Hollywood-Grade Mobile Phone Security: 4 Tips - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Hollywood-Grade Mobile Phone Security: 4 Tips

Recent mobile phone hacks in Hollywood and the emergence of an entertainment answer to WikiLeaks should remind everyone to follow these mobile security mantras.

In the past week, actresses Scarlett Johansson and Mila Kunis have illustrated the dangers that smartphones can pose to one's privacy. In Johansson's case, hackers appear to have stolen nude self-portraits from her phone, while in Kunis' case, they lifted semi-racy photographs taken of her Friends With Benefits co-star Justin Timberlake.

The FBI is reportedly investigating both breaches, but in the interim, one security takeaway is clear: Smartphones that store information of a sensitive nature must be properly secured. Regardless of whether or not you've got paparazzi camped outside your door, according to mobile security firm Lookout, most phones today get hacked in one of four ways:

1. Weak passwords. One of the best techniques for ensuring your password doesn't get hacked is to avoid password reuse. In 2008, for example, hacker Josh Holly told Wired that he'd accessed teen celebrity Miley Cyrus' Gmail account by first socially engineering a MySpace employee and gaining access to an administrative panel that listed members' passwords in plaintext. Finding one for Cyrus, he tried it against a Gmail account Cyrus was known to use, and it worked. At that point, he pulled a collection of racy images that the singer and actress had sent via email.

[Want more tips on protecting your mobile data? See 5 Essential Mobile Security Tips.]

2. Public Wi-Fi. Using unsecured public Wi-Fi hotspots means you're sending data in unencrypted format, which leaves it open to eavesdropping attacks. To illustrate the dangers posed by eavesdroppers, one security researcher last year unveiled Firesheep, which enables an attacker to automatically sniff public Wi-Fi connections for traffic and capture credentials related to popular websites, such as Facebook, Twitter, and Amazon.

3. Malicious applications. As with PCs, so too with smartphones: Only install software from reputable sources, lest it contain malware. For Apple iPhone and iOS device users, this means you jailbreak your device and install non-Apple-approved applications at your own risk. Meanwhile, for Android, which doesn't review applications before allowing them to be listed on the official Android Market, only download and install applications from reputable sources, and consider adding security software that can block malicious activity.

4. Outdated software. Outdated smartphone software containing known vulnerabilities can give attackers a vector for exploiting devices. Unfortunately, smartphone operating systems don't have the equivalent of a Windows Update. Instead, smartphone users must rely on their cellphone carrier to push an update. Outside of Apple, however, seeing smartphone security updates can be a rarity, perhaps because the carrier and phone manufacturer have already been paid. In such cases, smartphone security software can add another layer of protection.

Anyone can sharpen their smartphone security using the above tips. But celebrities may not want to wait, since a WikiLeaks spinoff calling itself "Hollywood Leaks" has vowed to release everything from major scripts to nude photographs culled from hacked email accounts. "We're simply here to facilitate the free flow of information from a place which was previously overlooked, Hollywood," a member of the group told Gawker last month.

In light of that threat, security expert Graham Cluley, senior technology consultant at Sophos, offers one piece of additional security advice, in the form of a "cut-out and keep reminder" for celebrities to tape to their mirrors: "Must not take any nude photos of myself today."

SaaS productivity apps are good to go--if you can get past security and data ownership concerns. Read all about it in the new, all-digital issue of InformationWeek SMB. Download it now. (Free with registration.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
Preparing for the Upcoming Quantum Computing Revolution
John Edwards, Technology Journalist & Author,  6/3/2021
How SolarWinds Changed Cybersecurity Leadership's Priorities
Jessica Davis, Senior Editor, Enterprise Apps,  5/26/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll