Uncategorized

Experts warn: PIN is not enough to protect the phone | your technology | Country



Mobile phone theft has become a disaster that manufacturers are trying to deal with by using remote or geolocation blocking systems. The stations, until now, had only one destination: the flea market, where we ended up selling at the buying and selling gates.

However, a new intent was revealed after the terminals were stolen: access to digital identity, and with it, much greater economic damage. he Wall Street Journal It picks up on this growing trend in bars and coffee shops in the US: the victim is monitored and observed (and in some cases, recorded) how he or she enters the password on the screen and, if censored, the device is stolen.

Six Numbers: A shaky lock, prelude to a nightmare

The bandit’s operation is very simple and profitable, and its success lies in a series of serial vulnerabilities. The first of these, human convenience: it is much easier to unlock the phone by entering a few numbers, rather than doing it with several letters that include numbers and symbols. The user’s conscience is at ease in thinking that it is the biometric system that protects their information – should it contain it on the device – but all cell phones are unlocked with a code in case the biometrics fail.

This is where the difficult balance between comfort and safety comes into play. A four-digit PIN allows you to quickly unlock the screen and, of course, is very easy to remember. Especially if it is the same sequence used in ATMs, the gate access code… Human beings are eminently pragmatic and always try to find the shortest path between two points. In the case of passwords, even knowing the risks present when complex combinations are not used, the brain continues to choose abbreviations, ignoring this exposure to risks.

See also  Elon Musk launched the Twitter subscription back on Monday, priced at $8 on his website and $11 on Apple | technology

Indeed, a study conducted by researchers from the Chinese Zhejiang University showed that the brain behaves capriciously when it comes to remembering (or forgetting) passwords: it easily stores in memory those sequences that it did not know about. Special interest in remembering. That is, if someone, for example, makes an effort to remember a new password (let’s say 1564), and upon returning home, looks confused at the gate number (say, 1345), then it will be much easier for him to remember the second than the first.

The password doesn’t have to be comfortable, but long and complex

“Once you know the PIN used to unlock the phone, not only can you gain access to the content of the device, but also to the content of some applications that use this blocking system as a way to verify access. Most banking applications, for example, explains Cristian Collado, Coordinator Andro4all In this way, the famous pin is the last door through which attackers access all information of the owner of the mobile phone, including bank accounts (if configured on the mobile phone).

Ironically, the same manufacturer that invests in high-end biometric unlocking solutions allows all this security to be cracked with just six figures. Cuadernos de Seguridad Director Adrián Moreno explains, “We trust the entire supply chain, from the manufacturer to the company that sells to us; we trust the designers, the company that writes Programming And in the antivirus program.

But it is the user who ultimately chooses between convenience and security, and may assume the latter. “The ideal method is to use biometric methods — a fingerprint reader or facial recognition — to unlock a mobile phone in public,” Collado recommends. If that’s not possible, make up a PIN of 6 or more digits, or an alphanumeric combination. The password has letters, numbers and symbols. The ultimate goal is to prevent someone from spying on the on-screen activity and proceeding to steal the device.

See also  Andrew Marantz: “Social networks have accelerated the reach and breadth of far-right messaging.” | technology

Once you commit the latter, everything happens very quickly. Criminals get into your mobile control panel within minutes and change your Google account password (if it’s Android), or iCloud (if it’s an iPhone). With what purpose? To prevent it from being restored from another device, on the one hand, and on the other hand, to deactivate its geolocation.

What do you do to protect yourself

Joanna Stern, author of the report on Wall Street Journal, highlights that the interviewee discovered her iPhone had been stolen in a New York bar; Barely 3 minutes later, he lost access to his Apple account and in less than 24 hours, he saw $10,000 of investment funds in his possession disappear.

The good news is that, as obvious as it is, the solution is quite simple: make the password copy as difficult as possible. In this regard, experts urgently suggest avoiding simple strings of numbers (four or six characters) and instead make the password as complex as possible. Ideally, it’s best to make it long and include special characters and mixed case.

Obviously, by overcomplicating the password, you lose agility and memory when entering a PIN of a few digits, but that’s a fee to pay for security. Experts go even further in their recommendations: They urge that the mobile phone unlock code be as loose as possible with access to certain accounts. In this way, the second vulnerability will be reduced: allowing access to accounts with hacked content using the same password that protects the screen.

You can follow country technology in Facebook And Twitter Or sign up here to receive The weekly newsletter.

See also  A group of experts in artificial intelligence breaks away from the government over moral inconsistencies | technology



Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button