Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
Lose Your Phone? The Majority of Those Who Find It Will Snoop
March 27, 2012
Thanks to colleague Sean Harrington for passing the original study to me.
What study? The very depressing Symantec Smartphone Honey Stick Project study. You know, I've found several lost smartphones and the most I've ever done (if the phone has no PIN) is to see if there's an easy way to identify the owner so I could return it. I once found a SAIC phone in a Dulles Airport bathroom. But would I ever intrude on someone's private data? No.
Looks like I'm in the minority, according to the Symantec study.
Symantec "salted" 50 phones with phony data in major American and Canadian cities. The phones were fully charged and had no PINs or other security measures. The majority of finders accessed a file called "Saved Passwords" and another called "HR Salaries." 49% tried to use an app named "Remote Admin," 60% tried to log onto social media services under the owner's user name and 43% (groan) tried to log on to banking apps. When confronted with password prompts, they would try to guess the passwords.
The owner's contact information was made easily accessible, yet only half received offers to return the phone.
Am I surprised that we (and our Canadian neighbors) are Nosy Parkers? No, but I am distressed to see what appears to be a widespread embrace of trying to use someone else's phone to get unauthorized access to data and, potentially, even to get to their bank accounts.
The decline of the Roman Empire needs to be studied more. Especially the words of historian Edward Gibbon and what he calls "the loss of civic virtue." We seem to be more and more a nation of Gordon Gekkos who have somehow deluded ourselves that "Greed is good." Does anyone doubt that Wall St. believes that? So why should individuals who find lost phones conduct themselves any differently?
Listen to the Podcast
