The Yuck and Smudge Factors–Thoughts from Shepherd Data’s Forensic Department
POSTED ON August 18

Isaac Asimov said “Writing, to me, is simply thinking through my fingers.” I agree.  And if you are anything like my colleagues in the Shepherd Data Forensic Department or me you do a fair amount of that thinking on your smartphone or tablet. However, unlike days gone by when you needed a new, fresh piece of paper to continue thinking through your fingers, chances are you don’t think about getting a clean screen.

How often do you wipe your smartphone or tablet? I mean, literally wipe its exterior? Most of us probably don’t very often. Our phones and tablets are just part of our day, and they are meant to be handled and used.

Re-think that! There are at least two reasons why you should wipe your devices.

Your phone or tablet is a major carrier of germs. One study reports that a cellphone carries 10 times more bacteria than most toilet seats. Shared phones and other devices are transmitters of viruses to users, and can pass on other types of infection as well. It is hard to do your best writing from your sickbed.

The solution to a germy phone is relatively simple. If you don’t share your phone or tablet, you have little to worry about (the germs on the device are already yours). Other common sense measures—don’t use your device in the bathroom, wash your hands regularly—will also help. Apple recommends cleaning the screens of iPads with a soft cloth and no liquid cleaners.

But other than good housekeeping (or device-keeping), there is another critical reason to keep your phone or tablet clean. Many smartphones and tablets use pattern passwords. With these, the user touches dots on the screen in a certain sequence on the screen in order to unlock a device. One expert has calculated that a grid of nine dots (the typical set-up for an Android device) will allow 389,112 patterns of four to nine dots. It will be difficult for someone other than the user to guess a particular pattern.

Unfortunately, though, guessing is seldom required. A pattern password can be deduced by looking at the pattern of smudges left on the screen by the user’s finger. Researchers at the University of Pennsylvania Department of Computer and Information Science have found that the smudges from a user’s finger are persistent, and are not always removed by wiping down the screen. A pattern can be obtained even if the phone or device is not in the physical possession of the person. The Pennsylvania researchers found that, using a camera and a computer, a full pattern could be traced in 68% of the team’s attempts. While wiping screens down did make tracing patterns somewhat more difficult, the patterns could still be retrieved.

The solution to the problem is a fairly obvious one: don’t use pattern passwords! While a password that uses letters and numbers is not completely secure either, there are nearly 6 million five-character passwords that can be created using capital and lower case letters, numbers, and special characters.

Android users who want to use pattern passwords have additional options. For example, a Picture Password Lockscreen app lets you unlock your phone by drawing “gestures” on a chosen picture. The gestures are far more difficult to trace than the patterns on a grid of dots.

Maintaining your health and security is often a matter of watching the little things.

About the Author Chris

Author Avatar Christine Chalstrom is the Founder, CEO, and President of Shepherd Data Services, Trustee, Mitchell Hamline Law School and Adviser, Center for Law and Business. She has spoken widely on the Amendments to the Federal Rules of Civil Procedures, Digital Forensics, and eDiscovery best practices. Her credits include presentations to the American Bar Association, Association of Certified e-Discovery Specialists (ACEDS), Corporate Counsel Institute, MN Association of Corporate Counsel, MN Association of Litigation Support Professionals, MN CLE, Mitchell Hamline School of Law, Upper Midwest Employment Law Institute. She is an attorney, programmer, and forensic examiner.