News @ AsiaOne

Your phone's secure? Think again

Other Samsung devices, such as the Samsung Galaxy S II and Galaxy S, were said to be vulnerable, too. -myp

Mon, Oct 01, 2012
my paper

Smartphone arrogance is something I can tolerate. But I can't stand smart alecs who think their smart devices are absolutely secure.

And, going by reports last week of a security hole that allows hackers to wipe out data on many Android phones, as well as other worrying mobile- security news, these smart chaps don't look so smart any more.

It surfaced earlier last week that a bug in the new Samsung Galaxy S III allows a hacker to reset the phone to its factory settings - erasing data such as contacts and photos.

That is possible if the phone is used to visit a webpage in which hackers have inserted a simple string of 11 characters and symbols.

Other Samsung devices, such as the Samsung Galaxy S II and Galaxy S, were said to be vulnerable, too.

To make matters worse, the wipe-out code was circulated online - hackers can use it to wreak mass destruction easily.

But it doesn't stop there. Security researchers are now saying that the problem isn't with Samsung but, rather, the Android mobile operating system.

Many other Android devices have been identified to be at risk, including those by Sony. HTC and Motorola reportedly suggested that their phones aren't affected, contrary to what some researchers claim.

The good news is that Android devices updated in late June are spared the bug. But that still leaves, possibly, a great deal of gadgets.

How to know if your Android phone is at risk?

One researcher put up a site (http: //dylanreeve.com/phone.php) that allows a user to check if one's phone is in the cross hairs of a trigger-happy hacker.

And, if it is a sitting duck, update your Android phone and check with handset makers for fixes.

Still, if you've just updated your phone or aren't an Android user, don't get too comfy yet.

The latest phone scare isn't the first, nor the last.

And, with phones increasingly oozing superior computing capabilities, you can expect associated computing-security woes to follow.

Attacks you're used to seeing on computers to scam you of money and the like are making their way to mobile devices, say IT-security experts.

And Android is the most desirable mobile OS for hackers.

Early last month, IT-security firm McAfee released a second- quarter report showing how mobile malware skyrocketed this year.

There are about 13,000 types of mobile malware in its database so far this year, outstripping the nearly 2,000 for last year.

The report added that "practically all new mobile malware was directed at the Android platform". Over eight in 10 of all mobile malware made were for Android.

That is followed by Symbian at a very distant second.

One reason is that the Android store for apps, called Google Play, is not as highly vetted as those for iOS or Windows Phone, going by reports.

Also, Android's open nature makes it easy to get apps, including malware disguised as legitimate software, from other sources besides Google Play.

iPhone users shouldn't be gloating though: The first iOS malware to make its way into the App Store was reported in July. The malware, dubbed Find & Call, milks contacts from a phone and spams them.

While the bad apple was removed, it shows that even the seemingly impenetrable aren't completely secure.

What can you do about the mobile-malware deluge headed to a smartphone near you? Stop thinking your phone is invulnerable to computer-security woes.

The same habits for using the computer - such as not opening suspicious files, links or webpages - should apply even if you're using a phone.

Update your phone to plug security holes and, for those who are more wary, using a security software from a reputable provider might not be a bad idea.

You might want to back up vital phone files and contacts, too.

There's, of course, the simpler method of going back to cheap, light, svelte and drop-resistant feature phones that can only make calls and send text messages.

Just remember to leave inflated egos at the door.

kennyc@sph.com.sg


Get my paper for more stories.

 
 
 
Copyright ©2011 Singapore Press Holdings Ltd. Co. Regn. No. 198402868E. All rights reserved.
Privacy Statement Conditions of Access Advertise