Secure your smartphone

Your smartphone probably contains a wealth of information of personal and professional nature, which you would not want others to have access to. This is why (after losing my HTC Hero a couple of months ago) I now try to follow 2 out of these 3 simple rules:

  1. don’t lose your smartphone.
  2. if you lose your smartphone, make sure you have something in place to locate it
  3. if you lose your smartphone and you can’t locate it, make sure you can wipe it remotely

There are multiple solutions to locate & wipe smartphones (including HTC’s Sense online offering), but for my Sense-less HTC Magic I installed “Lookout“. Lookout is a free application that provides device location, contacts backup & restore and apparently also malware protection. If you’re willing to pay $3/month, you also get remote wipe, remote lock and backup/ restore of pictures and call log. If you lose your Android-phone, you just log in to the Lookout-website to locate and optionally lock or wipe your handset.

I’m happy using the free version for now; I activated Android’s pattern lock-screen to avoid anyone from accessing my handset and deactivating Lookout. Remote wipe is great, but I guess I can activate my Lookout Premium account if ever I need that feature?

6 thoughts on “Secure your smartphone

  1. Philip Paeps

    Wealth of information? What, like other people’s phone numbers?

    I would feel a bit dubious paying a company for the ability to break my phone. What if you stop paying them? What incentive do they have not to break it? Sounds like a protection racket to me.

    Reply
    1. frank Post author

      with mail coming in (personal and/or professional), files on sd-cards, browser history and maybe even connected cloud storage, smartphones can contain a lot more info then just phone numbers, no? and in that case having a way to locate and if needed wipe your phone can be a good thing. whether of not you can trust a 3rd party with that ability, is up to your level of trust in such a 3rd party.

      Reply
      1. Philip Paeps

        Wait, you store important personal and professional information in cleartext on a device you nonchalantly carry around with you?

        Further, you give money to a company to let them brick your phone on your (or more likely “someone’s” say-so) and you hope that they will only brick your device and not access (and sell, or hold ransom) your data?

        I’ll say nothing about the fact that the device you carry this important personal and professional information on in cleartext is also connected to various wireless networks and that most implementations of those systems are provably broken.

        Maybe instead of paying companies to brick your phone, you should think a bit more carefully about where you store your important personal and professional information? Perhaps you could consider storing it on encrypted storage devices in physically secure locations and perhaps access it through secure channels?

        It’s not because you’re paranoid that you’re not being followed. But seriously – storing important data on a phone? And paying someone to brick it remotely? Maybe you’re being a little too trusting?

        How can you be sure that I can’t ask them to brick your phone? How can you be sure that they’re not remotely “archiving” your data? How can you be sure that your data won’t be stolen before you notice and have it bricked?

        Nuts, I say…

      2. frank Post author

        you are right, if your assumption is that when going on holiday you should pack for war ;-)

        but seriously; people do use smartphones in a … less secure way, having a lock-screen + remote location & remote wiping capabilities is, in that reality, a huge step forwards. the fact that you have to rely on a 3rd party is a downside, one has to decide if that 3rd party is trustworthy for oneself (lookout is one of the bigger companies in the market, with some well-known people & investors behind it, I do feel I can trust them).

        and if it makes you feel any better: remote wiping can also be done from ms exchange or a google apps domain :-)

    2. frank Post author

      concerning the risk of a 3rd party abusing their wipe rights on your phone: before you stop paying them, you could uninstall their app or remove them (their app) from the list of “device administrators”.

      Reply
  2. kristof

    My phone contains a lot of info. Remote wipe is reassuring. The fact that if it gets stolen I can maybe locate the one that stole it is also some comfort.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *