Protecting your data, protecting yourself: A first installment


Let’s say—for whatever reason—you’re concerned about keeping your communications safe from government prying. Assuming you aren’t a high-profile target to warrant direct hacking (the United Arab Emirates allegedly tried to breach the digital defenses of human-rights activist Ahmed Mansoor on three occasions, for example), there are reasonable measures you can take to live a normal life and continue to have private thoughts and private conversations.

Note that I’m not singling out any government or administration.
Politics aside, we should all think like dissidents, because the tide ebbs and flows from freedom to dictatorship and from left to right all around the world. The common thread is taking smart measures.

To secure yourself against potential government intrusion requires giving up a lot of conveniences, because many tools that make your digital interactions easier assume that only criminals and other individuals will try to gain access to your data and your hardware, and that authorities will be bound by law and subject to court decisions.

Even in the much-discussed FBI case, in which that agency wanted Apple to create a custom operating system to crack the stored data on a work-owned iPhone assigned to one of the San Bernardino terrorists, the concerns were more existential and the FBI didn’t attempt to bypass the courts. Apple worried that an encryption-breaking version of iOS would be used broadly.

We have to start with a number of assumptions:

  • Any device you have could be seized, including backup drives.
  • Protections against being physically compelled to use your fingerprint will be reduced or removed.
  • Government-designed malware could be distributed to infiltrate your devices en masse.
  • All data you send anywhere over the Internet will be intercepted and examined automatically, so it needs to be encrypted.
  • Cloud providers will be required to grant unlimited access to data at rest to authorities.

In this column, I’ll start with improving encrypted and security for iOS devices and Macs that work to mitigate those points. In future columns, I’ll move on to cover more topics.

Hardening your Mac and iOS device security

By default, iOS encrypts all its storage using a strong method that has resisted even determined cracking. macOS allows you to turn on full-disk encryption, though it has more limits. These can be effective first lines of defense against having hardware seized.

You don’t have to make any changes to iOS for this level of encryption. As long as you’re using a passcode of any kind, it’s inherent and can’t be disabled.

Recommended for you

Leave a Reply