options" and "Custom Alphanumeric Code." If you
want to customize an existing passcode, select “Change Passcode” and then “Passcode Options.”
You should also set the “Require passcode” option to “Immediately,” so that your device isn't
unlocked when you are not using it.

Once you've set a passcode, scroll down to the bottom of the Passcode settings page. You should
see a message that says “Data protection is enabled.” This means that the device's encryption is
now tied to your passcode, and that most data on your phone will need that code to unlock it.
How to Encrypt Your iPhone 1

(https://storage.googleapis.com/swayam-node2-

production.appspot.com/assets/img/nou19_cs08/iphone1.png)

Here are some other iOS features you


should think about using if you're dealing
with private data:
iTunes has an option to backup your device onto your computer. iTunes doesn't encrypt your
backups by default. If you choose the “Encrypt backup” option on the Summary tab of your
device in iTunes, iTunes will backup more confidential information (such as Wi-Fi passwords
and email passwords), but will encrypt it all before saving it onto your computer. Be sure to
keep the password you use here safe: restoring from backups is a rare event, but extra
painful if you cannot remember the password to unlock the backup in an emergency.
If you back up to Apple's iCloud, you should use a long passphrase to protect the data, and
keep that passphrase safe. While Apple encrypts most data in its backups, it may be
possible for the company to obtain access for law enforcement purposes since Apple also
controls the keys used for iCloud encryption.
If you turn on data protection as described above, you will also be able to delete your data on
your device securely and quickly. In the Touch ID & Passcode settings, you can set your
device to erase all its data after 10 failed passcode attempts. If you do this be sure your
phone is backed up in case someone purposefully enters your passcode incorrectly.
According to Apple’s old Law Enforcement Guide, “Apple can extract certain categories of
active data from passcode locked iOS devices. Specifically, the user generated active files on
an iOS device that are contained in Apple’s native apps and for which the data is not
encrypted using the passcode (“user generated active files”), can be extracted and provided
to law enforcement on external media. Apple can perform this data extraction process on
iOS devices running iOS 4 or more recent versions of iOS. Please note the only categories of
user generated active files that can be provided to law enforcement, pursuant to a valid
search warrant, are: SMS, photos, videos, contacts, audio recording, and call history. Apple
cannot provide: email, calendar entries, or any third-party App data.”

The above information applies only to iOS devices running versions of iOS prior to 8.0.

Now, Apple states that “For all devices running iOS 8.0 and later versions, Apple is unable to
perform an iOS device data extraction as the data typically sought by law enforcement is
encrypted, and Apple does not possess the encryption key.”

REMEMBER: While Apple will be unable to extract data directly off a phone, if the device is set to
sync with iCloud, or backup to a computer, much of the same data will indeed be accessible to law
enforcement. Under most circumstances, iOS encryption is only effective when a device has been
fully powered down (or freshly-rebooted, without being unlocked). Some attackers might be able to
take valuable data from your device's memory when it's turned on. (They might even be able to take
the data when it has just been turned off). Keep this in mind and, if possible, try to make sure your
device is powered off (or rebooted and not unlocked) if you believe it's likely to be seized or stolen.
At the time this guide was published, a few companies claimed they were able to break the
passcodes of iPhones for law enforcement, but details surrounding these claims are unclear.

If you are concerned about your device getting lost or stolen, you can also set up your Apple
device so that it can be erased remotely, using the “Find My iPhone” feature. Note that this
will allow Apple to remotely request the location of your device at any time. You should
balance the benefit of deleting data if you lose control of your device, with the risk of
revealing your own position. (Mobile phones transmit this information to telephone
companies as a matter of course; Wi-Fi devices like iPads and the iPod Touch do not.)

_________________
Adopted from:https://ssd.eff.org/en/module/how-encrypt-your-iphone

You might also like