Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Smartphone As Your Most Dangerous Possession

timothy posted more than 3 years ago | from the keep-that-thing-away-from-my-family dept.

Crime 154

Hugh Pickens writes "CNN reports that now that smartphones double as wallets and bank accounts — allowing users to manage their finances, transfer money, make payments, deposit checks and swipe their phones as credit cards — smartphones have become very lucrative scores for thieves and with 30% of phone subscribers owning iPhones, BlackBerrys and Droids, there are a lot of people at risk. Storing a password and keeping your phone locked is a good start, but it's not going to protect you from professional fraudsters. 'Don't think that having an initial password set on your phone can stop people from getting in there,' says Nikki Junker, a victim advisor at the Identity Theft Resource Center. 'It's a very low level of protection — you can even find 30-second videos on how to crack smartphone passwords on YouTube.'"

cancel ×

154 comments

Sorry! There are no comments related to the filter you selected.

I do not think that word means what you think it d (5, Funny)

Amorymeltzer (1213818) | more than 3 years ago | (#34897084)

I believe you mean "risky" not "dangerous." The most dangerous item I own is probably a knife.

Re:I do not think that word means what you think i (4, Insightful)

corsec67 (627446) | more than 3 years ago | (#34897154)

You don't own a car? That is probably the "most dangerous" class of item that people own.

Re:I do not think that word means what you think i (5, Funny)

Anonymous Coward | more than 3 years ago | (#34897232)

I don't own a car, but I do own a lightsaber. Not as clumsy or random as a car; an elegant weapon for a more civilized age.

Re:I do not think that word means what you think i (0)

Anonymous Coward | more than 3 years ago | (#34897282)

Someone should mod this up. It made my day.

Re:I do not think that word means what you think i (1)

KtHM (732769) | more than 3 years ago | (#34897260)

I'm thinking my shotgun is a little more dangerous than my station wagon.

Re:I do not think that word means what you think i (3, Insightful)

ifiwereasculptor (1870574) | more than 3 years ago | (#34897338)

You don't have to reload a station wagon on a crowded sidewalk...

Re:I do not think that word means what you think i (1)

Anonymous Coward | more than 3 years ago | (#34897384)

Sorry, I thought it was people, not guns, that were dangerous. Thanks for clarifying that.

Re:I do not think that word means what you think i (3, Interesting)

BrokenHalo (565198) | more than 3 years ago | (#34897548)

Sorry, I thought it was people, not guns, that were dangerous.

Well, that's true. Any suitably light-fingered individual is well qualified to attempt to lift my phone out of my front pants pocket, provided that they don't mind taking the chance that I might smash their brains in.

But then I personally think it's incredibly stupid to put any kind of financial details on anything that is so easily and casually stolen. I don't even leave such information lying around (at least in a form that is worth the trouble of attempting to decrypt) on my computers at home where I can guarantee a larger degree of security.

Re:I do not think that word means what you think i (5, Funny)

TheRaven64 (641858) | more than 3 years ago | (#34897840)

Sorry, I thought it was people, not guns, that were dangerous

True, but since the 13th amendment passed you're not allowed to own any people, only guns.

Re:Own (1)

TaoPhoenix (980487) | more than 3 years ago | (#34898844)

Nah. Now Owning people is called Work.

Re:I do not think that word means what you think i (0)

Anonymous Coward | more than 3 years ago | (#34898906)

You, sir, are clearly not a lobbiest for the Banking industry.

Re:I do not think that word means what you think i (2)

FooAtWFU (699187) | more than 3 years ago | (#34897900)

Generally speaking, guns almost never kill people.... bullets, on the other hand, are another matter.

Re:I do not think that word means what you think i (0)

Anonymous Coward | more than 3 years ago | (#34898232)

Sorry, I thought it was people, not guns, that were dangerous. Thanks for clarifying that.

Most people aren't dangerous until you put a machine like a gun or vehicle under their control

Re:I do not think that word means what you think i (0)

JockTroll (996521) | more than 3 years ago | (#34898472)

Most people aren't dangerous until you give them some kind of power - which happens to be a fundamental aspect of democracy: people must have access to power. The trick is discipline, which is also fundamental to democracy. Without discipline (which only comes from responsability and learning) there is no "people", only mob. Of course, only jocks can understand this. The rest can only wallow in their sense of helplessness and self-defeatism while we beat them up and shit on their faces.

Re:I do not think that word means what you think i (1)

neumayr (819083) | more than 3 years ago | (#34897394)

It comes down to how much you perceive the risk of using a tool. You know your shotgun can potentially do a whole lot of damage. That's its express purpose after all.
A car doesn't seem as dangerous, but even though it wasn't designed for that purpose it can do a lot of damage, and I wouldn't be surprised when the relevant statistics show that percentage wise, a lot more people get accidentally hurt by cars than by shotguns.
The same partly applies to blunt vs. sharp kitchen knives, with people getting cut by the former way more often than by the latter, and also how most accidents happen in people's homes, where they feel secure and safe and thus become careless.

To get back on topic, smartphones are not perceived as the high risk devices they are, making them more dangerous.

Re:I do not think that word means what you think i (1)

SuperKendall (25149) | more than 3 years ago | (#34898042)

If your car is the most dangerous thing you own you should probably think about visiting an optometrist.

Re:I do not think that word means what you think i (1)

Chris Mattern (191822) | more than 3 years ago | (#34898894)

No, that's risk. The car is enormously dangerous whether you can see well or not. If you intend to use it to harm, having good eyesight makes it *more* dangerous. It is indeed the most dangerous thing most people own, with the possible exception of a gun (if they own one).

Re:I do not think that word means what you think i (1)

syousef (465911) | more than 3 years ago | (#34898080)

You don't own a car? That is probably the "most dangerous" class of item that people own.

Are you married? *ducks for cover from the feminists*

Re:I do not think that word means what you think i (0)

Anonymous Coward | more than 3 years ago | (#34898438)

Try owning a car in NJ. Y'know, when car insurance is 6000/year.

Yeah, I'll stick to working from home, and my knife. NJT does suck, however. Unfortunately, I wasn't raised by rich white parents like the rest of NJ, so driving isn't a privilege I'll ever experience. I'm only 31, though. I have time, I guess.

Freakonomics (2)

sakdoctor (1087155) | more than 3 years ago | (#34897284)

Semantic quibble, which comes down to people's ability to asses risk. Guns vs swimming pools.
The point is, the phone is a terrible choice for security related matters, because it wasn't specifically designed to be an e-wallet from the ground up.

You can never, ever just bolt-on security.

Re:Freakonomics (2)

Arthur Grumbine (1086397) | more than 3 years ago | (#34897388)

You can never, ever just bolt-on security.

Wait - Isn't that exactly what we do with doors?!

Re:Freakonomics (2)

CharlyFoxtrot (1607527) | more than 3 years ago | (#34897450)

Yeah but there's a difference between putting a bolt on a glass door or on a steel reinforced one.

Re:Freakonomics (1)

sakdoctor (1087155) | more than 3 years ago | (#34897492)

Depends on the door.
A wooden door, with an after market bolt, would only stop opportunistic threats.
A door designed from the ground up to be secure, would have multiple locking bars which engage in all directions, into a metal frame which would also be part of the overall secure design.
That would go some way to reduce the single point of failure which a single bolt represents.

Analogy stands.

Re:Freakonomics (3, Informative)

mlts (1038732) | more than 3 years ago | (#34898166)

If I stuck a deadbolt cylinder on a hollow core door used for internal rooms, someone could easily kick it in without a moment's thought.

If I stuck a cylinder on a European lock that had multipoint locking, a solid jamb that uses steel rails that are sunk into the foundation, it would require a hydraulic ram to open it.

Similar with phones. If I stuck a PIN on an open device, there would be ways to get around it. However, if the device was built from the ground up with encrypted filesystems, keys in a secure RAM partition, and anti-brute force code where PIN guessing resulted in longer delays, and eventually a complete zeroization of the device, the same PIN that might be worthless on one device may adequately protect another.

One can see this when comparing a TrueCrypt keyfile stored on a cryptographic token (or an IronKey) compared to one stored on a generic USB flash drive. After try #20 with the USB flash drive, it doesn't matter, especially if one just copies the cyphertext to another image to protect against self destruct software. The same data stored on a hardware device using hardware encryption will be long gone before attempt #20 could even be made.

A 4 digit PIN can be excellent protection, or it can be a joke depending on how the device is architected.

Re:Freakonomics (1)

RobertLTux (260313) | more than 3 years ago | (#34898194)

and to be truly secure the walls would have to have a lattice of welded bars all the way around (and in the roof and floor.

any good attacker will locate the weakest point and use that (ultra secure door does Zippo when your walls are made of sheetrock

Re:Freakonomics (0)

Anonymous Coward | more than 3 years ago | (#34897396)

1) A swimming pool has a primary purpose other than killing.

2) "bolt-on" would be a compound noun. "Bolt on" is a compound verb. Stop hyphen abuse!

Bolt-ons and built-ins (0)

Charles Dodgeson (248492) | more than 3 years ago | (#34897566)

The point is, the phone is a terrible choice for security related matters, because it wasn't specifically designed to be an e-wallet from the ground up.

If you actually look at the design of iOS4 you might find that security has been built in very deeply with a hardware key among other things the OS. If you have access to Apple's WWDC 2010 sessions, take a look at session 209.

You can never, ever just bolt-on security.

As a shameless plug, I believe that we have 1Password for iOS [agilewebsolutions.com] (a password management system) well designed to use both our own security layer on top of what is built into iOS.

Re:Freakonomics (1)

Rob the Bold (788862) | more than 3 years ago | (#34897754)

The point is, the phone is a terrible choice for security related matters, because it wasn't specifically designed to be an e-wallet from the ground up.

You can never, ever just bolt-on security.

By this implied definition of e-wallet, a real wallet isn't really designed as a wallet from the ground up either. My wallet has essentially no security once it's out of my hands through theft or loss. But I do get the point, one might store even more valuable information in an e-wallet than just the cash and credit card numbers present in an r-wallet. Bank passwords, other account passwords could lead to considerably more damage than the $50 per credit card loss one might incur. Unless of course, you carry your passwords on paper in your r-wallet.

Re:I do not think that word means what you think i (0)

Anonymous Coward | more than 3 years ago | (#34898578)

Not sine I downloaded the machinegun app.

Explosive deterrence? (0)

Anonymous Coward | more than 3 years ago | (#34897098)

Give me a phone which will self destruct if someone tries to tamper with the security.

Preferably in a painful way to the person doing it.

Re:Explosive deterrence? (1)

hodet (620484) | more than 3 years ago | (#34897308)

That's a little harsh. Remote wipe is good enough. My corporate Blackberry can be wiped remotely. I think any smartphone should allow me to login to my account online and activate remote wipe to my device. Maybe they do already. I am sure many folks here have smartphones, does that exist on personal accounts?

Re:Explosive deterrence? (1)

sakdoctor (1087155) | more than 3 years ago | (#34897356)

Hardware that was even making a token effort at security, would need to be capable of cold zeroisation.
To remotely wipe data, it needs a power source AND a signal.

Re:Explosive deterrence? (1)

hodet (620484) | more than 3 years ago | (#34897838)

Yes but remote wipe would take care of 99% of the dumb criminals. There is very little defence against the smart ones. TFA talks about posting to Facebook and using your device as a credit card which would imply connectivity.

Re:Explosive deterrence? (1)

mlts (1038732) | more than 3 years ago | (#34898286)

I'd like to see more phones have the option to completely erase contents after "X" period of time with no network signal. This way, someone can't just pull a SIM card to keep access.

As for remote wipes, sometimes phones do provide non-corporate customers the way to do this. Apple does, (you used to need a .me.com account, but apparently with iOS 4.2.1, not anymore.) Motorola's Motoblur accounts also have this ability as well.

I do think having E-mail with an Exchange provider (that supports OWA) is a good thing even with these options, just because of the ability to wipe the contents using a different mechanism.

And how many people actually protect their phone (5, Interesting)

hsmith (818216) | more than 3 years ago | (#34897104)

With passcodes, setting the phone to wipe on a few failed tries? Almost everyone I know lacks a passcode on their mobile device - giving anyone the freedom to dig into their personal lives. I just don't think people realize what a risk it is at all.

I'd also like to know which devices can be cracked in 30 seconds. With iPhone 4's full device encryption, I don't see how the key can be cracked in under 10 tries before it would wipe itself. But, I'd like to know.

Re:And how many people actually protect their phon (1)

sznupi (719324) | more than 3 years ago | (#34897246)

I remember how not so long ago any new SIM card came with its PIN. Lately though, out of the box, they often don't require any authorization (a PIN can be still set up of course, but...)

It would seem people prefer it that way (at least at my place, but I doubt it's very unique)

Re:And how many people actually protect their phon (0)

Anonymous Coward | more than 3 years ago | (#34897866)

I remember how not so long ago any new SIM card came with its PIN. Lately though, out of the box, they often don't require any authorization (a PIN can be still set up of course, but...)

That's a completely different problem. The smartphone has a lot of useful information stored on it, and you want to protect the contents of the smartphone from the bad guys.

Protecting the SIM with a PIN stops bad guys from putting the SIM into a different phone and making phone calls/SMS/data that you get the bill for.

Re:And how many people actually protect their phon (1)

sznupi (719324) | more than 3 years ago | (#34897962)

Not really completely different. Quite symptomatic.

Re:And how many people actually protect their phon (0)

Anonymous Coward | more than 3 years ago | (#34898880)

The SIM's PIN is only required when you turn the phone on. Completely useless in today's age, where no-one ever turns their phone off (you can't receive phone calls if you turn it off).

You can use a phone for 6 months without ever entering that PIN.

Re:And how many people actually protect their phon (0)

Anonymous Coward | more than 3 years ago | (#34897264)

I would also like to know what devices that can be cracked in 30 seconds. In fact, I can't find an iPhone crack on googling. The "cracks" on youtube for iPhone don't work.

Re:And how many people actually protect their phon (1)

BrokenHalo (565198) | more than 3 years ago | (#34897576)

I would also like to know what devices that can be cracked in 30 seconds. In fact, I can't find an iPhone crack on googling.

So don't bother to RTFA. That might inform you of the casual smudge-track left by those crappy 3x3 gesture-passcodes.

Of course, the simple solution here is not to use it, but what the hell. Anything for a lame story...

Re:And how many people actually protect their phon (2)

Space cowboy (13680) | more than 3 years ago | (#34897296)

The risk appears to only be for Android phones, because the swipe-to-unlock leaves smudges that can be visually decoded to tell the thief the "password". I can't see how this security vulnerability affects iPhones with their tap-based passcode.

And yes, I have a passcode on my phone. It takes about a day for the annoyance factor to dissipate, and IMHO you're nuts not to have one.

Simon

Re:And how many people actually protect their phon (3, Informative)

YouWantFriesWithThat (1123591) | more than 3 years ago | (#34897582)

android phones have numeric or alphanumeric passwords that can be enabled as of version 2.2

Re:And how many people actually protect their phon (1)

Space cowboy (13680) | more than 3 years ago | (#34897884)

Which is cool, for those phones that are allowed to be able to upgrade to that version...

Simon

Re:And how many people actually protect their phon (0)

miltonw (892065) | more than 3 years ago | (#34897598)

*sigh* This whole "you can read the unlock swipe pattern" really needs to be put to rest. That requires that. 1) You clean your screen before unlocking it. 2) You unlock your phone. 3) You immediately hand your phone to a hacker with specialized equipment. I think I can avoid doing that.

Re:And how many people actually protect their phon (0)

Anonymous Coward | more than 3 years ago | (#34897974)

No, actually, it doesn't.

My wife has an Android phone (I bought her an HTC Hero when it first came out) which clearly has the swipe marks on the front of the phone, when held up to the light. I know what her swipe is, so I can tell what to look for, but they're definitely there and I have to assume that evil-bad-people can figure out which ones they are. They're pretty prominent.

In my wife's case, I think it's the lotion she puts on her hands. It sticks to the surface way beyond the usual time, and she generally taps rather than swipes to use the other functionality. The swipes stay put.

This is a definite Android vulnerability. I looked into getting the later version of the OS, but it seems I cannot upgrade this phone. Just Fscking great, that. The chances of getting my wife to change her hand-lotion are somewhat smaller than Satan skating to work one day, so I guess the Valentines day gift will be a new iPhone. At least Apple *cares* enough to do something about problems...

Re:And how many people actually protect their phon (1)

JimboFBX (1097277) | more than 3 years ago | (#34898052)

err, the grass is greener on the other side buddy. Here you are saying you want to get an iphone and here I am saying I'm going to get an android (well, the dual core one when it comes out at least... assuming it doesn't have any gating issues)

TBH unless you need an ipod touch there isn't a lot of good reason to get an iphone at this stage. I have to turn my phone off and back on at work sometimes because of its inability to get any data throughput despite having a connection. Granted, the iphone 4 for verizon might not have this issue, but another issue is that my hard drive died and now I can't update the firmware without doing a sync and I can't sync without worrying that everything that isn't considered "a purchase" that I absolutely must remember to transfer pior to syncing else it will get wiped from the phone.

Finally, the iphone requires you have X gigs of hard drive available where X is the size of your phone. My wife's sister had a low end computer where 14.5 gigs of space is a premium and guess who was the culprit who devoured all that without telling her?

Your wife could just wipe her pinky on her shirt then swipe with her pinky

Re:And how many people actually protect their phon (1)

Haedrian (1676506) | more than 3 years ago | (#34898428)

I own an android tablet and I can ascertain that yes, they show.

The thing is, you need to do it in one swipe - and you're going to do it pretty commonly. So there'll be a long continious smudge where you left it unlocked. It'll 'overwrite' previous smudges, and chances are you're not doing long swipes on other things. Unless you have swype or something.

Re:And how many people actually protect their phon (1)

Rob the Bold (788862) | more than 3 years ago | (#34897722)

The risk appears to only be for Android phones, because the swipe-to-unlock leaves smudges that can be visually decoded to tell the thief the "password". I can't see how this security vulnerability affects iPhones with their tap-based passcode. And yes, I have a passcode on my phone. It takes about a day for the annoyance factor to dissipate, and IMHO you're nuts not to have one. Simon

OK, I don't have an iPhone, so what is a tap-based passcode? Just typing digits on a 10-key style screen interface or something like that? I've got a smartphone,but not an iPhone, and have been reluctant to keep anything too valuable (or personal) on it for lack of password protection, and I've resisted using password protection because of how annoying I imagine it to be. Am I totally wrong about how big a hassle it is?

Re:And how many people actually protect their phon (1)

Space cowboy (13680) | more than 3 years ago | (#34897994)

The iPhone unlock is a 4-digit PIN. I think you can use more digits, but 4 is enough, given that you only get 5 tries.

As I said, I found it annoying at first, but after a day or so, I don't really notice it. You don't need to unlock the phone to answer calls, so it's about 2 seconds to unlock then use the phone. Well worth it IMHO.

Simon

Re:And how many people actually protect their phon (0)

Anonymous Coward | more than 3 years ago | (#34898078)

iPhone and iPod touch can have either a 4 digit PIN password OR a full alphanumeric password (not sure maximum length). You can also set a number of behaviors around these passwords. For example you can set it to wipe the device after 10 incorrect passwords and you can customize the delay before a password is asked for after putting the device on standby. You can have the device ask for the password any time it is woken from sleep or you can set a time delay. For me I've found 15 minutes is a good balance between not having to enter my password all the time and security if I lose the device.

Re:And how many people actually protect their phon (0)

Anonymous Coward | more than 3 years ago | (#34898770)

Tap based passcode, easily decipherable from finger smudges as evidenced by all my friend's iphones. If you don't want your passcode cracked, wipe the grease off your phone after every use.

Re:And how many people actually protect their phon (1)

Gripp (1969738) | more than 3 years ago | (#34897540)

i think the average user doesn't realize what they are risking, or just assume that it couldn't ever happen to them.

i've personally known a number of people that left their wireless open, despite me explaining very clearly the risk and ease that people can get at your info; i even showed one of my ex-coworkers how easy it was to record her vonage calls with wireshark while parked some distance away... she still didn't care; she didn't want to deal with the hassle of her router.

Re:And how many people actually protect their phon (1)

hsmith (818216) | more than 3 years ago | (#34897562)

errr i mean iOS4 not the iPhone 4

Re:And how many people actually protect their phon (1)

bertoelcon (1557907) | more than 3 years ago | (#34897762)

I'd also like to know which devices can be cracked in 30 seconds. With iPhone 4's full device encryption, I don't see how the key can be cracked in under 10 tries before it would wipe itself. But, I'd like to know.

Couldn't they just dump the memory of the device in its encrypted state and crack it at their leisure?

Re:And how many people actually protect their phon (1)

noidentity (188756) | more than 3 years ago | (#34898288)

When someone has access to your hardware, the only thing that will protect you is strong encryption. Having the CPU prevent access to your data is like sticking a post-it on a stack of money saying "you may not take this".

Re:And how many people actually protect their phon (1)

Haedrian (1676506) | more than 3 years ago | (#34898416)

That'll work.

Until someone wipes your phone maliciously.

Security of a smart phone (1)

Wowsers (1151731) | more than 3 years ago | (#34897112)

Actually no I do not use a smart phone for banking etc.. I cannot control the OS installed on the phone, I therefore cannot add bits (apps) knowing for sure that they work as intended, so I do not use the smart phone for banking, or surfing to sites that need log-ins. Log-in type of browsing I use my Linux desktop / laptop for.

Those that do use a smart phone for everything, they should treat the phone just like cash, where if you loose it, you could be well forked, and out of pocket in more ways than one.

Re:Security of a smart phone (5, Insightful)

CharlyFoxtrot (1607527) | more than 3 years ago | (#34897134)

The security on a smart phone isn't any worse (in many cases better, even) than that on most people's personal computers. The OS question is irrelevant, the big difference is that it's much easier to gain physical access. Just be vigilant and be have a plan ready to immediately block all access if you do lose your phone.

Re:Security of a smart phone (0)

Anonymous Coward | more than 3 years ago | (#34897306)

Why not just come out and say it. Phone security is leagues ahead of desktop operating system security. Let me know when every app on your desktop computer is sandboxed to its own process, unable to read the memory of other apps, unable to read/write to external storage without explicit permissions, each app with its own private data storage other apps cannot access. Sorry, but Windows and OSX are a joke.

Re:Security of a smart phone (0)

Anonymous Coward | more than 3 years ago | (#34897140)

It is lose not loose. Why is it that so many people mix up these words?

Re:Security of a smart phone (1)

BrokenHalo (565198) | more than 3 years ago | (#34897594)

It is lose not loose. Why is it that so many people mix up these words?

Because they're illiter8 ba5tards.

Re:Security of a smart phone (1)

h4rr4r (612664) | more than 3 years ago | (#34897626)

I have a smartphone, a Droid. I control the OS, I have added "bits", kernel modules.

Re:Security of a smart phone (1)

realityimpaired (1668397) | more than 3 years ago | (#34897760)

I therefore cannot add bits (apps) knowing for sure that they work as intended,

Working as intended isn't what worries me with smartphone apps. Working as advertised is a much bigger impediment to my comfort levels doing banking on the phone.

I stop short of having my gmail account on my smartphone. Banking, etc, get done from a stock-configured browser in a virtual machine that only ever gets used for that (and is configured read-only).

The power of technology.... (4, Insightful)

cold fjord (826450) | more than 3 years ago | (#34897132)

It continues to make almost everything more convenient, including ruining you.

Re:The power of technology.... (2)

fermion (181285) | more than 3 years ago | (#34898498)

We need to be aware of the security risk of the instruments we use. That said more advance and abstract instruments are not necessarily more risky. For instance in a barter system we might use goods, but have the risk of those goods losing value due to decay or market forces. We might say a objective measure such as gold could be secured, but not against inflation. Gold has not kept up with inflation for most fo the past 35 years.

So maybe we have currency which can also be lost, stolen, and has no protection against inflation. So we use bank accounts and saving accounts with can secure money against loss due theft and inflation. But we use checks to get the money, and check can be stolen and used. We can stop checks, but that is no guarantee, and it is our money we are spending.

Credit cards then come, in which we spend others money. We can let our assets gain interest, and spend other assets. We pay more for product, but do not risk our money. Even if we lose the card, and charges get made, it is not our money.

So what does this have to with the telephone. Telephones hava an added bit of security with an access code. Telephones can be remote wiped, unlike credit cards or checks. Around the world telephones are being linked to store valued accounts which allows user to more securely use and transfer monies.

I do not use my phone for money, and I do not use any of RFID technologies, but I was raised on credit. This is the same as some people who were raised on checks not using credit cards. But to say that phones will inherently lead to less secure behavior or less responsible behavior is not supported by facts. It all has to do with education and custom.

It Can Get Worse... (2, Interesting)

IonOtter (629215) | more than 3 years ago | (#34897144)

Throw in one of these [squareup.com] , and you're looking at truly ridiculous amounts of pain if you lose your phone.

Re:It Can Get Worse... (3, Insightful)

neumayr (819083) | more than 3 years ago | (#34897188)

(Took a little while to recover from that ridiculous commercial)
Seems like that device is made to accept credit card payments, not to pay people with credit cards. How does that make losing ones phone any worse than it already is?

Hmmm. (1)

BrokenHalo (565198) | more than 3 years ago | (#34897648)

Looks to me as if that system is best suited to card-skimming operations. The convenience seems to fall entirely on one side of the transaction.

Re:It Can Get Worse... (1)

hsmith (818216) | more than 3 years ago | (#34897478)

Do you even understand what squareup does? You losing your phone has nothing to do with it.

Re:It Can Get Worse... (1)

goingToSay (1192935) | more than 3 years ago | (#34897678)

The other replies to your post already noted that this service does not store any data on the phone. Here is text from their site: https://squareup.com/security [squareup.com]
  • Card numbers, magnetic stripe data, or security codes are not stored on Square client devices.
  • Applications developed in-house are subject to strict quality testing and security review. Web development follows industry-standard secure coding guidelines, such as those recommended by OWASP.
  • Card-processing applications adhere to the PCI Data Security Standard (PCI-DSS), Level 1.

Not so many (1)

sznupi (719324) | more than 3 years ago | (#34897192)

Close to (still not quite reaching that number, IIRC) 30% of device sales are smartphones, not 30% of subscribers (and as to "Droids"...Samsung seems to be positioning themselves firmly on top; unless the term starts becoming a genericized (shortcut of) trademark)

i'm kind of a big deal (2, Informative)

FuckingNickName (1362625) | more than 3 years ago | (#34897222)

The late '90s were a zenith of Western society, a fair balance of regulation and freedom; technology and tradition.

Now the government's breathing down everyone's neck while they're neatly distracted by thinking they're such a big deal that they need to be contacted at every minute of the day or night.

Minimise your shitty gadgets. Do only what needs doing. Relax a little. If you think you need to bank from your 'phone, you're doing life wrong.

Re:i'm kind of a big deal (1)

sznupi (719324) | more than 3 years ago | (#34897266)

Also ~"moral and intellectual demise of youth will soon destroy civilization" - don't-remember-who, Ancient Greece.

Re:i'm kind of a big deal (3, Insightful)

The_mad_linguist (1019680) | more than 3 years ago | (#34897286)

Fifty years later, their civilization was, practically speaking, destroyed.

Just saying.

Re:i'm kind of a big deal (0)

sznupi (719324) | more than 3 years ago | (#34897316)

Crap, my hangover must be worse than usual, I was convinced of writing some reply via means made possible by technical civilization of "humans"; even worse - being member of their species...

Re:i'm kind of a big deal (1)

FuckingNickName (1362625) | more than 3 years ago | (#34897288)

It's generally true, but then some revolution or war or other instability comes along and shakes things up a bit. We've experienced too much stability to reinvigorate the new generation.

Also, school is fucking easy now. It's never been easier. The mass Western privatisation/unionisation (delete as inappropriate to your political prejudice) of education is unique to the last couple of decades. Contrast the 400 years of what counted as formal or informal higher education, or skip over the Dark Ages and contrast with Ancient Greek higher education.

Re:i'm kind of a big deal (1)

sznupi (719324) | more than 3 years ago | (#34897392)

Even with hiccups it still roughly gets better and better...

(also, can't really vouch for educational systems other than my local one... but according to one of my parents (accountant, so with some steady contact with basic math) - my generation apparently covered before highschool their Baccalaureate-level math; generally, schooling isn't even for that long very widespread in the first place / the average level of education is very much higher from the old times / we probably still get greater proportion of the "really wise" ones, those worth remembering at all from the really old times & skewing our perception)

Re:i'm kind of a big deal (1)

FuckingNickName (1362625) | more than 3 years ago | (#34897818)

What country? GCSE mathematics in the UK is a joke compared to O-level, and A-level has had the syllabus progressively reduced. More importantly, questions have turned from requiring ingenuity to being something the student will have already seen in the textbook (produced by the same publisher which happens to own the exam board).

As for the average level of education, it's true that more people can read, but learning specific technical skills is not the same as the exercise and application of imagination and ingenuity. Like Einstein said, "The intuitive mind is a sacred gift and the rational mind is a faithful servant. We have created a society that honours the servant and has forgotten the gift."

Re:i'm kind of a big deal (1)

sznupi (719324) | more than 3 years ago | (#34898086)

The difference between 50s and 90s in Poland. Note: apparently there was also some decline during the last decade, perhaps largely because of poorly executed educational reform (and...modeled on wrong examples; a bit in the spirit of post-colonial mentality: "they are prosperous, so all must be better").

Nothing too dramatic though, and I'm pretty certain it will continue to improve. Don't look at fluctuations; doesn't help that we are merely convinced of how good our memory is. Add variously colored glasses. And how we are not greatly aware of multi-decade changes, we are tainted by how hugely our own perspective shifts (IMHO it's not much of a stretch to say that we are generally closer to our peers than to ourselves at some distant life stages)

Look how rapidly the world has improved lately, all things considered (despite there being still a lot to do of course). Look how relatively stagnant it was during your time of "great thinkers"

Re:i'm kind of a big deal (1)

CharlyFoxtrot (1607527) | more than 3 years ago | (#34897634)

Wikiquote to the resque:

Socrates - misattributions

"Children now love luxury; they have bad manners, contempt for authority; they show disrespect for elders and love chatter in place of exercise. Children are now tyrants, not the servants of their households. They no longer rise when elders enter the room. They contradict their parents, chatter before company, gobble up dainties at the table, cross their legs, and tyrannize their teachers."

Apparently dates from 1953: see Respectfully Quoted: A Dictionary of Quotations Requested from the Congressional Research Service, Edited by Suzy Platt, 1989, number 195.
Actually a paraphrase of a quote from Aristophanes' Clouds, a comedic play known for its caricature of Socrates (w:The Clouds)

Re:i'm kind of a big deal (2)

epine (68316) | more than 3 years ago | (#34897640)

The late '90s were a zenith of Western society, a fair balance of regulation and freedom; technology and tradition.

You've got to be kidding. This ranks right up there with Jody Foster defending Mel Gibson as "not such a bad guy to work with" while the Russell Williams story was breaking in Canada. He was a great guy in the office, too, but had defects in other life aspects.

You cleverly post this right after I finish reading a long treatise on the nutter-of-the-moment and his trigger words.

Looking Behind the Mug-Shot Grin of an Accused Killer [nytimes.com]

One sentence (nice touch with the semicolon) before you spout on the G-word. Plus you're potty mouth to no useful effect.

But let's argue the point. If the late 90s was a zenith, it was the kind of zenith that ought to include a parachute, but doesn't, or the parachutes are fabricated in metal: gold for the precious few, lead for everyone else. Nortel stock needed a parachute *and* a heat shield *and* a giant sofa cushion.

I just finished watching the movie Moon. There's a character who throws up in his space suit. His slashdot nick was Ralph Nadir, cause throwing up in a space suit is a *bad* day at the office. How did you pick your nick?

Or am I not giving you enough credit all around, and you're actually talking about the late 1890s?

Re:i'm kind of a big deal (2)

FuckingNickName (1362625) | more than 3 years ago | (#34897784)

Your drunken post was very difficult to read. Are you countering by pointing out that some tech stock was overvalued? Maybe you're young/selfish enough that it's the sort of thing which you consider the height of importance, but perhaps you ought to concentrate on the freedoms and opportunities people enjoyed.

Re:i'm kind of a big deal (0)

Anonymous Coward | more than 3 years ago | (#34897666)

OK grandpa, some of those gadgets offer a lot of convenience. They do in fact make life easier and/or more fun.

Although personally I never do it, accessing your bank info on the fly as needed from wherever you are can be very useful. When it's secure I will do it too.

Re:i'm kind of a big deal (1)

h4rr4r (612664) | more than 3 years ago | (#34897668)

If you have to drive home to move money, or worse to the bank, you're doing life wrong. I have far more fun stuff I could be doing.

I remember the 90s it was just as bad as now except for air travel, that was better. Our government has not gotten better or worse.

Re:i'm kind of a big deal (1)

FuckingNickName (1362625) | more than 3 years ago | (#34897746)

If you have to drive

Why would I have to drive?

home

Why is the alternative to go home?

to move money,

What about you is so disorganised or overcomplicated that you need to move money around your accounts while you're on the move?

or worse to the bank,

The richest people I know do precisely that. I don't. But there you go.

I have far more fun stuff I could be doing.

I'm not sure what's fun about needing to manage your bank accounts while travelling.

I remember the 90s it was just as bad as now except for air travel, that was better. Our government has not gotten better or worse.

Wow. Assuming you're in the UK, the USA or some Western European country, you really need to pay more attention to your country's legislative progress, even if you've never suffered the consequences of new laws. Government has gotten a lot worse.

Re:i'm kind of a big deal (1)

realityimpaired (1668397) | more than 3 years ago | (#34898450)

That's my strategy... works really well. I can transfer money online or via telebanking, but I just use that to pay bills. I use cash for everything, and my daily withdrawl limit with the plastic is $100. I cannot direct pay with my bank card... or rather, I can, but the daily limit is $0. I have a VISA card, but I restrict the use of that for recurring monthly payments (TV, Cell phone, Internet), and large purchases.

By forcing myself to use cash for everything, I force myself to have something tangible in hand to exchange for goods. That makes it a lot easier to keep track of what I'm spending, and also forces me to be more aware of the value of what I purchase. This helps to significantly reduce impulse buying.

Similarly, by forcing myself to actually go to a bank teller to withdraw more than a small amount of money, I also make sure I'm not carrying large amounts of cash, again reducing the amount of impulse buying that gets done. By requiring me to actually go to the bank to move around large amounts of money between accounts, or to get a large amount of money in hand, I again force myself to be more conscious of my spending, and prevent myself from spending money I don't have. The main reason people get rich isn't luck, it's being aware of what they're buying, and not spending more than they need to.

Seems to work. There's a comfortable margin left in my bank account right now. Not as comfortable as it used to be, but I bought a car last week, and paid cash.

Re:i'm kind of a big deal (0)

Anonymous Coward | more than 3 years ago | (#34898206)

What?

Why would anyone have to go all the way home? That's a pretty poor straw man argument.

I organise my money when I have access to a computer that happens to be on a network I feel that I can trust. I have to do that once a month, when I get paid. Then I take this wallet sized piece of plastic with me and just use that. Since I still need to carry around ID, drivers license, etc, taking my debit card around the place is hardly inconvenient so please, don't try and play that card.

Like the poster before me said, perhaps you should organise your life a little better. And maybe learn that you are not so important that you can't get along without a phone 24/7.

Re:i'm kind of a big deal (0)

Anonymous Coward | more than 3 years ago | (#34898884)

Surely, you are naiive, or jesting. Some comparisons between the 1990s and now.

Gas then: Swipe your credit card in the pump, pay less than a buck a gallon.
Gas now: Swipe your credit card. Enter in ZIP code. Wait until the guy at the desk sees who you are and that you are not a terrorist, and he might finally press the button to allow you to fill up a vehicle.

Commute home then: Travel some well kept streets until you hit highway.

Commute home now: Dodge the potholes due to no rood upkeep. At stoplights, deal at best aggressive panhandlers who are more than willing to decorate someone's windshield with a baseball bat because they didn't get money for their rock of crack. (Cops don't want to arrest those guys because they will shit their pants and require a patrol car cleaning.) Get on highway, only to deal with gridlock due to 24/7/365 NAFTA semis, who exit off and come back on the highway, thus jamming the exits.

Vacation to nearby parts then: Gas up, drive somewhere, have fun, drive home.

Vacation to nearby parts now: Doublecheck traffic routes make sure to avoid wrecks, be careful for the lights and speed traps (65 to 35 the common one), notice the tons of new stoplights for subdivisions. Find that the refugees from California's mortgage crisis are moving into your home state and driving up property values, so the once peaceful and quiet fishing hole now has a full parking lot full of SUVs with out of state plates. The once peaceful, well stocked campgrounds are now chock full of morons with construction grade generators (Read: generators with no sound dampening ability) having them rattle all night long so they can watch TV. Find the mom and pop who once ran the fishing hole were forced out and it is owned by people who have little interest in upkeep of the property, although their fees have gone up by a factor of four.

Hitting a downtown club then: Park on the street, walk to club, return to car, drive home.

Hotting a downtown club now: Start looking for parking, find a garage. Find the garage is actually not open but someone is faking the job of a parking lot attendant, so all cars in the garage end up towed. Find a surface area lot. Pay $10 to the machine. Avoid the hordes of hoboes who have fled California and are either getting in your face for a handout. Have a decent time. Leave the club, dodge the gauntlet of nasties again. Take 30-45 minutes getting home due to the constant roadblocks for sobriety checks.

Job fair at graduation in the 1990s: Pick a cool named company, bam, hired.

Getting a job today from college: Either you already have a job due to an internship before you walk, or you are just plain fscked. You at least get some rank for college when enlisting in the Armed Services.

Radio in the 1990s: Always something new on the radio, pick a genre. Cool concerts every weekend being mentioned.

Radio now: Same shit since 1995. Same 100 songs, never changing. If they advertise a concert, it is some place about 200-300 miles away. Only thing new are the ads.

Internet then: Yes, bandwidth was slower, but USENET was usable, people wrote proper English, and conversations were mainly meaningful.

Internet now: "This sucks." "No, you suck." "No, your momma sucks and swallows!" is the gist of almost any conversation these days if there is no moderating mechanism, or live moderators who are astute with the ban sticks.

Re:i'm kind of a big deal (1)

fahrbot-bot (874524) | more than 3 years ago | (#34898268)

If you think you need to bank from your 'phone, you're doing life wrong.

Seriously agree. In fact, those commercials that show someone querying their credit card or bank balance to see if they can buy a huge flat-screen TV or, quite frankly, any mobile banking issue, illustrates something very wrong with that model and poor personal financial planning and management by those who would rely on such features.

Depends (1)

gmuslera (3436) | more than 3 years ago | (#34897432)

If you store the most critical things in the cloud, specially things that you access thru your phone, is your password your most dangerous possession, mainly because stealing your phone is not a requirement for getting your data (if your password is unsafe or used from an unsafe location, i.e. with a keylogger). Of course, that have as advantage that if your phone gets stolen, and you are fast enough, you could change your cloud password and disable your phone number.

You could also store directly in the phone sensitive information like passwords, but there are apps that are meant to manage that information that have a master password to enable you to access (and that password will be the important one there)

Re:Depends (1)

neumayr (819083) | more than 3 years ago | (#34897568)

Storing your personal data on systems you have no control over is bad. News at eleven.

Use Keepass for your passwords (1)

SuperBanana (662181) | more than 3 years ago | (#34897592)

Android users: use KeepassDroid for storing your passwords in a keepass database, and then randomize your important accounts.

Now all you need to remember is one good password. When you tap on an entry after decryption, keepassdroid puts a notification item up, that when activated, pastes the password in your clipboard for pasting into nearly any app or web page. It does smart things like clear the clipboard after a delay, etc.

You can combine it with Dropbox for unified password management on all platforms; just use a 1.x database if you have a Mac, because KeepassX doesn't "do" v2.x databases, for some reason.

Paying with your phone was deemed a good idea (0)

Anonymous Coward | more than 3 years ago | (#34897606)

because...? Anyone?

A clear case of forgetting to include security in your considerations from the start, forcing it to be bolted-on later.

Lies. (1)

Anonymous Coward | more than 3 years ago | (#34897680)

it's not going to protect you from professional fraudsters. 'Don't think that having an initial password set on your phone can stop people from getting in there,' says Nikki Junker, a victim advisor at the Identity Theft Resource Center. 'It's a very low level of protection -- you can even find 30-second videos on how to crack smartphone passwords on YouTube.'"

Complete BS.

Blackberries offer real security. The flash memory can be encrypted with solid AES. They can be set to wipe after a certain number of bad login attempts. They can be locked or wiped remotely. They can be set to wipe after a certain period of time off the network. There is a background process which continuously overwrites unused RAM to make sure decrypted data in memory is kept to a minimum.

And most importantly, you can enforce all of these settings from the Blackberry Enterprise Server so that you can protect idiot users from their own stupidity.

The blackberry platform has been tested, audited & certified [blackberry.com] by many security organizations. Iphone & Android have been certified by... nobody.

If you want real security, the choice is clear.

Re:Lies. (1)

mspohr (589790) | more than 3 years ago | (#34897966)

Blackberry is great except if you live in a country where the government has been granted access to your device or a country where the government has access but has not disclosed it... oh wait... I guess it isn't that secure after all.

I knew it (2)

Nihn (1863500) | more than 3 years ago | (#34897736)

I'm not dumb enough to place any form of important info into ANY device connected to a network. Privacy can not be maintained when so many people have access to the servers and software directly connected to your smart phone or computer. I remember when phones made phone calls...and that was it. No ring tones, no aps, just a basic fully functioning device use to communicate with others. Now people are shocked that the "smart" phone is considered a prize to thieves. It's a key to the bank you use and you keep it under your door mat...what did you think was gonna happen. If people want security then use the brain you were given to memorize said info...and don't say some people can't. Information of utmost importance can be retained and locked away behind lies and deception and can not be stolen without the owners participation. (see social engineering) Phones makes no judgment on who is holding it and will open itself to whoever wants in. So the reality of the matter is people who are foolish enough to place personal info into a network deserve being ripped off. Jump into a fire, you will get burned. Simples.

Re:I knew it (0)

Anonymous Coward | more than 3 years ago | (#34898120)

Back in my day, the damn kids kept off my lawn. Lawn was for looking at and NOT playing on. Get off my lawn I yell! But they do not listen. Stupid kids.

Droid != Android (1)

drb226 (1938360) | more than 3 years ago | (#34897852)

...with 30% of phone subscribers owning iPhones, BlackBerries, and Androids...

FTFY. Droids are only a subset of Androids

Thermite security (1)

argontechnologies (865043) | more than 3 years ago | (#34898056)

If you miss the password three times on my phone, the thermite security feature is triggered, slagging both the phone and the hand holding it. That's why I never drink and text anymore.....
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>