This post discusses controlling the iOS 10 Wi-Fi interface, managing Wi-Fi networks, and Airplane Mode. Using iOS 10 Wi-Fi settings are critically important to both privacy and security.
iOS 10 Airplane Mode
Settings//Airplane Mode: Airplane Mode allows you to turn off all the phone’s transmit and receive capabilities in the touch of a single button. This allows the device to be used on aircraft without risk of interfering with the aircraft’s navigation and communication systems. Placing the device in airplane mode eliminates all communication, including your ability to send and receive texts, phone calls, emails, browse the internet, or for background services to transmit or receive information.
Airplane Mode may be useful for security in certain instances: if you want to disable all transmission from the phone (when having a sensitive conversation, for instance) you can do so easily with the push of a single button. As a word of warning, this is not a one-hundred percent solution. It may be defeated and should not be relied upon to fully protect you. To enable Airplane Mode simply tap the Airplane Mode button. An airplane icon will appear where your cell service indicator was previously displayed. To disable Airplane Mode, tap the button again. Airplane Mode can also be toggled on or off from the Control Center.
iOS 10 WI-FI
Settings//Wi-Fi: Wi-Fi should be turned off when you are not connected to a network. When your device is not connected to a network and Wi-Fi is on, it constantly sends out probe requests searching for all networks that it knows. “Knowing” a network means that you have previously connected to that network and have not manually removed it. These probes can be identified and can set you up for an evil twin attack.
An evil twin attack occurs when an attacker sets up a rogue Wi-Fi access point that masquerades as a legitimate access point. Unsuspecting users will connect to, not realizing that all traffic transmitted over it is being intercepted. If the attacker conducts this attack in real time he or she can make it more effective by making a network with the same name as a network your phone knows. By capturing your phones probes he or she can see these networks and quickly set up a malicious network of the same name. Your phone will automatically connect to that network when it recognizes the name, and all your internet traffic will be routed through that network.
Leaving Wi-Fi on can also allow an attacker to discover a great deal about your pattern of life in the real world. Through your phone’s probe requests he or she can see which Wi-Fi access points you have connected to and map these networks using websites like https://wigle.net. If you connect to a typical number of Wi-Fi networks and these probes are captured, a quick analysis will likely reveal where you live, work, and the coffee shops, stores, and bars that you frequent. Several retail stores have been caught collecting and using Wi-Fi probes to track customers around stores and identify their shopping behavior. During the writing of this book an app developer was fined almost $1,000,000 for illegally capturing user location data based on Wi-Fi probe analysis.
In iOS 8 Apple fielded a new Wi-Fi feature on iOS devices: MAC randomization. The Media Access Control address is one of your device’s unique identifiers. When your phone is searching for Wi-Fi, the randomizer attempts to conceal your real MAC by issuing a random one. MAC randomization is also a feature of iOS 10 Wi-Fi. This feature only works when your device is not connected to a network. Even with MAC randomization you can still be tracked through your Wi-Fi probe request. To avoid being tracked through Wi-Fi, you should keep it turned off when not actively using it. At home, for instance, enable Wi-Fi just long enough to download podcasts, music, application updates, etc. It is very easy to forget to turn it off when you leave your home or office. Not only does leaving Wi-Fi on have security ramifications, your phone’s constant searching for a signal can drain your battery. Wi-Fi can be toggled on or off from the Control Center.
When you are finished using a wireless network that you will never use again, you should remove the network from the list of networks in your phone. One complaint that I do have about iOS is that it never forgets a wireless network and doesn’t let you remove that network manually if you don’t remove while connected to it. This means that every Wi-Fi network that you have ever connected to is still remembered and searched for by your phone. If you have had your phone for a couple of years, or have rebuilt new phones from previous iTunes backups, there may be scores or hundreds of Wi-Fi networks on your phone.
Resetting iOS 10 Wi-Fi
Forgetting Wi-Fi Networks: In the future, it is a good idea to reduce the networks that your phone remembers. Because the iOS 10 Wi-Fi settings remembers all networks by default and does not let you retroactively forget them individually, you must remember to forget a network while you are still connected to it. This will prevent your phone from probing for that network in the future, but it also means that your phone will not automatically connect to it. This slight inconvenience is worth it. To forget a network connect to it, and navigate to Settings//Wi-Fi. Select the Wi-Fi network to which you are connected by tapping on it. On the next screen tap “Forget This Network”; an additional dialogue will ask you to confirm your decision. It is imperative that you forget the network while you are connected to it. It is easy to “forget to forget” the network, so I recommend being very selective about the networks to which you connect.
Removing All Wi-Fi Networks: If you wish to remove your historical networks, you can but you must do them all at once. If you have been careless with Wi-Fi networks to this point, starting fresh is an excellent idea. Be aware that this will remove ALL your Wi-Fi networks as well as any credential-authenticated VPNs you have on your device, and you will have to reinstall them. To remove all Wi-Fi networks go to Settings//General//Reset//Reset Network Settings. You will be required to enter your passcode and confirm this decision, and your phone will reboot.
Ask to Join Networks: This setting requires your phone to ask you before it joins a Wi-Fi network. I like this setting because it allows you to control when your device joins an unknown network (known networks will still be joined automatically). I also like it because when I am unconnected a pop-up will appear on the screen asking me to choose a network. This alert is a good reminder to turn Wi-Fi off when I am not using it.
The next post in this series will cover the iOS Bluetooth and Personal Hotspot settings. Stay tuned!