Monday, April 15, 2024
HomeSECURITYWhy restarting your iPhone will only worsen your cybersecurity

Why restarting your iPhone will only worsen your cybersecurity

-


Why restarting your iPhone will only worsen your cybersecurity

The advice to turn off your iPhone every day to protect yourself from cyberattacks turned out to be an unreliable defense measure.

Last week, Australian Prime Minister Anthony Albanese urged the country’s citizens turn off your mobile phones for 5 minutes every evening as part of cyber security measures. He argues that such a simple step can help prevent unwanted interference by intruders.

At first glance, this may seem like harmless advice to iPhone users, but it’s actually a little more complicated. Such broad and general statements can do most people a disservice. That’s why.

Council of Albanese founded on a similar guide , which the US National Security Agency (NSA) released in August 2020. But the NSA’s advice was much more specific and detailed than Albanese’s.

In his review NSA ‘Mobile Best Practices’ Says Reboot iPhone Once a Week only sometimes prevents target phishing and Zero Click exploits. However, these types of threats are highly targeted and usually target specific individuals or groups of individuals.

Other NSA tips include turning off Bluetooth, Wi-Fi, and cellular when not in use, putting in “microphone and camera mute” and other protective measures. Security expert Troy Hunt declared that this kind of advice is for the intelligence community and not for the general public.


spear phishing Phishing is an extended version of phishing that aims to steal information from targeted individuals and companies. It often takes months of research and reconnaissance before an attack can be carried out against a target. Spear phishing can be used to steal data and personal information, or to install malware on a victim’s device.


Zero Click exploits can compromise the device without any action on the part of the user. However, the vast majority of zero-click exploits do not target regular iPhone users. Instead, such exploits are being used in state-sponsored attacks by governments with a bad record in the field of human rights, designed to spy on political opponents, journalists, lawyers, and human rights activists.


Mode blockingApple (Lockdown Mode)

Last July Apple introduced lock mode ( lockdown mode ), which is designed to protect users from spyware. Lockdown Mode is built into every iPhone running iOS 16 and later and includes extreme security measures to limit exposure to Zero Click exploits.

When launched, Lockdown Mode includes the following protections:

  • In the Messages app, previews of links and attachments in messages (except images) are disabled;
  • Incoming FaceTime calls from new users are blocked. Incoming invitations to other services from users who have not previously been contacted are also blocked;
  • JavaScript JIT compilation is disabled. Individual sites can be added to trusted to ignore restrictions;
  • Shared albums in the Photos app are deleted, invitations to new shared albums are blocked;
  • Wired connection to other devices and accessories is interrupted while the device is locked;
  • Installation of configuration profiles is prohibited;
  • Device cannot enroll in Mobile Device Management (MDM)

Apple explains that Lockdown Mode should only be used if you think you could be personally the target of a very sophisticated cyberattack. Most people never fall victim to this kind of attack.

It is worth noting that the advice of the Australian Prime Minister is not wrong, but it misses key nuances. While rebooting your iPhone weekly or daily can reduce the threat of spear phishing and Zero Click exploits a little, these are not threats that most users need to worry about. In fact, for most users who need to worry about threats, Apple Lockdown Mode is a much more reliable solution.

Anthony Albanese simply took a measure meant for the security community, stripped it of some nuance, and presented it as general advice for all iPhone users. However, for the average iPhone user, Albanese’s advice could do more harm than good, as the iPhone owner will find that all they need to do to protect themselves and their device is to restart their phone once a day, but that’s not enough.

Instead of rebooting your phone every day, look into Apple’s built-in privacy and security tools, such as Face ID, security in Safari, share location, two-factor authentication, end-to-end encrypted messages in iMessage, and others.

Expert Troy Hunt also reminded about the danger of applications that request excessive permissions. In this case, restarting the phone will not fix the situation. The user needs to be selective in terms of installed applications and their permissions.

In addition, recently Apple at the WWDC conference announced its latest privacy and security innovations including major updates to Safari Private Browsing, Communication Security and Block Mode, and improvements to app privacy.





Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular