Mastery of the iOS 10 Privacy settings menu is critical to properly securing your iOS device. Today I will cover the settings in this menu, as well as the Siri settings in iOS 10.
iOS 10 Siri Settings
Settings//Siri: I strongly recommend disabling Siri. When you speak to Siri your voice is recorded, transmitted to Apple, and stored for a period of up to six months. This information is used to help Siri “understand you better”. I am uncomfortable with so much personal information being transmitted (where it is vulnerable to intercept) and stored (where it is vulnerable to a breach). If you choose to use Siri you should click the “About Siri and Privacy…” link on the Siri page and ensure you understand the privacy implications of doing so.
If you choose to use Siri you should also carefully consider its access on the lock screen. Siri has access to much of the data that is stored on your device, and this information may be compromised through the lock screen. Additionally, you may want to carefully consider disabling “Hey Siri”. You may inadvertently activate the service, allowing it to record sensitive conversations or other activities within earshot of the phone.
There are also two other serious vulnerabilities with using Siri. The first is the potential for privilege escalation from the lock screen. Several lock screen exploits have relied on Siri being active. The other potential exploit relies on the user watching “booby-trapped” YouTube videos. Such videos have hidden commands that are impossible for humans to notice or decipher, but that can be interpreted by Siri. These commands may be used to direct Siri to open a malware download site, leak information, or take other detrimental actions. These vulnerabilities are not peculiar to Siri; Alexa, Cortana, and Google Now may also be exploited in this manner. Devices most at risk are those with “always on” functionality enabled (i.e. “Hey Siri”). There are also other hijacking techniques that can be deployed against Siri. Though they are usually patched quickly they do leave users vulnerable until they are discovered.
RECOMMENDATION: Disable Siri. If you do not, disable Access on Lock Screen and disable “Allow ‘Hey Siri’”.
iOS 10 Privacy Settings
Settings//Privacy: The iOS 10 Privacy settings menu is an all-in-one center for controlling what data applications have access to. Each application can be limited (to one degree or another) in what it can access. There are a number of settings in this menu and they are arranged by data set rather than by application or service requesting data. The first is Location Services.
Location Services: Opening the Location Services menu allows you to disable Location Services globally or individually by application or service. Location Services relies on the device’s internal GPS, cell tower locations, and Bluetooth and Wi-Fi hotspots to determine your location. Limiting Location Services is not a panacea and will not make your phone untraceable. Rather, minimizing Location Services is an attempt to minimize exposure by limiting the number of times your real-time and historic locations are captured and transmitted and the places they are stored.
Settings//Privacy//Location Services//Share My Location: This setting allows you to share your location with anyone in your contacts for one hour, one day, or indefinitely. Again, this necessarily requires that your location be tracked, recorded, stored, and transmitted, creating yet one more record of your physical movements.
Below Share My Location are apps that have requested location data. It is important to question whether an application needs your location data. For example, does the Camera app really need to know where you are? I say it does not, and enabling this feature allows your photographs to be geo-tagged. Before allowing a service or application to access your location data you should ask yourself how it benefits you, and if this benefit is worth the potential privacy implications. Some applications do have a legitimate need for your location. For example, I enable Maps (While Using) so I can use the app for navigation.
RECOMMENDATION: Carefully limit the number of applications that have access to your location data. While disabling Location Services globally offers the most privacy, it prohibits you from using Find My iPhone, Maps, and other services.
Settings//Privacy//Location Services//System Services: Below the list of applications is a sub-menu called System Services. Tapping this will open a new screen of system services that request location data. You can turn Location Services off for all of these system services except Find My iPhone (if you use it). Even though some services (like Cell Network Search and Setting Time Zone) have a legitimate need to access location services, they can, and will, still update correctly without being enabled here.
Settings//Privacy//Contacts: Contact harvesting is a large concern when installing an application. Though this phenomenon seems to be getting somewhat better (or possibly we just hear less about it) many apps will still request access to your contacts. You must consider whether the app really needs access to your contacts; many texting or voice-calling apps actually might, while a flashlight app or a game probably doesn’t. Consider each application carefully and on a case-by-case basis.
Other: Below contacts you can also choose which applications can access your Calendars, Reminders, Photos, Bluetooth Sharing, Microphone, Speech Recognition, Camera, Health, HomeKit, Media Library, Motion & Fitness, and social media accounts such as Twitter and Facebook. All of these categories can contain incredibly sensitive data and you should carefully monitor which apps request access to them. As with Location Services and Contacts, ask whether or not the requesting application needs access to this data to do its “job”.
Settings//Privacy//Diagnostics and Usage: This allows diagnostic and usage information to be sent back to Apple. This allows the company to improve its products, but it does share information about you and how you use your device. Recommendation: Don’t Send; disable Share With App Developers and Improve Activity.
Settings//Privacy//Advertising: Limit Ad Tracking is essentially the equivalent of using the “Do not track” function on many internet browsers, but it is perhaps slightly more effective in iOS. Since iOS 6 this has enabled a non-permanent device identifier that you can change. This can obfuscates your profile with data collectors if you change it fairly frequently; you can change it manually by tapping the Reset Advertising Identifier button on the Advertising screen.