Yeah, it's been a long time since I've
posted anything. I have some time now and I thought I'd talk about
my favorite things when it comes to computer security. The more I
learn, the most frightening this subject becomes.
We'll cover some basics in this post,
then talk about specific tools that can be used to help secure one's
security and privacy. Let's first talk about smartphone security.
The phone itself can be pretty secure if you lock it with a password
(assuming you use a good password). Using a pattern lock instead of
a password is a good idea if you don't like having to remember a
strong password. Locking with facial recognition or a short PIN
code is better than nothing, but if someone gets hold of your phone
and is determined to try hard enough, they'll probably get in.
Once in, the E-mail you've downloaded
onto your phone can be a rich source of information. It's likely
that you've casually mentioned something in your mail somewhere that
might be of use to a hacker or identity thief. It's best to not keep
much old mail on the phone and to erase sensitive E-mails right after
you read them. Some mail apps support E-mail encryption/decryption.
You should use encryption for at least sensitive E-mails if you can
get the people you exchange those E-mails with to use it also.
I worry about how insecure banking and
brokerage firm apps are, and avoid using them. Consider using the
“incognito” (memoryless) feature on your phone's browser, or
switch to a browser that supports that feature. Having your browser
remember your history and passwords might be convenient for you, but
it's also very useful for anyone who gets a hold of your phone.
There are several privacy apps and
features available for smartphones. We'll cover them separately.
With Android phones, you can encrypt your micro-SD card. Later
versions of Android support “Android Device Management” over the
web, allowing you to locate and ring your phone if it's lost. More
importantly, it allows you to immediately lock your phone remotely
with a new passcode. You can even wipe it remotely, if you feel you
need to. Several apps were available to do this, but it's now
available for free, built into the operating system itself.
Be aware that if someone finds your
phone, all they need to do
is to turn the phone off and leave it off until they can get away from or shielded from cell phone service. There, they can turn
the phone back on and put it in airplane more, locking you out from
remote access. Even if the phone isn't really completely off, they
can wrap the phone in aluminum foil or put it in a small metal box to
completely block GPS and cell signals.
If you need to store sensitive
information on your phone, use a password manager or file encryption
tools. Don't leave anything sensitive on your phone in plain text,
and trust apps with sensitive information only if they are generally
accepted as being very secure. There are only a few apps I trust
that much. I'll mention them later.
