Slashdot Mirror

← Back to Stories (view on slashdot.org)

Smartphone As Your Most Dangerous Possession

Posted by timothy on from the keep-that-thing-away-from-my-family dept.

Hugh Pickens writes "CNN reports that now that smartphones double as wallets and bank accounts — allowing users to manage their finances, transfer money, make payments, deposit checks and swipe their phones as credit cards — smartphones have become very lucrative scores for thieves and with 30% of phone subscribers owning iPhones, BlackBerrys and Droids, there are a lot of people at risk. Storing a password and keeping your phone locked is a good start, but it's not going to protect you from professional fraudsters. 'Don't think that having an initial password set on your phone can stop people from getting in there,' says Nikki Junker, a victim advisor at the Identity Theft Resource Center. 'It's a very low level of protection — you can even find 30-second videos on how to crack smartphone passwords on YouTube.'"

30 of 154 comments (clear)

  1. I do not think that word means what you think it d by Amorymeltzer · · Score: 5, Funny

    I believe you mean "risky" not "dangerous." The most dangerous item I own is probably a knife.

    --
    I live in constant fear of the Coming of the Red Spiders.
  2. And how many people actually protect their phone by hsmith · · Score: 5, Interesting

    With passcodes, setting the phone to wipe on a few failed tries? Almost everyone I know lacks a passcode on their mobile device - giving anyone the freedom to dig into their personal lives. I just don't think people realize what a risk it is at all.

    I'd also like to know which devices can be cracked in 30 seconds. With iPhone 4's full device encryption, I don't see how the key can be cracked in under 10 tries before it would wipe itself. But, I'd like to know.

  3. The power of technology.... by cold+fjord · · Score: 4, Insightful

    It continues to make almost everything more convenient, including ruining you.

    --
    much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
    1. Re:The power of technology.... by fermion · · Score: 2
      We need to be aware of the security risk of the instruments we use. That said more advance and abstract instruments are not necessarily more risky. For instance in a barter system we might use goods, but have the risk of those goods losing value due to decay or market forces. We might say a objective measure such as gold could be secured, but not against inflation. Gold has not kept up with inflation for most fo the past 35 years.

      So maybe we have currency which can also be lost, stolen, and has no protection against inflation. So we use bank accounts and saving accounts with can secure money against loss due theft and inflation. But we use checks to get the money, and check can be stolen and used. We can stop checks, but that is no guarantee, and it is our money we are spending.

      Credit cards then come, in which we spend others money. We can let our assets gain interest, and spend other assets. We pay more for product, but do not risk our money. Even if we lose the card, and charges get made, it is not our money.

      So what does this have to with the telephone. Telephones hava an added bit of security with an access code. Telephones can be remote wiped, unlike credit cards or checks. Around the world telephones are being linked to store valued accounts which allows user to more securely use and transfer monies.

      I do not use my phone for money, and I do not use any of RFID technologies, but I was raised on credit. This is the same as some people who were raised on checks not using credit cards. But to say that phones will inherently lead to less secure behavior or less responsible behavior is not supported by facts. It all has to do with education and custom.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    2. Re:The power of technology.... by couchslug · · Score: 2

      "It continues to make almost everything more convenient, including ruining you."

      Freedom of choice includes the burden of making wise choices.

      --
      "This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
  4. Re:Security of a smart phone by CharlyFoxtrot · · Score: 5, Insightful

    The security on a smart phone isn't any worse (in many cases better, even) than that on most people's personal computers. The OS question is irrelevant, the big difference is that it's much easier to gain physical access. Just be vigilant and be have a plan ready to immediately block all access if you do lose your phone.

    --
    If all else fails, immortality can always be assured by spectacular error.
  5. It Can Get Worse... by IonOtter · · Score: 2, Interesting

    Throw in one of these, and you're looking at truly ridiculous amounts of pain if you lose your phone.

    --
    [End Of Line]
    1. Re:It Can Get Worse... by neumayr · · Score: 3, Insightful

      (Took a little while to recover from that ridiculous commercial)
      Seems like that device is made to accept credit card payments, not to pay people with credit cards. How does that make losing ones phone any worse than it already is?

      --
      Truth arises more readily from error than from confusion. -Francis Bacon
  6. Re:I do not think that word means what you think i by corsec67 · · Score: 4, Insightful

    You don't own a car? That is probably the "most dangerous" class of item that people own.

    --
    If I have nothing to hide, don't search me
  7. i'm kind of a big deal by FuckingNickName · · Score: 2, Informative

    The late '90s were a zenith of Western society, a fair balance of regulation and freedom; technology and tradition.

    Now the government's breathing down everyone's neck while they're neatly distracted by thinking they're such a big deal that they need to be contacted at every minute of the day or night.

    Minimise your shitty gadgets. Do only what needs doing. Relax a little. If you think you need to bank from your 'phone, you're doing life wrong.

    1. Re:i'm kind of a big deal by The_mad_linguist · · Score: 3, Insightful

      Fifty years later, their civilization was, practically speaking, destroyed.

      Just saying.

    2. Re:i'm kind of a big deal by epine · · Score: 2

      The late '90s were a zenith of Western society, a fair balance of regulation and freedom; technology and tradition.

      You've got to be kidding. This ranks right up there with Jody Foster defending Mel Gibson as "not such a bad guy to work with" while the Russell Williams story was breaking in Canada. He was a great guy in the office, too, but had defects in other life aspects.

      You cleverly post this right after I finish reading a long treatise on the nutter-of-the-moment and his trigger words.

      Looking Behind the Mug-Shot Grin of an Accused Killer

      One sentence (nice touch with the semicolon) before you spout on the G-word. Plus you're potty mouth to no useful effect.

      But let's argue the point. If the late 90s was a zenith, it was the kind of zenith that ought to include a parachute, but doesn't, or the parachutes are fabricated in metal: gold for the precious few, lead for everyone else. Nortel stock needed a parachute *and* a heat shield *and* a giant sofa cushion.

      I just finished watching the movie Moon. There's a character who throws up in his space suit. His slashdot nick was Ralph Nadir, cause throwing up in a space suit is a *bad* day at the office. How did you pick your nick?

      Or am I not giving you enough credit all around, and you're actually talking about the late 1890s?

    3. Re:i'm kind of a big deal by FuckingNickName · · Score: 2

      Your drunken post was very difficult to read. Are you countering by pointing out that some tech stock was overvalued? Maybe you're young/selfish enough that it's the sort of thing which you consider the height of importance, but perhaps you ought to concentrate on the freedoms and opportunities people enjoyed.

  8. Re:I do not think that word means what you think i by Anonymous Coward · · Score: 5, Funny

    I don't own a car, but I do own a lightsaber. Not as clumsy or random as a car; an elegant weapon for a more civilized age.

  9. Freakonomics by sakdoctor · · Score: 2

    Semantic quibble, which comes down to people's ability to asses risk. Guns vs swimming pools.
    The point is, the phone is a terrible choice for security related matters, because it wasn't specifically designed to be an e-wallet from the ground up.

    You can never, ever just bolt-on security.

    1. Re:Freakonomics by Arthur+Grumbine · · Score: 2

      You can never, ever just bolt-on security.

      Wait - Isn't that exactly what we do with doors?!

      --
      Now that I think about it, I'm pretty sure everything I just said is completely wrong.
    2. Re:Freakonomics by CharlyFoxtrot · · Score: 2

      Yeah but there's a difference between putting a bolt on a glass door or on a steel reinforced one.

      --
      If all else fails, immortality can always be assured by spectacular error.
    3. Re:Freakonomics by mlts · · Score: 3, Informative

      If I stuck a deadbolt cylinder on a hollow core door used for internal rooms, someone could easily kick it in without a moment's thought.

      If I stuck a cylinder on a European lock that had multipoint locking, a solid jamb that uses steel rails that are sunk into the foundation, it would require a hydraulic ram to open it.

      Similar with phones. If I stuck a PIN on an open device, there would be ways to get around it. However, if the device was built from the ground up with encrypted filesystems, keys in a secure RAM partition, and anti-brute force code where PIN guessing resulted in longer delays, and eventually a complete zeroization of the device, the same PIN that might be worthless on one device may adequately protect another.

      One can see this when comparing a TrueCrypt keyfile stored on a cryptographic token (or an IronKey) compared to one stored on a generic USB flash drive. After try #20 with the USB flash drive, it doesn't matter, especially if one just copies the cyphertext to another image to protect against self destruct software. The same data stored on a hardware device using hardware encryption will be long gone before attempt #20 could even be made.

      A 4 digit PIN can be excellent protection, or it can be a joke depending on how the device is architected.

  10. Re:And how many people actually protect their phon by Space+cowboy · · Score: 2

    The risk appears to only be for Android phones, because the swipe-to-unlock leaves smudges that can be visually decoded to tell the thief the "password". I can't see how this security vulnerability affects iPhones with their tap-based passcode.

    And yes, I have a passcode on my phone. It takes about a day for the annoyance factor to dissipate, and IMHO you're nuts not to have one.

    Simon

    --
    Physicists get Hadrons!
  11. Re:I do not think that word means what you think i by ifiwereasculptor · · Score: 3, Insightful

    You don't have to reload a station wagon on a crowded sidewalk...

  12. Re:I do not think that word means what you think i by BrokenHalo · · Score: 3, Interesting

    Sorry, I thought it was people, not guns, that were dangerous.

    Well, that's true. Any suitably light-fingered individual is well qualified to attempt to lift my phone out of my front pants pocket, provided that they don't mind taking the chance that I might smash their brains in.

    But then I personally think it's incredibly stupid to put any kind of financial details on anything that is so easily and casually stolen. I don't even leave such information lying around (at least in a form that is worth the trouble of attempting to decrypt) on my computers at home where I can guarantee a larger degree of security.

  13. Re:And how many people actually protect their phon by YouWantFriesWithThat · · Score: 3, Informative

    android phones have numeric or alphanumeric passwords that can be enabled as of version 2.2

  14. I knew it by Nihn · · Score: 2

    I'm not dumb enough to place any form of important info into ANY device connected to a network. Privacy can not be maintained when so many people have access to the servers and software directly connected to your smart phone or computer. I remember when phones made phone calls...and that was it. No ring tones, no aps, just a basic fully functioning device use to communicate with others. Now people are shocked that the "smart" phone is considered a prize to thieves. It's a key to the bank you use and you keep it under your door mat...what did you think was gonna happen. If people want security then use the brain you were given to memorize said info...and don't say some people can't. Information of utmost importance can be retained and locked away behind lies and deception and can not be stolen without the owners participation. (see social engineering) Phones makes no judgment on who is holding it and will open itself to whoever wants in. So the reality of the matter is people who are foolish enough to place personal info into a network deserve being ripped off. Jump into a fire, you will get burned. Simples.

  15. Re:I do not think that word means what you think i by TheRaven64 · · Score: 5, Funny

    Sorry, I thought it was people, not guns, that were dangerous

    True, but since the 13th amendment passed you're not allowed to own any people, only guns.

    --
    I am TheRaven on Soylent News
  16. Re:I do not think that word means what you think i by FooAtWFU · · Score: 2

    Generally speaking, guns almost never kill people.... bullets, on the other hand, are another matter.

    --
    The World Wide Web is dying. Soon, we shall have only the Internet.
  17. To avoid smudge, make the keys move randomly by TimFreeman · · Score: 2

    If the keys moved around randomly on the screen at the beginning of typing the password and after typing each character, the positions of smudges on the screen would not give any information about the password. (Yes, this does have an obviously funny reply. Not sure how to upstage it from here. Go ahead and say it, then.)

  18. Re:I do not think that word means what you think i by lennier · · Score: 2

    You, sir, are clearly not a lobbiest for the Banking industry.

    No, but he's lobbier than most.

    --
    You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
  19. Re:I do not think that word means what you think i by RogerWilco · · Score: 2

    I think you underestimate what one can do with a car.

    See for example the Queensday attack in the Netherlands almost 2 years ago:
    http://www.spiegel.de/international/europe/0,1518,622342,00.html

    5 people dead at an event with about the highest level of security that you could find in the Netherlands at the time.

    --
    RogerWilco the Adventurous Janitor
  20. Re:I do not think that word means what you think i by turbidostato · · Score: 2

    "Generally speaking, guns almost never kill people.... bullets, on the other hand, are another matter."

    Bullets? Nah... It's not bullets what's dangerous, it's the speed they come with.

  21. Re:I do not think that word means what you think i by Fjandr · · Score: 2

    It's not even the speed. It's the inertial delta of the bullet and [part of] the person.