Whether you’re using the same old phone or received a new smartphone as a holiday gift, the last thing you want to do is put yourself and your personal information in danger. Vitaly Shmatikov, professor of computer science at Cornell Ann S. Bowers College of Computing and Information Science and Cornell Tech, offers four tips for smartphone app security to consider as the New Year approaches.
Note where the apps come from
Shmatikov cautions that you should only download apps from a legitimate app store, like Google Play or Apple’s App Store. App stores have ransomware app control systems – designed to access your files and hold them hostage for ransom payment – and viruses that make it highly unlikely, but not impossible, to download them unsafe.
Clearances are a slippery slope
When you grant data permissions, you are not giving your information only to this app. “You give it to all the ad services that live in the ‘ad libraries’ that this app uses,” says Shmatikov. Since there are typically dozens of ad libraries that a given app sells a user’s data to, it’s important to be judicious about how many apps you use and grant permissions to.
Do not share your location unless you have to
Be especially careful when sharing your location with apps. Shmatikov says he only does this for mapping apps and is particularly skeptical of weather apps, which are known to be filled with ad libraries. “Once an app can track your location over time, it can basically determine where you live, where you work, where you shop and a lot of other things about you,” he says.
Update your software
… and do it immediately. Shmatikov notes that hackers often take advantage of unpatched vulnerabilities in older versions of operating systems, and even in some newer versions.