Smartphone lost - Privacy gone

Who doesn't own an iPhone, Android or Blackberry mobile phone today? Lucky you if you don’t! In previous issues (Issue 06/07, 2012 and Issue 32/33/34, 2011) we have pointed out their lack of security. But what happens if you lose your smartphone or it gets stolen?

 

Today, a smartphone clones your personality into the digital world. Your phone archives all your emails and messaging communications with your family, friends, peers and colleagues; contains photos and videos of the top moments of your life; holds your favourite music and movies and zillions of other bits of personal information stored in the apps of your choice (like GPS information of your jogging paths, a vault of your passwords, access to your Facebook or Twitter profiles, bank access information, flight and hotel bookings). In the future, your phone might also be used for making payments in shops.

Have you ever thought of how you would feel if you lost your smartphone or it got stolen? Naked? As I now know everything about your friends and your secrets. Ashamed? When I make your private photos public. Embarrassed? As I scoff at your weird taste in music. Helpless? Once I use your SIM card to call my friends in Australia.

There is no silver bullet for mitigation. The most easy prevention is of course disabling unused features and refraining from storing too much information on your smartphone. Back up its contents regularly and purge unnecessary data and photos. Also reduce the retention depth of your local mail box so that older mails get purged automatically. Note that there is a possibility to wipe your mobile phone remotely if it gets lost or stolen*. Finally protect your mobile phone against unauthorised access by locking it with a PIN code or swiping pattern.

And while you are at it: What about your laptop(s)?

For further information, please check our web site or contact us at Computer.Security@cern.ch.

*The CERN Mail Service provides a possibility to wipe your phone remotely. The option is available from the CERN webmail interface and you can get more information here. Note that on recent smartphone devices (iPhone, Android, etc) the “wiping process” can remove all data (pictures, music, applications etc) and restore factory settings.

by Computer Security Team