Tuesday, May 15, 2012

Cell Phone Hacking is Real

Having purchased two iPhones for Christmas, I was curious about security.  As usual, an internet search revealed just how dangerous of a  world we live in.  In an article published February 11th, 2012, Nicole Periroth writing for the New York Times News Service tells about Kenneth Lieberthal and his travels to China.  “He leaves his cellphone and laptop at home and instead brings loaner devices, which he erases before he leaves the United States and wipes clean the minute he returns.  He disables Bluetooth and Wi-Fi, never lets his phone out of his sight and in meetings, not only turns off his phone but also removes the battery, for fear his microphone could be turned on remotely…He never types in a password directly, because, he says, “the Chinese are very good at installing key-logging software on your laptop.”  In the same article, a McAfee spokesman said if a device was ever inspected at the Chinese border, it could never be plugged into McAfee’s network again – ever!

Let’s see, where do most of our electronic devices come from again?  China.  If the Chinese can do it, then others can too.  IEEE, pronounced “eye-triple-E”, stands for the Institute of Electrical and Electronics Engineers.  They discovered that one in a hundred apps contain malware and that is only the ones where it wasn’t deeply hidden inside programming.  Cyber crime is very real.  A recent calculation by IEEE stated there are 14 cyber crime victims every second or 50,000/hour. A NYTimes article here, gives an idea of the money being spent on security and the dangers lurking for 2012.

An Android developer named Trevor Eckhart recently revealed that Carrier IQ had installed a rootkit that logs keystrokes.  It also reported content of text messages and logged encrypted web searches.  There isn’t a way to turn off the software either.  Carrier IQ’s website has an interesting sentence, “IQ Insight Device Analyzer gives you more than just data:  it provides a visualization of activity at all layers within the device.”

A Wikipedia article on Carrier IQ states there are several pending legal actions against the company.  “AT&T, Sprint, and T-Mobile confirmed it was on their phones.  Apple said it had quit supporting the application in iOS 5…Verizon was the only one to say it was not on their phones”.

Large companies such as Sony are repeatedly hacked.  Their computer security is well paid for and top of the line.  But it happens over and over.  A smartphone is merely a mobile computer.  Let’s face it, we’re pretty much sheep among wolves carrying and using these type devices.  We can, however, be smart about it.   Do your research on security and read up on it.  The United States Computer Emergency Readiness Team (US-CERT) has an article here with several good links.  Ask yourself, Do I really need to download so many apps for my phone?  Keep it to a minimum and only download what you really need.  Keep Bluetooth and Wi-Fi off until needed and then use only with a trusted source.  And always keep your phone and apps updated with the latest software.

We also need to encourage our legislators to enact stiff penalties for cyber crime.  Those penalties should also apply to companies who take advantage of naive consumers.

No comments:

Post a Comment