Always with the phone!<\/p>\n
Today’s challenge – Smartphone Security II –\u00a0Direct Link to Guide Page<\/a><\/p>\n Following on from yesterday’s Challenge, this time we’re looking at the software that runs on your smartphone. Whilst “apps” have been incredibly convenient solutions to many problems, they can introduce significant vulnerabilities to our devices. This is particularly the case for Android devices, because the apps that are in the Google Play store are not vetted to anywhere near the standard that apples in the Apple Apps Store are. We can get all philosophical about this, the “walled garden” vs “my device my rules” debate, but let’s bypass that and just say this: Android apps are by and large less secure than iPhone apps, but that doesn’t mean you’re safe on iPhone. So what to do about it?<\/p>\n Today’s Challenge isn’t difficult technically, all of our participants completed it themselves without any technical support. No, today’s Challenge is difficult because it makes you ask yourself some hard questions, and introspection is usually fraught with danger.<\/p>\n One of the key concepts in information security is called “attack surface”. It describes how many avenues a would-be hacker has to attack you and your data. The greater your attack surface, the more avenues the hacker has to try to comprise you. Part of a good information security plan is to limit the attack surface as much as possible,\u00a0 which includes only installing software or apps which are necessary for you to function. You can see where this is heading can’t you.<\/p>\n The biggest part of today’s Challenge is to uninstall any apps you don’t need, or disable them if they shipped with your phone and you can’t uninstall them.<\/p>\n Once you’ve removed\/disabled the unnecessary apps, you then have to restrict the things that the apps that are left can do on and to your device. You might be surprised\/worried what apps want access to which parts of your phone.<\/p>\n Lastly, we’re removing any WiFi access points from the phone memory that we no longer need (eg that Starbucks that you visited 3 years ago). The list of WiFi access points you’ve connected to is like a fingerprint for your device, so whenever you turn on your WiFi (because you have WiFi turned off at all times until you need to use it right!?!?) you’re broadcasting to anyone that wants to listen everywhere you’ve been. Which could be awkward…<\/p>\n Geoffrey: As noted earlier I’ve only recently upgraded my mobile phone so I haven’t had time to fill it up with garbage apps that I don’t need. Nevertheless I had 6 apps on my device which I don’t really need, the info from which I can get through a web browser on the device which is much more secure. My app permissions were pretty good (although there were a few that needed to be tweaked). I had three WiFi access points that I needed to delete, so all in all, I was quite happy with my outcome.<\/p>\n Juan: There is no way to say this nicely – Juan is an app whore. He seems to have taken the “There’s an app for that” mantra to the extreme. I’ve never seen a device which wasn’t owned by a teenager with as many apps on it. And just like a teenager, taking away of the apps induced pouting, tantrums, cold stares, bargaining and lots of bribing to achieve compliance. It got to the point of me threatening to double my invoice until he finally acquiesced to deleting a game that he had in fact never played. Thankfully the permissions and WiFi bit was much easier. And yes, constant followup will be required.<\/p>\n Diana: I’m beginning to fall a little bit in love with Diana. She only had 2 non-standard apps installed on her phone, both absolutely essential to her work so that was pretty easy (particularly compared to her husband). App permissions and Wifi were also straightforward.<\/p>\n Priscilla: Landed in the middle here, quite a few unnecessary apps on the device, but many had been installed by her kids so getting rid of them was a relief. App permissions and WiFi were also pretty straightforward.<\/p>\n Previous Days Here: Always with the phone! Today’s challenge – Smartphone Security II –\u00a0Direct Link to Guide Page Following on from yesterday’s Challenge, this time we’re looking at the software that runs on your smartphone. Whilst “apps” have been incredibly convenient solutions to many problems, they can introduce significant vulnerabilities to our devices. This is particularly the case […]<\/p>\n","protected":false},"author":1,"featured_media":267,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[],"_links":{"self":[{"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=\/wp\/v2\/posts\/314"}],"collection":[{"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=314"}],"version-history":[{"count":3,"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=\/wp\/v2\/posts\/314\/revisions"}],"predecessor-version":[{"id":317,"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=\/wp\/v2\/posts\/314\/revisions\/317"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=\/wp\/v2\/media\/267"}],"wp:attachment":[{"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=314"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=314"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.smevidence.com.au\/website\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=314"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nDay 0 – Introduction to the Team<\/a>
\nDay 1 –\u00a0Installing Operating System and Application Updates
\n<\/a>Day 2 –\u00a0Set Up A Standard User Account<\/a>
\nDay 3 \u2013 Review Privacy Settings<\/a>
\nDay 4 –\u00a0Setup Private & Secure Email
\n<\/a>Days 5&6 \u2013 Weekend Project #1<\/a>
\nDay 7 – Install a Password Manager<\/a>
\nDay 8 – Change Your Passwords
\n<\/a>Day 9 – Browser Security<\/a>
\nDay 10 – Firefox Security Add-ons<\/a>
\nDay 11 – NoScript Security Suite<\/a>
\nDays 12&13 – WiFi Security Checkup<\/a>
\nDay 14 – Virtual Private Network<\/a>
\nDay 15 – Two Factor Authentication<\/a>
\nDay 16 \u2013 Smartphone Security I<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"