This is my first article, written when I was still a student. I post it here, unedited, as a show of my humble beginnings and writing journey.
LET’S FACE IT…
Almost no one these days, in our communities, does not own at least one smartphone. If not everyone, then at least one member in our families owns a smartphone. Most countries have now tried to make them cheaper so everyone can own his, or her, own smartphone.
Statistics show that from 2014 to 2016, the number of smartphone users has increased from approximately 1,593.3 million to 2,082.7 million people. It is also expected that the number will rise by almost 500 thousand people in the next two years. The use of smartphones has made our lives much easier in many ways. They have replaced our radios, watches, mirrors, televisions, and many other devices that we used in the past. Smartphones have now become part of our lives. Some of us even think we couldn’t live without a smartphone. What we don’t know is that smartphones have made us vulnerable now more than ever.
WE ARE NOT SAFE!!
One day when my phone was off, I plugged it into a charger, and it glowed showing the charging simulation (animation). Now in a normal sense, we could think that this happens because there is electricity flowing from the source to the phone, but when we observe this from a different perspective, we find ourselves thinking, “Do our phones really TURN OFF after all?”
Well, that’s a big question that I couldn’t answer anytime soon! So I decided to do research, and this is what I came across in the past few days.
OUR ANDROID PHONES SECRETLY RECORD EVERYTHING WE DO.
Trevor Eckhart, who is a 25-year-old Android Developer, posted a video about Carrier IQ on November 28, 2011 (which is relatively a long time compared to where we are currently which makes it even scarier). Carrier IQ is basically software that can record everything you do on your phone, I MEAN EVERYTHING!! It even circumvents web encryption and grabs everything including passwords and Google queries. You can find this video through this link.
What’s worse is that this software is installed by phone manufacturers and carriers without any way for you to opt out. Luckily for people using Apple iPhones, hackers have found Carrier IQ in iPhones, but it only works in diagnostic mode, which is ‘off’ by default and only logs technical data.
Samsung users, for example, if you open your settings in the APPS menu, you will see three different categories of apps (Downloaded, Running, and ALL). Go to “all apps” and click on the app called CSC, then scroll down to see the permissions it has on your phone. This should give you a slight idea of how much risk we are in.
WANT TO SELL YOUR PHONE? “DON’T!!”
More than 30% of people I know purchase second-hand phones (USED). That accounts for more than 50 people. How many people do you know that purchase second-hand phones? Added with other people from the world, how many people do you think purchase second-hand phones every day? To be honest, who would want to buy a $1000 phone while he/she can get the same phone for $400? Everyone wants to save money these days. If you want to buy a new phone, you simply sell yours, get money, and then go buy another second-hand phone. Bad idea!!
Selling your phone is selling your identity and secrets and leaving them open for anyone to exploit. As I have said before, there are application software in our smartphones that keep records of everything. These software do not completely delete the information you delete; they create a restoration point of all files you delete, and with the right software, everything can be restored, EVERYTHING! Locations you have been at, messages you ever sent, calls you made, and other sensitive information. This is something that I myself have proven using my phone and one of these software, but for security reasons, I cannot display the name of the software in this document.
FREE Wi-Fi ISN’T ALWAYS FREE!
On April 15, 2016, “60 Minutes” posted a video on YouTube to show how easy it is to hack a smartphone. https://www.youtube.com/watch?v=zGUR6kao9ys.
Not every FREE Wi-Fi is legit. Other Wi-Fi are created by hackers to hack into people’s phones. Hackers call it GHOST Wi-Fi. This is when a hacker creates a similar Wi-Fi connection point as the one available in an area. For example, if you are in a hotel called Aniwene Hotel, a hacker would create a hotspot with the same Wi-Fi name and make it free; thus, when you connect to it, YOU ARE ALREADY A VICTIM.
The first thing hackers get after you connect to their Wi-Fi is your phone number, and with just that, they can access your emails, phone numbers, Facebook accounts, credit card records found in your phone, and even worse, control your phone cameras and audio recorders without you knowing at all!
CAN GOOGLE PLAY STORE BE TRUSTED?
A VP for Global Security Research called Ricky Ferguson, in Singapore, presented a mobile software (app) which is able to work in the background to exploit what he needs from any phone. This software could be anything simple and useful like a camera app or maybe a music player. What it does, is that in the background, it acts without the victim’s knowledge serving its master, which is the hacker of course. He can activate it anytime he wants just by sending a message and it will act as he orders as long as it is installed in the victim’s phone. It can record audio, take pictures, listen to calls, or read messages. According to Ricky, this app can simply be posted to “Google Play store” for people to download. So not all applications posted in Google Play store are to be trusted. Who knows, maybe you have installed a similar application this month. Ricky’s presentation can be found in YouTube from the link.
CONCLUSION
If all the information above hasn’t convinced you enough, then in your free time try this. Try taking out your SIM card and disable Wi-Fi to ensure that there is no internet connection in your phone, then switch it off at exactly 10:00 am. Then switch back on after exactly one hour and sixteen minutes; the time should read 11:16 am. Why? Because the clock was running in the background though our phone was turned off. If a clock application can do so, any other app could.
What can we do to at least be a bit safe?
- Don’t sell your phone to people you don’t know/trust
- Before you install an app, read its permissions
- Don’t connect to any free Wi-Fi
- Don’t put sensitive data in your phone like bank accounts and passwords
