Our phones have truly become the new personal computer for many of us – in addition to being our primary means of communication we can watch movies, play games and now even enjoy virtual reality experiences on our handsets. But while smartphones are the epitome of modern convenience, the dirty little secret is that these omnipresent devices, which we have with us 24/7, and keep switched on for most of that time, are also a serious threat to our privacy.
A key feature of a smartphone is being able to locate itself, via multilateration to cell towers, or via the integrated GPS chip. This enables features such as tracking distances during running, and map navigation.
This geolocation information can be quite useful, and law enforcement can track a suspect via their phone. Apps also track users, and can use that information to see which retailers the owner of the phone visits, and the time spent there.
Think disabling the GPS on the phone means you can’t be tracked? Guess again, as there are even reports of locating phones via the other sensors, including the accelerometer, barometer and magnetometer.
While disclosing location data may seem innocuous, it is still an invasion of privacy. Furthermore, according to Michael Cobb of Computer Weekly, this data can easily be used to build a profile on a user, which can subsequently be used for a phishing attack.
A great feature about a smartphone is that its functionality can be massively expanded by installing apps, allowing you to build a device with a personalized feature set over time. However, those apps are often not from the most reputable sources – and they may help themselves to more information than is required. The scary thing is that we willingly provide this when we agree to the app permissions, and we should at least be a little more suspicious why that new game needs access to our contacts, GPS and camera.
As cellular connections often falter indoors, retailers have offered free Wi-Fi to their shoppers. Eager to stay connected, these shoppers click to accept the terms of service, and are thankful for the connection, with plenty of modern handsets able to use it for everything including phone calls.
This free Wi-Fi connection, while convenient, is too often in reality an invasion of privacy. US department store Nordstrom hit the headlines when it emerged that it was using a service known as Euclid Analytics to track shoppers.
Smartphone cameras are a great convenience, and embody the statement that the best camera is the one that you have with you.
Smartphone cameras are also a security risk, however, as they can be activated and used to spy on the owner. Notorious hacker and author Kevin Mitnick explains that this can be done by either installing software on the phone via physical access, or by using the preferred method of security services, via a remote exploitation.
Every smartphone has a microphone, and it’s another security risk. While the main concern may for many of us may be someone eavesdropping on private conversations, microphones also can be used for data collection.
For example, the company Alphonso uses smartphone mics to record the ambient noise of the owners’ environments, and then creates a database of TV shows that a phone’s owner has watched, which it then sells this data to advertisers hungry to target ads to those users.
Lack of security patches
Weekly security patches are a fact of life for Windows users, but when it comes to phones, while things are better for iOS and the Apple camp in general, there’s a lack of updates for Android, and not everyone will be running the latest version of Android at a given time.
This has to do with a lack of support in the Android camp, both from the phone manufacturers, as well as the wireless carriers, neither of whom have any incentive to do anything other than sell users something new and shiny.
Most of us would worry about what the government could do if had a ‘backdoor’ into our smartphone, and could access all of our data whenever it wanted to, and this issue became a battle royale when the FBI demanded that Apple help it circumvent an iPhone’s security in the wake of a terrorist attack in 2016.