From 66847abdafb3ee6da91839df16273f329c15a206 Mon Sep 17 00:00:00 2001 From: Jonah Aragon Date: Sun, 26 May 2024 08:08:26 +0000 Subject: [PATCH] fix: iVerify Basic downgrade info (#2578) Signed-off-by: Daniel Gray --- docs/basics/multi-factor-authentication.md | 2 +- docs/device-integrity.md | 12 +++++++----- docs/encryption.md | 6 +++--- docs/tools.md | 6 +++--- 4 files changed, 14 insertions(+), 12 deletions(-) diff --git a/docs/basics/multi-factor-authentication.md b/docs/basics/multi-factor-authentication.md index 8dbf5d6b..c2df4307 100644 --- a/docs/basics/multi-factor-authentication.md +++ b/docs/basics/multi-factor-authentication.md @@ -101,7 +101,7 @@ When configuring your MFA method, keep in mind that it is only as secure as your You should always have backups for your MFA method. Hardware security keys can get lost, stolen or simply stop working over time. It is recommended that you have a pair of hardware security keys with the same access to your accounts instead of just one. -When using TOTP with an authenticator app, be sure to back up your recovery keys or the app itself, or copy the "shared secrets" to another instance of the app on a different phone or to an encrypted container (e.g. [VeraCrypt](../encryption.md#veracrypt)). +When using TOTP with an authenticator app, be sure to back up your recovery keys or the app itself, or copy the "shared secrets" to another instance of the app on a different phone or to an encrypted container (e.g. [VeraCrypt](../encryption.md#veracrypt-disk)). ### Initial Set Up diff --git a/docs/device-integrity.md b/docs/device-integrity.md index d9aa70b7..a58a0d12 100644 --- a/docs/device-integrity.md +++ b/docs/device-integrity.md @@ -214,13 +214,13 @@ Using these apps is insufficient to determine that a device is "clean", and not Hypatia is particularly good at detecting common stalkerware: If you suspect you are a victim of stalkerware, you should [visit this page](https://stopstalkerware.org/information-for-survivors) for advice. -### iVerify (iOS) +### iVerify Basic (iOS)
![iVerify logo](assets/img/device-integrity/iverify.webp){ align=right } -**iVerify** is an iOS app which automatically scans your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus. +**iVerify Basic** is an iOS app which can scan your device to check configuration settings, patch level, and other areas of security. It also checks your device for indicators of compromise by jailbreak tools or spyware such as Pegasus. [:octicons-home-16: Homepage](https://iverify.io/consumer){ .md-button .md-button--primary } [:octicons-eye-16:](https://iverify.io/privacy-policy){ .card-link title="Privacy Policy" } @@ -235,8 +235,10 @@ Hypatia is particularly good at detecting common stalkerware: If you suspect you
-Like all iOS apps, iVerify is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is *specifically* designed to bypass iVerify's checks would likely succeed at doing so. +Previously, iVerify would scan your device for threats automatically in the background and notify you if one is found, but this is [no longer the case](https://discuss.privacyguides.net/t/iverify-basic-is-now-available-on-android/18458/11) following their rebrand of the consumer app to *iVerify Basic* in May 2024. You can still run manual scans within the app. Automatic background scanning is now only available in iVerify's enterprise product which is unavailable to consumers. -iVerify is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example. +Like all iOS apps, iVerify Basic is restricted to what it can observe about your device from within the iOS App Sandbox. It will not provide nearly as robust analysis as a full-system analysis tool like [MVT](#mobile-verification-toolkit). Its primary function is to detect whether your device is jailbroken, which it is effective at, however a hypothetical threat which is *specifically* designed to bypass iVerify's checks would likely succeed at doing so. -In addition to device scanning, iVerify also includes a number of additional security utilities which you may find useful, including device reboot reminders, iOS update notifications (which are often faster than Apple's staggered update notification rollout), some basic privacy and security guides, and a DNS over HTTPS tool which can connect your device's [DNS](dns.md) queries securely to Quad9, Cloudflare, or Google. +iVerify Basic is **not** an "antivirus" tool, and will not detect non-system-level malware such as malicious custom keyboards or malicious Wi-Fi Sync configurations, for example. + +In addition to device scanning, iVerify Basic also includes a number of additional security utilities which you may find useful, including device [reboot reminders](os/ios-overview.md#before-first-unlock), iOS update notifications (which are often faster than Apple's staggered update notification rollout), and some basic privacy and security guides. diff --git a/docs/encryption.md b/docs/encryption.md index 4bdae63c..9dee9fa7 100644 --- a/docs/encryption.md +++ b/docs/encryption.md @@ -340,7 +340,7 @@ gpg --quick-gen-key alice@example.com future-default

Note

-We suggest [Canary Mail](email-clients.md#canary-mail) for using PGP with email on iOS devices. +We suggest [Canary Mail](email-clients.md#canary-mail-ios) for using PGP with email on iOS devices.
@@ -348,7 +348,7 @@ We suggest [Canary Mail](email-clients.md#canary-mail) for using PGP with email ![GPG Suite logo](assets/img/encryption-software/gpgsuite.png){ align=right } -**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail) and macOS. +**GPG Suite** provides OpenPGP support for [Apple Mail](email-clients.md#apple-mail-macos) and macOS. We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com/kb/how-to/first-steps-where-do-i-start-where-do-i-begin-setup-gpgtools-create-a-new-key-your-first-encrypted-email) and [Knowledge base](https://gpgtools.tenderapp.com/kb) for support. @@ -372,7 +372,7 @@ We recommend taking a look at their [First steps](https://gpgtools.tenderapp.com ![OpenKeychain logo](assets/img/encryption-software/openkeychain.svg){ align=right } -**OpenKeychain** is an Android implementation of GnuPG. It's commonly required by mail clients such as [K-9 Mail](email-clients.md#k-9-mail) and [FairEmail](email-clients.md#fairemail) and other Android apps to provide encryption support. Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. Technical details about the audit and OpenKeychain's solutions can be found [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015). +**OpenKeychain** is an Android implementation of GnuPG. It's commonly required by mail clients such as [K-9 Mail](email-clients.md#k-9-mail-android) and [FairEmail](email-clients.md#fairemail-android) and other Android apps to provide encryption support. Cure53 completed a [security audit](https://openkeychain.org/openkeychain-3-6) of OpenKeychain 3.6 in October 2015. Technical details about the audit and OpenKeychain's solutions can be found [here](https://github.com/open-keychain/open-keychain/wiki/cure53-Security-Audit-2015). [:octicons-home-16: Homepage](https://openkeychain.org){ .md-button .md-button--primary } [:octicons-eye-16:](https://openkeychain.org/help/privacy-policy){ .card-link title="Privacy Policy" } diff --git a/docs/tools.md b/docs/tools.md index 26eaaf60..3f6f1145 100644 --- a/docs/tools.md +++ b/docs/tools.md @@ -103,7 +103,7 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b -[Learn more :material-arrow-right-drop-circle:](dns.md#self-hosted-solutions) +[Learn more :material-arrow-right-drop-circle:](dns.md#self-hosted-dns-filtering) ### Email @@ -274,7 +274,7 @@ If you're looking for added **security**, you should always ensure you're connec For encrypting your operating system drive, we typically recommend using whichever encryption tool your operating system provides, whether that is **BitLocker** on Windows, **FileVault** on macOS, or **LUKS** on Linux. These tools are included with the operating system and typically use hardware encryption elements such as a TPM that other full-disk encryption software like VeraCrypt do not. VeraCrypt is still suitable for non-operating system disks such as external drives, especially drives that may be accessed from multiple operating systems. -[Learn more :material-arrow-right-drop-circle:](encryption.md##operating-system-included-full-disk-encryption-fde) +[Learn more :material-arrow-right-drop-circle:](encryption.md#os-full-disk-encryption) @@ -501,7 +501,7 @@ These tools may provide utility for certain individuals. They provide functional - ![iMazing logo](assets/img/device-integrity/imazing.png){ .twemoji loading=lazy } [iMazing (iOS)](device-integrity.md#imazing-ios) - ![Auditor logo](assets/img/device-integrity/auditor.svg#only-light){ .twemoji loading=lazy }![Auditor logo](assets/img/device-integrity/auditor-dark.svg#only-dark){ .twemoji loading=lazy } [Auditor (Android)](device-integrity.md#auditor-android) - ![Hypatia logo](assets/img/device-integrity/hypatia.svg#only-light){ .twemoji loading=lazy }![Hypatia logo](assets/img/device-integrity/hypatia-dark.svg#only-dark){ .twemoji loading=lazy } [Hypatia (Android)](device-integrity.md#hypatia-android) -- ![iVerify logo](assets/img/device-integrity/iverify.webp){ .twemoji loading=lazy } [iVerify (iOS)](device-integrity.md#iverify-ios) +- ![iVerify logo](assets/img/device-integrity/iverify.webp){ .twemoji loading=lazy } [iVerify Basic (iOS)](device-integrity.md#iverify-basic-ios)