If it falls into the wrong hands, it could
cause you plenty of trouble
I love
my iPhone but I always look at it with deep suspicion. It probably knows more
about me and my secrets than my puffy pillows. It could even betray me.
Blame
it on Steve Jobs but I assume I'm not alone. Most of us have fallen prey to the
modern digital world to the point of no return – as we take for granted the
increasing number of things we can do with our smartphones, we expose ourselves
to bottomless risk, knowingly, unknowingly or simply without regard. The amount
of information that is contained in the average smartphone can include bank
details and other personal data that would be highly profitable to the wrong
person who might pick up your phone where you forgot it.
The
fact is that they may not even need physical possession of your phone. Consider
the extent of what a smartphone can do, based on a true story of what actually
happened at several McDonald's restaurants in Australia between 2010 and 2011.
Suspects
broke into the restaurants and stole the spare hand-held EFTpos units, which
are point-of-sale terminals commonly used in Australia and New Zealand to
process debit or credit card payments – similar to the Octopus card-readers
that are used in Hong Kong.
The
stolen devices, modified with a card skimmer, local storage and Bluetooth
transmitter, were then secretly returned and placed at the cashier stations.
Every card swiped on these units from then on had their details including the
PIN number stored and transmitted via Bluetooth to the smartphones of the
suspects who regularly showed up as customers.
As you
could have guessed, the stolen details were promptly sold via the Internet and
huge bills were quickly footed on them.
Imagine
the damages had these EFTpos units also accepted payments from smartphones
equipped with Near Field Communications, ie. NFC-enabled smartphones, which
have been introduced in Japan, Korea and the US and are expected to take off
further when Apple Inc. equips the iPhones with its newly patented iWallet app
in the very near future.
All the
personal data on your smartphone could thus be transmitted to the scamsters,
perhaps sitting beside you at the restaurant.
“For
some reasons mobile phones have become so embedded into our daily use that
little thought is given to the type and amount of information we store on
them,” said Adam Stafford, a mobile phone forensics expert with the accounting
firm BDO in Western Australia.
Stafford,
a former officer with the Police Computer Crime Squad in Western Australia,
recalled how some criminals paid the price for having the odd habit of taking
photographs of their prized assets. For example, criminals caught for
possessing weapons were found to have posed for smartphone photographs of them
with their marijuana plants. With the help of the “location service” on the
phones, the police had a home run.
So what
exactly is mobile phone forensics?
In the
same manner that law enforcement and investigators find evidence through
computer forensic techniques to retrieve data on computers, including deleted
data, the same can be done these days on smartphones. This is largely due to
the convergence of technologies as mobile phones increasingly perform and even
replace what we used to do with our computers. Although the file systems in
mobile phones are not as organized as computers and can vary from phone to
phone and the data recovery process may be more complicated, nevertheless
recovery is increasingly possible.
The iPhones,
the least secure for their owners, are the dream of mobile phone forensic
experts, followed by Android phones and Blackberry, according to Stafford. The
traditional mobile phone, with few additional capabilities other than SMS is
the most secure for consumers.
But why
should anyone care what mobile phone forensic experts can do if they have no
skeletons in the closet? After all, not everybody lives in the CSI world.
The
“I'm nobody” and “nobody is interested in my personal data” attitude is,
unfortunately wrong -- and common considering the popularity of social networking
platforms like Facebook and Twitter. “I think rather than be concerned about
mobile phone forensics, people possibly should be concerned about the amount of
information retained on mobile devices that they are not aware of,” said
Stafford. “Some mobile phones retain a log of activity that cannot be viewed on
the phone and cannot be deleted. However forensic software may recover this.
Some phones maintain a database file of text messages that includes messages
which have been ‘deleted’.”
One
should be even more concerned when some Apps on smartphones are “intrusive” and
put private data at great risk. These apps may have terms and conditions
spelled out, including what kind of private data they access and retain but the
developers behind the apps usually opt to ease users’ concerns by assuring them
the upgrades or downloads were all meant to provide a “seamless experience,”
two comforting words that would usually be sufficient to prompt users to
overlook the fine print and jump right into the program, ignoring the risks to
their private data once they were uploaded to the servers of the software
developers.
There
are now some 6 billion mobile phone subscribers in the world, equivalent to 87
percent of the world population, with annual 30 percent growth led by countries
like China and India.
And
mobile phone usage in China is widespread with text messages, QQ and Weibo
commonly used for social networking and business communications. On the eve of
Chinese New Year earlier this year, almost 1.9 billion text messages were sent
in Beijing and Shanghai alone.
“As the
mobile phone becomes smarter and faster, it also carries an abundance of
evidence not available elsewhere,” said Rio Lam, principal and computer
forensic specialist with BDO in Hong Kong, who noted a common practice in China
whereby salesmen and businessmen often use QQ or text messages to conduct
business transactions such as placing sales orders, giving quotes and product
information and even negotiating deals.
“From
the perspective of an investigator, it makes it very tempting to examine the
target individual's mobile phone to collect evidence in an investigation.”
With
tablet computers like the iPad increasingly popular and primed to overtake PC
sales, we will have to be even more careful with the way we use and manage our
handheld mobile devices.
Vanson
Soo
Asia
Sentinel
Do’s
and don’ts for your iPhone
-
Pay attention to the
terms and conditions when installing apps. Read them before you click “Allow”.
-
Download only those
Apps that are from known legitimate sources. Jailbreak at your only risk.
-
Beware of the
information you may be giving out for free to the App developers.
-
Remove all unwanted
data on a regular basis.
-
Update the OS as soon
as its released or available.
-
Disable Bluetooth and
WiFi if you don't use them. It will not only save battery but make your phone
“invisible”.
-
Keep physical control
of your phone at all times. Many apps do not allow password protection and your
personal data may be exposed and manipulated if the phone fell into the wrong
hands.
-
Always use a screen
lock.
Source: BDO
Business & Investment Opportunities
YourVietnamExpert is a division of Saigon Business Corporation Pte Ltd, Incorporated in Singapore since 1994. As Your Business Companion, we propose a range of services in Strategy, Investment and Management, focusing Healthcare and Life Science with expertise in ASEAN. We also propose Higher Education, as a bridge between educational structures and industries, by supporting international programmes. Many thanks for visiting www.yourvietnamexpert.com and/or contacting us at contact@yourvietnamexpert.com
No comments:
Post a Comment