[GLLUG] Smart Phone Security
clay at lazarusid.com
Fri Apr 4 16:50:47 EDT 2014
On 04/04/2014 02:19 PM, Chick Tower wrote:
> I don't own a smart phone. I don't want a smart phone. I read
> frequently about how they are easily exploited and often just give
> away your information. At last night's meeting, I asked how smart,
> security-conscious Linux users can trust their phones, and the answer
> I received was a universal "I don't trust my smart phone." Does
> anyone else know of any ways to safely use a smart phone (your own,
> not a borrowed one)?
> I was also told of a method thieves are reportedly using to find
> houses to burglarize. They break into a car at some event that will
> last a while (I think the Silverdome was mentioned), use the car's GPS
> to find home, and go there, knowing at least some of the occupants are
> gone. So maybe programming "home" to be somewhere else nearby is a
> good idea, if you don't want to drive a car without a GPS like I do.
The device isn't to be trusted, and shouldn't have sensitive information
on it. Among other things, it's really easy to leave a phone somewhere,
or have it stolen. Like all cell phones, smart or dumb, it's hackable.
The FBI, or anybody who has a bit of savvy, can use your phone as a
listening and tracking device. Even the cheapest of phones will divulge
location information when properly probed, and the microphone can be
turned on. But again, your cheap brick phone is just as vulnerable to
this attack as a smart phone.
Putting sensitive information on a phone isn't a good idea, because it's
an electronic device that can be compromised. But the risk isn't
significantly greater than the risk you run from carrying around your
wallet, which is full of sensitive information and entirely susceptible
to the five finger discount attack.
More information about the linux-user