Making an iPhone as secure as possible

Now before you start saying #TeamAndroid4Life I'm just looking for general precautions to take when setting up an iPhone 6 from a hard restore. The 2 most common things I've found through some research is using an alphanumeric password & not using Touch ID. Anyone care to chime in if they have any methods they've used themselves, or direct me to the appropriate sub to post this or just link a useful article?

Trying to step up opsec as much as possible so any real input would be helpful. (I only use Wickr for sensitive "business" related conversation or a separate burner phone. Yeah, I know there are better alternatives to Wickr but my customers think they're too complicated (I know smh). It's better than just using regular texting/messenger though, no?) If there is a software to install onto the phone altogether that would boost security would be something ideal.

I would also guess that not associating an icloud with the phone is a good idea because practically all info gets uploaded right away like photos and notes. Also, I remember hearing of something like a DBAN for mobile, but I cannot find it anywhere now. Interested in what you guys think.


Comments


[40 Points] Morvu:

first thing, u need a good lock screen code

http://i.imgur.com/DJvgA9n.gifv


[4 Points] None:

[deleted]


[4 Points] noonehear:

There are security issues with your wireless provider also.

The safest route would be to give the iPhone to an underprivileged kid and then start reading up on OpenBTS. Screw trusting another wireless carrier when you can make your own network. OpenBST allows you to take any GSM phone to be used as endpoints over IP networks. It is open source so you can implement your own encryption without worry of a backdoor.


[4 Points] Tittyboi_3Chainz:

make sure location services are turned off. never have that on for anything. keep most iCloud stuff off. only thing I have enabled for iCloud is contacts. I personally never set my iPhone's up on comps. use wickr for business but I guess iMessage is okay. it is encrypted but since the fbi case I try to keep big talk away from it and last but not least avoid green bubbles!


[3 Points] berneraccount:

SIGNAL


[2 Points] Thr0wMeAway666:

I have worked in the smartphone business for several years now. Imho tge only way to get any smartphone secure is to destroy it completely. OS does not matter. Its still a device with internet connection and a built in mic and gps tracker that everyone who knows how to access can use from afar. No offense but just use tails or subgraph on a burner laptop and you are fine. Edit: autocorrect fail


[1 Points] -ThuggerThugger-:

One of the articles I came across that seems legitimate but I've never been a fan of Huffpost lol

http://www.huffingtonpost.com/2014/01/15/blackphone-nsa-proof-smartphone_n_4603236.html?slideshow=true#gallery/292173/5


[1 Points] hloud07:

Wickr is my go to for business talk, it gets some hate on here but it's more secure and user friendly for clients than texting or other apps


[1 Points] druggieslut:

dban would be useless for solid state storage, will quickly destroy your storage.

I don't believe any phone or SD card has "Secure delete" like SSD drives do either, though.


[1 Points] underdosedwtf:

Touch ID is secure.

Basically:

  1. Don't jailbreak
  2. Use a long, alphanumeric password
  3. Use TouchID to prevent typing that long ass password every time

Also, get an iPhone 6S if you can. Newer iPhones have more hardware security features than older ones.


[1 Points] clonazolam4u:

Jailbreak it if it's on 9.1 or older, download all the privacy apps from cyida if you're able to jailbreak it. Keep location services off.

https://www.reddit.com/r/jailbreak/comments/3mqq4u/question_any_cydia_apps_focusing_on_security_and/


[1 Points] None:

The firmware on the wireless radios is in accessible on iPhones so no matter what you think you have secured there is no way to be sure. Like implanting a backdoor via bios, the average bloke can't detect it or remove it.


[1 Points] Ethereality_DNM:

There is not a great number of things you can do for any mobile device. You can do the basics like full-disk encryption, customizing and limiting the privileges an app has (unsure if iPhone allows this) and installing half-baked security software. The problem is that there are so many small things (good luck spoofing your MAC) like apps sending information such as your contact list, photos, etc back to the app creator. Then you have the built-in plethora of functions that the smartphone manufacturers themselves hide in the phone to send "diagnostic" information to them and this is probably the hardest to disable. There are only so many different types of phones and a slim number of OS (Android and iOS, and not that many different version numbers) so if someone finds a way to hack a phone it's going to work for a huge number of users. Remember the automatic jailbreak for iPhone a few years back that would automatically jailbreak your phone if you went to a website? I don't know if you realize this or not but that is a hackers wet dream. They found a way to gain ROOT ACCESS to the device simply by navigating to a webpage. Sure that happens with PCs but you can limit the damage and turn off things that cause the security breach in the first place (Java, Javascript, Flash, PDF, etc).

You're going to have to jailbreak it to modify it in a secure way, however, it's the act of jailbreaking it that causes a major security problem. Apple works extremely hard to keep their 'walled garden' secure and to stop apps from spying on each other.

Anyway you asked how to secure it and I've just tried to convince you why it's a bad idea and since I don't have any good advice I'm going to dip out of your thread now. Good luck.


[1 Points] None:

you are using a device with a piece of hardware in it designed to detect your exact location. anyone that says an andriod phone is safer is naive. why anyone would use a cell phone of all things to communicate about drugs or access tor is beyond me. you can get a computer for cheaper than an iphone. its not supposed to be as easy as downloading a few apps and thinking you're secure.


[1 Points] PM_ME_2LEARNHOW2CODE:

If you use Touch ID, know that that a warrant can be gotten for your fingerprint to unlock your phone.


[1 Points] theyreallparanoid:

Just buy a UnaPhone Zenith


[1 Points] None:

A flip phone.


[1 Points] FookHyu:

Exchanging it for an Android


[1 Points] burnaccountdnm:

The best way to improve an iPhone's security is by not using one.


[1 Points] StannisBa:

why do you need it to be safe?


[-1 Points] None:

[deleted]


[-1 Points] tars1tuff:

sell it for an android and root it


[-2 Points] polarzinc:

-iPhone

-secure

Chose one.


[-5 Points] None:

Step 1: Don't use an iPhone.