Smartphones are perfect targets for hacking, tracking, surveillance, industrial espionage and malware. Unlike, say, desktop PCs, smartphones often connect promiscuously to many public Wi-Fi networks. They can connect to multiple types of wireless networks, including Wi-Fi, mobile data networks, Bluetooth and NFC-all of which are potential doorways for unauthorised access.
Smartphones, in fact, run two operating systems: there's the one you know about-the one that does normal operating system jobs, and which you may diligently update with the latest security patches; and there's one you may not know about-the one that controls the radio hardware and is rarely updated.
Smartphones can report location, which the phone figures out with GPS. And even when GPS is turned off, phones connect to cell towers, which can be triangulated to pinpoint a phone's location, or to Wi-Fi networks, which give away your location when you connect.
Carriers routinely sell location information to any organisation willing to pay for it.
Smartphones are more likely to run apps from developers the user has never heard of and that can be loaded with secret, backdoor functions that can harvest personal data and send it off to some unknown server.
Yes, smartphones are super insecure. Everybody knows it. Nobody likes it. Yet who really does anything about it?
In the past week, two new ultra-secure smartphones have been in the news. One is called the Blackphone. The other is called the Black phone. No, I'm not making this up. The difference in their names is a space.
Here's what we know about the two most secure smartphones ever created.
At Mobile World Congress in Barcelona last week, a Spanish company called Geeksphone offered the first public demonstration of a product it's calling the Blackphone.
The US$629 phone was made in partnership with Silent Circle, a U.S.-based company founded by a former Navy SEAL and the inventor of Pretty Good Privacy (PGP).
Silent Circle is also known for shutting down its Silent Mail service last August, which the company reportedly did because it believed it would soon receive requests from the government to turn over the email data of its customers.
Blackphone is an Android device and more or less looks and feels like a regular Android phone. However, it uses a forked version of Android called the PrivatOS, which prevents apps from accessing personal information and works with privacy-enabled apps. For example, the built-in Web browser doesn't track your Web surfing. The phone also enables you to choose what personal information is available to each app. When you install apps, the installer presents you with individual permissions on each source of data that each app requests.
Sign up for Computerworld eNewsletters.