- Who Thought This Was a Good Idea?
- Control Your Services
- Now for the <em>Real</em> Security Work
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Control Your Services
How do you use Location Services? How does making your current location available to applications improve your life? Sometimes the random disclosure of information puts you in more trouble than you might think. When securing Internet-facing computers, it's best to disable all services you don't need. Don't need Location Services? Disable them in Settings > Location Services.
Bluetooth is a useful service. A Bluetooth keyboard can make your iPad 2 more useful for writing documents. But if you leave Bluetooth on constantly, a technique called "Blue Snarfing" may be able to scoop up data from your iPad 2, depending on your configuration. Again, if not needed, Bluetooth should be disabled. This will also help keep your battery going longer.
While we're at it, wireless is great; but if you can't get a good signal, leaving the radio on drains your battery too quickly. Shut it off. And when you enable it, beware of automatically connecting to just any wireless access point (WAP). This is the "evil twin" attack that hopes to masquerade as a trusted access point. It then routes your communications, hoping to copy sweet passwords and account names sent in the clear. In Settings, slide the Ask to Join Networks to ON, and then use Airplane Mode to turn wireless on and off.
There is one service that you should use frequently: Check for updates. Install them promptly. Check for updates in Settings, General, and Software Update. iOS 5.0 seems to remove problems in older versions documented at the Open Source Vulnerability Database. Another service I recommend is setting your system time automatically, through the network. Opening Settings > General, Date & Time and choosing Set Automatically is a good thing. Accurate system time helps the system to evaluate when updates are needed.
Encryption: The Good, the Bad, and the Ugly
Encryption is normally a good thing. It's a form of access control; if you don't have the password or digital key used for decryption, you can't access the information. The iPad 2 implements encryption. It offers to encrypt all the user files when they're backed up. Configurations can be encrypted. I think enabling encryption is good—when the bad doesn't outweigh the good.
What's bad about encryption? You need an encryption support system as much as you need encryption, if you want to keep the encryption secure.
Let me explain.
Encryption for the backups requires a password. Choose an easily guessed password, and the encryption does little good. Choose an overly complex passphrase, and you risk the ugly: There's nothing uglier than seeing encrypted data that's irretrievable. The password is long forgotten, and all that access control works against you, the person who owns the information.
Review your need to encrypt your information. Choose a decent passphrase. Find a reliable-yet-secure way to store the passphrase. Consider changing the passphrase occasionally.
If you hope to find a file-encryption tool, there's no app for that (that I can find), but I like 7-Zip, a tool to both compress and encrypt files. The iPad 2 truly isolates applications, keeping the application and its data private. This makes many file utilities unable to work across application boundaries.