Disable Bluetooth and WiFi, systematically use biometric locking and above all… turn your cell phone off and on again at least once a week. These are the basic recommendations for protecting your personal information according to the NSA, the American Defense Intelligence Agency.
Posted at 3:29 a.m.
Updated at 6:00 a.m.
Restarting your phone can deactivate code that may have been installed on the device without the owner’s knowledge. This recommendation is part of what the NSA considers to be its “best practices” when owning a smartphone. This goes for an iPhone or an Android phone. American cyberespionage experts say it: when it comes to cyberthreats, all motives are equal.
Have confidence… but not too much
Some of these recommendations are easier to apply when you have a recent smartphone from a well-known brand in your hands. Fingerprint readers or facial recognition are relatively new biometric identification tools. A good PIN will usually do the trick.
The NSA suggests “only trusting accessories you trust,” which is easy when there is a certification program with a logo that confirms that the accessories you buy are “designed” for the device ( Hello, Apple!).
The NSA reiterates the importance of only installing applications from official or recognized stores.
The risk of installing a malicious application from an unreliable source is the argument put forward by Apple to defend itself against the requirement imposed on it by the European Union during the summer to open its iPhone to app stores that are not its App Store.
It is not uncommon on Android to be offered in the browser to install an application that comes from a website, and not from the Play Store (or the manufacturer’s store). Several sites offer all the applications found on the Play Store for free, and sometimes more.
Unless you are sure of what you are doing, you can quickly get lost… And of course, phishing campaigns take advantage of this to send, as an attachment to an email, a text message or other, a file installation of an application for Android which can be tampered with.
These files have a name that ends with “.apk” (for “Android Application Package”). Like ZIP or “.exe” files on Windows, if you don’t know where it comes from, the NSA recommends not touching it.
The behavior to adopt according to the NSA is to be wary of everything, unless you can be 100% sure of the source of the content you want to view on your mobile. Or on his PC.
Go ahead, turn it off!
The NSA goes far. She suggests in particular “not talking about any sensitive subject near your phone”, and using a case that “scrambles the microphone and hides the camera”. The US federal agency suggests avoiding any sensitive conversations on the device itself, whether spoken or written, unless you use an application that encrypts your exchanges end-to-end.
On that note, good news: messaging from Apple, WhatsApp and, more recently, even Facebook Messenger offer the possibility of end-to-end encryption of your exchanges.
This does not eliminate all risks. The NSA recommends systematically updating your phone’s software and applications. Unknown sources pose a problem: even legitimate, they will not automatically update your mobile.
Bluetooth, WiFi and wireless protocols like NFC (for Near-Field Communicationused in particular for contactless payment) allow applications on your phone to extrapolate your location, without using GPS. If you absolutely want to not be tracked, you should turn off location services, then turn all that off as well.
Newer phones allow you to only authorize (or not) access to these services to applications you trust.
Unsurprisingly, the NSA also advises against jailbreaking (“jailbreaking” or “rooting,” as they say in Beloeil) your phone… or letting your nephew do it for you.
As the agency summarizes: “several applications that offer more convenience or versatility will sacrifice the security” of your mobile or its data. The key is to find the right balance…
