The document discusses security issues related to cell phones and provides recommendations. As people store more personal data on cell phones, the number of vulnerabilities increases. An attacker who gains physical access can completely compromise a phone. The document advises treating your phone as untrustworthy and outlines threats such as law enforcement, signal interception, lost/stolen phones, and malware. It recommends using encryption, a strong screen lock, and open source security tools to improve phone security. Rooting your phone can help security but may also decrease it. The overall message is to be paranoid about phone security.
It is wise to take comprehensive preventive measures when it comes to securing and protecting your device. Have a look at these ways to protect your information and improve your chances of recovering your phone when it’s stolen or lost.
Software projects that involve cameras are hard for a number of reasons. Here are some key things to watch out for in your next CCTV or IP Camera development project.
company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Presented at GDG Baroda's DevFest 2015 on 1st Nov, 2015.
Androids have penetrated our life so deeply, we are now using Android for everything, let it be booking a movie, browsing a website, purchasing groceries, ordering food, and what not! In such a scenario, it is important for you to know, how you can stay safe while doing all these activities. Find out how you can make your Android device more secure, and more reliable.
This software will operate secretly in the background and it will monitor every movement on the PC. It can capture all chat room conversations, all emails, all passwords, record all keystrokes typed, and much more.
Computer Security For Activists & Everyone (Oct 2018)Kit O'Connell
In an age of mass surveillance and increasingly commonplace hacking, protecting yourself online can feel overwhelming. This class is designed to help people get a handle on their devices, including computers and smartphones.
Topics include "threat modeling," which helps you understand what steps to take when. Also: concrete solutions for encrypted messaging, secure email, and protecting your passwords & data. Plus some simple protest tips.
This class is designed for experienced activists, newcomers, and anyone who wants to be safer online.
What's in your personal threat model? What assets are you trying to protect? Learn how to improve your personal security and privacy online through best practices and security tips. This talk is for everyone, whether your a seasoned security professional or complete novice hopefully you will take away a few areas where you can better protect your personal information.
Video Link: https://www.youtube.com/watch?v=PIwvxSZj5e8
How paranoid should you really be about online security safety? Read Security Engineer Geoff Vaughan's advice on security best practices for regular users.
It is wise to take comprehensive preventive measures when it comes to securing and protecting your device. Have a look at these ways to protect your information and improve your chances of recovering your phone when it’s stolen or lost.
Software projects that involve cameras are hard for a number of reasons. Here are some key things to watch out for in your next CCTV or IP Camera development project.
company names mentioned herein are for identification and educational purposes only and are the property of, and may be trademarks of, their respective owners.
Presented at GDG Baroda's DevFest 2015 on 1st Nov, 2015.
Androids have penetrated our life so deeply, we are now using Android for everything, let it be booking a movie, browsing a website, purchasing groceries, ordering food, and what not! In such a scenario, it is important for you to know, how you can stay safe while doing all these activities. Find out how you can make your Android device more secure, and more reliable.
This software will operate secretly in the background and it will monitor every movement on the PC. It can capture all chat room conversations, all emails, all passwords, record all keystrokes typed, and much more.
Computer Security For Activists & Everyone (Oct 2018)Kit O'Connell
In an age of mass surveillance and increasingly commonplace hacking, protecting yourself online can feel overwhelming. This class is designed to help people get a handle on their devices, including computers and smartphones.
Topics include "threat modeling," which helps you understand what steps to take when. Also: concrete solutions for encrypted messaging, secure email, and protecting your passwords & data. Plus some simple protest tips.
This class is designed for experienced activists, newcomers, and anyone who wants to be safer online.
What's in your personal threat model? What assets are you trying to protect? Learn how to improve your personal security and privacy online through best practices and security tips. This talk is for everyone, whether your a seasoned security professional or complete novice hopefully you will take away a few areas where you can better protect your personal information.
Video Link: https://www.youtube.com/watch?v=PIwvxSZj5e8
How paranoid should you really be about online security safety? Read Security Engineer Geoff Vaughan's advice on security best practices for regular users.
Why is it that the more we come to depend on our mobile phones as our lifeline to the the world, the more willingly we give up privacy and control?
Earthmouse: Mobile Guardian (E:MG) aims to change that by providing regular people with the tools they need to protect their privacy, anonymity and communications with friends, family and colleagues.
Built on the Google Android OS, E:MG will provide both applications and a completely new secure distribution that will run on low cost mobile phone hardware available throughout the world.
We are looking for users, developers, causes and partner organizations to contribute to, inform and guide our work.
Supporting the global efforts in strengthening the safety, security and resilience of Cyberspace, the Commonwealth Cybersecurity Forum 2013, organised by the Commonwealth Telecommunications Organisation. The ceremonial opening examined how Cyberspace could be governed and utilised in a manner to foster freedom and entrepreneurship, while protecting individuals, property and the state, leading to socio-economic development. Speakers of this session, Mr Mario Maniewicz, Chief, Department of Infrastructure, Enabling Environment and E-Applications, ITU; Mr David Pollington, Director, International Security Relations, Microsoft; Mr Alexander Seger, Secretary, Cybercrime Convention Committee, Council of Europe; Mr Nigel Hickson, Vice President, Europe, ICANN and Mr Pierre Dandjinou, Vice President, Africa, ICANN, added their perspectives on various approaches to Cybergovernance, with general agreement on the role Cyberspace could play to facilitate development equitably and fairly across the world.
Hosted by the Ministry of Posts and Telecommunications of Cameroon together with the Telecommunications Regulatory Board of Cameroon and backed by partners and industry supporters including ICANN, Council of Europe, Microsoft, MTN Cameroon, AFRINIC and Internet Watch Foundation, the Commonwealth Cybersecurity Forum 2013 seeks to broaden stakeholder dialogue to facilitate practical action in Cybergovernance and Cybersecurity, some of which will be reflected in the CTO’s own work programmes under its Cybersecurity agenda.
Smartphones are changing the IT and Communication landscape vastly. A Smartphone can do almost every good thing a computer can do. Today most of the corporate employee access and manage their official e-mails through the e-mail client installed in their Smartphone.
Hampir tidak ada privasi lagi ketika berbicara perkembangan teknologi. Semua sosial media meminta foto serta data-data pribadi Anda. Pun data yang ada diperangkat Anda, tidak luput dari pencurian oleh orang yang tidak berhak.
Presentasi ini memberikan wawasan bagaimana upaya perlindungan data pribadi Anda di era digital saat ini.
Visual Hacking is a cyber safety issue that is also known as 'shoulder surfing' where before smartphones and mobile phones people used calling cards to make calls when away from home. These cards were often compromised by persons obtaining the card number and PIN by standing behind the person using the card and recording the numbers.
1. Your Cell Phone is
Covered in Spiders
An overview of the cell phone
security landscape
Cooper Quintin
@cooperq
cooper@radicaldesigns.org
2. We are becoming increasingly dependent
on mobile devices
●
We are storing more and more data on them
●
Pictures
●
Videos
●
Contacts
●
Email
●
Social Graphs
●
Location History
●
Etc
3. ●
As the amount of data increases
●
The complexity increases
●
The desirability increases
●
The number of vulnerabilities increases
5. Things to Keep in Mind
If an attacker gains physical access phone can
and will be completely compromised.
Also, you should assume that your phone will
be compromised at some point.
Generally, you will be safest if you just take the
attitude that YOU SHOULD NOT TRUST YOUR
PHONE
6. Security is a Journey Not a Destination
The more hurdles that you put up, the harder you
make it for an attacker.
Time to compromise > Determination of attacker
Don't get demoralized! There are many things you
can do to improve your security.
7. Threat Model
●Random attacks
●
Malicious apps
●
Stolen / Lost phone
●Targeted attacker
●
Law Enforcement
●
Corporate Espionage
●
Personal Enemies
●Signal Interception
●Your Phone Company
9. iPhone
The Bad
●
Closed source
●
Very little in the way of security apps
●
Default screen lock is a four digit number
●
Privacy tools that aren't free or open source
The Good
●
There is a stronger screen lock that can be enabled
●
A couple of decent privacy apps
●
Less Malware
10. BlackBerry
● BEST USED IN COMBINATION WITH BES
● Otherwise about as good as any other smartphone
● BBM and Pin to Pin messaging NOT SECURE
– Not encrypted, just 'scrambled'
– RIM can read all of your messages if a govt demands
● Your data is only as secure as the company is trustworthy
● RIM admitted to providing backdoors to govt. in India and
has helped UK and middle east govts.
● Less Malware
● Without BES, Security on Blackberry is not so good.
11. Android
●
IMO The best phone for security
●
Open source
●
Lots of security tools
●
Lots of encryption tools
●
Full Disk Encryption
●
Good security options
●
Guardian Project
●
Your data is in the hands of google
●
How much do you trust google?
15. Solutions
●
Have a strong screen lock and a short timeout
●
Don't tell them your password
●
Encryption (Text Secure, LUKS, Device encryption)
16. Signal Interception
Threats
●
Fake Cellular Towers / Drones
●
USRP/GNU Radio
●
Snooping as a Service
●
Cellular companies will provide wiretaps without even
a warrant
●
Insecure apps like BBM and whatsapp
Solutions
●
Encrypted Calls (PrivateGSM, Redphone,
SilentCircle )
●
Encrypted Text on Android (Textsecure)
●
Talk in Person (This is the Most Secure)
17. Lost and Stolen Phones
●
Phone Finding and Remote Wipe
●
Android: Lookout, Prey
●
BlackBerry Protect
●
Find My Iphone
●
Strong Screen lock
●
Will not stop a sophisticated attacker
●
Report to The Provider?
●
They probably don't give a damn.
18. Malware
Vendor and Espionage malware
●
This stuff is extremely sophisticated
●
FinFisher
●
CarrierIQ
●
Voodo carrierIQ
Standard, untargeted malware
●
Personal Data Theft
●
Premium SMS
●
The usual suspects (spyware, trojans, phishing)
●
Facebook, Angry Birds?
19. Malware Solutions
● Be careful what you install!
● Don't install apps from untrusted sources
● Don't run updates when on insecure networks
● Anti Virus won't save you!
● Don't assume that because you have an iPhone or
Blackberry that you are immune to malware
● Use the same precautions as you would on any
computer.
21. Disk Encryption
●
Exists on Android
●
Exists on Blackberry if you have BES
●
Does not exist on iPhone
●
Vulnerable to many different attacks
●
You should NOT rely solely on disk encryption.
23. To Root or Not to Root
(AKA Jailbreaking)
Rooting your phone is the process of gaining super
administrator control over your phone.
This means you can do
ANYTHING YOU WANT
To your phone.
Including mess it up in fantastic ways!
24. To Root or Not to Root
The Good
● Custom Firmware
● Better Security Tools
● Remove Spyware
● More Cool Apps
● Performance
Improvements
● Tinkering is Fun!
The Bad
● Can significantly
decrease security
● You can permanently
break your phone
● Will Void Your
Warranty
25. In Conclusion...
●
It's healthy to be paranoid about your phone
●
Don't loose your phone!
●
Trust what you install (Open Source)
●
Root and install custom firmware
●
Use a stronger screen lock
●
Audit your phone
●
Encrypt Everything!