The Need for Encryption

/

Tim Cook wrote a letter to Apple’s customers (and in my opinion, the entire world) regarding the United States government ordering Apple to weaken the encryption of iOS devices by adding a backdoor. And Apple is fighting it.

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

Please go read Tim Cook’s entire letter.

Make no mistake, this is a pivotal moment in our security and privacy in the digital age. It’s my opinion that Apple is fighting for citizens’ rights here, protecting us from the United States government. And if such a backdoor to encryption is forced upon us, criminals will find and use it to exploit each and every one of us.

And this is certainly about more than this single iPhone. Marco Arment has said it best in what I’ve read today:

As we’ve learned from national hero Edward Snowden and, well, almost every other high-profile action taken by law enforcement recently, this most likely has very little to do with the specific crime or iPhone that the FBI is citing in this case.

It’s their excuse to establish precedent and permanent backdoors for themselves so they can illegally spy on anyone’s data whenever they please. They’re shamelessly using a horrible tragedy to get themselves more power.

I believe in encryption. In this day and age, encryption is what gives us privacy in the digital world. In a previous age, privacy was as simple as closing your door and locking it. Yes, law enforcement can always obtain a warrant and circumvent your locks by breaking your door. But nowhere is it written that your locks must be weak enough to be broken. If your door is 12 inches of steel, well, that’s your privilege.

And for those of you who think Apple should stand aside and help the FBI by weakening encryption because you think you have nothing to hide, go and read Tim Cook’s letter again, but substitute Chinese government and Russian goverment wherever Tim writes U.S. government.

Do you still think encryption is worth weakening? If Apple is forced to capitulate to the FBI, other governments will come knocking on the encryption door, too.

¶ A Whole New Level

/

Troy Hunt on a massive data breach at VTech:

I suspect we’re all getting a little bit too conditioned to data breaches lately. They’re in the mainstream news on what seems like a daily basis to the point where this is the new normal. Certainly the Ashley Madison debacle took that to a whole new level, but when it comes to our identities being leaked all over the place, it’s just another day on the web.

Unless it’s our children’s identities, that’s a whole new level.

When it’s hundreds of thousands of children including their names, genders and birthdates, that’s off the charts. When it includes their parents as well – along with their home address – and you can link the two and emphatically say “Here is 9 year old Mary, I know where she lives and I have other personally identifiable information about her parents (including their password and security question)”, I start to run out of superlatives to even describe how bad that is.

Make no mistake, this is bad. Our personal information and privacy is highly sought-after by advertisers, governments, and yes, even criminals. The days of saying that no one would be interested in your data are over. Everyone wants your data. It is time to start taking the security and privacy of your information seriously.

Use unique passwords everywhere with a password manager. (You can even lie on the answers to security questions and track what lie you gave a site in a password manager).

Use a Virtual Private Network (VPN) when on public Wi-Fi.

Encrypt your devices. It's easy to do on OS X and iOS.

Be cautious of who you are giving personal information to.

And most of all, care about your data.

Encrypted iTunes Backups

/

With iOS 9's release just a few hours away, it seems like a good time to mention that it is always a great idea to make a backup (or two) of your iOS device. More than likely, the upgrade will go smoothly for you, but in the odd chance that it doesn't, you'll be glad to have a backup (or two) handy.

I actually take two backups. The first I do is an iCloud backup via Settings > iCloud > Backup. My iOS devices are also set to do an iCloud backup when they are charging and connected to Wi-Fi, so they tend to backup every night.

But my preferred backup before updating iOS or getting a new device is an Encrypted iTunes backup. By default, iTunes does not encrypt backups. You have to enable it in iTunes' preferences. While any backup is better than no backup, there are some advantages to the encrypted variety.

  • Your data is encrypted, which is always a good thing.
  • It is a more complete backup, as it includes:
    • Your saved passwords
    • Wi-Fi settings
    • Website history
    • Health data

I'll tell you right now, the saving of Wi-Fi settings alone is worth it, but I also think retaining your Health data is extremely worth it.

While iCloud backups save me day-to-day (and are also encrypted), I like the iTunes backups because if you need to do a restore, you'll save yourself a lot of time by doing it over the USB Lightning cable than over Wi-Fi with iCloud.

So go make your backups, and happy updating!

How to Setup Medical ID with iOS 8's Health App

/

Friend of the site Stephen Hackett goes over the benefits of setting up Medical ID in the new Health app on iOS 8. My wife and I also set this up on our new iPhones almost right away.

I, for one, am very happy to see Apple offer an easy-to-access solution such as this for something that is so important. And because it is now available on every iPhone running iOS 8, I would guess it won't take long for many medical personnel to become familiar with Medical ID's existence.

Should You Upgrade to iCloud Drive?

/

The short answer is probably not.

When you install iOS 8 tomorrow, part of the setup will ask if you want to upgrade to iCloud Drive. That same screen will also list devices attached to your iCloud account that will not yet work with iCloud Drive. Namely, your Mac running OS X Mavericks will not be able to sync with iCloud Drive. iCloud Drive is simply not backwards compatible with the Documents & Data portion of iCloud sync that we've been using for years.

In about a month's time we should have OS X Yosemite, which will work just dandy. That is the time to embrace iCloud Drive. If you use OS X Mavericks (or an even earlier version) iCloud sync will permanently break on that Mac once iCloud Drive is enabled on an iOS 8 device.

Don't get me wrong here. iOS 8 should be a fantastic upgrade. iCloud Drive will be fantastic, too — when all your devices are ready for it. It's just that tomorrow is probably not that time, unless you only use iOS 8 capable devices.

Last year, with iOS 7, Apple held off with iCloud Keychain until OS X Mavericks' release. I wish they had done the same with iCloud Drive, as the ability to sync between your devices seems like something pretty important.

iPhone 5 Battery Replacement Program

/

From Apple:

Apple has determined that a very small percentage of iPhone 5 devices may suddenly experience shorter battery life or need to be charged more frequently. The affected iPhone 5 devices were sold between September 2012 and January 2013 and fall within a limited serial number range.

If your iPhone 5 is experiencing these symptoms and meets the eligibility requirements noted below, Apple will replace your iPhone 5 battery, free of charge.

If you have an iPhone 5 that falls within that date range, it's not a bad idea to follow the title link above to check your serial number. Both mine and my wife's iPhones were fine and within the range. Your mileage may vary.

The Ultimate Guide to Solving iOS Battery Drain

/

This is not one of those "Turn off every useful feature of iOS" posts that grinds my gears. My goal is to deliver practical steps to truly solve your iOS battery woes.

Scotty Loveless lays out the best advice I've read on how to get the battery in your iOS device to go the extra mile, without compromising the experience Apple designed in iOS. This is a must read.

iOS 7.1 is Out

/

This is a big update for iOS 7. It should bring quite a bit of stability and refinement to iOS, along with a few welcome features.

More than anything it is a ton of bug fixes, especially the dreaded home screen crasher that has been vexing me for the past 6 months.

It is a very welcome update, but it is a little shocking it took 6 months to fix so many of the glaring issues in iOS 7 in one big update than a number of iterative updates.

If you haven't updated yet, be sure to go and run Software Update from Settings after you do an iCloud or iTunes backup.