Where's My iPhone? A Lesson in Incident Response
by Paul Asadoorian - Pauldotcom - Wednesday, 30 January 2008.
Don't store your email passwords on your phone - This is a hard one. On the one hand we tell everyone to use good, if not great, passwords. But, imagine trying to enter a 12 character passwords, mixing upper/lower case, letters, numbers, and symbols on your iPhone? To quote someone from the #pauldotcom IRC chat room, "Ugh.". If you do store passwords on your phone, make sure they are not used anywhere else.

Use security software on your phone - This is an interesting dilema, if you hack your iPhone it most likely prevents you from applying security updates from Apple (which fix things such as the passcode bypass). These updates will break all of the modifications made to your iPhone, including the hack to change providers. However, hacking your iPhone allows you to install 3rd party applications, such as iphonelockbox, which lets you encrypt your passwords and other information on your iPhone. Apple is supposed to make available the ability to install 3rd party applications on your iPhone sometime in February 2008, so this may be a wait and see situation.

Smart phone, careless user - I can't live without my phone. Aside from providing the ability to send and receive phone calls, I use my phone to store contact information, check my email, send/receive text messages, take pictures, listen to music, watch TV shows/Movies, and browse the web. I should have been more careful, just as with your laptop, never let your phone out of your sight. Always be mindful of where your phone is at all times. For me, I may chain it to my belt from now on!


I hope that you read the above and learned something about how to protect your information. I hope that you use this information to make changes to your security strategy, whether it be protecting your personal information, or your organization's secrets.


Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 24th