diff options
Diffstat (limited to 'wired/old/published/How To Wiki/howtoprotectyourphone.txt')
-rw-r--r-- | wired/old/published/How To Wiki/howtoprotectyourphone.txt | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/wired/old/published/How To Wiki/howtoprotectyourphone.txt b/wired/old/published/How To Wiki/howtoprotectyourphone.txt new file mode 100644 index 0000000..36c1bc5 --- /dev/null +++ b/wired/old/published/How To Wiki/howtoprotectyourphone.txt @@ -0,0 +1,41 @@ +Attention Californians, do you know what's on your cellphone? + +You better because when police arrest anyone in California they can search that person's mobile phone. That means the police would have access to your email, call records, photos, text messages and GPS data. It could even mean the police would be able to access your bank records, files on your home computer, travel plans and countless other tidbits of data that are stored on your phone -- all without the need for a warrant. + +Warrantless searches like those [http://www.wired.com/threatlevel/2011/10/warrantless-phone-searches/ California legislators were trying to block] are becoming more common. The state of Michigan has even equipped its officers with smart phone forensic devices. + +Want to stop big brother from sinking his teeth into your data? Well, it's not easy to do. In fact, you probably can't stop determined experts from getting into your phone. You can, however, put up some roadblocks that will slow them down and most likely stump the average person -- law enforcement or otherwise -- from accessing your data. Here's our guide to securing your mobile phone. + +==Lock it down== + +Password-protecting your smartphone should be a no-brainer. If you haven't already, turn on the password lock feature on your phone. It's a mild inconvenience to type your password every time your phone comes out of sleep mode, but it's your best first line of defense against would-be snoops. + +If your phone allows it, set it up to automatically wipe your data after a few failed password attempts. That way, should anyone try to guess your password they'll automatically delete your data after a few tries. Be careful though, the data gets deleted whether it's a cop trying to hack your phone or just your toddler playing around with it. + +The U.S. courts are, thus far, unclear on whether or not you can be compelled to hand over your password to law enforcement. If nothing else having one in place should help buy you some time to get in touch with a lawyer or wipe your data remotely (see below for details). + + +==Button it up== + +While it isn't absolutely foolproof, full-disk encryption is the best, most practical method of safeguarding your phone's data from the prying eyes of law enforcement (or just that creepy guy who found your phone in a bar). + +Sadly most phones don't support full-disk encryption. Apple's iOS 4 introduced a feature dubbed "data protection," which encrypts some types of data when the phone is locked or turned off. There are encryption APIs in iOS so other apps can protect your data, but how many actually do is unclear and support varies on an app by app basis. There is no way to completely encrypt your iPhone. + +Android doesn't fair much better. So far Android doesn't offer a built-in encryption option though there are some third-party apps that can do it. If you have a Nexus S or Nexus One the new [http://whispersys.com/whispercore.html Whispercore] app can do full disk encryption. If you've got a different Android model and you're looking for a full disk encryption solution, well, you're not alone. Even DARPA, the famed U.S. Defense Advanced Research Projects Agency, has put out a call for help when it comes to finding [https://www.fbo.gov/index?s=opportunity&mode=form&id=3473e17cb0615b10d9c93533180aa345&tab=core&_cview=0 full-disk encryption for Android]. + +==Wipe it Away== + +What happens if the cops seize your phone and take it off to the bat cave where powerful hackers will defeat all your best encryption tools? Remote wipe it of course. + +If you've got an iPhone, set up Find My Phone, which includes an option to delete all your data from afar. + +Android users can wipe their phones with a number of apps, including [http://seekdroid.com/ SeekDroid] and [http://www.webroot.com/En_US/index.html Webroot], both of which offer additional security measures as well. + +Blackberry users have several options, but for individuals the easiest thing to do is set up [http://us.blackberry.com/apps-software/protect/ Blackberry Protect]. + +One problem with remote wipes is that it's easy to defeat -- just remove the SIM chip. If there's no way to connect to your phone there's no way to wipe it. Another problem is that in some cases wiping your phone might be considered destruction of evidence. + +==Conclusion== + +Smartphone security is just beginning to get off the ground. Right now our phones seem more like fun little toys to tote around than potentially incriminating data stores, but that's starting to change. At the moment Blackberry remains the most secure platform out there thanks to its strong background in enterprise and business environments. After that iOS and Android both offer similar features, though both can, with access to right tools, still be compromised. + |