If you read our blog from time to time, you have probably noticed that we think smartphones are the greatest threat to our privacy, and that is the main reason why we try to highlight privacy and security issues with these portable devices. The main reason why they are so dangerous is because of people. Users tend to share too much sensitive data with this device and run mobile banking apps. That’s why hackers try to attack smartphones to look for your personal information.
You should know that there is no such thing as an absolutely secure smartphone. All of these modern gadgets have their own specific weak points. Some of them exploit weaknesses in the mobile operating system, some exploit gaps in security protocols. But the fact still remains. Most vulnerabilities – are the fault of the user.
A situation with malicious applications for the most popular mobile operating systems proves this fact. As you probably know – to install an app on your Android smartphone, you need to approve all the permissions the app needs to work properly. And most users don’t read them, so malware comes to Android, they approve everything to install the app faster, and at that point they miss the fact that the app wants to send premium SMS to short phone numbers.
The situation with iOS is pretty much the same. The Apple Store has very strict moderation rules and all apps have to be tested and approved before they can get into the store itself. The easiest way for malware to get into your iPhone or iPad is through third-party repositories. So we can say that users install viruses themselves.
While the most dangerous vulnerabilities of iOS and Android are known, the vulnerabilities of Windows Phone OS were rather rare in the press and on the Internet. But there is one. The Microsoft Security Advisory has determined that Windows phones have vulnerabilities in the PEAP-MS-CHAPv2 protocol (Protected Extensible Authentication Protocol with Microsoft Challenge Handshake Authentication Protocol Version 2) that is used in the authorization process in WPA2-based wireless networks.
If the smartphone tries to verify a hotspot, malefactors can read the authorization data and then use it to gain control over the device. Wi-Fi is vulnerable as it is, but in combination with this smartphone bug, it can be used to steal user’s personal information, and sometimes access to mobile banking information.
Microsoft still has no data on the potential damage from this bug and they have no updates and patches for them. Instead of fixing the problem, Microsoft has released a step-by-step guide on how to configure the device to avoid this error.
But there is no guarantee that it will work. To ensure that your personal information is safe, it is better to avoid public hotspots and use a wifi jammer. In this case, this mistake won’t just work. You have to remember that your personal information is really valuable, many large companies have huge profits on sales, so you need to protect it.