If you ask the experts, the outlook is usually the same: we need more mobile phone security. Unfortunately, not many of us seem to care. Last year security provider Symantec found that out of 1000 under-35s polled, 28 per cent share online virtually everything that happens in their day-to-day life. A third think removing information posted online is "easy", and 49 per cent have low privacy setting on social media accounts.
Yet it can be a hop, step and jump for a hacker to take control of your phone from a single poorly made or mishandled app, putting the operating system, call or text features, camera and microphone at their command. Connecting a compromised handset to a network through Wi-Fi or Bluetooth can then put other devices and networks at risk.
But to convince us to think more about security, phone manufacturers of the world have considerable hurdles. The first is that in the face of sexier features like hi-res cameras and beautifully clear screens it's often a low purchasing priority. Arizona-based technology lawyer James Goodnow thinks even when phones come with security features, such as Apple Pay with biometric security, we'll think it's cool to have, but be more concerned with picking a nice colour for the case. "Security-based mobiles will be niche for a long time," he said.
One of the most secure phones in the world, the Blackphone 2 was still discovered to be hackable.Photo: supplied
We also have very established ways of interfacing with our phones that former NSA network analyst Beau Adkins, now of Maryland security provider Light Point Security, says will be very hard to change. "The vast majority of people will take all the privacy enhancements they can get as long as they don't cost anything and don't require a change in behaviour," he said.
In fact, it might even be handset manufacturers and carriers that are most concerned. "If a device is hacked, the carrier or device manufacturer could face consumer litigation," said Darren Guccione, co-founder of California's Keeper Security.
According to estimates from the Australian Mobile Telecommunications Association, over 100,000 mobiles are lost or stolen every year in Australia, but what's unexpected is that US group ConsumerReports.org says thefts and losses are in decline, possibly because of kill-switch or recovery technology such as Apple's Find My iPhone.
What's more, it's not the phone people are increasingly attached to, but their data. According to a report by IDG Research, half of users polled across the US, Britain, France and Germany would pay $500 to get their photos, music and apps back, and a third would pay $1000.
So whether we're learning at last how fragile data security really is, or whether it's simply the paranoia of the post-Snowden world, things seem to be changing.
When the BlackBerry Priv was launched in the US in December, retailers Walmart and Best Buy sold out completely within a week. At the time of writing, Australian Priv reseller Optus was similarly out of stock.
The Priv is one of the new handsets where security is a major selling point. It runs a current version of Android rather than BlackBerry's own OS, and, aside from the security built into the software at the OS level, it comes with tools that let you spy on your apps to make sure they're not "leaking" personal information.
Another safety-first option is the Blackphone. Launched last year with a flourish, the Android-based device promised to keep every process and application contained and secure, giving the user complete control over app permissions and allowing for separate environments so, for example, your work apps and tools are completely separate from your games or social media.
In January, however, Blackphone developer Silent Circle suffered embarrassment when a third party security company found a potential vulnerability. Even though the industry was impressed with how fast the manufacturer issued a fix, where does it leave us when a phone sold as the answer to security risks is itself compromised?
Don't panic. We all have the means to be more secure in both our behaviour and tools. In business, where a company might have invested in several (or several hundred) handsets, throwing the whole lot out to adopt a more secure models such as the Priv or Blackphone isn't feasible. A better answer is to work with what they have.
"Specialty phones like Blackphone are remarkable," said Nigel Jones of Maryland mobile encryption provider Koolspan. "But in addition to their up-front cost, many businesses and consumers prefer adding privacy apps to their existing or favourite phone designs because they offer more flexibility."
Today, new uses and platforms are connecting devices, networks and data even closer together and making online life even easier – not just for us, but also for hackers and criminals. The bring-your-own-device (BYOD) movement means you might be accessing and manipulating very secret company information on your personal handset, unaware of the dodgy Facebook game leaching it to all and sundry at the same time.
And many experts don't think the Internet of Things (IoT) – which will put more sensors on everything from planes to fridges to give us greater control over them – is as secure as it needs to be. If you can use your phone to turn the heat on when you're on your way home and the app has vulnerabilities, what might a marginally talented hacker be able to do?
All the devices, apps and services promising to keep us safe are as confusing as they are numerous, and when even the US government spies on everyone, it can all feel hopeless.
But whatever end of the spectrum you're on – the cautious, paranoid type Blackphone and Priv are aiming for, or the profligate collector of selfies, likes and social media updates – Jeff Zacuto of Sydney security provider Check Point Software says good phone security is within your reach.
"Don't open links from unfamiliar sources," he said. "Only install apps from official sources like the Apple App Store and Google Play, and don't jailbreak your device. If you're about to join a hokey-sounding Wi-Fi network or install an app from a third party, think twice and consider the risk."
Read more: http://www.smh.com.au/technology/technology-news/phone-security-how-safe-are-your-selfies-20160222-gn0tkm.html#ixzz41mJzReLJ
Follow us: @smh on Twitter | sydneymorningherald on Facebook