Symantec takes aim at smartphone samaritans

By on
Symantec takes aim at smartphone samaritans

Symantec has warned smartphone users to be wary of good samaritans who access lost handsets in a bid to identify who to return the device to.

The security software maker said [pdf] that while the return of a device is "potentially reassuring", the fact the finder accessed the phone to work out who the owner was "could be considered a major security breach".

The firm purposely "lost" 50 smartphones in the United States and Canada late last year under a project codenamed Smartphone Honey Stick, a variation of earlier research using "lost" USB sticks.

It installed a series of simulated apps and files on the handsets, some with false log-ins and pre filled username and password fields.

Also on the device was a 'Contacts' app, which included an entry tagged as 'Me' with an email address and phone number "for the apparent owner of the smartphone".

Of the 50 devices that were lost, almost all logged attempts by the finder to access data or apps.

Half - about 25 devices - were returned to the "owner" using the details stored in 'Contacts'.

The study criticised the number of returns, "despite the fact that the owner's phone number and email address were clearly marked in the contacts app".

However, it also criticised any finder of a device that attempted to access any app on the device, no matter what purpose.

"Regardless of the motivation of the person accessing the phone, the fact that they may be accessing sensitive data should be a major concern to the device's owner, and possibly their employer," the study stated.

Finders of all but one device made an attempt to access data or apps. On average, it took 10.2 hours for an "access attempt" to be made; the median time was 59 minutes.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

Will Coronavirus impact the channel?
Yes - By making it harder to order hardware
Yes - Cancelled conferences and business trips will be widespread
Not directly - It will slow the economy and that may have an impact
No - We can't see any impact
Not negatively - It's already created demand for things like remote access
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?