Our phones have truly become the new personal computer for many of us – in addition to being our primary means of communication we can watch movies, play games and now even enjoy virtual reality experiences on our handsets. But while smartphones are the epitome of modern convenience, the dirty little secret is that these omnipresent devices, which we have with us 24/7, and keep switched on for most of that time, are also a serious threat to our privacy. Here’s why…
A key feature of a smartphone is being able to locate itself, via multilateration to cell towers, or via the integrated GPS chip. This enables features such as tracking distances during running, and map navigation.
This geolocation information can be quite useful, and law enforcement can track a suspect via their phone. Apps also track users, and can use that information to see which retailers the owner of the phone visits, and the time spent there.
Think disabling the GPS on the phone means you can’t be tracked? Guess again, as there are even reports of locating phones via the other sensors, including the accelerometer, barometer and magnetometer.
While disclosing location data may seem innocuous, it is still an invasion of privacy. Furthermore, according to Michael Cobb of Computer Weekly, this data can easily be used to build a profile on a user, which can subsequently be used for a phishing attack.
2. Malicious apps
A great feature about a smartphone is that its functionality can be massively expanded by installing apps, allowing you to build a device with a personalized feature set over time. However, those apps are often not from the most reputable sources – and they may help themselves to more information than is required.
The scary thing is that we willingly provide this when we agree to the app permissions, and we should at least be a little more suspicious why that new game needs access to our contacts, GPS and camera.
It's recommended that you only download apps from more reputable sources, such as the Google Play Store, and steer clear of unfamiliar websites. However, digital security experts RiskIQ found 333 known blacklisted malicious apps at the Google Play Store in a 2017 analysis for the single category of ‘back to school’ apps, so mobile malware is totally everywhere.
3, Wi-Fi tracking
As cellular connections often falter indoors, retailers have offered free Wi-Fi to their shoppers. Eager to stay connected, these shoppers click to accept the terms of service, and are thankful for the connection, with plenty of modern handsets able to use it for everything including phone calls.
This free Wi-Fi connection, while convenient, is too often in reality an invasion of privacy. US department store Nordstrom hit the headlines when it emerged that it was using a service known as Euclid Analytics to track shoppers. Via the free Wi-Fi, Euclid can determine which departments the shoppers have visited and how long they spent there. While Nordstrom reportedly no longer uses Euclid after a shopper backlash when the tracking came to light, Forbes reports that more than 100 other retailers use their service.
4. Lack of antivirus software
In this day and age, just about everyone accepts that the OS on their Windows or Mac PC needs some additional security, and so they download and install anti-virus software.
The necessity of antivirus software is not as clear to most smartphone users, and this is borne out by lower adoption rates of antivirus software on a smartphone compared to full-fledged PCs, despite the amount of personal info many of our phones contain and have access to – 61% of us use mobile banking on our smartphone.
The Google Play Store isn't consistently helpful either, as there are even fake antivirus apps, that are really disguised malware. Be sure to only install genuine antivirus software on your device, and check out some of our recommended antivirus picks.
5. Your camera could be watching you
Smartphone cameras are a great convenience, and embody the statement that the best camera is the one that you have with you.
Smartphone cameras are also a security risk, however, as they can be activated and used to spy on the owner. Notorious hacker and author Kevin Mitnick explains that this can be done by either installing software on the phone via physical access, or by using the preferred method of security services, via a remote exploitation.
6. Microphone eavesdropping
Every smartphone has a microphone, and it's another security risk. While the main concern may for many of us may be someone eavesdropping on private conversations, microphones also can be used for data collection.
For example, the company Alphonso uses smartphone mics to record the ambient noise of the owners' environments, and then creates a database of TV shows that a phone’s owner has watched, which it then sells this data to advertisers hungry to target ads to those users.
7. Lack of security patches
Weekly security patches are a fact of life for Windows users, but when it comes to phones, while things are better for iOS and the Apple camp in general, there's a lack of updates for Android, and not everyone will be running the latest version of Android at a given time.
This has to do with a lack of support in the Android camp, both from the phone manufacturers, as well as the wireless carriers, neither of whom have any incentive to do anything other than sell users something new and shiny.
Not only does an OS go out of date, security updates are also lacking. According to Adrian Ludwig and Mel Miller of Google’s Android Security Team“About half of devices in use at the end of 2016 had not received a platform security update in the previous year,” and therefore should be considered insecure devices.
8. Beware the backdoor
Most of us would worry about what the government could do if had a ‘backdoor’ into our smartphone, and could access all of our data whenever it wanted to, and this issue became a battle royale when the FBI demanded that Apple help it circumvent an iPhone's security in the wake of a terrorist attack in 2016.
In 2018, the concern is that the Chinese have engineered a backdoor into smartphones from two manufacturers: Huawei and ZTE. This growing uncertainty has led the directors of six US intelligence agencies, including the FBI, CIA and the NSA, to recommend that Americans do not purchase smartphones from these manufacturers during official testimony before the US Senate Intelligence Committee. The concern is that users' data could be shared with a foreign government via a backdoor.
- Security Week by TechRadar Pro is brought to you in association with CyberGhost.