Configuring Your iPhone for Maximum Privacy and Security: Web Browsing
Configuring Your iPhone for Maximum Privacy.
In this article, it’s my goal to help you to Configuring Your iPhone for Maximum Privacy
I’ll start — as I usually do — with this caveat: there is no such thing as perfect security or perfect privacy online, only best practices and best tools. Anyone who promises you otherwise is lying or ignorant.
Browsing the web and using apps are two of the easiest ways to find information—but being online is also one of the easiest ways for your every digital move to be tracked. Every time you visit a website, a small army of cookies, trackers, and little pieces of embedded code watch what you do, follow you to other websites, and capture information about you to help serve you ads. Other information about us — data that perhaps we’d prefer not to share — is also available in those cookies, including our location, IP address, and computer platform or operating system.
I’m sorry, but I don’t want that information shared with the world — by default?!? — so I call BS. It’s time to arm ourselves with tools we can use to help set up and then automate a more secure internet experience. Here’s how to start with Configuring Your iPhone for Maximum Privacy.
Download and Use a Reputable and Safe VPN
That makes it the quickest, easiest, and most powerful tool to implement in your privacy and security arsenal.
Even as a law-abiding citizen in a democratic nation, I’m against AT&T, Verizon, Sprint, or any cellular network provider tracking where I surf online and when. That’s just creepy. Without a VPN, those companies have access to all of this information, they keep logs on it, and, if subpoenaed by federal agencies, they are mandated to surrender that information about me.
No thank you!
When using a VPN, that web-surfing information is hidden from them:
VPNs are useful in another way that you might find helpful if you travel. Your VPN app will give you a choice of servers to connect to the internet through. If you connect to a server in Los Angeles, you will appear to be connecting from Los Angeles … even if you’re sitting in Ghana or Mongolia. So if the website you’re using blocks you based on location, you can simply connect to a server somewhere else to get around it.
There are many VPN providers vying for your money, and it’s important that the one you choose actually be secure. I have ten strict guidelines for the VPN companies I recommend (which you can read in full here), but in summary, I only recommend VPN providers who:
Are NOT headquartered in the US or other countries who are members of the 5-, 9-, or 14-eyes security agreements
Offer fast servers in many countries
Provide apps for mobile device access
Use the OpenVPN standard
If you take the time to do the research, you’ll discover that only a few VPN companies actually provide all of those core services. I personally use NordVPN, which is headquartered in Panama and constantly ranked in most reviewers’ top 10 lists. Whether you choose this company or any of the other VPN providers I discuss in my longer article isn’t important. What is important is that you pick one that meets high security and privacy standards.
Using Your VPN for Configuring Your iPhone for Maximum Privacy
Consider activating the “kill switch.” This terminates your internet connection if your VPN connection is lost or dropped. That preference can mean the difference between remaining hidden online or having your IP address, location, and personal information be exposed. Kill switch technology differs from provider to provider. I use NordVPN, whose kill switch on iOS kills “system-wide Internet access” so that no unencrypted data from any app on your iPhone will be exposed, whether you’re surfing on WiFi or cellular. Again, that’s how the kill switch works on Nord. Other VPN providers may work differently, so be sure to read the fine print.
Use your VPN all the time.
The biggest disadvantage to using a VPN is that your surfing speeds will be slower. The amount of slowdown you will experience depends on several factors, including speed of the VPN server, the time of day, the server traffic load, your normal surfing speed, and the country where the VPN server is located. In general, if you’re connecting to a server in a well-connected country — and as you can see in the screenshots below, I’m in the US and connecting to a VPN server that’s also in the US — you shouldn’t experience much slowdown, especially if you’re using a reputable VPN provider.Screenshots from NordVPN’s iOS client: the main screen (left), when I’m connected to a server (center), and my “kill switch” settings (right).
If you do run into issues of slowness when using a VPN app that previously worked, there are a few things you can try to fix it:
Reconnect to a server in a different country. How you do that will differ on every VPN provider’s app. On Nord’s app, I just swipe up from the bottom of the app to access the list of alternate servers from which to choose.
Choose a server with a much lower traffic load (some apps will display this).
Quit and relaunch the application.
Use a Faster, Safer Web Browser
Like most browsers, Safari still loads ads, trackers, and cookies, even in its awesome Reader Mode. Those extra pieces of code not only make websites slower to load but track us wherever we go online. They also use up data on our mobile data plans, so, uh, yeah: not cool.
The same goes for Google’s Chrome browser, even in its “incognito mode,” which — basically — purports to hide your browsing habits, account info, and passwords. But recently researchers found that there are serious leaks in this “privacy” feature.
After installing, tap the orange Brave logo in the upper-right corner of the app window to open the easy-to-use controls. I always have the “Block Ads & Tracking” and “Block Phishing” controls activated. When I need 100% blockage, I activate the other two blockers as well, but be warned: that forces some websites — usually the ones that have the most trackers — to either load differently or not load at all.
Results of applying Brave’s blockers, bottom row,
In the first example on the left, you can see how CNN loads normally, including the truck advertisement. At center, you can see that I’ve tapped on the Brave logo and activated two blockers. When I do, Brave immediately reloads the webpage and shows me that 43 ads and trackers have been blocked. As a result, the website now loads without the truck ad. On the right, I’ve activated too many of Brave’s blockers, and you can see just how different the page looks—just a list of clickable category words. Given how nutty the news is these days … this might be an improvement for you.
Three final notes on using Brave:
Second, because every website is programmed differently, with different priorities in mind, Brave is not a one-size-fits-all solution. You’ll probably need to alter Brave’s shields on some websites to get the desired mix of security and functionality you’d like for that site on your iPhone.
Third, bookmark syncing in Brave is poor. Firefox and Chrome have bookmark syncing, making it super easy to sync bookmarks from the desktop versions of their apps to the iOS versions. Brave doesn’t have that … yet. There is a beta version of Brave with the bookmark syncing tool, but it hasn’t hit primetime yet.
Use a Slower, Much Safer Web Browser
There’s only one authorized Tor client for iOS:
Tor’s greatest asset — bouncing through various relay servers to hide your identity and location — is also its greatest liability: surfing the web will be slower. But that’s a worthwhile trade-off if you are engaged in important private or secret communication and research on the web. Better slow than sorry.
Below you can see the homepage for Tor (left), viewing the NYTimes .onion page along with its page stats (center), and how Tor keeps you safe by disconnecting you if you stop browsing for a few moments (right).The homepage for the Onion Browser (left), the NY Times .onion page (center), and the app’s requirement to remain active (right).
What’s Safer: Tor or VPN? How About … BOTH
Although Tor is secure enough for the US government to use, security professionals rightly point out that even Tor has caveats, just like any other platform or technology.
The two most glaring are:
The last or “exit” node decrypts your data before passing it on to its final destination.
This is why some people who prefer extreme privacy or security choose to combine BOTH Tor and VPN at the same time.
In the Tor-over-VPN strategy, users first connect to their VPN provider and then to the Tor network. This approach, shown below, is often thought to provide better security because no one — except the VPN provider — knows your actual IP address or that you’re even connecting to the Tor network. (And remember, a good VPN provider keeps no logs on users.)
Tor over VPN. Photo courtesy of Nord.
A small group of VPN providers — NordVPN among them — have the ability to route your data directly to the Tor network via their VPN servers, as shown. Because those VPN servers use a different IP address than your personal computer, your Tor entry node is blocked from knowing your IP, eliminating one of the two security holes in Tor.
This approach is also thought to provide better anonymity because all data — even data coming out of the Tor network — remains encrypted because of your VPN provider.
If you’re using Tor with a VPN for better security, you should take two more steps to lock things down. The first requires you to adopt one tool, and the second to change one behavior:
The tool is the free Https Everywhere plug-in
The behavior change is learning to stop the kinds of online behavior that can expose your identity, location, IP address, and more. When on Tor, don’t log into your webmail and send emails to lots of people. Also, don’t log onto social media and post a bunch of random crap. Engaging in these kinds of online behaviors can expose you to those who may be snooping around and watching for you.
Using the “Onion Over VPN” feature of Nord is simple: launch the app, slide up the server list from the bottom of the screen, tap “Specialty Servers,” and then tap “Onion Over VPN.”
Screen grabs from Nord’s VPN app and its “Onion Over VPN” settings.
Use a Safer Search Engine
It’s no secret that Google’s core services are free because you, my dear friend, are the company’s product. Google collects data about you and then uses that data to charge others to show you specific ads.
It’s very lucrative and works because every search you make, every map location you navigate to, and seemingly
The way I prevent this is to use other search engines that don’t track me.
Your history is saved in the app, but if you just click on the fire icon at the bottom center of the app,
it will erase your browsing history.
When using the DuckDuckGo iOS app, press this button to “burn up” your browsing history in flames!
There are other alternative search engines. Tech experts and cybersecurity fans alike each have their own take on which search engine to use, and, frankly, it’s a worthwhile debate.
DuckDuckGo provides increased privacy from overreaching companies like Google, but not security protection from the US government. DuckDuckGo is a US company, so both the company and its servers are subject to US law. They must therefore provide any data they have to the government if asked. That might cause some of you to seek another search engine, and if that’s the case, I don’t blame you. Not wanting your government to have records of every online search you make is a legitimate concern, even for law-abiding citizens.
Prove It: How to Ensure You’re Protected
To do that, you’ll need your IP address. On your iPhone, tap through to Settings -> WiFi and then tap once on the name of the network to which you’re currently connected. Find your IP address listed there. In my case, you can see that my WiFi network name is “secret garden” and my IP address is 192.168.2.104. For the moment, we’ll refer to this as our “private” IP address.Clearly, we don’t want the rest of the world to know our private information, so let’s open our VPN app, connect
IP because — once your VPN is active — no one should see your actual IP address.
In the NordVPN app, tapping the top green border reveals your “public” IP address
Now let’s see what the rest of the world sees when you’re surfing the web. Once your VPN is active, go to https://ipleak.net/.
Things you’ll want to check when you visit this testing website include:
Is your location revealed to be where you currently are or where your VPN server currently is?
If your public IP address is showing and your geolocation is tagged as where your VPN server is located, you’re
Fun, bonus assignment:
What happens if you choose to connect to Nord’s “Onion Over VPN” server option? Notice any differences as to the information that gets revealed? Now what if you run the same tests via the Onion Browser? You’ll notice that every layer of protection that you add — VPN, Onion Over VPN, Onion Browser — provides you with additional layers of privacy.
In Summary for Configuring Your iPhone for Maximum Privacy
So that’s the scoop on data privacy. I’m a big fan of Coach Tony’s philosophy of configuring the iPhone’s home screen for optimal focus. Here’s what mine looks like now. You’ll notice that I keep my VPN, browser, and search engine apps front and center:
There’s a reason for that:
My recommendations are as follows:
Everybody should acquire and use a VPN service at all times. Just turn it on and use it. It will provide you a layer of protection that you don’t already have, and it’s easy to automate.
Same for using the Brave web browser. It’s a simple no-brainer for those who’d prefer to surf the web without being tracked or bombarded by ads. Put it on your iPhone homepage and remove Safari and Chrome from your homepage.
Most of you will want to start moving away from the Google platform of services, including search, and instead begin to use DuckDuckGo and Start Page for your searching needs.
Start implementing some of the changes
In my next deep dive, I’ll take a look at another group of privacy- and security-minded changes, including Robocalls, more secure email/calendaring, secure messaging, 2FA/U2F setup and usage, and my best practices for using Twitter, Facebook, Snapchat, and Instagram as securely as possible. Until then …