Mobile Misconceptions

Mobile misconception 1: "My data is safe in the cloud!"

This is not always true.

Although reputable providers ensure the (technical) "security" of your data, some still use it for their own purposes, such as advertising. Sometimes they also discontinue their service at short notice.

In addition, foreign providers are not subject to German law. In the USA, for example, only the data of US citizens is really protected by law, and even then according to completely different principles than in the EU.

Furthermore, the data "in the cloud" is only as secure as the way there: if your mobile device is in an open WLAN or is stolen and is only protected by a simple PIN or lock pattern, your data is quickly at the mercy of the thief.

Malware can also infect your device - and then access your data.

See also: BSI-Sicherheitsirrtümer-Mobile-Sicherheit


Mobile misconception 2: "Free public Wi-Fi is practical, cheap - and secure."

The first part of the statement is correct. Unfortunately, the third part of the statement is only partially true.

Many public, free WLANs are unencrypted, i.e. your data is transmitted openly between your mobile device and the WLAN access point and can be intercepted or modified.

You can also quickly catch malware.

Make sure that even free WLANs are at least WPA2 encrypted, or only transfer data that is already encrypted on your device or transfer all data via a VPN in open WLANs.

In general, you should only switch on the Wi-Fi function on your mobile device when you really want to use it and otherwise leave it switched off. Anything that is not switched on cannot be hacked.

After using a WLAN, you should delete it from your device's list to prevent unintentional logins at a later time.

See also: BSI-Sicherheitsirrtümer-Mobile-Sicherheit.

Members of TU Braunschweig can find further information on the WLAN provided by the GITZ  and here GITZ-IT-Dienste.


Mobile misconception 3: "A newly purchased smartphone is always safe."

Unfortunately, this is not the case.

You don't know how long the device has been with the dealer and how many security updates have been released between production and purchase.

You should therefore always install the firmware and all apps and other updates for the device immediately after purchase, and also install a virus/malware scanner - which is usually not included.

In addition, the security settings are often set very laxly at the factory, so you should definitely check what is set and adjust the settings if necessary.

Of course, you should activate encryption if it is offered.

And you should delete all data from the old predecessor device and, if necessary, destroy the old SIM card if it is no longer in use.

See also: BSI-Sicherheitsirrtümer-Mobile-Sicherheit 


Mobile misconception 4: "Activating automatic updates and upgrades is sufficient protection; I don't need to worry about vulnerabilities."

Natürlich sind automatische Updates sinnvoll.

Aber nicht alle Hersteller und Programmierer kümmern sich um Sicherheitslücken.

Außerdem werden manchmal nicht für alle Geräte oder Betriebssystemvarianten auch Updates bereit gestellt, oder teilweise mit erheblicher Verzögerung.

Informieren Sie sich daher über Schwachstellen und schalten Sie ggf. betroffene Funktionen ab.

Eine gute Quelle ist der BSI-für-Bürger Newsletter: BSI-Sicher-Informiert-Newsletter

Siehe auch: BSI-Sicherheitsirrtümer-Mobile-Sicherheit