As we wander around with our smartphones glued to our lives, most of us don’t realize how fragile the relationship really is with this device.
You may very well have your diary, wallet, phone, social support system (facebook), and best friend all wrapped up in one piece of hardware.
One slip and it’s all toast.
Your diary is hidden under the mattress. Your wallet is securely tucked in your jeans. Your best friends follow a well-established code of conduct. These are all well-established, important relationships with safety built in.
Phones are different: we give them all our trust, but don’t keep them safe. It’s all too easy to leave your smartphone on the counter at the local coffee shop, or to install a new free game—not knowing that it was written in a cyber crime lab overseas. It’s easier than ever to screw up in a big, big way.
Smartphone security disasters come in many forms. Given my security background (and honestly, my circle of friends and relatives) I think I may have seen every smartphone mistake possible.
For your entertainment, education, and help in avoiding a big ‘Hack me, please’ sign on your back, I’ve included my top five smartphone “please hack me” mistakes.
1. Download apps from unverified sources.
Whether you know it or not, every app on your smartphone is a potential security risk. A well-meaning app treats you fair, while a malicious app might be recording your keystrokes, accessing your contact list, and signing you up for expensive services you never wanted. Every app is a potential risk, but the ones you download from unauthorized sources are far riskier. Either play within the lines (authorized Apple, Google, and Microsoft app stores) or risk an unexpected friend sharing your smartphone with you.
2. Jailbreak your smartphone.
There seems to be some appeal to be the guy at lunch who holds up his smartphone and brags that “it’s jailbroken” (modified to bypass the original security features). I always think of this as the geek version of, “Hey, y’all, watch this!” There’s a reason to trust Apple, Google, and Microsoft’s security decisions: they made some very specific design decisions to help keep us safe.
3. Going smartphone commando — no passcode.
Think about the embarrassment of having a bunch of high school students sitting around their lunch table wandering through your smartphone! This would be very easy to arrange. Giving a stranger access to your email and facebook are bad enough, but what about the apps that are linked to your credit card? And let’s not forget about the liabilities from having corporate email and documents accessible. You will misplace your smartphone sometime in the future, so why make it easy for someone else to use it? (Fun fact: 62% of smartphone users do not use password protection on their smartphones, according to Javelin Strategy & Research)
4. Pride goes before the fall.
Feeling secure in their passcode and safely chosen apps, many people wind up storing all kinds of private, secret, and embarrassing things on their smartphone. The good news is that the average bear will be thoroughly thwarted by a passcode-protected smartphone. The bad news is anyone serious could still break in in less than 30 minutes. Remember: there’s no such thing as a 100% secure smartphone.
5. Skip OS updates.
It’s a cyber war out there. Hackers figure out new ways to compromise smartphones, and then new operating system versions are released to neutralize the vulnerabilities. When Apple, Google, or Microsoft sends out a new OS update, it almost always means they have discovered and fixed a security problem. The more updates you skip, the more likely you are to get hacked.
Five years ago smartphones didn’t exist. We’re still learning how to integrate them into our lives responsibly and safely. We need to be aware and respectful of the fact that we’re investing a tremendous level of intimacy and trust in these devices—and make smart decisions to keep our data safe. Above all else, remember this: there’s no such thing as a 100% secure smartphone.