Have you ever reconsidered your personal iPhone security policy?

Why should I reconsider my iPhone security policy? I have my iPhone four digit pass code and Find my iPhone feature feature is activated. So how should abuse be possible? What could a thief be doing with my stolen iPhone? Well, possibly quite a lot. At least the bold print bullets in this article should be mandatory for everyone. Of course this is no guarantee for invulnerability but it will improve your security. After watching this video you should consider the following actions:

Change your Apple ID rescue mail address and do not add this mail account to your iPhone.
Consider to use a proper and usable password policy for your Apple ID like this or this (German article).
Consider a complex pass code for your iPhone. As you can see in the video four digit pass codes can be hacked in no time on iPhone 4. For newer iPhone a leak is not yet known but it is properly there. Definitely do not use these pass codes.
Alternative to point three: activate delete iPhone after 10 wrong attempts (Go to Settings > Passcode Lock > Enter Your Passcode > Click on Done > Erase Data = ON > Enable). This feature can be very annoying when friends playing with your phone at a party ("Haha, I erased your iPhone!").
Deactivate control center when iPhone is locked. I agree that it's a little uncomfortable.
There is a long still ongoing discussion about the pros and cons of Apple's Touch ID which is build in the iPhone 5S. No matter what it is definitely more secure than any 4 digit pass code.

After reading this (German article) you should consider the following:

Upgrade to iOS 7 if not already done.
Reinstall your apps after upgrading to enable data protection, at least apps with sensitive data. Otherwise third party app data might be there in plain text. (Just updating the app under iOS 7 will not activate data protection, you need to reinstall the apps).

After seeing this video (iPhone part starts at 44:30) you might consider to

Do not to use mobile phones at all. Maybe not an option for most of us.
Block your phone camera (at least your front cam) with a sticker. There is no evidence yet, that somebody can access it but it does not hurt to cover it. And we already saw this issues on PC's and notebooks here and here.

After reading this (German article) you might consider to

Do not use Key Chain Sync.
Do not use iCloud Backup, use local backup instead.
Check your privacy setting and location services.

How to integrate AVM smart devices into HomeKit by using openHAB

After some evaluating openHAB (Vers. 2.2.0) on my NAS I wanted to do it right and started with this (German) article to use openHABian together with a Raspberry Pi.My primary goal was to integrate my AVM smart home devices to control them with HomeKit . To get started I used the following items: Raspberry PI SD Card 16 GB And the following software (I used a Mac, so you might need to replace some tools if you use another OS): Download the latest openHABian image here . This is a dedicated linux distribution to provide an openHAB server. Download SD Formatter here . Needed to format your SD card. Download Etcher here . Needed to install the openHABian image on the SD card. Installation openHABian Insert the SD card Connect the Raspberry Pi via LAN with your network Plugin the Raspberry Pi Wait about 45 minutes until all updates were installed When everything went well you should be able to connect to http://openhabianpi:8080 Connect via ssh: ssh openh...

Install and verify IIS HttpModules with custom config sections

A week ago I started to learn about HttpModules and HttpHandlers watching a pluralsight course by Robert Boedigheimer . First of all I want to really recommend this course, I learned a lot of stuff which I could not find in any other course, book or blog post. As I already did in the past with another course , I want to add some comments and extend the HttpModule part. I refer to the course example with the serverMaskModuleGAC. I walked into some trap doors and thereby I found another approach to simplify the installation process of the module to GAC a little bit. With this approach I am able to verify my custom config sections and module registration is correct. Here is my approach: 1. When you have finished your implementation for serverMaskModule, install it in the GAC as usual by using the gacutil tool. By the way, there are some traps when you need to install it on Windows Server 2012 . Here I am using Windows 8.1 64 Bit. I created my HttpModule with .NET 2.0 because it se...

How does AppFabric cache calculates the values for RequestCount, ReadRequestCount, WriteRequestCount and MissCount?

When I started to use the Get-CacheStatistics cmdlet to monitor caching activities more intensivley I was often confused. Here an example: Should not be ReadCount+WriteCount = RequestCount? Why is WriteRequestCount increasing +2 although I just send one put request? By talking to Microsoft support I figured out how AppFabric cache calculates its numbers (Thanks to Gayathri from Distributed Service Team). Number calculation behavior depends on your configuration, high availability and local cache have a major impact on it. Activity RequestCount ReadRequestCount WriteRequestCount MissCount DataCacheFactory is initialized and Named Cache is up +1 - - - Put item, not yet in local and server cache +1 - +1 (+2 with HA) +1 Get item from local cache - - - - Get item from server cache, local cache has expired +1 +1 - - Get item, local and server cache has expired +1 +1 - +1 I hope this is helpful for you when you are analyzing the caching behavior f...

Search This Blog