Just because you’ve invested in a smartphone that isn’t exposed to quite the same degree of malware and exploit issues as an Android device, that doesn’t mean you can safely ignore good practice when it comes to iPhone security. This is why I’ve asked 12 security experts to share their knowledge as far as keeping your iPhone secure is concerned. Here are their 26 tips to help you do just that.
I’ve marked with an asterisk (*) those tips in the article which are more technical and so may not be practical for the general user.
Go truly random with your PIN
One iPhone, different passwords
Watch for fake apps
Use a Password Manager *
Enable two-factor authentication (2FA)
Don’t use SMS for two-factor authentication (2FA) *
Protect your SIM *
Don’t get juice-jacked
Be wary of permissions *
Don’t auto-join Wi-Fi networks
Wipe clean before selling
Don’t jailbreak your iPhone or sideload apps *
Check for unknown configuration profiles *
Use fewer apps
Use airplane mode
Use biometric authentication
Read app reviews
Go stealthy *
Roll your sleeves up *
Businesses should look to their MAM for help *
Prevent losing your iPhone turning into a security disaster
UPDATE OCTOBER 19, 2019: “The best antivirus protection of 2019 for Windows 10 – Your PC needs protection against malware, and free antivirus software may be enough. Here’s the best antivirus protection to get for Windows 10, and what’s worth paying extra for” by Clifford Colby (October 19, 2019). CNET’s “best” recommendations stand from last August (below).
I’ve previously noted PC World’s annual recommendations for PC anti-virus protection. Yesterday (August 3, 2019), Cnet posted their recommendations for Windows 10 PCs: “The best antivirus protection of 2019 for Windows 10 — Your PC needs protection against malware, and free antivirus software may be enough. Here’s the best antivirus protection to get for Windows 10, and what’s worth paying extra for.”
Best free antivirus: Microsoft Defender.
Best subscription antivirus: Norton 360 Deluxe.
Best on-demand malware removal: Malwarebytes (free version) – paid version permits automatic scheduled scans as well as other features.
The Cnet article includes other tips for protecting your privacy and keeping your PC secure, as well as a summary of other PC anti-virus products (and discusses the situation regarding Kaspersky Lab’s product).
Ever mistype a Web page address? Mistype the URL? Like typing “Gogle” instead of “Google.” Ever click a result from a Google search that looked like the site you wanted but took you to something else? With maybe some scary ads?
Well, these two articles (links below) are a reminder about this common way criminals seek to trick and exploit us. Much like spoofed phone caller IDs, eh.
It’s pretty common for malicious actors to lock down common misspellings of popular sites in attempts to catch people off guard when they make a mistake typing in a URL. Those sites often look like the real thing but are designed to steal a person’s credentials and other information. While Google Chrome’s experimental feature, the browser will present a dropdown panel under the URL bar. The notification draws attention to the fact that the user may be visiting a site they don’t intend to and offers to redirect them to the correct domain. That combined with Chrome’s existing warnings about unsecure sites should hopefully be enough to keep people from falling for scams.
Currently, the endless haze of complicated URLs gives attackers cover for effective scams. They can create a malicious link that seems to lead to a legitimate site, but actually automatically redirects victims to a phishing page. Or they can design malicious pages with URLs that look similar to real ones, hoping victims won’t notice that they’re on G00gle rather than Google. With so many URL shenanigans to combat, the Chrome team is already at work on two projects aimed at bringing users some clarity.
While enabling these new feature is somewhat technical, it’s good to know that Google (among others) is working on ways of making us safer on the Web. These features probably will become standard for general use this year.
Phone, TabletComments Off on iOS 12 — what’s new in Apple’s iPhone system upgrade
It’s that time of year again. New Apple devices. New iPhones and watches, and new versions of the stuff that makes them work. MacWorld highlights the best new features in iOS 12 in this article: “How to use the coolest new features in iOS 12” (September 17, 2018).
At last, iOS 12 is here, bringing a batch of new features to tinker with. Most (if not all) of these features aren’t exactly earth-shaking, in part because Apple spent much of its development process cleaning up the relatively buggy mess of iOS 11 and turning its sequel into something worthy of the Apple name. In fact, many already exist on competing operating systemsin some form or another.
But that doesn’t mean that they’re not fun or useful, nor does it mean that they’re not welcome. We here at Macworld have spent the last several months tinkering with all of these new options in the iOS 12 beta, and over that time a few have emerged as our favorites. Once you get used to them, iOS 11 feels ancient and inefficient by comparison.
Read the full article to determine if there are any features which may appeal to you.
I’ve followed this topic for years: When and how often to charge your smartphone’s battery. What to do and not — in order to prolong the usable life of that battery (and so not worry about replacing the battery before you’re ready to get a new smartphone, eh).
For many of us, charging the battery on our smartphones is a daily ritual. Sometimes more than once a day, as we do more and more on our smartphones that we used to do on desktop/notebook computers. One basic question is whether to use your smartphone until the battery charge level is so low that your device shuts off automatically (or at least until you get a warning).
You can charge your smartphone whenever you want. Your device’s lithium-ion battery doesn’t care if it’s at 10% or 80% capacity; it will charge just fine without destroying your device’s longevity.
It’s true that a lithium-ion battery will diminish over time, … the capacity of a lithium-ion battery “diminishes slightly with each complete charge cycle.”So, if you’ve overusing your smartphone because you think you’re better-maintaining its battery by doing so, you’re actually doing yourself a disservice. Stop adding unnecessary charge cycles by draining the battery. Just charge it.
In particular, the article references a YouTube video from the American Chemical Society with tips on making your smartphone battery last longer.
As for all the other battery myths out there, everyone seems to have a different take on what you should do with your device—when to charge it, when not to charge it, what battery level to charge to, et cetera. … the general recommendation is that you keep your smartphone’s battery around 50 percent if you aren’t using it for a long time (as in, months) …
Avoid fully discharging the battery — to the point that your device shuts off
Store at 50% charge
There appears to be one area of some contention:
But what about the dreaded “trickle-charging” issue you’ve probably heard of? That’s the one where you’re not supposed to keep your smartphone plugged in at night because it will constantly “charge” whenever it drops to 99 percent. That’s not exactly a myth, according to multiple sources, but there’s still a lot of contention over what you should actually do …
Personally, whenever I can (and it’s convenient), if I notice that my smartphone is 100% charged, I disconnect the charger.
Be more conscious about when your smartphone is plugged in, and you’ll likely reap what little benefits you can—assuming your efforts aren’t overshadowed by the fact that your smartphone’s battery will simply get worse with age, period.
Note that because many other devices use lithium-ion batteries, these tips may apply to them as well. And remember to follow your device manufacturer’s guidelines and use their provided chargers in most cases, since quality matters regarding the interplay of device and charger.
I’ve noticed these types of scams for awhile: email messages (supposedly) from Apple purportedly about a payment or Apple ID or login from another device (which in fact you may not own). More and more email apps (especially on mobile devices) do not permit examination of the raw message text, which often permits detection of the fraud. So, what to do?
Apple customers don’t get phished quite as much as Microsoft ones, but they do face a fairly annoying variety and frequency of fake emails. The problem stems from the fact that Apple sends emails to its customers quite regularly, thereby making the millions of Apple customers juicy targets for the bad guys.
There are three basic fake emails going around. The first appears as an email invoice for your “recent Apple purchase.” Another is a “Reminder” notifying you of an account login from an iPad in Monaco. The third, and possibly most alarming, is a text message informing you that your Apple ID is expiring today.
If you’re not sure whether an email about an App Store, iTunes Store, iBooks Store, or Apple Music purchase is legitimate, these tips from Apple may help.
As in all phishing scams, these fake messages want you to click on a link or open an attachment (which may include further fake links) and then trick you into providing personal or account information — which (genuine) “App Store, iTunes Store, iBooks Store, or Apple Music purchases will never ask you to provide.”
Checking or updating any account or payment information should only be done in the Settings on your Apple device.
Which streaming TV bundle is the best deal for cord cutters? Our head-to-head reviews hash it out.
When you “cut the [cable TV) cord]” and keep your high-speed Internet service, whether you also switch to over-the-air (OTA) channels, what over-the-top (OTT) service do you subscribe to? There are quite a few choices. Not all choices are available everywhere.
Personally, after reactivating my old TV antenna for OTA reception, I chose YouTube TV. Is YouTube TV perfect? Nope. Does the service have all the OTA channels? Nope. Do I like it? Most definitely.
The PC World article cited above is an excellent guide for choices: Sling TV, PlayStation Vue, DirecTV Now, Hulu with Live TV, YouTube TV, FuboTV, and Philo, and more. Channels, prices, features, device compatibility.
Get a new smartphone and you’re probably going to get a case. I got one because my bare phone was slippery. I had no particular brand loyalty. So, if you’re not loyal to a previous brand, there are lots of choices. If drop protection is vital, then this Cnet video article “We broke $9,000 worth of phones to find the toughest iPhone X case” may be of interest.
We challenged 12 case makers to a live drop test at CES and dropped their cases from 20 feet. These were the last ones standing.
We invited the top case makers in the market to participate in a live drop test at CES to find out which one could survive the highest drop.
The patch doesn’t actually fix the issue, however, and it’s unlikely Apple will ever release an iOS update that will. While researchers and programmers are actively working on ways to reduce the likelihood that your iPhone will ever be exploited using the Spectre flaws, Apple and others have made it clear that these are merely mitigations and not outright fixes.
We tested an iPhone 6 with an original battery both before and after installing iOS 11.2.2, and the results were much more in line with what Apple told us. … That’s roughly a 2.5-percent performance hit …
If your iPhone’s performance feels different, the article reocmmends:
Much in the media this week about an industry-wide problem with all devices using Intel processors — CPU chips, and perhaps those from other manufacturers as well. A security vulnerability: Meltdown and Spectre. It’s like Dorothy, the Tin Man and the Scarecrow walking through the dark forest in the 1939 classic The Wizard of OZ and chanting “Lions and tigers and bears, oh my!”
PC World’s been covering this situation with a bunch of articles. Here’re a few links:
Massive security vulnerabilities in modern CPUs are forcing a redesign of the kernel software at the heart of all major operating systems. Since the issues—dubbed Meltdown and Spectre—exist in the CPU hardware itself, Windows, Linux, Android, macOS, iOS, Chromebooks, and other operating systems all need to protect against it. And worse, plugging the hole can negatively affect your PC’s performance.
Intel said the patches for the CPU vulnerability, due next week, would bring a negligible performance hit to the average user. Claiming that the patches can make PCs “immune” from the vulnerabilities is a first, though.
Intel may have dominated most of the news surrounding the kernel bug in processors, but it’s not just Windows and Macs that are at risk. In addition to Meltdown, there is also a “branch target injection” bug called Spectre that affects mobile ARM processors found in iOS and Android phones, tablets, and other devices that could also expose your data. Here’s everything we know about it so far.
We’ve been waiting to hear from Apple ever since we first heard about the far-reaching Meltdown and Spectre CPU flaws earlier this week, and the company has finally responded with some not-so-good news: All Mac and iOS devices are affected. That’s right, all of them. However, Apple ensures us there’s no reason to panic.
So, the bottom line is that this vulnerability is serious. Lots of manufacturers of the hardware and software that make your devices run are working on the fixes. Some patches already have been released. So, just be ready for the updates. It’ll take time for everything to settle down. The major concern is impact on performance. Ironically, the vulnerabilities were a result of long-standing techniques to improve performance. As PC World stated:
“We feel your pain. But security trumps performance, so we’d rather our PCs be a little slower than exposed to hackers.”
Update your operating system
Check for firmware updates
Update your browser
Keep your antivirus active
 That PC World article notes that:
Microsoft pushed out an emergency Windows patch [Windows 10 ‘1709’ edition KB4056892 patch] late in the day on January 3.
Apple quietly worked Meltdown protections into macOS High Sierra 10.13.2, which released in December. [Also iOS 11.2.]
Intel also released a detection tool that can help you determine whether you need a firmware update.
The Google researchers who discovered the CPU flaws say that traditional antivirus wouldn’t be able to detect a Meltdown or Spectre attack. But attackers need to be able to inject and run malicious code on your PC to take advantage of the exploits. Keeping security software installed and vigilant helps keep hackers and malware off your computer.
Gibson Research recently released InSpectre, a wonderfully named, dead simple tool that detects if your PC is vulnerable to Meltdown and Spectre.
InSpectre is a small 122 KB program that doesn’t need a formal install and scans your computer for Meltdown and Spectre susceptibility in mere milliseconds. When it’s done, the program pops up with clear, easy-to-read information about the security status of your system.
This is the sort of software Microsoft or Intel should have released to help clarify the murky, convoluted patching situation around this devastating duo of CPU exploits.
Personally, I’ll wait for these tools to evolve further.
I’ve talked with at least one iPhone enthusiast who’s going to get Apple’s new iPhone X — and willing to wait until it ships. It’ll be interesting to get his reaction to the new Face ID feature. In the mean time, this CNET article “10 things we learned about Face ID on the iPhone X” is a useful summary of face-scanning.
Curious about using your face to unlock your phone? Apprehensive about Face ID and Apple Pay? Apple published an extensive guide on Face ID in advance of the upcoming iPhone X. You can read it all yourself. Also, check out our in-depth look at the security aspects of Face ID and general overview of the tech.
This isn’t the first time Apple’s mentioned some of these features, but it all feels much more official now. Here are the ones that stood out …
Yes, you’ll still need to use a regular passcode at times. Note the additional citations in the article for more information.
Well, you did it. You pulled the trigger on a shiny new iPhone 8 or 8 Plus. Nice! Before you head out to take a squillion photos or plop it down on your new wireless charging pad, there are a few housekeeping details you should tend to first.
Backup and restore
Finish the setup
Set up Touch ID and Apple Pay
Choose the Home button’s feel
Update your apps
(Pair your Apple Watch)
Try the new camera
Edit a Live Photo
Customize your Control Center
Charge it up
(Call your mom)
And this CNET video “Favorite features in iOS 11 in 60 seconds (Tech Minute)” (below) highlights new features in iOS, if you got a new iPhone 8 or upgraded your older iPhone or iPad.
If you’re an iPad user, download iOS 11 immediately. It’s a huge update that makes major improvements to the two-year-old multitasking features, and drag-and-drop and Files have the potential to transform iPad productivity.
If you’re an iPhone user—well, who are we kidding, you’re almost certainly going to upgrade to iOS 11, too. And you’ll be right to do so. This is a great collection of new features, Apple’s best iOS upgrade in years. The new, customizable Control Center is a winner. Do Not Disturb While Driving will make the roads safer. And ARKit threatens to kick off a revolution in augmented-reality applications. This is all great stuff.
… some of iOS’s most useful features are, in fact, the oldest ones. They’re easily overlooked, particularly by new iPhone and iPad users.
Read on for 10 basic iOS features that every iPhone owner should know, like how to take a screenshot, the ability to long-press your way to draft Mail messages, a physical button that doubles as the Camera app’s shutter release, and more.
Computer, PhoneComments Off on iOS 10 — iPhone iPad Update — reviews
Well, if you use an iPhone or iPad, you may have already noticed that a Software Update was released by Apple last week, namely iOS 10, a major upgrade to the operating system which runs on those devices. While every upgrade may include fixes and patches, most of the articles that I’ve been reading about iOS 10 cover new features.
Lock screen and notifications
With iOS 10, you can clearly see that Apple understands what it wants a phone to be in 2016. You can see that vision when it chose to update its own apps. It’s the thing we use to talk to each other, to take pictures, to listen to music, and to find our way around. But it can also be so much more, and so Apple has expanded the platform, giving us tiny windows into those apps all over the OS. It’s not quite the productivity powerhouse (especially on the iPad) that some would like, but it’s very much Apple’s vision of computing.
Forget everything you thought you knew about buying a mobile phone. In just the past year, we’ve seen more changes to the industry than there are numbers on the dial-pad. The Big Four carriers (AT&T, Sprint, T-Mobile, and Verizon Wireless) have all but abandoned their old business models. Major phone makers like Google, Motorola and even Apple will now sell you their phones unlocked and contract-free. And don’t forget the disruptors: The companies offering cheap (or even free) service and feature-packed (but affordable) phones.
See the full article for an overview of the many mobile virtual network operators (MVNOs) which might be a better deal for you. Like Consumer Cellular, FreedomPop, MetroPCS, Straight Talk. Note the pros and cons.
Computer, PhoneComments Off on Smartphones and privacy — tuning app permissions
When you install or update apps on your smartphone, do you get prompts for permissions? Access to your camera, contacts, photos, network, etc. Clear or confusing? Is there a choice — all or none or just some?
On Android phones, people have faced an all-or-nothing approach. They could accept all permissions when they download the app or nix downloading it at all. Google is addressing the concerns of Egelman and others with its Android Marshmallow [6.0] operating system, which lets people sign off on more specific permissions before installing an app.
Egelman said that up to now people have been used to and resigned to just tapping “yes” on permissions so they can use an app. But the study, conducted by the University of British Columbia and the University of California at Berkeley, showed that 80 percent of people would have said “no” to at least one permission request if they’d been given the opportunity. What’s more, the average participant wanted to say “no” to nearly a third of all the permissions their phone has demanded in order to run apps.
Of all the confusing technology terms used in consumer marketing today, perhaps the most opaque is “4G,” used to describe a new, much faster generation of cellular data on smartphones, tablets and other devices. It sounds simple, but there are many varieties of 4G and conflicting claims.