 |
| Everyone wants your phone /photo-illustration: Vijay Verghese |
I WAS HAVING DINNER with a friend recently when a distinguished looking gentleman glided past, a glamorous siren draped over one arm, both besieged by fussing waiters. When the eddies of rustling menus and obsequious whispers had subsided, my friend turned to me, face flushed. "I would never marry a good looking guy," she huffed. "Pray why not?" "You can never trust a good looking man." We pondered this for a moment, she over a Veuve Clicquot, and I over a cup of hot green tea. The idea that an exquisite woman could marry some ugly porker and sip Fat bastard Shiraz for the rest of her life, took a while to percolate. "You'd marry an ugly guy?" "Yes". I wished I hadn't shaved or worn a tie. I also wished I had had the foresight to smack my face with a hot frying pan.
This sort of thinking is not uncommon and upends any thesis of Darwinian evolution into a world peopled by Amazons and gods all secure in their perfect profiles. I've waited nigh on 56 years to see, and perhaps enjoy, this miracle, but now we are careening headlong towards the Planet of the Apes. Marrying ugly – and then having your countenance challenged offspring pairing even farther down the looks gene pool – would result in, well... you get the drift. Pulchritude could soon be a crime. Whatever happened to looking for a "good" person? Or finding your inner child? Or self confidence?
Send us your Feedback / Letter to the Editor
There is a serious trust deficit when it comes to modern relationships. This has spawned bizarre solutions like FlexiSPY that enables eavesdropping on your near and dear. "You have the right to know if your partner is sleeping with someone else," the company advertises. I guess it's time to toss out my teddy bear. The programme is easily installed on any cell phone and enables the wiretapper to listen in to calls, read SMS messages and e-mail, track GPS location, send an alert if the SIM card is changed, and even turn the target's phone into a live microphone to pick up ambient sound.
Your best friend, that humble mobile phone or Wi-Fi enabled device, is under threat from phishers, scammers, and now, jealous partners willing to shell out US$349 a year for the devious, if chatty, comfort of FlexiSpy. Travel has never been so precarious.
The wireless world comes with the certain knowledge that someone may be able to snoop on you and compromise your conversations – and bank accounts. Most travellers never consider it might affect them. Yet it does. In a number of ways. The problem arises with "unsecured" connections between your mobile device and the network you are currently plugged into. Unsecured, or unencrypted, exchanges are a constant source of vulnerability. This applies equally to your wireless router at home or at the office that may be open to easy hijack.
The network you have accessed could be a scam. Your private data is now moving first to the rogue interceptor device, perhaps at the next table, before continuing to a legitimate network
The simplest scenario is where you flip open your laptop or cell phone and attempt to pick up a Wi-Fi signal, say at the local Starbucks. Your device identifies a network and logs on. This might be a network identified simply as "Free Public Wi-Fi". The potential problem here is the network you have accessed could be a scam with the result your data is now moving first to the rogue interceptor device – perhaps a laptop at the next table – before continuing to any legitimate network. If your data is unencrypted it is open to viewing by any third party. This sort of attack or information heist is effected through clever use of a "bridge" between you and the real network.
Someone with the right equipment could also set up a fake GSM signal to con your phone into thinking it was talking to a legitimate cell tower, thereby intercepting your calls to listen in or redirect as desired. Of course 3G is more secure but GSM is in wide use and also offered as a backup if the 3G signal has been jammed.
A scammer might log on to your unsecured home or company Wi-Fi transmitter, and begin operating on the internet under your "shield". Whatever this person does will appear to be activity originating from your PC or mobile device. He might ogle at penguins or pandas, or get up to more pernicious activity, like voting for Rick Perry as the GOP choice. He can burn up your bandwidth allowance with child pornography downloads leaving you to pick up the bill and the consequences. And once his laptop has remembered your location, he will have little trouble logging on subsequently.
"Packet sniffing" is another egregious practice, easily accomplished with a Firefox plug-in like Firesheep that literally sniffs for cookies in the vicinity from social network sites and Web mail. Once you've hijacked someone's live session you can then log on as that person to cause endless embarrassment on Facebook or any mail account. Firesheep opens a sidebar on your browser with a "start capturing" button which, once activated, collects all available sessions in the vicinity. You double click any one and log on as that person. This is almost as scary as the aforementioned Mr Perry saying he has five things he would do if elected – and not just three. Mozilla, the open-source sponsor of the Firefox browser, maintains the plug-in is indeed, as its architect avers, a device to unmask loopholes rather than exploit them. And Android phone users can exploit open Wi-Fi security lapses with Faceniff.
Fortunately, the growing use of HTTPS (secure hyper-text transfer protocol) on Web servers is denting some of Firesheep wannabes' woolly enthusiasm, though the proliferation of UIOW (utter idiots on the Web) evens the balance somewhat. There are encryption solutions like OC Shield too that scramble Wi-Fi data. But then the best scams are the simplest ones. Like ringtone downloads. This is the easiest way to import a Trojan virus into your phone turning it into a potential zombie awaiting its master's call for the next DoS (denial of service) attack. You may have received SMS messages purportedly from your bank announcing your account was to be suspended unless you paid some fee or sorted out some irregularity by calling a toll-free number – where your PIN and account details will be requested. Don't respond to gobbledegook alerts. Your bank has several secure ways to reach you should it transpire a Nigerian dictator has perished leaving his entire fortune to you.
At airports, turn off your Bluetooth device or disable the "discoverable" mode. This prevents prying eyes. And beware of pretty women. Especially if they ask you to marry them. It's NOT a compliment. Safe travels.
Send us your Feedback / Letter to the Editor |
