Book Image

Mobile Security: How to Secure, Privatize, and Recover Your Devices

Book Image

Mobile Security: How to Secure, Privatize, and Recover Your Devices

Overview of this book

The threat of hacking may be the most damaging on the internet. Mobile technology is changing the way we live, work, and play, but it can leave your personal information dangerously exposed. Your online safety is at risk and the threat of information being stolen from your device is at an all- time high. Your identity is yours, yet it can be compromised if you don't manage your phone or mobile device correctly. Gain the power to manage all your mobile devices safely. With the help of this guide you can ensure that your data and that of your family is safe. The threat to your mobile security is growing on a daily basis and this guide may just be the help you need. Mobile Security: How to Secure, Privatize, and Recover Your Devices will teach you how to recognize, protect against, and recover from hacking attempts and outline the clear and present threats to your online identity posed by the use of a mobile device. In this guide you will discover just how vulnerable unsecured devices can be, and explore effective methods of mobile device management and identity protection to ensure your data's security. There will be special sections detailing extra precautions to ensure the safety of family members and how to secure your device for use at work.
Table of Contents (21 chapters)
Mobile Security: How to Secure, Privatize, and Recover Your Devices
Credits
Foreword
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Tips to Help You Protect Your Mobile Device
The History of Social Networking, the Internet, and Smartphones
Index

The new mobile world


Throughout the 90s, computer and Internet technology revolutionized the way we socialized, purchased goods, and even found employment. By the end of the decade, many essential tasks could be completed without the need to leave the comfort of our homes. New concepts like "social networking", "telecommuting", and "digital goods" entered our collective vocabularies. Smartphones may represent a natural evolution of this process. While shopping for Christmas gifts from the comfort of our homes can be convenient, it can be even more convenient to shop for Christmas gifts from a smartphone while away from home. However, these new capabilities can be something of a double-edged sword; in some ways, smartphones are more vulnerable than laptops that have traditional antivirus software.

Making a smartphone smart

Originally, smartphones were any cell phones designed to perform tasks in addition to just making phone calls. These early smartphones had a dedicated and limited operating system. Today, however, smartphones are a specific class of device with a broad array of capabilities and features; what this is means is that the operating systems on smartphones are similar to the fully featured operating systems, such as Windows that run on our computers. Regular cell phones, by contrast, run on Real Time Operating Systems (RTOS) operating systems, which possess more limited capabilities and are designed to be more streamlined in nature. A smartphone is merely a mobile phone/cell phone that has more advanced computing capabilities, connectivity, and functionality than a conventional phone, which is limited in functionality to a basic handset or feature phone. The latter usually having the ability to run the third party apps via J2ME or BREW, but which have limited integration with the phone capabilities. Smartphones, on the other hand, usually have more advanced APIs that allow the third party apps to have tighter integration with the phone features and capabilities. Beyond this basic requirement, the variety of functions that smartphones can perform is seemingly limitless. Smartphones can organize our calendar and fax our documents, but they can also be used to update our Facebook status, download movies, and countless more functions through a variety of applications. You might say that this is what makes them smart; their focus on their additional functions as opposed to their ability to serve as mobile telephones.

The iPhone – why every phone secretly wants to be a smartphone

The iPhone is the elephant in the room when it comes to smartphones. According to a report by technology publication Engadget, the iPhone commanded a staggering 34.3 percent of the cell phone market share in the US as of October 2012 (http://www.engadget.com/2012/10/02/comscore-iphone-moved-up-to-34-percent-us-share-in-august/).

When you consider that the remaining market share is spread out across all other cell phone manufacturers, from Samsung to Motorola, you can see why Apple's competitors might be envious of the iPhone's success. After all, according to Engadget, three out of every ten cell phones in the US are iPhones. But this data is changing quickly. Smart mobile devices, including notebooks, smartphones, and tablets, shipped 308.7 million units during the first quarter of 2013. This shows a net increase of 37.4 percent over the figures compiled from the previous year. The Android operating system, accounted for a hefty 59.5 percent. Apple's iOS took 19.3 percent of the market share, just 1.2 percent ahead of Microsoft's share of 18.1 percent.

Released in 2007, the iPhone was originally conceived as an iPod with the added functionality of a cell phone. The original iPhone could make and receive phone calls, but it could also play music and interact online. Subsequent iterations of the iPhone only cemented the success of the first release. In July 2008, Apple released the iPhone 3G. The primary feature of this device was in the title; it ran on the third generation of the mobile telecommunications network. The iPhone 3G was also the first generation of the device to include GPS functionality and included a maps application.

As you can see, in the years since the iPhone's release, functionality has been expanded that might allow the device to be easily tracked and monitored. Of course, users benefit from this functionality because they are able to find their iPhone, should they misplace it or should it be stolen. However, other parties may be able to use this same functionality. As will be discussed further in Chapter 3, Privacy – Small Word, Big Consequences, Apple is able to use the GPS functionality to track your phone's geographical location. Ostensibly, this is only for the purposes of targeted advertising and customizing consumer support. However, even if you consider Apple to be a trustworthy company, their ability to track your phone's location does render you vulnerable to an outside party. In addition to legitimate parties, such as corporations, illegitimate parties may also be able to utilize these new features. Consider that a hacker may be able to locate your phone geographically through the iPhone's Find my iPhone cloud feature; all a hacker would need is your user identification information and a working knowledge of iTunes (http://ign.com/articles/2010.06/24/the-history-of-the-iphone).

The difference between Android and iOS

Most of Apple's competitors use the Android mobile operating system to run their user interface.

Comparatively, the iPhone runs on iOS (iPhone Operating System). This is Apple's internally developed operating system, which cannot be used to operate other devices without Apple's permission (and Apple has not, as of the time of this writing, provided such permissions to any other manufacturers). From the perspective of maintaining your mobile security, this is significant because Apple is the sole entity which is able to operate and monitor this platform. Apple protects this operating system (OS), so that it is not easy for the standard end user to alter and/or modify the OS. The best way to understand the difference between the Android and the iOS operating systems for smartphones is by considering the difference between the Windows and Apple operating systems that run on PCs and Macintosh computers. The latter, like iOS on iPhones, only runs on Apple products. The former, like the Android, runs on a variety of devices produced by a variety of manufacturers.

The Android operating system, like the iOS on iPhone, is an operating system designed for the use on smartphones with a multi-touch screen. The Android operating system is currently open source, which means that anyone can access the code and make alterations. What this means for the consumer is that the Android operating system can run quite differently on different phones that use it.

The Android OS is being used in a variety of electronics, including laptops, TVs, cameras, smart glasses, treadmills, headphones, and many other items. This is due to the customizable open and native nature of the Android operating system. One cool use of Android is the Android@Home technology that provides home automaton. This technology provides a mechanism to remotely manage smart house devices, including:

  • Thermostats

  • Power sockets

  • Light switches

  • Scheduling for powered devices

  • Using an Android OS these home services allows end users to manage their home devices using a PC, phone, or tablet

As one might imagine, this lack of parity between the Android phones can also create some problems for the end user, in terms of performance and functionality. Some apps purchased on the Android App Store may only work on certain phones, and thus it is the user's responsibility to ensure that their phone can run the application in question before they choose to download it.

Google introduced a security service to automatically scan applications that are posted in the Google Play Store known as bouncer. This service reviews the applications to determine if there are any malicious applications. This service is not a 100 percent solution and there is no guarantee that this will block all malicious applications. The bouncer program does the following:

  • As soon as an application is uploaded into the Google Play Store, the bouncer program starts to analyze the application for known spyware, malware, and Trojans

  • Based on a set of rules, the bouncer program looks at an application for any code that may cause issues with the OS

  • Also the bouncer program will review the uploaded application against other applications to identify possible issues

  • There is also an emulation process that Google executes to determine how the application may run on the Android OS

  • The bouncer program will also check the hosting account to determine if this account is known for posting a bad code

Because of the open source nature of Android, Android phones are at a greater risk to security infringements than the iOS phones. According to Bloomberg news, Android phones are far more vulnerable to malware and virus attacks than the Apple devices (http://www.kansascity.com/2011/11/15/3267279/android-more-virus-prone-than.html). The primary reason for this is the lack of a rigid infrastructure like the one that exists with Apple's products. While you may utilize Google's official Android App Store to purchase apps, you may also choose from half a dozen other application markets that are available for Android users (http://www.techrepublic.com/blog/smartphones/iphone-or-android-five-questions-to-help-you-decide/4456). The oversight on these alternative application markets varies, which means a user may be less assured that a particular app does not contain a virus or malware.