Recent news reports, covering two separate incidents, confirm a conclusion we continue to draw attention to when talking with security professionals, our customers and anyone concerned about their mobile security posture: Smartphones are inherently vulnerable, and little – to date – can be done to protect, detect, and remediate the compromises. Without full view into the ecosystem of the phone, software solutions alone will never be enough to safeguard the important information of users and protect their privacy.
The topic of smartphone hacking isn’t likely to make it into Monday morning watercooler conversation. That is of course, unless you are a security professional and the very survival of your organization may hang on understanding it and protecting against it.
We hear this when we discuss the breaches to smartphones with people who are often not government intelligence or security professionals – users who are all too aware of these mobile security concerns. Breaches that are executed by competitors, governments and malicious actors of all types like those mobile surveillance attempts on a human rights activist being or a Mexican journalist. When we elaborate on how everyday apps over-reach their intended purpose to pry into the personal lives of users with mobile tracking to listen in on conversations or to track user location data; people say they have nothing to hide. To help shed some light on smartphone vulnerabilities, your smartphone privacy and what’s really at risk when your phone has been compromised, we set out to hack a smartphone and reveal the information that may be accessed through its sensors.