This month's question: Could I be the next Paris Hilton (the hacking, not the billionairess sexpot, part)?
News You Can Use: More on black boxes in cars, is the IRS the next ChoicePoint?, desktop search dangers, media players that track web surfing, paranoia over US airspace, and more.

It seems these days that if your cell phone only makes phone calls, you are way behind the curve. The mobile phone industry keeps selling us on new features and functions. In the midst of all this development, even industry stalwarts admit that security is coming only as an afterthought. Worried about using your phone? You probably should be. This month, we'll explore what we can do about it.

Remember, if there are any questions you'd like answered in future editions, send mail [newsletter AT amandawelsh.com].

And then there's my book, The Identity Theft Protection Guide.

Late night talk shows had a field day last February with reports that Paris Hilton's smart phone had been hacked and her private address book with unlisted numbers of hot celebrities had been posted to the net.

After some calm investigation, authorities have come to believe that Hilton's phone wasn't hacked at all. Instead, she was a victim of (gasp) being stupid. Unlike most smart phones which allow users to manage content downloaded directly to their PC, Hilton's smart phone, a T-Mobile Sidekick, sends email, photo and other data from the phone to a central server where users manage it through a website. That website requires a user id and a password.

It also requires a secret question for a password hint. Anyone guessing the answer to Hilton's secret question - "What is your favorite pet's name?" - could change her password and access her account. Since Hilton's tiny Chihuahua is only slightly less famous than she is, guessing the answer wasn't all that hard and is apparently just what not one - but several - hackers did. If you missed the original posts, here are some of the pics still left on the Net.

So can you breathe a sigh that modern mobile telephony is safe and secure? Hardly. There are at least three big, real dangers associated mobile phones: viruses, telco hacking and device theft.

The whispers about viruses have been growing. Bluejacking, sending an uninvited text message to a Bluetooth enabled phone has become the prank of choice among the young and techno-literate. While true bluejacking is essentially harmless, viruses can be sent around too. In June 2004, the Cabir worm infected 20 Bluetooth phones running the Symbian OS. (see if your phone runs on it.) The virus did no damage and was hardly a telephonic crisis, but experts suggest that it is the harbinger of times to come. There have also been cases where older Sony Ericsson and Nokia phones have been taken over (bluebugging) or had data stolen (bluesnarfing) by exploiting problems with the Bluetooth wireless technology that they rely on. These holes have been plugged, but who knows if more will pop up?

Advice for protection includes keeping your phone in "nondiscoverable" mode, not accepting contact from unknown sources and installing anti-virus software. Software upgrades to protect against known bluebugging and bluesnarfing weaknesses is also available (Ericsson and Nokia).

The second growing problem with smart phones is that more and more data might be stored someplace that isn't under your control. In a separate incident from the Hilton saga, T-Mobile's Sidekick servers were actually hacked. Theft of data on these servers included users' Social Security numbers and date of birth…as well as countless boring messages and candid photos of Demi Moore and Ashton Kutcher.

The final danger is that information in your phone is available to anyone who gets a hold of it - like a thief or even a cop who is arresting you. Paris Hilton may not care that her naughty photos made the blogs, but this woman wasn't pleased that her own blue photos were downloaded to a police officer's PDA after her arrest on suspicion of drunk driving. The lesson here is encrypt, and use a (decent) password whenever you can!

As phones keep getting "smarter," and as Internet-based (VoIP) phones become more popular, we should expect these dangers to become a bigger part of our lives. Any one of us might, indeed, be the next Paris Hilton. Protect against viruses, know where your data is going and encrypt, encrypt, encrypt.

Privacy::Protection is a free monthly newsletter providing news and tips on privacy and information protection issues. Back issues are available at [http://www.amandawelsh.com/newsletters].

You can unsubscribe by sending email to newsletter AT amandawelsh.com.

To subscribe or send comments or suggestions for future content, email newsletter AT amandawelsh.com. Permission to print comments is assumed unless otherwise stated. Comments may be edited for length and clarity.

Please feel free to forward this newsletter to colleagues and friends who will find it valuable. Permission is granted to reprint Privacy::Protection, as long as it is reprinted in its entirety.