如何保护您的iPhone,照片和iCloud帐户
在美国,截止到2020年1月,iPhone用户现在占所有智能手机用户的45%左右,近十亿用户使用苹果的iCloud存储数据。拥有如此大量的个人数据,黑客攻击的企图是持久的,复杂的且不加区别的 。
本文旨在帮助您保护Apple设备和数据免受黑客攻击。我们从最重要的方面入手,提出了最有效的方法来保护您的设备和数据安全,然后逐步涉及更多涉及安全的措施。
Since 2017, Apple have allowed "differential privacy" on iCloud user data. This function allows users to enable or disable data-sharing for analytical purposes. The same iOS 10.3 update also included numerous notifications promoting two-factor authentication (2FA) adoption. Both actions work to keep your iPhone data safer.
如何保护我的数据?
Jennifer Lawrence, Kirsten Dunst and Kate Upton were among the victims of the notorious Celebgate hacking attacks, which accessed data from iCloud accounts remotely and without permission. Celebrity hacks show these breaches can happen to anyone, Apple already implements numerous safety and privacy protections as defaults (such as 2FA) to make sure your iOS devices and iCloud data is kept safe. Successful hacking attacks are almost always the result of users failing to implement Apple’s security tools properly or phishing.
You can use this article to ensure you’re making the most of Apple’s security features. First, we cover the 12 most important steps to protecting your data which we recommend every iCloud user follows. Once we've covered the essentials, we outline a further five safety measures which are slightly more advanced or involved. You may want to consider implementing these steps if you are at particular risk of being hacked, or if your data is particularly sensitive:
12 Easy safety measures everyone should always take to protect their iPhone, Photos, & iCloud data🔒
让我们从基础开始...
1. Beware of phishing attempts
网络钓鱼邮件是合法安全措施的伪造副本。它们是您收到的电子邮件,短信和电话,声称来自Apple,Google或其他受信任的公司,通常包含紧急或对时间敏感的消息,例如:“立即单击以确保您的帐户保持活动状态!”由于这些电子邮件,消息和电话旨在访问个人信息,因此它们通常会要求用户提供凭据。这些都是胡说八道-单击危险。
警惕任何意外的电子邮件,消息或电话,要求您提供个人详细信息。这样的电子邮件可能会说:“我们最近在您的iCloud帐户中检测到可疑活动。请使用此表单重置您的密码。”
Whenever you see an email asking for credentials, check the URL. If you see any domain other than iCloud.com, or if you notice an insecure certificate when browsing, it's most likely a phishing attempt. Here's Apple's icloud.com, and the secure certificate that you should see on it:
自称来自Apple的消息和电话不太可能是真实的,因为Apple很可能通过直接向iOS设备发送通知来与您联系。
We recommend you always access your iCloud account manually, by opening in a new tab in your web browser and typing in "icloud.com", even if you think a message may be authentic. Always use the official iCloud site to log in, change a password, or check up on warning messages. You can also get in touch with Apple’s security team to report any phishing attempts to them.
收到您真的担心的消息吗?有关可能被黑客入侵的处理方法,请参阅我们的指南。
2. Keep your email address private
时不时地会发现一个漏洞,只需单击链接即可破坏您的数据。
Lookout的安全专家Mike Murray将最后一个漏洞利用描述为“我们在市场上看到的最复杂的间谍软件程序包”。它与NSO Group有联系,后者是一家为政府提供安全应用程序的以色列公司。几个小时后,Apple启动了iOS更新,从而修复了此漏洞。
我们可以从中得到什么?即使问题得到迅速解决,也可能发现其他安全漏洞。拥有私人电子邮件地址是以这种方式避免定向或随机间谍软件攻击的好方法。您可以执行以下三项操作来确保隐私:
- Use a separate email address for purchases, social networks, and promotional messages, and a private, rarely disclosed one for any information you wish to keep secure. Share it only with trusted people.
- 避免打开看起来像垃圾邮件的邮件,即使它们已经超过了您的过滤器。
- 为您的电子邮件启用两因素身份验证(有关2FA的更多信息,请参见下面的2FA)-考虑使用您的手机号码接收有关可疑活动的通知。
- 加密电子邮件-使用基于Web的电子邮件提供商或将Outlook设置为与GPG一起使用加密连接。
Yahoo!'s 2013 email scandal, in which all 3 billion Yahoo! email accounts were hacked, revealed that email accounts are sometimes not as well protected as you might hope.
If one of your accounts becomes hacked, that weakens all linked accounts. If hackers gain access to your email account, they may try to send a password reset email to your email address using the iCloud login system.
如果您拥有与Yahoo!关联的iCloud帐户。电子邮件地址,最好尽快更改您的密码。更好的是,只需切换邮件提供商。抱歉,雅虎! Gmail功能强大。
3. Update your iPhone passcode
iPhone密码是当Face ID或Touch ID不起作用时提示您使用的数字代码。从iOS 9开始,此代码的默认长度为六位数,比之前的四位数默认破解时间长得多。 4位密码有9,999种可能的组合,而6位密码有999,999种组合。
为了进一步加强对iPhone的保护,除了密码中的数字外,您还可以使用字母。通过使用由八个以上字母和数字组成的字母数字代码,您可以确保密码不会被黑客破解或猜测-只要您不使用任何明显的组合即可。
Here's how to make your iPhone passcode longer and use an alphanumeric passcode:
-
Go to
Face ID & Passcode
orTouch ID & Passcode
-
Enter your current passcode
-
Tap
Change Passcode
, enter your passcode again, then selectPasscode Options
-
Select
Custom Alphanumeric Code
orCustom Numeric Code
-
Enter your new passcode twice to reset
确保记住密码,以防止丢失数据!我们建议创建8个或更多字符的字母数字密码。
4. Use strong passwords across your accounts
在讨论密码和密码时,请确保在所有帐户中使用安全密码。
You also need to make sure to use different passwords across all accounts, particularly when it comes to those accounts with the most valuable data. Hackers often target less protected sites, and then try these passwords out on other accounts owned by the user.
At the very least, keep your iCloud password different from the passwords you use on less secure sites, and make sure it is sufficiently complex.
When choosing a new password, aim to meet the following three criteria:
-
Strong: Use a combination of lower and upper case letters, numbers, and special characters. Replace certain letters with numbers or symbols:
beardak0tast@arhip
, for example. -
Long: the longer a password is, the greater the number of combinations a hacker needs to crack it. Consider using phrases to protect the integrity of your account, which are easy for you to remember as an individual but difficult for existing software to rapidly generate. Ideal passwords are at least 14 characters long.
Hard to guess: Avoid password terms that include personal information, like your birthday, pet's name, or a favourite colour, because they're easy for hackers to guess. Don’t choose a favourite band, your birthplace, or any other relatable guess as your iCloud password. The Telegraph has written on the most commonly used passwords; they're all worth avoiding!
如果不确定密码的安全性,可以使用一些免费的在线工具来帮助您:
We don't recommend putting your actual password into either of them, though. Just put something in of similar complexity.
创建新密码后,请不要忘记将密码保存在安全的地方。如果每个帐户都有唯一的密码,则可能很难跟踪,因此可以使用密码管理器来编译和访问各种密码。
诸如1Password (收费)或KeePass (免费)之类的工具会生成随机文本,这些文本通常会形成非常强的密码,并可以帮助您安全地存储密码和机密数据。
Back in 2016, Colin Powell and George W. Bush lost their email data after their accounts was illegally accessed by a hacker. The hacker managed to gain access by guessing the answers to their security questions. Beware!
Many common security questions ask for information that could be public knowledge. For example, many security questions ask for your mother's maiden name. This information is not exclusively known by you and could be accessed by a hacker.
为了确保您的帐户安全,请对您的安全问题使用更困难的问题和答案。选择另一个问题,例如:“您最喜欢的电影是什么?”或“谁是您最喜欢的作家?”。理想情况下,整理答案,然后在安全的密码管理器中记录您的答案。通过使用更棘手的安全性问题,您将更有机会保护数据。
5. Activate two-factor authentication (2FA)
两因素身份验证是帐户所有者验证过程,每当尝试新登录时都会触发该过程。苹果于2016年推出了2FA,从那时起,我们在Reincubate就一直为该功能提供支持。
2FA protects the iCloud account even where the password is known to somebody else. As long as a potential hacker doesn’t have access to any of your trusted devices, your iCloud account remains inaccessible.
两因素身份验证的工作原理如下:当您尝试登录iCloud帐户时,会收到一个唯一的代码。要完成登录过程,您需要输入密码和手机上收到的验证码。如果没有代码(实时随机生成),则任何想要访问该帐户的人都无法进入-即使他们拥有您的用户名和密码。因此,黑客被锁定在外,并且您会在弹出窗口或文本消息中提醒您是否以及何时试图进入。
这是您尝试从新位置登录时在使用2FA的Apple设备上看到的结果:
2FA is standard for all new Apple devices. If you use an Apple device that doesn't use 2FA as a default, here's how to can enable two-factor authentication for iCloud:
On your iPhone, iPad, or iPod touch with iOS 9 or later:
-
Go to
Settings
-
Click on your name to access
Apple ID
-
Tap
Password & Security
-
Tap
Turn on Two-Factor Authentication
我们将在此处的指南中详细介绍两因素身份验证及其历史。
6. Don’t use unsecured wireless networks (and use a VPN)
免费热点是浏览网络的便捷方式,尤其是在旅途中时。但是它们并不安全。
运营网络的任何人都有能力拦截或记录通过网络发送的流量。如果您不知道谁在运行网络-并且您不信任他们-则不应使用它。不安全网络的其他用户也有可能攻击您的设备并拦截您的流量或数据。
The safest thing you can do is to avoid accessing the internet using these hotspots. Secured public Wi-Fi connections are safer, but you are still exposed to risks if you use them to access the cloud.
Use a good data plan with your carrier instead, and make sure your home WiFi network is secured.
If you do need Wi-Fi access on the go, invest in a Mi-Fi device, or consider using a VPN to protect your traffic. Bear in mind that using a VPN won't protect your device from other users on the network.
7. Use "Find My" to secure lost or stolen devices
Once activated, this option allows you to get in touch with your lost or stolen iPhone, or to remotely erase it. We’ve covered this in-depth here. You can essentially wipe the data on your iPhone until you recover it.
To wipe your data using "Find My":
-
Go to the
Find My
app on a linked device -
Under
Devices
, select the device that is lost or stolen. -
Select
Activate
underMark As Lost
for that device. -
You can add a contact number to be used by anyone who finds your device.
Another benefit of this feature is that it prevents anyone else from using your iPhone if it's stolen. It can't easily be reactivated, so it's worth a lot less to a potential thief. You can also erase the data from your device using from the Find my app.
8. Enable "Erase Data" on your device
This is one of the most simple methods to prevent your phone from being attacked. If this option is enabled and somebody tries to guess your passcode, your iPhone will wipe itself after 10 failed attempts. Don't worry: this isn't something you're likely to do by accident. There's a long timeout between failed attempts. It'd take a serious attempt to have someone erase your phone.
To activate this feature:
-
Go to
Settings
on your iPhone -
Tap
Face ID & Passcode
orTouch ID & Passcode
-
Activate the
Erase Data
option
9. Use local iPhone backups instead of iCloud
If you do enable "Erase Data", you should also create regular backups. An iPhone backup won't protect your data, but it will ensure that you can access your data in the event of theft or loss. iCloud backups are convenient, but they're not end-to-end encrypted, meaning it's at least theoretically possible for them to be remotely accessed.
定期备份是如此重要,甚至还有一个世界备份日 。尽管有更多的了解,更好的习惯和更轻松的技术,但许多用户仍未创建常规备份。
我们写了一个全面的指南备份你的iPhone或iPad 在这里 。
如果收到“ iPhone备份失败 ”或“ iPhone未备份 ”消息,则不会备份手机,因此,如果丢失设备,则会丢失数据。
10. Sign out of iCloud on unused devices and browsers
您使用iCloud的所有设备都已连接到您的iCloud帐户中。在此授权的设备可以对您的iCloud帐户及其中的所有数据进行低级访问。黑客可能试图通过向iCloud帐户添加其他设备来获取对iCloud数据的访问权限。
To view and remove iCloud devices on your device:
-
Go to
Settings
-
Click on your name to access
Apple ID
-
Scroll down to view the devices connected in your iCloud account.
-
To remove a device, select it, then select
Remove from account
-
If you find and remove any devices you do not recognise, change your iCloud password.
To view and remove iCloud devices from a browser:
-
Go to iCloud.com
-
Sign in, then go to
Settings
-
Select
My Devices
-
Remove any devices you don't recognise or no longer use.
-
If you find and remove any devices you do not recognise, change your iCloud password.
删除设备后,您将无法再使用“查找我”来查找它。
除了删除未使用的iCloud设备外,您还应确保在使用共享浏览器时注销iCloud帐户。
If you logged in to iCloud on a computer that is not your own (such as a work computer or friend’s computer) and forgot to log out, you can log out remotely.
To sign out of iCloud remotely:
-
Go to iCloud.com and log in with your username and password.
-
Select
Account Settings
-
Scroll to the bottom of the screen to find the link that says
Sign Out Of All Browsers
-
Click it and you'll be signed out of all browsers on any device anywhere in the world where you are signed in to your iCloud account
11. Turn off access to sensitive data for apps that don’t need it
To keep your data private you can also restrict access to apps that don’t need it, for example, access to your contacts, calendar, photos, etc.
To restrict access for apps on your device:
-
Go to
Settings
-
Select
Privacy
-
Select one of the apps listed, such as
Photos
在这里,您可以查看当前有权访问此数据的应用。切换右侧的开关可删除对每个应用程序数据的访问。
12. Secure your lock screen
与流行的看法相反,Touch ID和Face ID不会使您的iPhone完全不可入侵。苹果公司推出FaceID之后不久,网络安全公司Bkav制作了能够解锁iPhone X的印刷面具 。
通过Touch ID,Face ID或您的iPhone密码进行的锁屏攻击不是很常见,因为它们要求黑客与您的手机进行直接的物理接触,但这是最容易尝试的攻击,并且如果您的设备很可能成功配置不正确。
为了保护您的锁定屏幕,请在手机处于锁定状态时取消对功能和控件的访问。如果您在手机被锁定时允许访问USB配件,则黑客可以简单地将手机连接到他们的计算机并下载数据。同样,如果他们可以访问Siri,则可以访问您的消息。
防止iPhone受到物理攻击的最佳方法是从锁定屏幕上删除对各种控件和功能的访问。
To deactivate access from the lock screen:
-
Go to
Settings
-
Select
Face ID and Passcode
orTouch ID and Passcode
-
Enter your iPhone passcode
-
Scroll down to the bottom of the screen and disable access to Control Centre
We've disabled access to all controls from the lock screen because that's the safest approach. At a minimum, we recommend you remove lock screen access to all of the following:
-
Today View
-
Notification Centre
-
Control Centre
-
Siri
-
Reply with Message
-
Home Control
-
USB Accessories
您可能还想实施五种安全措施
如果您特别关注数据的隐私和安全性,则可以使用以下五种安全措施来进一步保护数据和设备。
1. Turn off "Personalised Ads"
Ad tracking is used by advertising networks to target ads to you. If you limit this, it restricts tracking of ads across apps. Well, apart from when Google bypass it.
To limit ad tracking on your iOS device:
-
Go to
Settings
-
Select
Privacy
-
Scroll to the bottom of the screen and select
Advertising
-
Toggle to turn off
Personalised Ads
您还可以Reset Advertising Identifier
以删除已经编译并用于向您发送定向广告的数据的历史记录。
2. If you're a macOS user, consider pair-locking your iPhone
配对锁定需要一些技术知识,并且不适合所有人,因此我们在另一篇文章中对此进行了详细介绍 。简而言之,它可以防止您的iPhone与其他计算机交换数据。
3. Delete unwanted or sensitive content from Photo Stream or iCloud Photo library
如果照片库中有任何特别机密的内容,则最好根本不将其存储在智能手机中。如果删除敏感图像,请确保也将其从“已删除邮件”中删除。注意可以恢复此数据的所有方式 。
4. Decrease the time until the iPhone locks itself
iPhone有时会在街上抢走。发生这种情况时,iPhone通常会被解锁,小偷将可以使用所有东西。
为避免这种情况,请使用较短的时间间隔自动锁定iPhone。要减少激活电话锁定屏幕之前的秒数,您需要更改自动锁定计时器的设置。
To decrease your phone's lock time:
-
Go to
Settings
-
Scroll down and select
Display & Brightness
-
Select
Auto-Lock
and adjust the time available until the iPhone is locked.
The shortest interval of time is 30 seconds. Activate this option and confirm the action.
5. Encrypt your locally saved data
如果您的计算机上有敏感数据,则最好对其进行加密。 Windows内置了BitLocker ,而Mac则具有FileVault 。两者都很棒-并且可以免费使用。打开它们。
如果您的计算机被盗并且具有加密的磁盘,则可以假设您的密码很强而提出保险索赔,而不必理会。不用担心有人访问您的数据,这很好。不要冒险!
结论
我们介绍了最重要的安全功能,以限制未经授权的iPhone或iCloud访问。随着黑客和取证公司开发新工具,风险会增加,从而使安全成为一场持续的战斗。
As a company, data privacy and security are in our DNA. We built iPhone Backup Extractor to be compatible with all of Apple's security measures, and we're committed to ensuring our product is used by legitimate, ethical users. Stay safe!