Book Image

Learning iOS Security

Book Image

Learning iOS Security

Overview of this book

Table of Contents (13 chapters)

Safari and built-in App protections

Web browsers have access to a lot of data. One of the most popular targets on other platforms has been web browsers. The default browser on an iOS device is Safari.

Open the Settings app and then tap on Safari. The Safari preferences to secure iOS devices include the following:

  • Passwords & AutoFill: This is a screen that includes contact information, a list of saved passwords and credit cards used in web browsers. This data is stored in an iCloud Keychain if iCloud Keychain has been enabled in your phone.

  • Favorites: This performs the function of bookmark management. This shows bookmarks in iOS.

  • Open Links: This configures how links are managed.

  • Block Pop-ups: This enables a pop-up blocker.

Scroll down and you'll see the Privacy & Security options (as seen in the next screenshot). Here, you can do the following:

  • Do Not Track: By this, you can block the tracking of browsing activity by websites.

  • Block Cookies: A cookie is a small piece of data sent from a website to a visitor's browser. Many sites will send cookies to third-party sites, so the management of cookies becomes an obstacle to the privacy of many. By default, Safari only allows cookies from websites that you visit (Allow from Websites I Visit). Set the Cookies option to Always Block in order to disable its ability to accept any cookies; set the option to Always Allow to accept cookies from any source; and set the option to Allow from Current Website Only to only allow cookies from certain websites.

  • Fraudulent Website Warning: This blocks phishing attacks (sites that only exist to steal personal information).

  • Clear History and Website Data: This clears any cached history, web files, and passwords from the Safari browser.

  • Use Cellular Data: When this option is turned off, it disables web traffic over cellular connections (so web traffic will only work when the phone is connected to a Wi-Fi network).

Configure Privacy Settings for Safari

There are also a number of advanced options that can be accessed by clicking on the Advanced button, as shown in the following screenshot:

Configure the Advanced Safari Options

These advanced options include the following:

  • Website Data: This option (as you can see in the next screenshot) shows the amount of data stored from each site that caches files on the device, and allows you to swipe left on these entries to access any files saved for the site. Tap on Remove All Website Data to remove data for all the sites at once.

  • JavaScript: This allows you to disable any JavaScripts from running on sites the device browses.

  • Web Inspector: This shows the device in the Develop menu on a computer connected to the device. If the Web Inspector option has been disabled, use Advanced Preferences in the Safari Preferences option of Safari.

View website data on devices

Browser security is an important aspect of any operating system.