Nick Savvides, Security Advocate, Norton by Symantec.
“We’re seeing 100,000 infections a day on Android, and that growth is exponential compared to two years ago.”
What’s so dangerous about using public Wi-Fi?
One of the big things is that a bad guy can monitor all your communications. They are looking to do things like password theft, user profiling, injection of malware. The other is a general online issue, where you’re continuously monitored by ad profiling networks that understand who you are, where you are, and what you’re doing.
We know most consumers are concerned about this. And a big focus on what we do at Norton is to make it more secure for people to go online, with tools like WiFi Privacy that encrypts internet traffic so no one can observe what you’re doing.
You once said that passwords are crap. Why?
It’s not that the password is inherently bad, it’s the way we handle them in the real world. That’s why we need to use two-factor authentication wherever possible. Do it even if it gets in your way, because that little piece of friction is worth a lot when it comes to your security.
Security shouldn’t be frictionless, because if you land in another country and use your credit card, you want the credit card company to do something like send you an SMS asking you to confirm that you’re making that transaction.
What worries you most right now?
Probably the number of un-patched Android devices and the IoT devices that people are buying and sharing personal information on. The reason I mention Android specifically is that a lot of Android devices will never be updated. No one will ever fix them, and they are being actively exploited. We’re seeing 100,000 infections a day on Android, and that growth is exponential compared to two years ago.
On the connected devices — big deal if someone hacks my smart scale, you know? They’ll just know I’m too fat. But I’ve got a teddy bear that I can squeeze a button on and record a message. My son can record a message and send it to me. But how is that information being secured? Where is it going? That’s my big concern because a lot of those devices are just crap-ware. They’re just not secure.
So what do you do when you get a new device?
The first thing I do is ensure that I do a clean install of the operating system, and then I ensure the OS is up to date. That’s the number one thing because that is where most people will get pulped, if they don’t have up to date operating systems. And it doesn’t matter whether it’s a PC or a device like a Wi-Fi fridge, ensure that you update the firmware immediately.
One of the interesting stats that came out from our Internet Security Threat Report this year is that a connected device will take, on average, two minutes to be attacked once it’s connected to the internet. So it’s also really important to change default passwords and to do that before it’s online.
That’s what I would do, and of course, use a very good internet security product like Norton Security for mobile, or for PC and Mac.
PHOTOGRAPHY VERNON WONG