Where's My iPhone? A Lesson in Incident Response
by Paul Asadoorian - Pauldotcom - Wednesday, 30 January 2008.
Don't store your email passwords on your phone - This is a hard one. On the one hand we tell everyone to use good, if not great, passwords. But, imagine trying to enter a 12 character passwords, mixing upper/lower case, letters, numbers, and symbols on your iPhone? To quote someone from the #pauldotcom IRC chat room, "Ugh.". If you do store passwords on your phone, make sure they are not used anywhere else.

Use security software on your phone - This is an interesting dilema, if you hack your iPhone it most likely prevents you from applying security updates from Apple (which fix things such as the passcode bypass). These updates will break all of the modifications made to your iPhone, including the hack to change providers. However, hacking your iPhone allows you to install 3rd party applications, such as iphonelockbox, which lets you encrypt your passwords and other information on your iPhone. Apple is supposed to make available the ability to install 3rd party applications on your iPhone sometime in February 2008, so this may be a wait and see situation.

Smart phone, careless user - I can't live without my phone. Aside from providing the ability to send and receive phone calls, I use my phone to store contact information, check my email, send/receive text messages, take pictures, listen to music, watch TV shows/Movies, and browse the web. I should have been more careful, just as with your laptop, never let your phone out of your sight. Always be mindful of where your phone is at all times. For me, I may chain it to my belt from now on!


I hope that you read the above and learned something about how to protect your information. I hope that you use this information to make changes to your security strategy, whether it be protecting your personal information, or your organization's secrets.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th