Recently the leading smartphone maker made the news for refusing to turn over backdoor access to their mobile devices to a federal agency.
The reality is that mobile devices are already easily compromised. A major gap in mobile device security is the administrative access that must be granted when certain applications are installed. Email clients standout since almost everyone reading this has Outlook and other pop3 or IMAP hooks into their phone.
You may only get a brief acknowledgement to grant this access when installing such programs but it provides a huge security gap for bad actors.
Modern spyware leverages this administrative access to take control over your microphone, camera and calendar and location services.
If you are an Apple user there is a distinct lack of 3rd party software to protect you because iOS is locked down at the folder level.
Android devices grant the user more access at the folder level and are easier from a software development standpoint to build security products for.
Here are some best practice things you can do to protect your privacy.
Pay attention to your smartphone
Compromised devices will behave strangely when being remotely accessed. The older generation Apple devices may chirp and briefly display the lock screen for no reason. Ever hear your phone chime while charging?
Don’t click links in email from unknown or untrusted sources. Spyware software is often embedded in links and tiny urls. While the link may lead you to a legitimate site the spyware is granted permission to install by your administrative acceptance of clicking the link.
Smartphones may become inexplicable warm when being remotely accessed or drain the battery when your device features such as microphone are remotely enabled. A popular exploit is to enable the microphone whenever your calendar shows you are in a meeting.
Check to see if you have enabled background programs such as GPS apps or accelerometer-reliant programs for legitimate sources of this problem. But in the absence of such programs you should take note of excessive heat and battery use. Obviously hunting for a tower or wireless signal contributes but a phone that suddenly or oddly starts become warm in locations where it wasn’t before should be looked at.
Turn off Location services for any application that does not absolutely need it. Opt out when possible when new applications request it.
Install trustworthy security software when possible.
Work and Personal Usage
Separate work and personal email and usage on different devices. If you don’t need your Groupon offers on the same phone as your work email then we advise disabling one or the other.
Consider using webmail instead of discrete mail applications on your mobile devices.
For Android users direct attachments to be stored on SD chips instead of your internal storage.