Mobile phone apps and security

People love their smartphones these days… and with good reason. They can be amazing tools for business and fun distractions from the mundane parts of life – like standing in line at the post office or waiting to be picked up from the airport. There’s a problem though. Those fun and handy apps can be setting you up for embarrassment, failure or good ol’ fashioned identity theft.

Live Free or Die HardIf you saw the movie “Live Free or Die Hard”, you’ll recall the premise that one bad guy who sold software to large companies and government agencies had a back door entrance into those same secure systems – allowing him to take control of everything from street lights to phone systems to fire alarms. Yes, that idea is somewhat far-fetched, but that’s because [most] large corporations and government offices pour over software to insure that it’s safe to run in their systems AND that it doesn’t allow for hackers to get in and access private data. But… what if they did that on a smaller, but huge scale? Like… mobile phone users?

Mobile phone game cradleMillions of people install and play Angry Birds, but it would be a good guess that 99% of those people did NOT look at the security and permissions needed to enjoy that game. Angry Birds is not one to worry about, but there are PLENTY of others you SHOULD worry about! Today, everyone and their dog now publishes mobile applications. Some let you fake-burn ants with a digital magnifying glass, others record your voice and change it to sound like a chipmunk and some let you track your weight loss or scan barcodes to lookup prices. Simple, fun or useful tools – at least, we hope so. Some apps that are probably installed on your phone right now have access to your address book, emails, photos and text messages – and can very easily download that data to a server in any country in the world. Hopefully they aren’t using it to send spam, or worse… (Remember when Paris Hilton’s phone got hacked? That was just the beginning.)

Motorolla Triumph - AndroidI recently got a new phone that was better than my ancient one, and I happily started installing apps that I couldn’t run before. This new phone included a flash for the main camera which, as many people are aware, makes a great flashlight when you’re fumbling to get your key in the doorknob or looking for that piece that fell under the couch. The problem is this – WHY does an app that just needs to turn on the light, need access to your precise GPS location? WHY would it need full internet access? WHY would it need the ability to read and write to your memory card or see the phone numbers of incoming/outgoing phone calls?! I am NOT exaggerating! I refused to install at least 8 different flashlight apps because they wanted access to do waaay more with my phone than just turning on the light!

There are NUMEROUS apps out there that ask for these permissions and more, that people just don’t pay attention to when installing that ‘fun game that everyone loves.’ Don’t be fooled – just because it’s available on the the iTunes App Store or Android Marketplace does NOT mean it’s trustworthy! And NO, just because an application has over 2 MILLION downloads also does not mean it’s safe! However, there are plenty of apps that ask for lots of permissions – but they offer more than just a silly game – they’re useful, they can be a great resource and some even come from reputable companies.

Trust - Honor - Honesty - Liberty - Rights

The take-away from this is – beware. You wouldn’t hand your phone (or phonebook) to a stranger at Disneyland while you went on a wet ride – so why are you doing it when you install applications without learning more about them (or the company/person who wrote them)?

Back to Top