Potential Information Leaks on Your Mobile Device and How to Prevent It | Stewart 권원 블로그

After being accused of numerous social media privacy violations, Apple responded on January 8 with a billboard on the side of the Las Vegas Convention Center: "What happens on your iPhone, stays on your iPhone." But is it true?

It is until it isn't. Let me explain. Both Apple and Google operating systems are reasonably secure. They both are designed with security in mind; they encrypt data (on the phone) when at rest; and use a secure internal chip to provide robust user authentication, authorization, and access. Are they spying on you? Quite likely, but it's all in the user agreement you have accepted. The rub is in the applications you install on your phone.

Remember my favorite slogan: "If the product is FREE, you ARE the product." Security company Wandera’s recent study of 30,000 of the most commonly used iOS applications found more than half requested permissions to three sources of data: your location (51%), your camera (55%), and your photo library (62%). Not surprisingly, social media led the permissions to grab, asking for an average of 4.96 sources, followed by weather apps, which requested access to 4.73 sources.

So what happens when you give the application permission to access what I call "system function" features, including the microphone, the camera, photos, location, messaging, email, the calendar, and contacts? You are losing control and putting yourself at the mercy of the application developer. You don't know what that developer is going to do with your data. The majority of the access, except the location, is not time-based; it continues forever or until you turn it off. That is why I recommend reviewing your application permissions at least quarterly, if not monthly.

On iPhone Devices

• Go to Settings, and scroll down to the bottom portion where you start seeing installed applications.
• Go through them one by one, reassess the permissions you have granted, and adjust them accordingly.
• Location access will offer a choice of permissions: Never, While Using the App, and Always. Everything else will feature a slider.

On Android Devices

• Go to Settings and tap on Apps.
• Tap on Permissions.
• Use sliders to adjust the permissions.
• On a newer operating system, after you complete Step One (above), tap the gear icon in the top right corner of the screen, and then tap App permissions. A list of categories may come as a shocker, but you can disable individual permissions in the category listing.

Play it safe.