Its summer and most of us are active. We are out having fun, attending events and going to new places. Its high season for losing things, like your smartphone for example.
I’m not going to repeat the story about tracking services that can lock, wipe and locate your lost phone. That has already been covered. I’m also not going to talk about the black market for stolen phones, and the hilarious cases related to that.
But I have started to think about how to manage if I lost my smartphone when away from home. How to recover and how to manage the situation without ruining the holiday? Here’s some of the problems that you may face if the phone is lost.
Hmm, yes. We seem to be quite dependent on these small gadgets. Sometimes I wish we could turn back the clock. Trash the gadgets, relax and let the journeys take weeks rather than hours. And ask strangers on the street instead of looking for directions in Google. But I guess that’s impossible so we have to accept that our smartphones are critical devices and mitigate the risk instead.
Most systems that attempt to protect owners of lost devices focus on locating misplaced phones, protecting your privacy by wiping content or making the device less attractive for thieves by locking it. None of these systems are of any help when you need the services that the phone used to provide. One very old method to secure systems is redundancy, ie. have a spare if the primary fails. Maybe we have reached the point where we need two personal smartphones? One primary phone and an emergency backup phone.
How would that work? If you have upgraded to a newer model, you may have the old phone lying around. And there’s already cheap smartphones on the market. So getting the spare phone do not need to be expensive. Then you have to sign up for a subscription. Choose a plan with low or zero monthly fee, a limited data plan and higher fees for the calls. That makes the cost (close to) zero when the backup phone is unused. Next you attach this phone to all your critical accounts and cloud services, like mail, Facebook etc. The synchronization features will make sure that you see your latest data when opening it in an emergency. And finally, if you use two-factor authentication you have to add the number of this phone to the services you use.
Now you can turn off the phone and make sure that you can get to it when needed. If you don’t carry it with you, make sure it’s in your car, luggage or some other handy place. And make sure its battery is charged! It’s of course also good if the same charger fits both your ordinary phone and the backup.
Alternative strategies could be to use family members’ phones as backup. You can register their phone numbers in your cloud services to be used for two-factor authentication or account recovery. In this case you must make sure that you remember the login and password for all your services, as you need to connect a family member’s phone to your accounts while on the road.
Another strategy would be to have one common backup phone for the whole family. Just remember that this becomes a privacy problem if you connect it to all the personal accounts. Anyone who use the phone could read the others mail, make funny posts in Facebook etc.
And finally. This backup phone strategy relies heavily on the benefits of cloud services. Most modern smartphones are really built to make utilization of the cloud easy. All your contacts, mails, photos and documents are available on some server, and that’s why the device really is insignificant. You can replace it and have all your data available in minutes. The downside of this is privacy. Anyone who is using, or planning to start using cloud services should do some reading first. I have written an article about this related to the PRISM affair. I’m not saying that you should avoid them, just that there is a hidden downside that you should be aware of.
After F-Secure principal security consultant Tom Van de Wiele stepped into the #CyberSauna for the second episode of…
January 19, 2018