Mobile phone security: What are the risks?

On Tech today, I wrote a basic overview of the most common current security risks mobile users face, and some basic things you can do to protect yourself:

Mobile phone security: What are the risks?

First on the list was malware — and on that front, Android definitely presents the biggest risk, because it’s such an open platform.

So, anticipating the trolls: Even though I own an Android phone and love it, and have said so several times in my CNN posts, I’m sure I’ll get lots of comments from Android fanboys complaining that I must be on Apple’s payroll.

For the record, no, I get nothing from Apple. In fact, I’m really kinda tired of iPhone fetishization, especially by tech media. I’m not anti-iPhone or anti-Apple (you’d have to pry my macbook from my cold dead fingers)

I used to own an iPhone and liked it well enough, but I AT&T really sucks in the Bay Area, so last summer I traded up to a Droid Incredible, which I generally like better. It’s got its hitches and weirdnesses, but it’s also a pretty cool device.

But being an Android owner has made me far more aware of mobile security. Ultimately, I think that’s a good thing.

So Android fanboys: Chill out. Go get some Doritos. And a reality check.

Neither am I on the payroll of Norton or Lookout, two companies whose products I mentioned as examples of the kinds of tools smartphone users can employ for mobile security. Norton did invite me to their mobile security event in SF. Yeah, I’m a journalist. I go to conferences. I meet with companies to learn what they’re doing. Shocking, I know.

My CNN post also covers premium SMS fraud, phishing, and spyware — and the spyware thing is especially creepy…

E-mail on your phone? Watch out for phishing

My latest mobile blog post concerns the recent Epsilon e-mail security breach. I received four e-mail notifications from companies I do online business with (banks, etc.) about this break last week, so I knew it was a big deal — but as the scope unfolds, it’s pretty staggering

Then I found a recent bit of research that has special relevance to mobile e-mail security. So I wrote this article:  Mobile users more vulnerable to e-mail phishing scams –

My favorite comment: “The reason iPhone users are 8 times more likely to enter a phishing site is because with an iPhone you can actually get to the website. Ever try to use the web browser on a Blackberry…their built in phishing security is that the web browser can’t open websites.”

Google Privacy: No, please don’t send the van over, really… (gulp)

Privacy? What privacy! Such a quaint 20th century notion…

Google Opt Out Feature Lets Users Protect Privacy By Moving To Remote Village

Thanks much to the West Seattle Blog for bringing this gem to my attention via Twitter in the wee hours of the morning. And kudos to The Onion for such impressive info-graphics! My favorites are the van, barter, and data security fence graphics.

1Password is not for me: Doesn’t work with third-party applications

I use many, many online services that require passwords access. Some for important stuff like online banking, or gmail, or collaboration tools, or travel arrangements, or Twitter. Others are less important, like news sites that require logins. I was starting to get concerned about password security for all of that, so I tried the Mac application 1Password, which several people  recommended to me.

1Password seems pretty powerful. But it’s not for me.

Reason: 1Password only integrates with Web browsers, not with 3rd party applications. For 3rd-party applications, you can generate stronger passwords using 1Password — but then you have to store them in the OSX keychain or elsewhere. If you rely on such applications regularly, this vastly reduces the potential security benefit of 1Password.

This became a dealbreaker for me. Here’s why…

Continue reading