Follow me on LinkedIn Follow me on Spotify  

dae's weblog

there's no fiction like non-fiction!
  • Home
  • BlackBerry
  • iPhone
  • laptop
  • Prius
  • wishlist
  • random password
  • social networking
  • contact
en nl 
Home > biz, com > The #iPhone: Sleeping with the enemy

The #iPhone: Sleeping with the enemy

August 8th, 2009 Dae Punt Leave a comment Go to comments

This information is also available in: Nederlands

A while ago I discovered that, despite its fantastic looks, the iPhone is actually a very unsecure device and just the idea that it might be broken, lost or stolen one day is driving me crazy already. Time to act!

I decided to remove my company data, followed by my Gmail and today I’m only using my iPhone for Twitter and a digital shopping list. For me, personally, the features of my BlackBerry BES are the minimum standard of security and apparently it’s lonely at the top…

Even the use of Twitter is dangerous (if Twitter is online), because my favorite Twitter application SimplyTweet doesn’t use secure SSL to send my data to Twitter. Consider this: The whole security community shouts “SSL is insecure, use EV SSL instead”, while there are still companies, services and application who aren’t even using “plain” SSL… Even our Dutch Government and our National Banks barely see the need of SSL and given the demonstrated and obvious security flaws of SSL they don’t see the need to implement EV SSL, so why would you worry about it?

Tweetie, my previous favorite Twitter application has been using SSL for years. I just think that Tweetie was far ahead of its time and that’s probably why we haven’t seen an update of Tweetie ever since.

I think it’s incredible to see that many people don’t seem to care or think about possible loss or theft of their cell phone, what may happen to their data and the possible impact this may have on their position. And if nobody cares about it, why would the manufacturers of the devices? Except, of course, Canadian company Research in Motion…

Imagine the following scenario: You’re an accountant and you’re using email on a daily basis. You have a cell phone. Let’s say: a Nokia. You’ve had it or a while and it accommodates quite a lot of phone numbers. You’ve had your phone linked to your corporate Exchange server, which took some effort (certificate, software update for your device, sometimes it’s not working and WiFi has never really worked properly), but it allows your to read and reply an occasional email.

Now, imagines your phone being broken, lost or stolen.

Phone broken
Which information did you have on your phone? Did you poke around with that data cable or Bluetooth every day to copy your valuable contacts and appointments to your computer? Did that sunday afternoon of deleting double appointments invite you to try again later? No, of course, because it’s too much pain and too much software is involved. This means: what you don’t have elsewhere, you don’t have and that’s a shame.

Phone missing
If your phone is missing and you don’t know where it is, there may be a chance it’s at home, between two pillows on your couch, but it may also have been stolen. The problem is, that you don’t know and you have to assume you’re not going to find it again. First of all: block your SIM card, so the possible thief can’t call on your expense. ALWAYS secure your SIM card with a PIN code (and pick something a bit more difficult than 0000 or 1234), preventing the thief from calling between the moment your phone went missing until the moment you’ve had your SIM card blocked. And then your data. It’s not only gone, but somebody else is sitting on it. Somebody who only has to press hash-menu to gain access to your contacts, phone numbers, appointments, emails, text messages, notes and whatever I may have forgotten.

And this: What if your phone isn’t stolen, but you have a grateful collegue, competitor, “friend” or somebody who checks your phone from time to time to see if there’s any interesting news? I don’t know anybody with National Secrets on their phones, but your stuff is your stuff and everybody should stay away from it. Well, you can’t take care of that with your Nokia.

And what goes for Nokia, goes for the iPhone in a similar way. Linking your iPhone to your company server is easier than with Nokia, but the remaining data you hadn’t copied using the data cable goes missing if your phone does, nevertheless. And then security. Can you imagine Apple making an iPhone 3GS, allowing your data to be encrypted with a key, that is stored on your phone itself?!? You don’t have to be a genius to understand that this level of “protection” is just a thing from the Marketing Division, who wanted to put on the box that the iPhone 3GS supports Encryption…

Share
Categories: biz, com Tags: Apple, BlackBerry, encryption, EV SSL, Gmail, iPhone, Microsoft Exchange, nokia, security, ssl, Twitter, WiFi
  • Betty01

    I recently came across your blog and have been reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.

    Betty

    http://cellularaccessoriess.com

What to do if upgrading to the latest @WPMU fails Restoration – Undelete files
RSS
HootSuite - Social Media Dashboard

willekeurig wachtwoord

ghyc5Nt

tweet!

  1. Sobol Busch
    Sobol Busch: @daepunt http://t.co/jQ37ufhj
    about 7 hours ago

  2. GJ Groothedde
    GJ Groothedde: @daepunt @raay ... Vista daarentegen heeft hier wel zijn langste tijd gehad.
    about 13 hours ago

  3. GJ Groothedde
    GJ Groothedde: @daepunt De showstopper heet Civilization IV. Als dat obstakel uit de weg is, gaan we erover nadenken. :-) @raay
    about 13 hours ago

tags

#socialnetworking @helzer @WPMU alpha Android APC backup bug citrix cloud education encryption event flash foc Foursquare Google Analytics google docs language Microsoft Hyper-V nightly build online out Palm phishing PHP politics pre-alpha report search Shazam statistics syncsort technology TFTP tip trace tweetdeck ups VMware ESX wireshark WordPress MU xen xenserver Yahoo!Pipes

RSS dae’s leeslijst

  • Brightsite: Google scant Android-apps eindelijk op virussen http://t.co/qJHYVU5g
  • TweetSmarter: Google Chrome begins to warn you if your download contains malware: http://t.co/LcGjNenZ r/t
  • elger: Check. RT @Schellevis: @elger wetsvoorstel houdt rekening met gerechtelijke uitspraken
  • Accountancynws: AccountView biedt nu directe koppeling met Rabobank http://t.co/MdG7Doun
  • mobilecowboys: BlackBerry OS 7.1 en PlayBook OS 2.0 gepresenteerd: http://t.co/9hNuTtJH
  • Webwereld: Londen wordt grootste gratis wifi-gebied http://t.co/LLQj0uh4
  • TweetSmarter: Why Klout is Dangerous http://t.co/5rk6eWwY
  • hansschepers: How to master your Facebook Timeline http://t.co/gXn7Fi8u
  • i0n1c: Siri is really useful http://t.co/nbMN9cRH
  • Webwereld: Politie gebruikt spyware, bevestigt Minister http://t.co/OLW15cxJ

RSS handig

  • Chromium OS builds by Hexxeh
  • Microsoft Action Pack
  • Backup Exec updates, Service Packs and Drivers
  • Naming Conventions for Google Apps Resources
  • SocialOomph
  • Voeg jouw bedrijf toe als LinkedIn Company
  • Microsoft Exchange Server Remote Connectivity Analyzer
  • IP Subnet Calculator
  • Apple iOS Latest Firmware
  • Convert Dell Service Tag to Express Service Code
  • NK2-bestanden importeren naar Outlook 2010
  • AVM Fritz!Box 7340 en XS4ALL over IPv6
  • MS File Checksum Integrity Verifier FCIV
  • How to access/enter Motherboard BIOS
  • Are You Certifiable?
  • NFGDump
  • φ² project
  • HootSuite
  • XS4ALL Yellow Spaces
  • BlackBerry Latest Operating Systems

RSS support

  • Backup Exec updates, Service Packs and Drivers
  • Microsoft Exchange Server Remote Connectivity Analyzer
  • Convert Dell Service Tag to Express Service Code
  • NK2-bestanden importeren naar Outlook 2010
  • AVM Fritz!Box 7340 en XS4ALL over IPv6
  • MS File Checksum Integrity Verifier FCIV
  • How to access/enter Motherboard BIOS
  • Sophos Enterprise Console: 1 server with more than 1 NIC
  • Are You Certifiable?
  • NFGDump

RSS unfiled

  • An error has occurred; the feed is probably down. Try again later.

links

  • @vark
  • AAB
  • AAB CC
  • AMEX
  • Analytics
  • Apple iOS Dev Center
  • bit.ly
  • Brightkite
  • Byte
  • cli.gs
  • del.icio.us
  • Dipity
  • Docs
  • Facebook
  • FeedBurner
  • Flickr
  • Fortis Bank
  • FriendFeed
  • gdgt
  • Google Wave
  • Hyves
  • Klout
  • LinkedIn
  • MailChimp
  • Mobypicture
  • MySkyStatus
  • MySpace
  • Orkut
  • OV-chip
  • ping.fm
  • Plaxo
  • PostPost
  • rss-en
  • rss-nl
  • Seesmic
  • Skype
  • threadsy
  • TwAnalyzer
  • TweetStats
  • Twitnest
  • Twitter
  • TwitterFeed
  • Woopra
  • WordPress
  • Y!M
  • Y!P
  • Youtube

RSS ooklog

  • Sara Lijftogt
  • Wegert & Sadocco Galerie
  • Willem Hendriks
  • Viktor Baltus
  • Rotary Anna Paulowna e.o.
  • Roelien Hendriks
  • Per van Duijn (under)
  • Nigel Prins
  • Martin Broerse
  • Maria Mink

archive

  • June 2011 (1)
  • March 2011 (1)
  • February 2011 (1)
  • September 2010 (1)
  • June 2010 (1)
  • May 2010 (2)
  • February 2010 (3)
  • January 2010 (1)
  • December 2009 (3)
  • November 2009 (2)
  • October 2009 (1)
  • September 2009 (6)
  • August 2009 (4)
  • July 2009 (18)
  • June 2009 (15)
  • May 2009 (1)
Top WordPress
Copyright © 2003-2011 dae's weblog
Theme by NeoEase. Valid XHTML 1.1 and CSS 3.