week 22: mobile devices

alison · October 21, 2019, 1:51pm

unexpected last minute topic change this week, but still a good one! the video is up. here are some questions for us to discuss:

What are some of the unique challenges to privacy on mobile devices?
What are three steps someone could take to better secure their mobile device?

jtidal · November 1, 2019, 4:20pm

I think some of the more unique challenges is really thinking about what permissions are given to what apps. Even further, what apps are “safe” and aren’t just scams. I feel like I’ve downloaded some questionable mobile apps that wanted access to something and I immediately deleted them.

So, I think one step to secure their mobile device is to recognize what apps have access to what. The second is to at least put a password on your device. The last is to just make sure your phone is updated with patches.

I also think it’s important to have a little knowledge on how cell phones operate, such as they’re always pinging their location and finding a tower when they move from cell to cell.

michellenitto · October 24, 2019, 9:11pm

I really enjoyed this presentation, especially because I’m working with a member of cryptoparty on how to secure mobile devices at NYPL this weekend!! So this is all super helpful.

I feel like a lot of these “low-hanging fruits” could be offered as drop-in services to library patrons. I am imagining this could be easier to do in a public library vs an academic library, but I could be wrong. I’m envisioning a week for phone security, where a specific area of the library could be designated for full desk encryption, another for how to do local back ups, etc. with a staff member assisting with doing mini lessons and repetitive demonstrations. Again I am just imagining this and understand that all libraries usually face being short-staffed and having low funds, but imagining future programming proposals can’t hurt!

Doing a demonstration of what permissions are granted by certain apps could be a good starting off point to show patrons how pervasive privacy intrusions are by companies on mobile devices.

unique challenges: constant pinging of cellphone towers, your location is constantly made visible to cellphone providers. and also depending on what permissions are granted to like googlemaps, etc. - your line of travel is also made visible to companies. faraday fabric could prevent this?
three steps for securing mobile devices:
-updating device.
-checking what permissions are given to apps and when
-download encryption apps

after radnetworks this weekend, i started to daydream about a faraday fabric making workshop (creating cases for their smartphones) for library patrons. @Maty_C and i chatted about how fun this could be.

alison · October 25, 2019, 1:22pm

Oh I love this idea. I think even the busiest libraries could at least have trained frontline staff who are ready to help with these basic tasks. And then you put up some signs offering the services, and you schedule an on the spot 5-15 minute appointment with a librarian to do it.

I would love to see you do this!

Gittemeier · October 25, 2019, 4:19pm

Just heard a story on NPR this morning related to this - How Hijacked Cellphone Numbers Can Be Security Risks

https://www.npr.org/2019/10/25/773305389/how-hijacked-cellphone-numbers-can-be-security-risks

ktrinh-sy · October 30, 2019, 9:54pm

I’m going to have to get in on this.

michellenitto · October 31, 2019, 3:45pm

please do. once i land a public library job, i think it will be one of the first programming ideas/events i try to make happen!