Private Internet Access for iOS

During the writing of Your Ultimate Security Guide: iOS I had the opportunity to work with a lot of products that I probably wouldn’t have otherwise considered.  One of these is Private Internet Access for iOS (affiliate link).  Though over the years I have used a virtual private network on my iPhone and other mobile devices, and I have used Private Internet Access rather heavily, I had never used the two together until recently.  The Private Internet Access app for iOS is one of the most convenient VPNs I have used to date and the VPN that I will continue to rely on for my phones.

Private Internet Access for iOS
The iOS app’s homescreen. The PIA app is incredibly easy to use.

The PIA app is a certificate-authenticated VPN which means that installing the app also installs an authentication certificate on your device.  VPNs of this nature can be set to be always on, rather than credential based VPNs which must be manually reconnected each time you unlock the phone.  Though certificate-based VPNs are notorious for draining batteries rapidly, PIA has found a rather ingenous solution to this.  Rather than remaining always connected to the VPN server (which is the reason “always on” VPNs are notorious for killing batteries) PIA does not always remain connected.  Rather, it drops the connection when the device goes to sleep.  Upon unlocking the device, though, data connections are blocked until the connection is automatically reestablished.  Though your battery will not last as long as it would with a very judiciously used credential (username and password) authenticated VPN, the security PIA provides is well worth the shortened battery life.

Private Internet Access for iOS
Some of PIA’s exit server options from the iOS app.

I have written previously about the security and privacy benefits of using a VPN.  Private Internet Access provides all of these benefits, including encrypted traffic to and from the VPN server and mulitple exit servers in mulitple countries to choose from.  As I have also written before, PIA also allows you a number of anonymous payment options including BitCoin and redeeming store gift cards.  Yes, store gift cards, meaning if you have an old Starbuck or Home Depot gift card with a balance on it you can cash it in for VPN service.  Not only does this give you a way to use those small balances left on those gift cards at the bottom of the junk drawer, it also allows even the low-tech a way of purchasing VPN service anonymously.

Private Internet Access stores NO logs, allows unlimited bandwidth and five devices connected simultaneously, and costs just $40/per year.

ProtonMail Update: v2.0

My favorite encrypted email service, ProtonMail has moved into a new phase in its beta rollout.  Last week ProtonMail rolled out beta version 2.0.  The full details can be found on the ProtonMail blog, but there are several significant upgrades that I would like to point out here.

https://protonmail.ch
https://protonmail.ch

Encrypted Attachments to Outside Users:  ProtonMail now allows you to encrypt attachments and to outside users, not just to other ProtonMail users.  This is one of the features I wrote that I would like to see in my last post about ProtonMail (not that I think I had anything to do with the decision to add this feature).

Public Key Download:  ProtonMail now offers you the ability to download your public key.  This allows you to share it with PGP users, and allows them to send encrypted messages to your ProtonMail account.  I also wrote about this last time, but I would still like to see this feature upgraded to allow the import of others’ public keys.

Event Logging:  Under ProtonMail’s “Security” tab (in Settings) is an option to log authentication events (logins, logouts, and unsuccessful login attempts).  The Advanced Logging feature displays the event, a time and date stamp, and the IP address from which the event occurred, while the Basic Logging only displays the event and a time/date stamp.  Event logging can also be disabled completely, allowing you to (theoretically) prevent ProtonMail from recording your login times and IP addresses.  According to ProtonMail the event logs are only available in the user’s mailbox, which means they are encrypted.

The most exciting feature won’t be around until a little later this week though: on August 20th ProtonMail will release beta apps for both iOS and Android.

I am very happy to see ProtonMail adding features like these. I would still very much like to have a two-factor authentication option, and I am told that we should expect one late this year.  Updates to follow.

Your Ultimate Security Guide: iOS

I am thrilled to announce the upcoming August 20th release of Your Ultimate Security Guide: iOS!  The second book in the series, Your Ultimate Security Guide: iOS is intended to help the layman with both basic digital security and in the development of a comprehensive digital security perimeter.  Written in plain English, Your Ultimate Security Guide: iOS takes a step-by-step approach to enhancing mobile device security, and will help you reclaim some privacy in both the physical and digital realms.

Your Ultimate Security Guide IOS - 3DSome of the techniques readers of this book will understand how to employ include:

  • Harden the iOS operating system by manipulating nearly every setting that impacts security and/or privacy
  • Use password managers to create and use strong usernames, passwords, and to employ two-factor authentication
  • Use apps that provide end-to-end encryption for your text, voice, email, and chat communications, and take steps to mitigate location tracking and other metadata collection
  • Use “disposable” phone numbers to protect your real number from data marketers, telemarketers, and lower your online profile
  • Lock down your Wi-Fi network and protect your internet traffic using virtual private networks
  • Replace a variety of insecure native apps with security- and privacy-focused alternatives
  • Protect your sensitive online accounts through a comprehensive, systematic approach
  • Employ best practices to lower online exposure and minimize your attack surface

Look for Your Ultimate Security Guide: iOS on Amazon on August 20th.

Paper v. Plastic: The Case for Cash

The adage that I’ve used several other times on this blog, my books, and one that is nearly a personal credo: convenience is inversely proportional to security.  This seems to apply equally well to personal privacy.  Said another way, the more convenient something is, the more personal privacy and control of your identity you are probably sacrificing.  Credit and debit cards are one such convenience.  Though it is certainly more convenient to swipe a credit card for purchases that in is to use cash it also creates a tangible record of each transaction.  With cash you have to make time to visit an ATM, carry bills, manage change, etc.  Making matters worse, all of these inconvenience factors are compounded if you make multiple small purchases throughout the day.

shutterstock_110580023

Despite its inconveniences, making multiple small purchases throughout the day is precisely the reason you should use cash.  Your purchases record a wealth of data about you, including your location and movement, purchases, interests, hobbies, and a plethora of other information about us.  I didn’t fully realize the extent to which my personal pattern of life was spelled out in black in white until I bought my first home.  One of the requirements for the loan application was to submit three months of statements for all bank and credit accounts.  I was very, very disheartened when I had to submit statements for several accounts that looked something like this:

Date Transaction Description Amount
07/01/15 Debit – Local Grocery Store #1 $17.35
07/01/15 Debit – Local Grocery Store#2 $31.53
07/02/15 Debit – National Coffee Chain near Work $4.88
07/02/15 Debit – Convenience Store near Work $2.37
07/02/15 Debit – Lunch Restaurant near Work $12.72
07/02/15 Debit – Gas Station $43.68
07/02/15 Debit – Local Grocery Store #2 $8.19
07/03/15 ATM Withdrawal $60.00
07/04/15 Debit – National Coffee Chain near Work $4.88
07/04/15 Debit – Big-Box Department Store $81.41
07/04/15 Debit – Local Dinner Place near Home $27.12
07/04/15 Debit – Large National Bookstore $27.19
07/05/15 Debit – Fast Food Place near Work $6.01
And on, and on, and on….

Unfortunately, years prior I had subscribed to the philosophy that plastic is easier to use and somehow inherently better than paper.  What I did not realize was that I was sharing a ton of personal details about my life with others.  The packet I handed over to the loan officer painted a very thorough picture of my pattern of life for the three months prior to my loan application (which could be extrapolated to the last few years).  Though there was nothing “shady” on my cards, it was a little embarrassing to share such granular level of detail about my life with strangers.  The sickening realization that I had been sharing all of this information with my bank and creditors for years sank in that day, too.

Purchasing with cash offers much more anonymity.  Unless you are purchasing something that requires you provide your real name, firearms and cars being obvious exceptions that come easily to mind, purchases with cash are about as close to anonymous as you can get.  There is no paper trail, no bank statement, and no overarching record of your life and activities.  If I had it to do over again (and I do going forward) I would have made some changes in my personal habits.  My account statements would have reflected the same period of time a bit more succinctly, like this:

Date Transaction Description Amount
07/01/15 ATM Withdrawal $400.00
07/08/15 ATM Withdrawal $400.00
07/20/15 ATM Withdrawal $500.00

You will notice that because I used cash, this brief statement covers a period over four times as long as the above example, while still being eight lines shorter.  Not only is this statement more compact, it also reveals very little about me.  It does not reveal where I buy my groceries or how often, or the location my favorite coffee, lunch, and dinner restaurants, or my culinary preferences.  It does not associate my name to any of my purchases.

I attempt to use cash as much as possible but I realize I will never be able to fully eliminate credit cards from my life.  Air travel, rental cars, and hotels require credit cards.  I still find myself in locations where I don’t want to pay exorbitant ATM fees, and end up using my card.  But I use it a lot less, which is what I am truly advocating: using more cash and less plastic.  This reduces the amount of information about yourself that you give over to your bank, your lenders, anyone curious enough to swipe a statement out of your mailbox (assuming you don’t use a P.O. Box), and yes, maybe even the NSA.

Using cash isn’t bulletproof, and it won’t make you totally anonymous.  But it will lower your signature, offer you a lot more anonymity, and make an attacker’s job a bit harder.  Every little bit helps.