No-well, No-well - keeping your Christmas gadgets safe By Prof Alan Woodward

Department of Computing, University of Surrey Published duration 25 December 2014

image copyright Thinkstock image caption After the excitement of unwrapping a tablet or phone take time to make sure it is secure

This year Santa will be leaving more people than ever a smartphone or tablet in their stocking.

This year has seen us pass one billion active websites, and more people accessing the web via mobile gadgets than other means, it is worth taking a moment to think about how to keep you and your device safe.

Physical Loss

First, remember that mobile devices are, well, mobile so losing it is pretty easy, and thieves are not the only problem. If you're as absentminded as me, there is every danger of leaving it on a train or in a taxi. But, provided you think ahead, losing it is no tragedy:

1. When you unwrap it, if it can use a mobile network, note the IMEI (international mobile station equipment identity number) number and serial code. If you lose the device you can contact the mobile operator straight away and they can block anyone from using it by adding it to a blacklist. The IMEI is usually available via the handset's settings or by typing *#06#.

2. Set up the Find My Phone function. Most smartphones and tablets that access mobile networks have this already. If your device doesn't then there are third-party apps available on the official app stores that will do it for you. Make sure you use legitimate software as hackers would love for you to install their fake app which is likely to do a lot more than locate your phone.

image copyright Thinkstock image caption Do not use your birthday as a PIN and always use more than four digits

3. Set a PIN on your device. You may think this is inconvenient but it is the single most important step you can take. Our lives are in our mobile devices, and the data we keep on them is more valuable to the criminals than the device itself. PINs can be longer than the default four digits so try to use at least eight. It is a sad fact that your data is valuable enough for hackers to patiently try all of the 10,000 possible combinations in the classic four digit PIN.

Plus, being human, our PINs are never truly random and if your device is stolen along with your wallet or purse hackers know that PINs usually derive from, for example, birthdays which might be written down elsewhere.

4. Don't forget the SIM PIN. If your device does connect to a mobile networks the SIM card can contain valuable personal data. Protect that as well. There's no point in protecting the device if the criminal only has to pop out the SIM card to read that valuable data.

Pocket power

Tablets and smartphones can be infected with malware just like your other computers.

The most likely way of that malware arriving on your phone is by you unwittingly installing it. Phishing has moved to mobile devices, adopting novel twists such as using SMS messages - known as Smishing - to trick you into visiting a website or even more blatantly asking you to reply with sensitive details.

If you have security software on your computer, then its creator probably has security software for your mobile device - it may be a wise investment. Make sure whatever you install is legitimate as the criminals would be delighted if you installed their fake security software.

image copyright Thinkstock image caption Stop others connecting to you by making your Bluetooth link undiscoverable

We all use wi-fi, and on mobile devices we all prefer it to using mobile networks. Why pay to go online, if it's free, right?

It pays to be cautious when using wi-fi as you have no control over the connection. If you are not planning to use wi-fi turn it off.

Turning a handset into a "hotspot" to provide internet connectivity to other devices - such as tablets and laptops - can be useful. But remember that if one of your devices can see the other over wi-fi then so can other people in your carriage or cafe. Give your connection a meaningless name and always password protect it.

Don't forget Bluetooth. It's great for connecting devices to a car's hands-free kit or headset, but be careful about how it is configured. Once set up, ensure your Bluetooth is not "discoverable". This will prevent people connecting to your device. You would be surprised at how many "open" devices you can connect to while driving through traffic.

Remember as well that within your device many functions are connected. For example, many apps that make use of your camera also track your location. Be careful what you enable and take a little time to get to know what your device is doing. It's always better to share data on a case by case basis even though it might take a while to work out how to do that on your particular device.

Be Careful What You Wish For - Messing With The Dark Side

image copyright Thinkstock image caption If you "jailbreak" your phone or tablet be careful what you install on it

It's now common to "root" or "jailbreak" mobile devices. This is usually so it can run applications not found in its platform's "official" store. It's attractive as many owners resent being locked into one marketplace and prevented from running apps they want.

Before you jailbreak, be aware of the dangers:

The app stores from which you can download are littered with fake apps put there by hackers hoping you will install their malware. Manufacturers' app stores may have had issues with fake software, there is at least someone trying to prevent you being infected.

And by enabling apps to run with the highest possible system privileges - known as root privileges - you open the door for any malicious apps to run amok and access data that would otherwise probably have been protected. It's a double whammy that makes the hacker's job so much easier.

And Finally

One final thought. If you have transferred your life to a new mobile device, don't forget to dispose of the old one securely. Wipe it clean of all your data by resetting the whole including settings. Look for instructions on doing a "factory" or "hard" reset if in doubt.

Prof Alan Woodward lectures at the University of Surrey's department of computing and is chief technology officer at the consultancy Charteris.