The heart of tech

This article was published on April 25, 2011


    Security flaw puts UK smartphone users’ information in jeopardy

    Security flaw puts UK smartphone users’ information in jeopardy Image by: bilderbox
    Mike Vardy
    Story by

    Mike Vardy

    Mike Vardy is a husband, father, independent writer, speaker, podcaster and "productivityist". He is also the author of the book, The Front Mike Vardy is a husband, father, independent writer, speaker, podcaster and "productivityist". He is also the author of the book, The Front Nine: How To Start The Year You Want Anytime You Want, published by Diversion Books. You can learn more about his other work at his website, MikeVardy.com, visit his blog at Productivityist.com, and you can follow him as @mikevardy on Twitter.

    If you’re a smartphone user on British Telecom’s network and you’re using wireless hotspots in public, you’ve opened yourself up to possible fraud and identify theft…and the company has known about this weakness for “years.”

    According to an investigative report from The Guardian, volunteers were used in testing that showed holes
    in the system. Usernames, passwords and messages from phones using Wi-Fi were accessed by security experts during the testing.

    This report comes only a week after it was dsicovered that Apple’s iPhone was tracking users’ whereabouts without them knowing it. The Guardian’s report adds fuel to the fire by indicating that information could be gathered without users knowing it. It also means that such information on users’ smartphones could be accessed even when they weren’t actively browsing the web. If the phone was on, the information was accessible.

    British Telecom is the UK’s biggest provider of such “hotspots,” with the number totalling around 2.5 million for its 5 million broadband customers. The company is working on a permanent solution, but there is no indication when it will have one in place.

    Professor Peter Sommer, a cyber-security expert at the London School of Economics, was disturbed by the findings.

    “This is all very alarming,” he said. “It means that literally millions of people who use Wi-Fi in public could be at risk. If criminals are able to harvest the usernames and passwords of all the websites you visit, they could do significant damage in terms of identity theft and fraud.”

    Sommer also offered some sage advice to those with smartphones that want to avoid exposing themselves to such activity.

    “The safest route for existing users of mobile phones, particularly if they use BT Fon or Openzone, is to switch off their Wi-Fi when they leave home and only use it on systems they know to be secure – such as at home or at work,” he advised. “Everywhere else you use Wi-Fi – whether in a coffee shop, an airport, a railway station and especially out in the street – you are taking a calculated risk.”