My Ultra-Private iPod Phone 4

My Ultra-Private iPod Phone

At this point in the process, the iPod has been initally setup, and the settings modified to make it as organically secure as possible.  At this point it is necessary to fund the iTunes account.  Even if you only plan to use free applications, the account must be funded before you can download apps.  The smallest denomination gift card you can purchase is $10 (I was unable to find anything below $15).

Setting Up iTunes

First, open the App Store app and click the “Featured” tab (at the bottom of the screen).  Scroll down to the very bottom of the page and tap “Redeem”.  You will be asked to enter your Apple ID password.  If you created a new Apple ID for this project you will also have to enter some additional information.

iPod 12The first screen will ask your country or region, followed by a Terms and Conditions agreement.  The next screen is where I began to get nervous.  You are first asked for your billing information.  You are allowed to choose not to give a credit card number and only use iTunes gift cards.  Scrolling down further, though, you are asked to enter an address and phone number.  I initially tried to enter the gift card number without adding a billing address but this was rejected.  At this point, I got a bit creative; I will not elaborate further.  This information was not verified and I was allowed to proceed.

iPod 13After clicking “Next” I was informed that my Apple ID had been successfully created.  Click Start shopping and go back to the “Featured” tab in the App Store.  Scroll to the bottom and again click “Redeem”.  At this point you will be given the option to use the iPod’s camera to scan the gift card code, or enter the code manually.  Once the balance has been successfully added to your account you can begin shopping.

Downloading & Setting up Signal on the iPod

The first application I downloaded was Signal Private Messenger.  I have written about Signal before and will discuss it more fully in Part 5 of this series.  After downloading your first app, you will be asked if you want your password to be required always, or after 15 minutes of it’s last entry.  Since we will be downloading very few apps on the device, I recommend choosing Always Require.

iPod 14Signal asks you to verify a phone number as soon as you open the application.  Signal will not place calls through this number, but rather uses it as a device verification mechanism, and as a username.  Unfortunately, this requires you have a phone number that is SMS-capable.  Initally I spent $4.99 of my iTunes gift card on Skype.  This was in vain, to get a Skype number I learned that I would have to setup the service on a computer or give Skype a working phone number.  I was willing to do neither of these things.  Instead I used an app called Pinger Textfree.  To be clear, I DO NOT recommend Pinger for any other purpose because of serious privacy concerns.  In this case I used it as follows: set up, allow access to no permissions, receive one text message (to verify Signal), and delete from device.

Setting up Pinger was completely painless.  Open the app and choose your region.  I did not allow Pinger to access anything (including location), so I entered a zip code manually.  I chose one that was consistent with the phone number and address I used with my iCloud account, but am not sure this was necessary. Next, you will be presented with a list of numbers from which you may choose.

iPod 15.1Next, you will be required to create an account.  You must provide an email address and password.  No other personal information is required.  After setup is complete your number is usable to receive SMS messages.iPod 16 Open Signal.  Enter the Pinger number for verification.  Switch into Pinger to receive the verification code.  Switch back to Signal and enter it.  I was very happy to find that I encountered no issues with this whatsoever (I have had a lot of trouble with Google Voice numbers), but this is not a guarantee that it will work one-hundred percent of the time.

iPod 17At this point the iPod is ready to go as a secure communication platform. In order to use Signal, I will have to import phone numbers of other Signal users into my contacts.  Though Signal does not place calls through the phone app, it uses the verification number as a username.  I should also point out there that in order to use Signal for voice communications, you need must have headphones with an inline microphone.  The iPod does not have a built-in mic.  This is an excellent feature from a security standpoint – you don’t have to worry about it being hacked and turned into a bug.  Check out the next post to see my threat models and use-cases for a setup like this!

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Leave a Reply