back to article Finders of lost mobes can't resist staring at privates

A Symantec-sponsored experiment has discovered that people who find lost smartphones* almost invariably attempt to have a sneaky peek at their owners' data. As part of the Smartphone Honey Stick Project, 50 specially configured smartphones were deliberately abandoned in public locations (eg, food malls, public transport stops …

COMMENTS

This topic is closed for new posts.
  1. Bakunin
    Devil

    "Two things would have protected all of the data ... "

    And it just so happens we sell one of them. What a coincidence!

  2. This post has been deleted by its author

  3. I ain't Spartacus Gold badge

    About 50% of people were naughty snoops. About 50% of phones got returned. So can we assume that half are good, just look up the address and hand it back, while half are bad? Or do half do all the snooping, then hand it back, while the other half just wipe the thing and keep it?

    I'd have hoped that more than 50% would make it back, even if nowhere near all. Oh well.

    The only figure they seemed to have that wasn't close to 50%, was 87% looked at corporate data. Which I'm guessing means the address book, to find the owner.

    Sent from someone else's iPhone.

    1. Anonymous Coward
      Anonymous Coward

      erm...

      given that 1 phone = 2%

      there are an awful lot of odd numbered percentages..

      87% looked at corporate data?

      on 43.5 phones?

      im confused.

      1. Dashing Partycrasher
        WTF?

        Re: erm...

        My thoughts exactly. The odd numbers sound fishy to me, and I wouldn't be surprised if some of their numbers were adjusted to suit the desired results. Symantec, care to explain?

  4. Anonymous Coward
    FAIL

    Not quite sure what is proved here.

    If I found a mobile phone, my first reaction would be to try to determine the phone's owner by looking at said private data. I would first look at contacts to phone one of their friends: they would probably know whose phone it was from the number. Failing that I would look at email and see if I could send the owner an email message.

    Is that peeking? Well yes I guess it is, but how else would you return the phone?

    1. Anonymous Coward
      Anonymous Coward

      Re: Not quite sure what is proved here.

      Yeah you need to peek unless the owner rings it from another phone.

    2. Anonymous Coward
      Anonymous Coward

      Re: Not quite sure what is proved here.

      Hand it in to the store where you found it?

      Hand it over to the police?

      In both cases get a receipt and make sure it's registered in lost property logs if available.

      I've found several phones lost in car parks, stores and on a bus, at no time did I feel it necessary to look at personal data and in two instances I had thank you letters from the owners passed on to me by the police.

      Now if the bastard who found the (not very expensive) gold chain that was given to my GF by her dying mother was any kind of decent person....

      1. Equitas
        Happy

        Re: Not quite sure what is proved here.

        AC has a touching faith in the competence and the industriousness of the police who, the chances are, will simply treat the mobile as they would an umbrella handed in.

        Anyone who really has a concern to get the phone back to its owner will take another tack.

        Never lost a mobile myself, but had a good experience with a memory stick which dropped out of my briefcase in an Edinburgh taxi. When I arrived back in the UK I got a text message telling me it had been passed to someone who had examined it for identification, found the owner file and posted it to my home. No ID of the good Samaritans so could only contact the taxi company to thank them and ask them to make my appreciation known to their drivers. I would willingly have refunded postage and given a tangible token of my appreciation. Meanwhile, I know that City Taxis are worth patronising in Edinburgh.

    3. The Jase

      purse

      The ex found a purse left on a phone box once.

      No money inside, but there were cards. I tracked the owner down by her friend's number on a bit of paper in the purse and returned it.

  5. Anonymous Coward
    Anonymous Coward

    Oh noes!

    89% of people are guilty of unlawful access... Extradition request from the US incoming any moment now!

    1. Vladimir Plouzhnikov

      Re: Oh noes!

      You mean indictments, probably. It was all done in the US already...

      1. Anonymous Coward
        Anonymous Coward

        Re: Oh noes!

        or an instant long-stay holiday to Cuba.

        Haxorz are terrorists don't you know.

  6. Dotter
    Facepalm

    How many people really own Android phones (or other smartphones) and not set some sort of lock be it password, PIN or otherwise on them?

    1. Anonymous Coward
      Anonymous Coward

      "How many people really own Android phones (or other smartphones) and not set some sort of lock be it password, PIN or otherwise on them?"

      Ummm . . . . :-X

    2. Miffo

      More than you think! If there's 850,000 activations per day (that's just Android) then there may be one or two without password - mine included!

      1. Anonymous Coward
        Anonymous Coward

        Mine too! Lazy git I am. AC obviously.

  7. Anonymous Coward
    Anonymous Coward

    50% ended up at the local crack converters

    or other pawn shop :D

  8. Michael Jennings

    Password protect it and you don't get it back.

    I have returned phones that I have found to other people, and other people have returned phones that I have lost to me. In both cases the information that allowed the owner to be identified and to get the phone back would not have been accessible if the phone was password protected. So there is something to be said for less security rather than more.

    1. TRT Silver badge
      Facepalm

      Re: Password protect it and you don't get it back.

      I stuck a label with my name and mobile number on the back of mine. Simple.

      Or get it engraved.

      1. Morphius
        Meh

        Re: Password protect it and you don't get it back.

        "I stuck a label with my name and mobile number on the back of mine. Simple."

        Awesome, so they can ring the phone that they are now holding. A very random suggestion - of course I assume that you have two mobiles. But then, what happens if you lose both.....

      2. CraPo
        Facepalm

        Re: Password protect it and you don't get it back.

        You stuck a label with your mobile phone number....on the back of your mobile?

        1. petur
          Coat

          Re: Password protect it and you don't get it back.

          I stuck the label on the inside of the battery compartment of my iphone. Oh wait....

        2. Andus McCoatover
          Windows

          You stuck a label with your mobile phone number....on the back of your mobile?

          Not stupid at all. Dunno about anywhere else, but in my country I just call a number (118?) and the operator tells me the name and address of the person. Some elect to have this info. withheld, but I reckon the benefits override privacy.

          1. The Infamous Grouse
            Meh

            Re: You stuck a label with your mobile phone number....on the back of your mobile?

            Really? So if someone clocks you over the noggin and steals your mobile, all they have to do while you're staggering to A&E is call the operator who will happily hand over your name and the address of your (very likely empty) house? This might be a beneficial service in Finland but I can't imagine it going down too well in Blighty.

            1. Andus McCoatover
              Windows

              Re: You stuck a label with your mobile phone number....on the back of your mobile?

              Yeah, point taken.

              Maybe they should require at least the caller's Social Security number, so they can verify first.

              OK, the police'll do this automagically for you.

              Going down well in Blighty? It was a SHOCK! I tell you - SHOCK!! to discover in the Daily Flail (Saturday) that (apparently) some garages read your number plate to verify you're not a known petrol thief, before they'll dispense petrol...

              OK, I was used to this in the US, but all you had to do was take your credit card to the cashier, swipe, then you could fill up.

              Finland's got it licked. No attendants. Machines accept notes or CC's, THEN you can fill up. Simples.

        3. TRT Silver badge

          Re: Password protect it and you don't get it back.

          Actually my iPod; I can't afford an iPhone. And I do have two mobiles, private and general.

          1. TRT Silver badge

            Re: Password protect it and you don't get it back.

            Not that I'd want an iPhone to use as a phone anyway. I'd rather have a phone to do that, you know, something where the battery lasts more than 12 hours between charges. I have an iPod which can bluetooth PAN to the 3G network if I really find I need data access in the middle of a field or somewhere.

    2. Fogcat
      Alert

      Re: Password protect it and you don't get it back.

      Or simply change your lock screen wallpaper to something that has "if lost please contact...." in the graphic and you can keep it locked ... simple.

      1. Dan 55 Silver badge

        @Fogcat

        You shouldn't need to mess around with Paint putting text on a wallpaper in just the right place though. All lock screens should have a user-configurable string but I think only Crackberries allow you to at the moment.

    3. Steve Evans
      Pint

      Re: Password protect it and you don't get it back.

      I actually had a fun evening of hunt the owner a few months ago. I found the phone on a pub seat where two girls had been sitting. Me and my friends enjoyed our beers expecting the girls to return any minute. They didn't, so I rang the last number the owner had called, hoping it was the person they were with that evening. It wasn't, it was a work mate. I explained what had happened and he tried to guess who the friend was from my description, and call them. No luck.

      What followed was akin to a keystone cops chase with him suggesting every drinking establishment in the area where they could have gone, and us lot having a drink in pretty much all of them.

      Eventually we gave up on the grounds of imminent liver failure, but agreed we had got to visit some very interesting and new establishments!

      The next day I received a call from the owner, and arranged to return the phone later in the week when I was back in the area, in the mean time I offered to download all the contact details and send them over so she wouldn't be without numbers. She was a little surprised this was even possible, but gratefully accepted.

      The phone was eventually returned, and I earned some more beer for my troubles :-)

      1. dogged

        Re: Password protect it and you don't get it back.

        (genuinely) cool story, bro.

  9. Anonymous Coward
    Anonymous Coward

    I think honorable editor may have made a typo...

    Was this called "Operation Honey Pot" or "Operation Horny Pot"?

  10. CraigRoberts

    Locked Phones

    I don't lock my phone - I use iProtect (jail broken iPhone) to lock individual apps... So if I lose my phone (or get hit by the metaphorical bus) people can use the phone, see my contacts etc etc etc but my SMS, Email, Twitter and all that kinda stuff needs a pin code to access...

    ... Switching to Android next month - hope there's a similar app for it?

  11. Anonymous C0ward
    Devil

    And if you want to be evil...

    Pull the battery before moving it, so it won't alert the rightful owner. Then when you get home, look at the SD card, because that is where any n00dz will be. If you turn it on, pull the SIM card first and don't connect it to WiFi.

    (SIM and phone PIN enabled, USB ADB debugging disabled, Google Apps Device Policy and Lookout installed here)

  12. Paul Hovnanian Silver badge
    Devil

    How else ...

    ... will I know I'm returning the phone to the correct person? Show me that private mole/tattoo/whatever hon' so I'll know this phone is going to its rightful home.

  13. Graysonn

    One of the first big net viruses was spread by guys who wanted to look at naughty pictures of a tennis player and would click on anything that had the name Anna Kournikova. And the guys in this experiment are surprised that people open a folder called private pix.

  14. Archimedes_Circle
    Holmes

    Couple of things

    There is, admittedly, a smidge of alcohol behind this overview, but anyway:

    1. Yes,the percentages make no sense whatsoever.

    2. I desperately wish to look at the indivudual data for the latency between discovery of phone and access attempt. x_bar=10.2 but the median is 59 minutes? Who waited forever? Stnd. deviation would be far more useful.

    3. Point number two leads into this one: the data supposedly dropped off for all but a few after seven days.....which smartphone lasted for 7 freakin days? Seriously. I can get maybe 20 hours if I'm good on my phone. I guess they could have installed extended batteries, but still. 7 days with continuous or near continuous gps fixes?

    4. Again, on that note, did any of the phones die before being accessed? At least two of them disappeared completely. Another 5% (again with the weird percentages) were moved but not accessed.

    Wouldn't a more interesting study be leaving 50 phones with some sort of pin code enabled, and then look at people do with those. After all, what IT policy would allow a phone to not be secured and encrypted. Look at how many people are actually interested in getting into these devices when the bar is set a little higher. As opposed to empiracle evidence that human curiousity is a bad thing for secrets. Pandora's Box, Garden of Eden parables anyone?

    Interesting though, the project head's original research was in looking at the same concept, dealing with usb sticks. Stuxnet anyone? Or the blinkin obvious.

    Heyhey! Maybe the annoying percentages are due to the fact that 47 devices were reported upon in some cases, not 50. No, guess not.

    And what is this about "Note that on most smartphones, there is not an easily accessible file system as there is on personal computers. So, document type files less commonly appear on the home screens of most smartphones. Therefore, the majority of the icons on the devices leveraged for this study represented apps that initiate a program on the device"

    Each version of android I've played with has had a file manager, and it's not like it's difficult to access adobe and have it pull up accessed files. Who honestly thinks someone keeps HR-UBERSECRET.pdf on their homescreen.

    Recommendations: Do not lose your phone....NO SHIT Sherlock.

  15. Anonymous Coward
    Anonymous Coward

    No great surprise

    As humans we love to look at other people, it's buried in the very fibre of our being, our nature to know how other people live and play. When we get a chance to have a sneaky peek at someone else's private life, we can't help it, just to see how it compares to our own.

  16. Chris Glen-smith
    Unhappy

    Don't expect the operator to help.

    When I lost my Google G1 (slipped out of my pocket in a Taxi in Singapore!) I bought a second hand replacement on Ebay, it duly arrived and I put my replacement Sim in it. Didn't work, seemed to be blocked (though strangely I could still access internet), I called T-mobile to enquire and they said registered stolen but wouldn't help futher!?. I contacted the seller - no reply, I raised a dispute on Ebay including saying the phone was stolen and would you belive it they said I had to send it back to the seller for a refund!!!! I didn't, meant to give it to the police but never got round to it.

    Oh and the phone had pictures of the the previous owner,( a rather cuddly black girl), her face and, yes, her t*ts and her p**sy!!! Unfortuanately not my type so not w*nk worthy

  17. Anonymous Coward
    Anonymous Coward

    Woah

    Tad too much information there!

  18. Alan Edwards
    Thumb Up

    96%

    > A grand total of 96 per cent of lost smartphones were accessed by the finders of the device.

    The other 4% went straight for the factory reset and walked off with it :-)

  19. Anonymous Coward
    Anonymous Coward

    SOP in USA: Find phone, no password/pin locking it

    Check contacts. Look for Mom, Dad, Wife, Husband. If found, call cell number. Tell them you found the phone. Ask where to meet.

    If not contacts with those IDs, start randomly calling numbers in contact list. Eventually you'll find someone who knows the owner.

    Admittedly we did have trouble keeping the one guy from rifling through the pics looking for nudies. His attitude was that if it was a pic on a cell phone with no password/pin, it was just like finding a lost photo album on the street. What did amaze me was the number of people who had nudies on their phone. Because yes, he kept a running count of how many he found. If you were foolish enough to ask, he'd also rate them and offer to point out the phone containing them.

This topic is closed for new posts.

Other stories you might like