Stories about Software


Basic Protections on Your Mobile Devices: A Stitch in Time

Today’s post is going to be one where I’ll regale you with a rather ridiculous tale of woe, relief, and redemption. And, it’s my hope that you can learn from my buffoonery just as I did, but without the part where you’re a buffoon.

It’s a story that starts out simply enough. I have a phone and a tablet, both of which are Android devices. With the last Android phone I had, I set up a pattern verification for login, but about a year ago, I got a new phone and never bothered. I also got a new tablet and never bothered with it, either. So, two devices, no security to prevent access to anyone who happens to find them, and no plan of action in case I lose them. My security is just me not losing them or having them stolen, which has actually historically gone pretty well. So, it always will, right? But wait, the plot dumbens.

Today, I went to the gym, which is what I do most days. I’m fortunate enough to have a gym in the same building as my office, and, due to the fact that the gym locker room is one of the weirdest and most annoying places on Earth, I typically have a process flow where I change in my office and go to the gym. So, I did that, leaving my office with my keys, wallet, and tablet in tow. I use the tablet to watch Pluralsight videos while I jog on the machines. After working out, I left the gym, changed in my office, got a bite to eat, and went home.

When I was ready to start thinking about bed earlier tonight, I noticed that I didn’t have my tablet in my gym bag or my laptop bag that I’d brought home. Checked the car, and nope. Guess I left it at the office. Or the gym. Ruh roh. Nah, couldn’t be. I must have left it at the office. Just to make myself feel better, I called the gym, and they told me that they hadn’t seen it. Good, must be in my office. Or… crap. I realize that I’m not going to be able to sleep without solving this mystery, since my tablet has no security and is synced up with all kinds of stuff that I don’t want people accessing. Why, oh why, didn’t I secure the tablet? Oh well, I’ll just drive the half hour to my office, see it on my desk, and feel better. Grumble, grumble.

I get to my office, half an hour later, and have trouble with my keycard for some reason. Luckily, the night custodian knows me and was there to let me in (the fact that the night custodian knows me means that I should probably think about scaling back my hours). I go upstairs, unlock the door to my office and there on my desk is… no tablet. It’s also not in any of my chairs, bookshelves or other places in there that I might have tossed it. It’s almost midnight, I’m back at work, and someone has taken my tablet. I start googling, and fast. I found this site, called Android Device Manager, which is pretty awesome. It lets you see where any of your devices are and, if you’ve set it up, it lets you lock or wipe them remotely. Too bad I hadn’t set it up. The only option I have is to send a loud, five minute “ring” to the tablet, but this app can’t locate the thing anyway, so nevermind.

I also found this “Android Lost” site along with a companion “Jump Start” app that you can use in tandem to remote install something that allows you to wipe the device. Whoah, seems ripe for abuse, but whatever, I’m desperate. No go, however, because it can’t seem to locate the tablet on wifi anywhere and I had already in a panic changed my google password and disabled twitter. Not much, but it was a start. But, it also seemed like it would now prevent me from engaging this option since my google store credentials were different. Oh well, I’d change my google password back. But, I discovered I couldn’t, unless this dude on the internet was to be believed and google caches exactly 110 old passwords before it lets you roll them back over. I can picture him laughing once every evening at each sucker that stumbles on that link and spends 45 minutes changing google passwords 110 times.

I was screwed. I sent one last “ring” signal to my lost tablet, locked my office, and wandered down toward the gym, which had closed at 11, to see if I could hear the thing or something, notwithstanding the apparent lack of wifi connection. When I got there, I couldn’t hear any joyous tablet noises, but the door was open for some reason, so I just went in. I was alone except the usual bad gym music that’s always blaring — something about a drum that, mercilessly and cruelly to the ears of anyone not in love with autotune, “won’t stop beating.” Given my despondence and general distaste for gym-garbage-pop, I so desperately wanted it to stop beating for just a second. Nonetheless, I wandered over to the elliptical that I had used and there, lo and behold, was the tablet, exactly where I’d forgotten to collect it when I was hurrying out of the gym.

Wow am I lucky. I almost didn’t go back to work. I almost didn’t make it into the building because of a key malfunction. I have no idea why I was able to wander into the gym, unsupervised, over an hour after closing and just help myself to whatever was in there, but I was. And now I have it back, and all it cost me was having to change my Google password and my Outlook password.

But I’ve learned my lesson. Phone and tablet now require a pattern swipe to sign in. And both devices are completely configured for remote wipe via the Android Device Manager. If you’re on Android, set both of these things up right now, I beg you. It will take you literally 20 seconds if you have your phone and a browser with you. If you have iThings or Microsoft stuff, I’m sure there’s some equivalent that you can find. It’s oh-so worth it, and you won’t realize it until you’re hit with that sinking feeling. Do yourself a favor, and avoid the late night drives and scrambles to change passwords and whatnot. If you go this route, you’ll just be kicking yourself for losing a few hundred bucks and not wondering what horrible things “you” will have broadcast over email, text message, and every social media platform on Earth by the time the dust settles.