Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

One way to use secure communications on an iPhone iOS devices
Although the AIM iPhone application works great, the chats are not encrypted. Although iPhone email is great, there is no way to receive or send SMIME email. So, if you are an iPhone user who wants to send a secure message or have a secure conversation with another iPhone user or a computer user what can you do? Without spending a fortune? In fact, doing it for free?

What we did is create a "sharing" IMAP Gmail account with https set as a requirement in the Gmail settings. Then all persons who will need to have the ability to send/receive secure communication get login credentials for this shared Gmail account. (Granted, anyone who has access to this account can read any messages, but we obviously could create other shared email accounts as needed to deal with smaller groups.)

With that set up, when someone needs to send a secure message, they send (via email or AIM) notification to the other parties that they are posting a secure communication. Then, using the wonders of IMAP Gmail, they create a message on the shared Gmail account via an encrypted SSL connection (with no To: addressee ... just to be sure it doesn't accidentally get sent!), and save the message as a Draft. (On the iPhone, to save a draft, you compose a message and then choose Cancel -- it will then ask if you want to save it as a draft.)

Once the Draft is saved, the users who need the message and have the login credentials can access the Gmail account via an SSL encrypted connection from any computer or iPhone. Once they have the info, they then delete the Draft message.
    •    
  • Currently 2.25 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (4 votes cast)
 
[9,696 views]  

One way to use secure communications on an iPhone | 21 comments | Create New Account
Click here to return to the 'One way to use secure communications on an iPhone' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
beware
Authored by: matthiasr on Sep 12, '08 01:57:14PM

beware that you might be making yourself a terror suspect with this - if I recall right one of the groups they took up this year (last?) was using mails deposited in mailboxes as their means of communication.

on the other hand, using encryption alone might be enough nowadays.



[ Reply to This | # ]
beware
Authored by: jehrler on Sep 12, '08 08:06:01PM

Encryption is our preferred method but, to date, I know of no way to encrypt/decrypt on an iphone.

We would be first in line to buy one if it shows up.



[ Reply to This | # ]
beware
Authored by: jehrler on Sep 14, '08 07:55:52AM

Oops, your comment about encryption was not about securing communications but about getting labeled as a terrorist.

Sorry, missed that first time I read it.

It would seem based on the paranoia in these comments that people have become suspicious of doing anything that might enhance privacy.



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: hamarkus on Sep 12, '08 03:14:58PM

So let me get this straight, you trust the SSL connection to Google's servers and you trust that Google won't read your draft e-mails (which by the way they do to be able to show you the right ads) but you don't trust that an e-mail is sent from one gmail account to another because this might run over non-Google hardware and might not be encrypted?



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: jehrler on Sep 12, '08 07:46:57PM

Considering that we use Google Apps, yes, I am OK with this. If I *could* encrypt the files, like we do with Mail, I would but we can't so this is the next best thing.

YMMV



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: rab777hp on Sep 12, '08 03:18:49PM
This was so stolen from that movie Traitor. Give the real person who came up with this some credit. At least say who inspired you.

[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: jehrler on Sep 12, '08 07:48:34PM

Never seen the movie. Know nothing about it.

I searched this site for such a hint and no luck.

Sorry if my sharing this offends you but it was a clean room discovery.



[ Reply to This | # ]
haha
Authored by: solipsism on Sep 15, '08 08:10:40AM

I don't about stealing, but that tactic certainly was used in the movie Traitor (2008).



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: rab777hp on Sep 12, '08 03:21:01PM

Oh- and one more thing, not exactly the best timing and everything, you know, with 9/11 and all.



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: jehrler on Sep 12, '08 07:50:59PM

Jeez.

This is about protecting communications from script kiddies/identity thieves not the NSA.

I think the terrorist are smart enough to use PGP/GPG and to avoid cell phones.



[ Reply to This | # ]
Where is the security
Authored by: piper on Sep 12, '08 06:34:18PM

I'm sorry to be the one to point this out (along with hamarkus), but there is absolutely NO security in this hint. Your connection from your iPhone to gmail's server is secure via https. That's it. Once it is on Google's mail server, though you still own the intellectual property within your email, Google do have access to it.

Plus, according to Google's terms of service, gmail is for personal use only.

This is a non-hint, and does not provide secure communications, as advertised.

If security is important it must be at a cost. If security is important to you, setup your own server and use secure IMAP and SMTP.



[ Reply to This | # ]
Where is the security
Authored by: jehrler on Sep 12, '08 08:16:43PM

*NO* security???

Is that really your opinion??

This is the same as sending a plain text file over the internet?

The same as printing it on a flyer and posting it to a bus stop?

C'mon, it is not *PERFECT* NSA proof security but it is a hell of a lot better than plain text email or plain text chat from a insecure open wifi hot spot.



[ Reply to This | # ]
The iPhone is not "secure"
Authored by: jweill on Sep 12, '08 06:46:02PM
As long as the iPhone takes screenshots of "everything you do,"* lacks support for end-to-end-encryption, and has huge exploits that stay out in the wild for weeks at a time, there won't be anything "secure" about it. There's also the implications of entrusting Google, AOL, and AT&T with your private data.

* http://www.crunchgear.com/2008/09/11/uh-oh-your-iphone-keeps-pics-of-everything-you-do/


[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: jehrler on Sep 12, '08 07:58:28PM

First of all, yes Google has access to the data. I am not worried about Google or the NSA but script kiddies and business espionage.

Try not to let perfection be the enemy of the better.

Second, we are Google Apps users and it is designed and marketed for business (heck, they host our business email accounts). This is NOT a violation of the terms of service. For personal use, the hint still works if you need to quickly send some information to a traveling spouse/child with no violation of service terms.

Third, of course a dedicated secure mode paid mode can be more secure but for family use/small business without NSA/Google worries this works and is cost effective.

Again, try not to let perfection be the enemy of the better.



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: jehrler on Sep 12, '08 08:12:01PM

Y'know, it is sad that there is a whole lot of dumping on this hint.

It is *not* perfection but it is better than any other solution I can find for iPhone communication to another iPhone or computer.

Rather than harping on its short comings, if you *have* a better idea, why not share it!

Trust me, I would *love* to be able to just use smime like we do with Mail or Adium encryption. But, since both of those are MIA I went looking for an alternative. And, all the commenters do is crap on it but offer no real constructive alternatives.

<sigh>



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: raider on Sep 12, '08 11:56:04PM

You don't have to use Google.

Use a more anonymous provider, like hushmail, or something like that - and this solution is even better. Any SSL equipped IMAP email account will work.

The downside is that there is no way to force iPhone mail to ask for a password to access the account. So if someone else picks up your phone, they could open mail and see the messages.



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: jehrler on Sep 14, '08 07:48:17AM

Excellent point. Any SSL IMAP mail provider will work.

Thanks for making that addition!



[ Reply to This | # ]
One way to use secure communications on an iPhone
Authored by: jehrler on Sep 14, '08 08:03:44AM

As for losing the phone, the new 2.1 software has done a lot to alleviate our concerns with the new 10 unlock failures wiping the phone.



[ Reply to This | # ]
LOL like Al Queda
Authored by: macubergeek on Sep 13, '08 12:53:41PM

This is a method that Al Queda was reported to be using!



[ Reply to This | # ]
LOL like Al Queda
Authored by: raider on Sep 13, '08 03:11:35PM

And your point is? What does this have to do with the hint at all?

People might need some "privacy" without being a terrorist you know...



[ Reply to This | # ]
LOL like Al Queda
Authored by: jehrler on Sep 14, '08 07:52:46AM

Wow. I also heard that Al Queda uses cell phones. So, if you own an iPhone you are just like a terrorist. They also use computers so if you are interested in this hint because you have an iPhone and posting from your computer you are doubly like a terrorist. Better tell the NSA.

Nice job the Bush/Cheney fear machine has done on us...



[ Reply to This | # ]