Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/17/2008
05:55 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Ever Lose A Smartphone?

I've lost a number of them, and each time I've left behind a smartphone or PDA, I've worried not so much about the device -- but the personal data it holds. Kaspersky Lab is offering what could be a viable solution.

I've lost a number of them, and each time I've left behind a smartphone or PDA, I've worried not so much about the device -- but the personal data it holds. Kaspersky Lab is offering what could be a viable solution.Sure, it stings having to separate with an additional few hundred bucks to replace a lost smartphone. But these devices can contain information that, if in the wrong hands, can be a lot more costly. I've lived through this nightmare a couple of times. I've left a PDA in a cab in Miami. And I left a cell phone in a cab in Washington, D.C. (Guess I should be more careful in cabs.)

Fortunately, the devices were password-protected. Not the best assurance that the data is safe, but better than nothing.

After these incidents, I tried a service called StuffBak.

I haven't lost a device since, so I'm not sure how well it works, but basically the device is registered with the company, and if someone finds it -- and that person is a good Samaritan -- he or she will call a number on a sticker affixed to the device, and StuffBak would act as the middleperson to shepherd the device back home. There are a handful of similar services out there.

While worthwhile, these services are no protection against identity theft.

Today, I noticed that Kaspersky Lab, the anti-malware software company, recently brought to market mobile security software that makes it possible to wipe clean the contents of a smartphone's memory and storage by sending a "hidden SMS message." I've not tried Kaspersky Mobile Security software yet, but I will.

The software works on Windows Mobile 5.0, 6.0, and the Symbian OS versions 9.x Series 60 (Nokia).

This idea isn't new, but such capabilities, as far as I'm aware, have only been available through large enterprise mobile management applications that require a centralized management server. It's good to see such capabilities available for the consumer and the SMB set.

Oh, yeah, the software also protects against SMS spam and mobile malware. But so far, the biggest threat to my cell phones has been my own forgetfulness.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
Kelly Sheridan, Staff Editor, Dark Reading,  7/29/2020
Average Cost of a Data Breach: $3.86 Million
Jai Vijayan, Contributing Writer,  7/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-18112
PUBLISHED: 2020-08-05
Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
CVE-2020-15109
PUBLISHED: 2020-08-04
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipm...
CVE-2020-16847
PUBLISHED: 2020-08-04
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.
CVE-2020-15135
PUBLISHED: 2020-08-04
save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF...
CVE-2020-13522
PUBLISHED: 2020-08-04
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.