Mobile devices and security risks
Monday, July 7th, 2008Sometimes when I look back a few years, I become a bit nostalgic about how easy it was back then to keep a mobile device secure. When all a phone did was… well, make phone calls and maybe send and receive text messages, all one needed to worry about was keeping the phone physically secure (i.e. in your hand or pocket). The only connections were to the mobile service provider to establish a voice or SMS connection. Not much could have happened there.
Then came Bluetooth and with it came the first round of security problems. Now why anyone would keep Bluetooth switched on all the time is a bit of a mystery to me anyway (considering the amount of battery drain), but people did come up with sophisticated solutions that would allow reading or changing someone’s address book or even making calls through someone’s phone from quite a few meters distance. Still, it was something that was quite easily mitigated by either switching Bluetooth off (if not needed) or at least making sure it didn’t accept just any connection.
Today all this has changed dramatically. Phones are no longer just phones, they are little computers with most of the capabilities of modern desktop computers and they even have at least equally good connectivity. The problem is that with those capabilities come certain risks – and it seems like parts of the industry are not sufficiently aware of them, and much less the users. It’s either that or they don’t care. Apple for example has come under a bit of fire recently when it failed to provide security updates to the Safari browser for the iPhone.
