WhatMobile.net spoke to Steve Lord, a white-hat hacker (using his knowledge to aid security) who has been a penetration tester for over 15 years. During his time, he has been paid to break into everything from missile control centres to the video screens inside meeting rooms. Lord describes his work simply: “Most people build things. I take them apart.”
Lord was asked about the actions of the UK’s GCHQ. He said hackers “don’t know” the extent of its surveillance capabilities, describing every leak that reveals the existence of software such as the Smurf tools as “both impressive and scary from a hacker’s perspective.”
The interview soon progressed to the security of mobile devices. Lord was asked which platform is most secure out of iOS, Android and Windows Phone. Noting that they all have their highs and lows, he replied “Currently Windows Phone seems to be the hardest nut to crack.” The system’s locked-down nature and lack of malware in its store is likely to contribute to that assessment.
Lord also commended BlackBerry for its “long history” of being committed to security but said its older platforms are now vulnerable to attack. Android is the “easiest target,” especially if a hacker acquires physical access to the device.
He advised people should buy Google Nexus-branded phones if they want stock Android as only these devices receive security updates as soon as they are released by Google, although this has begun to change recently in light of the critical Stagefright bug. Lord also acknowledged that modified OS versions like CyanogenMod are “often more secure” as the creators are quick to roll out patches and fix potential issues.
The interview also touched on the problems surrounding older phone models. Although these can often be picked up at a substantially lower cost than their successors, they are more likely to put the user at risk as they will probably run older software versions which haven’t been kept up-to-date.
Again, Lord advised people buy a Windows Phone if they want a cheaper, old device due to their nature of high-security and the fact that Microsoft is proactive in keeping all Lumia-branded devices on the latest software version. Lord also said that BlackBerry 10 handsets should also be secure despite their age but not BlackBerry phones that predate this newer operating system.
Lord gave consumers a few tips on how to keep personal data more secure. He said: “Make sure your phone has the latest updates. Don’t put anything on it you wouldn’t want to see all over the Internet. Don’t jailbreak or root your phone. Never install apps from outside of your phone’s app store.”
Finally, WhatMobile asked what Lord thinks the future of data and device security will look like. He described the situation as “a war” between mobile operators and manufacturers, saying “providers don’t just want to own your data, they want to control how you access it.” He pointed to Facebook’s acquisition of WhatsApp as an example of how some companies are becoming so large they could have the power to dominate the control of data online. Lord warned of what this will ultimately lead to, saying “You’re going to see less personal control of your devices.”
