Note: You can read my article from yesterday where I outline a detailed review of the Samsung Galaxy S3 smartphone.
I was seriously considering getting a phone to replace my Nokia E5, but was planning on an orderly transition between phones. Then my Nokia was lost/stolen. I didn’t lose any pictures, as they were synced to SugarSync. I lost one contact, since my last backup of contacts, so I could still recover my contacts. Besides being a financial loss, it was still a major inconvenience. When I obtained my Samsung Galaxy S III, I immediately noticed that none of the security options were enabled. I could simply power on the phone and swipe the lock screen to get access to the Home page. After configuring the phone, and before loading any apps, I secured the phone. Without installing any additional apps, I was able to secure the phone and implement anti-theft options. For additional protection, I installed an anti-virus and anti-malware package.
All the security options are under one menu, which makes configuration a lot easier. The following table provides an overview of the options for each section, along with my comments:
|Screen Security||Screen lock||Swipe and Motion provide no security. Face unlock and face unlock with voice really provide minimal security as both only take samples. I found that a single photo fails more often than it succeeds. It actually does require multiple photos in different lighting conditions for it to work, and it does not work in low light conditions. If face recognition fails, the phone drops to either pattern or pin lock. I found that I was entering the pattern more often than not. For pattern lock to provide a minimal level of security, I tested it by connect seven points. The next step up in security is pin lock, and then password lock. Forgetting the pattern, pin, or password is not an option. The only recovery is to send the phone to a Samsung service center. At the bottom of the list of security options is the None option, which essentially disables the lock screen.|
|With swipe lock||This option is really misnamed. In reality, all it does is enable the display of lock screen options.|
|Lock screen options||Most of these options determine the information presented on the lock screen. The Camera quick access option is really useless. After passing face recognition, pattern, pin, or password authentication, it opens the camera. In my opinion, it is just as easy to place the Camera icon on the application launch bar. The Wake up options require a little experimenting to get them to work, but are kind fun. However, even these options do not bypass security. The whole purpose of security is to protect access to the phone, without providing any bypass.|
|Lock automatically||Unless the None option is selected in Screen lock, the phone will lock after a set period of time. The default is 5 seconds, which is OK for just swipe lock. Setting the time becomes a balance between security and convenience. Since I use password security, I opted for a longer period of time.|
|Lock instantly with power key||With a longer period of time for automatic lock, I enabled this option. Besides being more secure, it solves the problem of strange things happening when I put the phone in my pocket, while the screen is still active.|
|Owner information||Actually, this option is useful. Any text that I enter in this box is scrolled across the top of the lock screen. I don’t know if it would help, but I entered an alternate number to call if the phone is lost.|
|Encryption||A lot of data is stored on the phone. At a minimum, the phone contains all the passwords to every service installed on the phone, and all the contact information. The Samsung Galaxy S III is really a personal computer, and over time contains a lot of personal data. Even though the phone is locked, this data can be accessed, whether it be by a USB cable for internal storage, or putting the microSD card in a computer. Encrypting both the internal and external storage is the only way to protect this data. However, encryption does require password protected screen lock.|
|Encrypt Device||This option simply encrypts all of internal storage. I did this before installing a lot of apps, to minimize the time that it took to encrypt the internal storage.|
|Encrypt SD card||The SD card is removable, which makes encryption a little different. Encryption is done on a per file basis. After the initial encryption, the first option insures that new files are encrypted. The second option merely says that you want to encrypt all files, while the third option excludes multimedia files from encryption. I checked all three options, as the encryption of photos and videos slows down the camera. After encrypting the SD card, I have to enter the password during the boot process to decrypt the card.|
|Find my mobile||These features are part of the Samsung account registered for the phone. I am not sure why, but it took a few days before I could access my Samsung account to register these features. I kept getting invalid password errors, even though I had my Samsung account synchronized. On the third day, I had access.|
|Remote controls||The option merely enables remote controls. I turned on the option that allows remote control access via the data network or Wi-Fi. The actual controls are on the SamsungDive Web site. From the Web site, I can lock, unlock, enable call/message forwarding, ring the phone, view call logs, and wipe out the data on the phone. The site also allows me to track my mobile phone. I bookmarked the site on my netbook and tablet, to avoid having to navigate through the Samsung site to find it.|
|SIM change alert||I like this option. It not only sends a SIM change alert to another cellphone, but it includes the phone number of the new SIM chip.|
|SIM card lock||Set up SIM card lock||I personally feel that this option should be the default, but it is not. Besides enabling the requirement to enter the SIM PIN code at boot time, it also provides an option to change the SIM PIN. Locking the SIM card is important, as it prevents unauthorized access to the SIM card.|
|Passwords||Make passwords visible||On the face of it, this option sounds horrible. What it really does is provide an option below the password entry field to display the password. This really helps when typing long passwords. It does not appear on the lock screen.|
|Device Administration||The unknown sources option is important. It must be checked to access Samsung apps, and apps provided by the mobile network operator. If unchecked, all apps must come from Google Play.|
|Credential storage||Certificates play an important role in Internet security. Rarely, does an individual ever need to modify the list of trusted certificate authorities. There are a few options on the Samsung Galaxy S III that are strictly for the advanced user, and this is one of them.|
The one weakness of all smartphones is the failure to provide a firewall. For Android phones, the kernel already supports IPTables, which is how the Linux kernel manages its firewall. Unless manufacturers start providing the necessary foundation, the only way to implement a firewall is to have root access. Without root access, the only protection is to install a anti-virus and anti-malware package. I chose avast! Mobile Security, but their are a number of other apps available. Like most anti-virus apps, avast! includes anti-theft features. Since I already enabled the Samsung anti-theft features, I did not enable the same features in avast!.
There is no question that enabling security adds a degree of inconvenience to using the phone. When I boot the phone, I have to enter the SIM PIN, followed by the password to decrypt the SD card, and then the password to unlock the screen. After it automatically times out, I have to enter the lock password again. When I go outside the house, I always press the power button to lock the phone, and then lock it again after every time I use it. Yes, it is inconvenient to enter the lock password, but, at least, I know that the SIM card is secure, and my data on the phone is secure. Moreover, I can track and control the phone should it become lost or stolen, and I let this fact be know in my owner information message.