Thu 3 Mar, 2011
Tags: cybercrime prevention, hazard, mobile security, safety, security
Mobile devices offer a powerful platform for business and social applications. The ubiquity of the handsets combined with the continually increasing power of mobile chipsets–today’s smartphones have at least as much computing oomph as the business desktop systems of ten years ago–has lead to a vibrant marketplace of mobile apps for any conceivable purpose. A significant amount of money has been invested in these platforms–and where there is money, there is crime. Accordingly:
- Make sure you understand what the app you’re installing requires. The Android platform is particularly good here; each app lists what it has access to, so there are no unwelcome surprises. If you should choose to go outside the official marketplaces (whether by unlocking your phone, in the case of the iphone, or by enabling the “install third-party apps” for Android), you lose the ‘official’ vetting. The creators of the OS have a very vested interest in ensuring that hostile software does not end up on users’ handsets; they want their markets to appear “safe.” For the most part, this does work, although Apple’s app market has had some problem with:
- Counterfeit apps. You can generally identify these as being at a lower price point than the authorized app–possibly even offering the full functionality of the paid version of an app for free. While most of the time these do not end up in the official app markets, it does pay to be careful in case one sneaks in. Counterfeit applications have been known to play host to a variety of hostile software, some of which may end up costing you a significant amount of money.
- Even if the counterfeit app does not contain hostile software, it may contain a weakness through which others can extract your personal information. The real versions, those that the developer is paid for, are generally kept fairly well updated; it’s in the developer’s best interest to fix bugs. The same maintenence does not extend to the counterfeit versions.
- Be careful with geolocation features. Foursquare may give you a discount for being the ‘mayor’ of a location, but if you continually check in everywhere, then anyone can find out where you are. Most people will likely not be too concerned, but those people in a law enforcement or military capacity may want to exercise extra care.
- Likewise, turn off the geotagging feature in your handset’s camera, especially when sharing the pictures with others. There may be no obvious danger in sharing a picture of a funky face you’re making with friends, but if the location is embedded into the picture’s properties and there’s something appealing in the background, burglars have been known to look for these sorts of things.
- Handsets are small and valuable, and can potentially be stolen. Most app markets have at several apps that allow the handset to be tracked via GPS if it should be lost or stolen. They can also lock down the handset and make it unusable.
- Handsets are also relatively fragile. Consider setting up a backup of your information, so that you can still access it if something happens to the handset. This is less a concern for Android OS phones than others; many of their applications synchronize your data with an online repository, if you allow them to do so.
- Mobile antivirus products have begun to appear; consider installing and using one of those.
Naturally, all of the general safety tips still apply. Much of the hostile sofware thus far has been focused at either extracting personal information or causing the hanset to spend money without your intervention–at least, so far. A likely further avenue that the developers of this software will take is the ‘ransomware’ trick–encrypting your data, with the decryption key available only after payment; taking backups on a regular basis, as mentioned above, as well as being careful which software you install, makes you functionally immune to that trick beyond some mild inconvenience.