Securing Your Digital Life: Simple Tips for Your Devices in Public

by September 6, 2011 09/6/11

In today’s society, our devices are constantly connecting to one another through multiple formats. These devices contain a multitude of different methods to ensure that we’re able to connect whenever and wherever we are.

Most smart phones contain connection abilities for X, EV and 3G/4G Cellular Networks, WiFi, Bluetooth and GPS. A simple device like a cell phone can have the ability to connect using all these six different methods!

These public connections are great for sharing and receiving information on the go, but unfortunately this means our devices are open to even more threats than ever before.   For example, your cell phone may be connecting to different devices and networks in public without your knowledge. It’s very important to understand how to secure your devices against unwanted intrusion in order to keep your information safe while in public.

Wi-Fi

Wi-Fi is one of the most popular connections that devices use and public Wi-Fi is becoming more and more popular. Wherever we happen to be, we usually have access to a Wi-Fi network. Identity thieves and malicious users favor public Wi-Fi networks because the security on these networks is usually next to nothing. These users can access files and other information that your computer is sharing without your knowledge.

A good step you can take to secure your device on a public network is to ensure you have an up to date firewall installed that will monitor your connection. Users may want to consider upgrading to a different firewall program other than the default offered by the manufacturer.

Changing your sharing permissions is an important way to keep your information secure. Many computers share information by default in order to allow sharing of files on a home network. We recommend disabling all file and folder sharing when you’re in public to avoid any unwanted access to your device.

Bluetooth

Bluetooth devices have the ability to exchange data over short distances from fixed and mobile devices, creating personal area networks (PANs.) Bluetooth is great for quickly sharing a file between two devices or printing a document wirelessly, it can also be used to pair accessories to your devices such as earpieces or external speakers.

Having Bluetooth active can become a security risk if your device doesn’t have the correct settings. Many devices have Bluetooth enabled by default and some are even enabled to allow other devices to connect. Malicious users can access your device through the Bluetooth connection and copy files or gain access to another device attached to your Bluetooth device.

The good news is that most phones have the capability to turn Bluetooth on and off fairly easily. Bluetooth isn’t necessary for any functions other than pairing another device to yours, so you will not be limiting the functions of your device.

Location Services

Many smartphones and other devices utilize GPS and radio technology to allow programs and apps to run things like navigation and location check-ins. However, many of these services are running all the time and not just when you’re accessing that program or app.

Most smartphones give you the option to disable location services and many of them can be turned on and off with ease for times when you want to utilize features like navigation. Check out Data Leaks: Location Based Services and Why You Should be Concerned, for more about the security risks that location based services can carry with them.

Staying Secure

Keeping your devices secure while utilizing public connections is relatively simple as long as you keep track of the connections your device is using. Some companies offer physical devices that will disable the ability to connect if you need to absolutely make sure that your device stays disconnected.

The best method to ensure a device doesn’t connect to anything is obviously to power down that device. However, there are situations when the device may need to be utilized immediately and you may not have time to wait for it to power up. With the right knowledge of how your devices operate and how to maintain its connections, you can keep your information safe and private when using it in public.


Are you getting more than 14¢ of value per day from ITS Tactical?

Please consider joining our Crew Leader Membership and our growing community of supporters.

At ITS Tactical we’re working hard every day to provide different methods, ideas and knowledge that could one day save your life. Instead of simply asking for your support with donations, we’ve developed a membership to allow our readers to support what we do and allow us to give you back something in return.

For less than 14¢ a day you can help contribute directly to our content, and join our growing community of supporters who have directly influenced what we’ve been able to accomplish and where we’re headed.

Click here to learn about all the benefits and Join!


J
J

Other considerations:

Mylar potato chip bags will block the cell signal completely (there might be an article on here about cell proof bags and comparisons of commercial products vs chip bags- spoiler, they work the same)

Facebook has some sweet new security settings that i hope to see proliferate to banks and other secure websites (someone tried to recall my password last week, even if they had reset it they still couldnt log in because unrecognized devices now require an auth code that is texted to my phone.)

Last, regarding physical security- iPhone users can register them and create a feature that will allow you to view the location of your phone, lock it (essentially brick it) on command, and the best one--- cause the phone to ring at max volume and not be stopped. If you think your phone might still be in the area and have access to a laptop you can out the thief on the spot.

J
J

Other considerations: Mylar potato chip bags will block the cell signal completely (there might be an article on here about cell proof bags and comparisons of commercial products vs chip bags- spoiler, they work the same) Facebook has some sweet new security settings that i hope to see proliferate to banks and other secure websites (someone tried to recall my password last week, even if they had reset it they still couldnt log in because unrecognized devices now require an auth code that is texted to my phone.) Last, regarding physical security- iPhone users can register them and create a feature that will allow you to view the location of your phone, lock it (essentially brick it) on command, and the best one--- cause the phone to ring at max volume and not be stopped. If you think your phone might still be in the area and have access to a laptop you can out the thief on the spot.

Ken
Ken

Yep. I'd contact the service provider as soon as possible after calling the police to report the theft. While on the phone ask whether they can track or otherwise monitor the device. Some carriers can, some can't.

This needs to be timely or you might be footing the bill for extraordinary voice and/or data charges. Plus, if you have insurance it's that much quicker in getting another phone in your hands. However, don't be too quick in disconnecting service. Ask your representative if you will be responsible for any charges during the next few hours while the police are trying to get your phone back. I have been able to get a few phones back in cases where there was video and the suspect had been identified. It's amazing the effect one can have when you call the victim's phone and you address the suspect by name.

Ken
Ken

One major security threat not mentioned is physical security. I've taken dozens of reports of phone theft. Almost exclusively the victim put the phone down in a public area. Many times the phone was not outside the arm's reach of the victim. I've seen video of suspects simply waiting for the right time to reach over and remove the phone. Once the phone is out of view the suspect simply walks off. Typically when the victim turns back the reaction is "where'd I put my phone?" They might search a purse or pockets. They might even look at the suspect walking away, but are in disbelief the person took the phone and are too timid to confront the person in fear of falsely accusing someone of theft.

Besides theft, phones can be lost. If it falls into the wrong hands, mostly likely mischievous teens, you've exposed yourself to myriad of threats. Threat it like a lost wallet. Immediately change passwords starting with facebook and other popular sites that are tempting for defacement (no pun intended) and then financial sites.

Personally, I think losing physical control of the device and falling victim to its malicious use is much more likely to happen. Fortunately, it's also easier to prevent than keeping up with the every changing electronic threat of hacking.

...unless someone simply mugs you for it and then it's a completely different mode of response.

Ken
Ken

One major security threat not mentioned is physical security. I've taken dozens of reports of phone theft. Almost exclusively the victim put the phone down in a public area. Many times the phone was not outside the arm's reach of the victim. I've seen video of suspects simply waiting for the right time to reach over and remove the phone. Once the phone is out of view the suspect simply walks off. Typically when the victim turns back the reaction is "where'd I put my phone?" They might search a purse or pockets. They might even look at the suspect walking away, but are in disbelief the person took the phone and are too timid to confront the person in fear of falsely accusing someone of theft. Besides theft, phones can be lost. If it falls into the wrong hands, mostly likely mischievous teens, you've exposed yourself to myriad of threats. Threat it like a lost wallet. Immediately change passwords starting with facebook and other popular sites that are tempting for defacement (no pun intended) and then financial sites. Personally, I think losing physical control of the device and falling victim to its malicious use is much more likely to happen. Fortunately, it's also easier to prevent than keeping up with the every changing electronic threat of hacking. ...unless someone simply mugs you for it and then it's a completely different mode of response.

tony
tony

lookout mobile security will wipe ur data locate it and back up ur phone all for free

Rob Henderson
Rob Henderson

These are great points. I would also add contacting the service provider for devices like cell phones and informing them the item has been stolen so they can disconnect service and possibly track the device.

AltJ
AltJ

Uri's recommendation is a bit over the top. You are safe to login to secure websites over an open wireless network. Sure the wireless network is untrusted, but so it the rest of the internet. Encrypted communication (like HTTPS) will protect your data in transit from eavesdroppers on such networks.

Ken
Ken

Yep. I'd contact the service provider as soon as possible after calling the police to report the theft. While on the phone ask whether they can track or otherwise monitor the device. Some carriers can, some can't. This needs to be timely or you might be footing the bill for extraordinary voice and/or data charges. Plus, if you have insurance it's that much quicker in getting another phone in your hands. However, don't be too quick in disconnecting service. Ask your representative if you will be responsible for any charges during the next few hours while the police are trying to get your phone back. I have been able to get a few phones back in cases where there was video and the suspect had been identified. It's amazing the effect one can have when you call the victim's phone and you address the suspect by name.

Uri
Uri

AltJ, thanks for your reply and yes, indeed if you are using SSL (HTTPS) to login and further browse to your services you are minimizing the chances of someone eve-dropping on your login credentials and other personal information.

Still, as a precaution I would recommend NOT to login to banks, health insurance sites or other "sensitive" services. Like ieatgiraffe said, there are ways to bypass SSL (mostly man in the middle attacks), and even when these are hard to implement they are still a threat.

Uri
Uri

AltJ, thanks for your reply and yes, indeed if you are using SSL (HTTPS) to login and further browse to your services you are minimizing the chances of someone eve-dropping on your login credentials and other personal information. Still, as a precaution I would recommend NOT to login to banks, health insurance sites or other "sensitive" services. Like ieatgiraffe said, there are ways to bypass SSL (mostly man in the middle attacks), and even when these are hard to implement they are still a threat.

ieatgiraffe
ieatgiraffe

Altj opinion is lacking a bit in recent developments in the hacking world. Faceniff, an android app, is currently in the process (beta) of finishing an app that has the ability to strip SSL security.

so its still safe to say DO NOT access any website/ information on public networks you dont want others to be able to access as well. unless you are using a vpn or ssh tunnel to encrypt your browsing.

ieatgiraffe
ieatgiraffe

Altj opinion is lacking a bit in recent developments in the hacking world. Faceniff, an android app, is currently in the process (beta) of finishing an app that has the ability to strip SSL security. so its still safe to say DO NOT access any website/ information on public networks you dont want others to be able to access as well. unless you are using a vpn or ssh tunnel to encrypt your browsing.

The Latest
Squawk Box

Rigger’s Rubber Bands have been utilized by the skydiving community and the military for years. They’re a quick and easy way to secure your gear and last much longer than regular rubber bands.

2 days ago
Leave a Comment