Earlier this week I talked about phone security in terms of malware and phishing schemes.
Now I want to turn attention to smartphone apps. The release of the iPhone 4 and the new Android phones has focused conversation on the privacy issues. In an article at Fast Company, writer Kit Eaton said the problems surrounding Facebook and privacy have nothing on the privacy issues of smartphones:
Think about what your smartphone -- particularly iPhones and Android devices with their bounty of apps, and BlackBerrys with their automated ties back to your workplace and your email -- has aboard it. With just a push of a button or a poke at the touchscreen, pretty much anyone who got hold of your phone could read your email, read or make postings to your social networking app of preference, see pictures of you, your family, your girlfriend (think of the compromising celebrity "naughty snap" photos that keep popping up) and so on. The devices, existing as they do as an extension to the old notion of personal digital assistant, contain far more personal data than would ever have been accessible on older dumbphones. And, for the sake of convenience many of us have our apps auto logging-in and keep the phone unsecured, so that quickly accessing it to send a text or tweet, or snap a photo is easy.
InfoWorld reported that 20 percent of Android apps can threaten privacy, based on the permissions granted:
The permissions -- which allow applications to do a multitude of things, including initiating a phone call, reading SMS (Short Message Service) messages or identifying the phone's location -- are there to help people develop useful applications. But applications might also access those kinds of personal data for nefarious purposes, according to SMobile.
Besides the 20 percent of applications that let third parties access private or sensitive information, 5 percent of applications have the ability to place a call to any number, and 2 percent of applications can send an SMS to an unknown premium number, in both cases without user involvement.
iPhone has its privacy problems, too, according to a Los Angeles Times blog:
An increasing number of iPhone apps ask users for their location, which is then used by the application or even uploaded to the app's maker. Apps like the Twitter application Tweetie and Google Maps make frequent use of location data, either to help the user get oriented geographically or to associate the user's action with a specific location (as when a tweet is geotagged).
There is some positive news, however, regarding apps and phone security concerns. Sophos has developed security threat monitor app for iPhones. (I hope Sophos will be developing a similar app for other smartphones!).