Site icon Sophos News

Aussie PM says, “Shut down your phone every 24 hours for 5 mins” – but that’s not enough on its own

The Australian Prime Minister, Anthony Albanese, has apparently advised people Down Under to turn off their mobile phones once a day, for the surprisingly precise period of five minutes, as a cybersecurity measure.

UK newspaper The Guardian quotes the PM as saying:

We all have a responsibility.

Simple things, turn your phone off every night for five minutes.

For people watching this, do that every 24 hours, do it while you’re brushing your teeth or whatever you’re doing.

Why at night? Why every day? Why for five minutes, and not, say, two minutes or 10 minutes?

We’re not sure.

But the Guardian suggests that the reason is that this will “stop any spyware that may be running in the background on your device.”

There’s some truth in this, given that malware infections can generally be divided into two separate categories, known in the jargon as persistent threats and the rest.

In malware terms, persistence generally refers to rogue software that outlives the app that launched it, that outlives your current logon session (if you’re on a laptop), or that survives even a full power-off and reboot.

But non-persistent threats are transient, and don’t survive from app launch to app launch, or from session to session, or from shutdown to reboot.

And shutting down generally closes all your apps, then closes down the entire operating system, thus stopping any malware or spyware that was active in the background, along with everything else.

In that sense, regularly rebooting your phone won’t do any harm.

There’s a lot more to it

The problem is that most malware these days, especially secretive mobile spyware developed at the likely cost of millions of dollars, will be of the persistent threat sort, meaning that it won’t exist only in memory until the end of your current session and then evaporate like early-morning summer mist.

For example, Apple’s latest spyware-crushing security update for iPhones, iPads and Macs included patches for two zero-day code execution vulnerabilities: one in WebKit, Apple’s low-level browser software, and one in the operating system’s own kernel.

https://nakedsecurity.sophos.com/2023/06/22/apple-patch-fixes-zero-day-kernel-hole-reported-by-kaspersky-update-now/

If attackers can only trigger the execution of unauthorised code inside your browser, then it’s likely that their malware won’t be able to escape from the browser process and therefore won’t be able to access or modify any other parts of the device.

The malware might therefore be limited to the current browser session, so that rebooting your phone (which would bump the browser software and its injected malware code out of memory) would indeed magically disinfect the device.

But if the unauthorised code that the attackers run inside your browser via the zero-day WebKit bug follows up by triggering the other zero-day bug in the kernel, you are in a pickle.

The attackers can use the non-persistent malware in your browser to compromise the kernel itself, getting control over your entire device.

Then, the attackers can use the unauthorised code running inside your kernel to implant a persistent malware infection that will automatically start back up whenever your phone does.

If that’s how the attackers choose to do it, then religiously rebooting your phone every day will give you a false sense of security, because it will feel as though you’re doing something really important and useful, even though you aren’t.

Other tips to consider as well

With that in mind, here are some additional mobile cybersecurity tips to consider as well.

Unfortunately, none of these are quite as easy and unintrusive as simply “turning it off and back on again”, but they’re all worth knowing about:

By the way, if you’re planning to start rebooting your phone regularly – as we mentioned above, it doesn’t do any harm, and it does give you a fresh operating system startup every day – why not follow exactly the same process with your laptop as well?

Sleep mode on modern laptops is mightily convenient, but it really only saves you a couple of minutes every day, given how quickly modern laptops boot up in the first place.

Oh, and don’t forget to clear your laptop browser history regularly, too – it’s a minor inconvenience for you, but a major blow to those stubborn website owners who are determined to track you as closely and as doggedly as they can, simply because you let them do so.


Exit mobile version