If you needed one more reason for protecting your phone with a passcode or fingerprint, here it is: there’s a good chance that one or more of the people close to you have snooped on it in the last year.
A group of researchers from University of British Columbia and University of Lisbon have polled 1,381 users via Amazon’s Mechanical Turk, and the results they gathered have shown that:
- 31% of participants looked through someone else’s phone without permission in the last 12 months. “We adjusted the [collected] data to the US population estimates from the 2010 Census, and obtained an estimate of 20% for the US adult population,” the researchers say.
- These snooping attacks (or, as the researchers dubbed them: “lunchtime attacks”) are more likely to have been effected by young users (18-24 years of age) and users who own smartphones.
“The more people use their devices for personal purposes, the more likely they are to snoop on others, possibly because they become aware of the sensitive information that is kept, and how to access it,” the researchers noted.
These findings do not bode well for the future, because more and more people are likely to adopt smartphones.
“As spearfishing and insider threats have gained more attention in the computer security community, so have socially-close adversaries been recognized as a threat to personal mobile computing,” the researchers pointed out.
“Younger users, the so-called digital natives, are indeed more concerned about insiders: they are more aware of threats with a social context (like those arising from loss, theft, snooping or shoulder-surfing) than of threats with a technical connotation (like those arising from malware or network attacks).”
The results also definitely show that even among the people we apparently trust not to look through our phone while we’re away from it or to whom we borrow it for specific, limited use, there are those that shouldn’t be trusted.
While a snooping incursion from a coworker might not hurt as much as that of a spouse or relative, it’s clear that, if we want to keep the contents of our phones safe from “socially-close adversaries,” we must always carry them with us, never lend them out for use (or supervise that use closely), and use mobile authentication (passcodes, biometric authentication).