The FBI have got a judge to tell Apple to hack into an iPhone on the San Bernardino case. Apple has already told everybody including the law enforcement agencies that it’s not possible to comply with such a request. Apple is right to say this would set a dangerous precedent. If you are a user of an Apple iPhone you are the person in charge of the data contained within it. You are the one with the key to all the locks. Apple does not have a key to a backdoor because there is no door there to be opened. So what the FBI is asking Apple to do is to create a special version of the iPhone operating system just for them. This is no small task and goes against the interests of all of us mobile phone users. As soon as you make a backdoor for one specialised group, then you are effectively making a backdoor for everybody. However much Apple hates terrorists and any of other societies bad people, such as criminals and paedophiles, it works against the rights of all of us if a backdoor entry is created for anybody to use. If the backdoor is created then potentially anyone could get their hands on it and get into your private data.
This particular case of a government agency pleading for a special case is simply government officials who don’t understand how security and privacy works, trying it on. Whatever they’ve been doing by standard lawful means hasn’t been working, so they’re looking for an easy way around. They’re pushing for this because they want to see how far they can push it. They don’t care about the security and privacy of people in general and they think that Big Brother should be able to do whatever it wants. We can be grateful to Apple and Tim Cook for standing up to these bullies on our behalf.
There is more that you can do
There is a case for protecting your security and privacy yourself and not just letting companies like Apple bear the brunt. This is particularly the case with email. If you put any personal data into an email it’s just same as if you were to write that data onto a postcard and put it into the postal system. Anyone would be able to look at the postcard as it goes towards its destination and read whatever is on there. We know this is possible due to the Edward Snowden revelations. Governments have taken the steps to rifle through your emails and everybody else’s emails passing through the internet. They say they’re only doing it for our protection and to a large extent that may well be the case. Does your government of your country or the governments of other countries have your best interests at heart? I think it’s true to say that it’s not always the case and for this reason you should be protecting your personal data with encryption. It’s not only governments who are doing the snooping. There are also criminals who are prepared to hack into information on the Internet. It goes without saying that you certainly do not want these people looking at your private information.[thrive_lead_lock id=’490′]
Right click on the link to download to your device
Don’t forget to check your email to complete the process to join the Good and Geeky tribe. There will be great information coming your way about using technology to improve your Good and Geeky life.[/thrive_lead_lock]
Big data and big prying
It maybe unlikely that you put all of your information into one email and send it off where it is vulnerable. What is quite likely, is that you will have some information in one email that is useful to somebody else. Then you will have other emails containing other small snippets of information, all of it unprotected. There are computers and software that can bring all this information together and build up a full picture of you from this spread out data. Can you imagine what sort of things these people could do if they know all about you. Criminals could dive into your email account and change the password, so you wouldn’t be able to get into it. They could then send other emails to other sites you’re connected to and change the passwords in those places too. Once they have access to these various online sites and services containing all the rest of your data, they can pretend to be you and wreak havoc. If you are lucky, these criminals will only steal all of your money. If you are lucky they might not be interested in damaging your reputation. If you are lucky they won’t destroy your life.
What can you do to protect yourself
Use a Password Manager
The first thing you can do is to have good passwords and to use a password manager. Put all of your passwords into the password manager and use a secure password to gain access to that. Here is a website you can use to help you create secure but memorable passwords. The password manager I recommend is 1Password because it’s incredibly secure and has other features to help you keep your digital self protected. It tells you when your passwords are insufficient for public use and will remind you to change passwords if they’ve been in use for too long. Using a password manager in this way means you can have long and incredible passwords for each and every place where you need them. 1Password can also be used to create those passwords for you.
Two Factor Authentication
Wherever it’s possible for to use two factor authentication, you should do so. You can do this on sites such as Facebook, Gmail/Google, your Apple ID and Dropbox. The way that this works is you have to put in a special one-time password when you login the first time from an un-trusted place. This one-time password you get from either an SMS sent to you on another device you own, or through an application on that other device. I use an application called Authy and there is another application called Authenticator by Google. Either of these applications work fine. So if I want to access, for example Dropbox on a I computer I don’t normally use, I will first login using my username and password. I will get the good password from the password manager. Dropbox will then ask me for a one-off time sensitive password. This will be a six digit password I get from my physical device such as the application on my iPhone or it’s also available on my Apple Watch. The password only lasts for 30 seconds before another one is created. It’s plenty enough time to tap in the six digits.
If somebody else was trying to do the same thing because they had worked out what my username and password were, then they would get stuck. Unless they had also got access to my phone which is protected by a fingerprint reader, there’s no way they’d be able to get into the Dropbox account. This is the beauty of the two factor authentication. Apart from the knowledge of the username and password you also have to have information from a second device to gain access.
Use Encryption On Your Email Communications
What you want to do is to have your emails encrypted so they cannot be read by a man in the middle attack. Using encryption to ensure that any data is turned into gobbledygook and is completely unreadable from the point of origin until the point of destination. It’s not difficult to use GPG encryption or PGP encryption (Pretty Good Privacy). Here Is a cheat sheet to get you started with encryption. Or you can read this step-by-step guide in a book by Good and Geeky – Private Emails. GPG on iOS
For high-level privacy you might consider voice encryption
You can buy phones which will give you the added security of voice encryption. For most of us this is not going to be necessary. If you are a business leader or a spy, then this may be for you.