In just 24 hours, a smartphone can send 350 000 packets of personal information and contact 350 servers worldwide.
This is the disturbing finding from a special investigation recently carried out by Channel 4 News, which involved looking into the information smartphones send out - even when not in use.
What was found was that the average smartphone sends out hundreds of thousands of pieces of information every day, giving away not only its location - but also its unique identity - to advertising agencies around the world.
The startling reality emerged from the investigation by way of a "black box" from IT security company MWR InfoSecurity, which tracked data sent from a smartphone.
Digital trail
Channel 4 News technology producer Geoff White came up with the concept of "Data Baby" - a project that looked at the personal information of a fictitious young woman in London, who used a variety of social media and IT devices in her personal capacity. The team created an entire online life for the virtual persona - called Rebecca Taylor.
Rebecca Taylor was given a Facebook page, Twitter account and an active life on the Web - much like many of SA's smartphone users.
White says the team wanted to see how information was automatically sent to Web sites from mobile phones. "We approached MWR InfoSecurity and asked them to build a data interceptor that would track what the phone was doing and then analyse the results." He says what came back was "amazing".
He says smartphones have taken the use - and abuse - of personal data to a whole new level. "Always with us, always connected and usually running dozens of apps, our phones have massively increased the amount of information we send and receive every day."
Another pertinent and scary fact White points out is that users do not necessarily have to be talking, texting or browsing for their smartphones to be emitting information. He says the Channel 4 experiment showed that a phone is sending out hundreds of thousands of messages every day, whenever it is switched on.
Menacing malware
Craig Rosewarne, MD at Wolfpack and founder and chairman at Information Security Group of Africa, says the facts are frightening when it comes to the vulnerability of smartphone users and their personal information.
The latest mobile malware statistics are alarmingly high, says Rosewarne - especially for Android, because it is an open platform. "The beauty of Android is its openness, but on the flipside, it means users are vulnerable [to malware attacks and information theft]."
Rosewarne says while Android has the global market share, the platform is also responsible for 97% of mobile threats detected in 2013. Referencing the latest mobile threat report from online security company F-Secure, he says more than 100 000 variants of malware were found on Android during 2013. "No new malware was found for BlackBerry, iOS or Windows."
Rosewarne says there is some "seriously scary" malware out there, including strains that can compromise sensitive information, like bank details.
"Another incredibly scary thing is spyware. For a nominal fee of about $8 a month, you can get spyware that will give you direct, live access to every single thing that goes on with a person's smartphone - from listening in to Skype calls, reading texts and e-mails, and even turning the device into a microphone to listen in on conversations."
He says this type of Spyware requires physical time with the phone for the installer to make it work. "Even so, the spyware side of things is very dangerous and there is plenty malware running around at the moment, both oversees and in SA."
A case in point for the ills of mobile malware, Rosewarne refers to a recent incident that took place in Saudi Arabia when a group of women defied the country's rules and authorities and decided to drive - a forbidden act by a woman in the oppressive Middle Eastern regime.
"When the women launched a campaign, on 26 October, advocating the right of women to drive, mobile malware attempted to block their efforts. For example, a piece of Android malware, which looked like an app in support of the campaign, came out. When loaded on the women's phones, it would spread hate propaganda and even scour their contact list to harvest names and numbers to send to a remote site."
Another capability the malware had, he says, is access to what the phones played. "When the women plugged the headset in, it would start playing hate songs like 'No woman no drive' - and that is all it could play - they would not be able to listen to anything else."
Share