Welcome back to Part 2 of my attempt to create a private and secure iPod phone! When I started this series I thought it would consist of three parts: procurement, setup, and use. Setup took far more time than I expected, however, so I am going to cover this stage of the process somewhat more slowly. One of the reasons I wanted to do this experiment was to see what roadblocks I might run into. True to form, I ran into a couple of problems right off the bat. This post will cover setting up the iPod phone intially, and modifying basic settings for privacy and security.
INITIAL iPOD PHONE SETUP
Upon initially powering on the device, you will be met with a welcome screen. Notice that Wi-Fi is already on! If you are attempting to set this up anonymously, DO NOT power the device on within range of your home network (or any other network/device that could be tied to you). After you “slide to setup” you will be asked to select a language and country/region. Finally, you will be asked to select a Wi-Fi network. Be extremely careful about here; if you are attempting anonymity use only public Wi-Fi that you have never associated your other personal devices with.
Problem 1: I thought I could avoid connecting to Wi-Fi during initial setup. My plan was to disable all interfaces and put the iPod in airplane mode, the go through all security settings carefully. The only way (that I could find) to avoid connecting to Wi-Fi was to connect the device to iTunes through a computer. This would have linked the device to my machine. Be aware that when you power on the iPod you should be out of range of your known networks, and prepare to connect to Wi-Fi.
The next screen will ask if you want to enable location services. Choose “Disable Location Services” and confirm this decision. Next, you will be asked to create a passcode. I strongly recommend doing so. I also recommend using a “Custom Numeric Code”. Finally, you will be asked about merging apps and data; for this option choose “Set Up as New iPod Touch”.
Custom Numeric vs. Custom Alphanumeric Code: Your choice here will depend on your threat model and use-case. I generally recommend using a Custom Numeric Code on iPhones because they can be very long. Additionally, with Apple’s enforced 80 millisecond delay between passcode attempts couple with the Erase Data function ensures that a 12-24 character passcode will probably not be broken. If, however, you are operating in an exceptionally high risk environment or plan to leave the device unattended, I recommend a custom alphanumeric code.The next series of screens will walk you through the process of setting up an Apple ID. This is a necessary inconvenience; without an Apple ID you will be unable to download apps.
I recommend creating a new email address for your Apple ID. You can setup a free iCloud account email address. This prevents you from creating linkage with email addresses that are already tied to you.Create your security questions. Do not forget the answers; these are very important should you ever need to recover your Apple ID. After you have created your Apple ID you will be logged in. You will be asked if you want to use iCloud Keychain. Select “Don’t use iCloud Keychain”. On the next screen, choose “Turn On Siri Later”, followed by “Don’t Send” for diagnostics. After all this you are finally welcomed into your new iPod and can go to the home screen.
This is just the initial device setup. In the next installment I will cover going through the iPod’s settings to ensure the device is as secure and private as possible before continuing. Stay tuned for the next installment of creating my ultra-private ipod phone!
If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.