# Best tablet or smart phone for trading?



## Rusty O'Toole (Feb 1, 2012)

I day trade options on Think or Swim with TD. Am thinking of buying a tablet or smart phone. At present I have an old flip phone and trade from my home desktop computer.

I know nothing about the latest devices, does anyone use them for trading? Are public WiFi spots safe and secure? What device do you recommend if any? Any other tips or suggestions?


----------



## Spudd (Oct 11, 2011)

Any modern device should be able to handle trading. Public wifi spots should only be used for financial things if you're using a VPN to protect yourself, otherwise, there is a chance someone could intercept your traffic. 

A tablet would be nicer than a phone for trading since a phone's screen is so small, you won't be able to see very much information at the same time.


----------



## brad (May 22, 2009)

Second the recommendation for VPN. There's a good one called Private Internet Access that's available for computers and mobile devices; I use that one and it's excellent. If you get an iPad you can try Cloak, which is just as good but a bit more user-friendly. I never use public unsecured wifi without using a VPN. Way too many horror stories.


----------



## LBCfan (Jan 13, 2011)

By using a VPN you put a lot of trust in the operator. Do you know who they are? While I don't recommend using a public 'hot-spot', why would you trust an unknown service to send your important stuff on? Just think of the business model: attract people who have a reason to want privacy, find out what and why, use the knowledge.


----------



## ThinkingCapital (Feb 16, 2016)

Any modern device should be fine. I would also suggest a tablet, since it has a larger screen. As for public wifi spots, I find it tough to trust them. I don't use them for financial stuff.


----------



## m3s (Apr 3, 2010)

There's a difference between a VPN (for privacy) and encryption (for security) Sometimes a VPN does both but it's for privacy by definition

I wouldn't be doing finiances online without encryption.. doesn't matter if you're on public wifi or at home..


----------



## Synergy (Mar 18, 2013)

Microsoft Surface 3 bundle (10" screen with detachable keyboard). This way you can ditch your desktop. You can also purchase a data / tablet plan to cover your trading while away from home.

I've used the free version of Hide My *** in the past, a VPN service that can be used while at a public hotspot.


----------



## Grover (Jun 3, 2013)

I dont know if the surface is available in Canada with a mobile data plan. At least not when I last checked. Where can we get one of these?


----------



## Synergy (Mar 18, 2013)

Grover said:


> I dont know if the surface is available in Canada with a mobile data plan. At least not when I last checked. Where can we get one of these?


You can purchase the LTE version in Canada. I use a turbo stick but I'm pretty sure you can purchase a tablet plan from say Bell and pop in the sim card?


----------



## Rusty O'Toole (Feb 1, 2012)

What about the WiFi function on my home internet? At present my computer is wired to the hub and the WiFi is off. But it is a wireless 4G type connection.

Would I be safe using a wireless device in the house? How could I use a tablet or smart phone when not at home or could I safely?


----------



## brad (May 22, 2009)

m3s said:


> There's a difference between a VPN (for privacy) and encryption (for security) Sometimes a VPN does both but it's for privacy by definition
> 
> I wouldn't be doing finiances online without encryption.. doesn't matter if you're on public wifi or at home..


The two VPN services I mentioned above (Private Internet Access and Cloak) both use encryption by default.


----------



## Synergy (Mar 18, 2013)

Rusty O'Toole said:


> How could I use a tablet or smart phone when not at home or could I safely?


You can purchase a data plan. An encrypted home wireless network is pretty secure. Do you have naughty neighbors?


----------



## DenisD (Apr 19, 2009)

brad said:


> I never use public unsecured wifi without using a VPN. Way too many horror stories.


I'd be interested in hearing some of these horror stories. I assume all financial institutions encrypt data transmitted between my device and their server. Is this true? If it is true, the bad guys might know that I was communicating with the financial institution. But I don't think they'd be able to see any of the data.


----------



## m3s (Apr 3, 2010)

Rusty O'Toole said:


> What about the WiFi function on my home internet? At present my computer is wired to the hub and the WiFi is off. But it is a wireless 4G type connection.
> 
> Would I be safe using a wireless device in the house? How could I use a tablet or smart phone when not at home or could I safely?


I doubt any financial website in Canada is unencrypted.. Your typical email (gmail) and Facebook etc use encryption nowadays. This forum isn't encrypted but it's public. Gmail and facebook have 2 step login though and I don't know any Canadian banks that do. IB does. The banks obviously aren't too concerned.


----------



## james4beach (Nov 15, 2012)

This is my own opinion, but I am a security professional so I feel qualified on this matter.

I do not recommend doing any trading, or even online banking, on a general use smartphone. Encryption is not the whole problem -- it's a bigger issue of the reliability and safety of the platform (the smart phone). Smart phones tend to have problems with malware and spyware and this is worse in reality than people are generally aware of. They're just not a very safe platform.

I don't trust my smart phone at all. I never log into anything financial, or anything that matters, from my smart phone.

If you insist on doing some kind of mobile trading or banking, I'd recommend you do it using a dedicated device on which you only do this trading and don't do other things (no games, no other apps, no web browsing).


----------



## m3s (Apr 3, 2010)

What makes a PC any different? You might as well go back to live teller and chequebook. Sure the NSA and who knows how many others can read your financial transactions. Who has lost money from online banking? Everyone is using wireless mobile devices nowadays, on public wifi, you'd think all the online banks would be going bust


----------



## DenisD (Apr 19, 2009)

So james4beach, a smart phone, even an iPhone, is less secure than a Windows PC?


----------



## RCB (Jan 11, 2014)

If you have an iPhone with data and an iPad without data, you can create a hotspot (personal wifi) with your phone, and use your iPad. I do this at camp to do my banking, no internet at camp.

I don't trust free wifi for financial transactions or viewing.


----------



## james4beach (Nov 15, 2012)

m3s said:


> What makes a PC any different?


Good question.

Three things: (1) PC security has been thoroughly studied for about 20 years vs only 5 years for smartphones, (2) smart phones are constantly being run in unreliable and potentially hostile networks -- WiFi and other scenarios that can lead to intrusions even as it sits in your pocket while you move around town, and (3) people tend to install & run "apps" on their smart phones like crazy. A typical PC is usually a more static platform, unless you are constantly installing a lot of applications... which definitely is dangerous on a PC too.

Windows security has become much better in recent versions; Microsoft really has learned a lot. I'd say that a PC running a recent version of Windows, Mac or Linux is safer than a smart phone. The smart phones are a new platform and everyone (including us security researchers) are still figuring it out and calibrating the threats. The innovative attackers are pulling off amazing things on the smart phones. Whereas the PC is more or less a known element at this point.



DenisD said:


> So james4beach, a smart phone, even an iPhone, is less secure than a Windows PC?


In my opinion, a smart phone (even an iPhone) is less secure than a current-version Windows PC in the category of innovative, zero-day attacks... the kind that no virus scanner can catch. Apple, and Apple users, have been a bit complacent about security and they're somewhat in denial about Apple products' vulnerability to intruders. For instance, I found malware that had deeply infiltrated a Macbook and there was no common defense against this. People generally over-estimate the security of Apple devices.

For more common attacks, the iPhone is probably more secure than the average Windows PC but it's a close call.

The average Android device is definitely less secure than the average Windows PC.



> Sure the NSA and who knows how many others can read your financial transactions.


The NSA isn't who you should be worrying about for your online banking & brokerages



> Who has lost money from online banking?


http://www.marketwatch.com/story/was-your-brokerage-account-hacked-heres-how-to-know-2014-07-25
http://www.washingtonpost.com/wp-dyn/content/article/2006/10/23/AR2006102301257.html

And I'm looking ahead to cutting-edge attacks. I expect more of these kinds of attacks against online brokerage accounts, because there's tons of money to be made.


----------



## KevinWaterloo (Mar 5, 2015)

m3s said:


> I doubt any financial website in Canada is unencrypted.. Your typical email (gmail) and Facebook etc use encryption nowadays. This forum isn't encrypted but it's public. Gmail and facebook have 2 step login though and I don't know any Canadian banks that do. IB does. The banks obviously aren't too concerned.


Your doubts are completely unfounded. I'd be shocked if there was any financial website in Canada that DOESN'T use encryption. Scotiabank, RBC, TD all do for sure (after you log in). If you are browsing the site and see that the URL changes from http:// to https:// that means it is encrypted with HTTPS (ie TLS). The encryption used for HTTPS is extremely secure and there is definitely no need for additional VPN etc.

It is trivial to enable encryption on a web site. The only issue for the web site provider is the server performance required to encrypt the content, but that is typically only an issue at very high volumes (ie streaming media).

Your internet traffic using a tablet or smartphone is just as secure as using a PC. Viruses, trojans etc. can be another issue but the risk is very low as long as you are careful.


----------



## brad (May 22, 2009)

KevinWaterloo said:


> Your doubts are completely unfounded. I'd be shocked if there was any financial website in Canada that DOESN'T use encryption.


I'm not sure you read m3s's post correctly: he said "I doubt any financial website in Canada is unencrypted. You just said the same thing. ;-)

I agree that as long as you're visiting encrypted sites you shouldn't need a VPN, so most financial sites, e-commerce, etc. are likely not a worry. But plenty of sites are unencrypted and there are browser plugins available (e.g. http://codebutler.com/firesheep/ or http://www.howtogeek.com/104278/how-to-use-wireshark-to-capture-filter-and-inspect-packets/) that allow you to view other users in a public wifi network, their photos, what sites they're browsing, etc.

Facebook now provides encrypted access and other popular sites are following suit, but it's still possible for snoopers to get information from your non-secure browsing sessions on a public wifi network.


----------



## Synergy (Mar 18, 2013)

Encryption is okay. But what if you store your passwords on your computer in a file called passwords :biggrin: or the hacker is able to record keystrokes?


----------



## lonewolf (Jun 12, 2012)

I don't like the idea of using a small screen for trading. A big screen I think helps to reduce the number of mistakes that can occur when placing an order.


----------



## bgc_fan (Apr 5, 2009)

m3s said:


> I doubt any financial website in Canada is unencrypted.. Your typical email (gmail) and Facebook etc use encryption nowadays. This forum isn't encrypted but it's public. Gmail and facebook have 2 step login though and I don't know any Canadian banks that do. IB does. The banks obviously aren't too concerned.


I am not sure if you mean the big 5 Canadian banks, or banks that offer accounts to Canadians. However, HSBC has a security fob that you use to generate a one-time PIN upon login. It is in addition to the regular security password you would use.


----------



## m3s (Apr 3, 2010)

Synergy said:


> Encryption is okay. But what if you store your passwords on your computer in a file called passwords :biggrin: or the hacker is able to record keystrokes?


That's why Google, Apple, Facebook etc recommend 2 stage authentication to confirm any new devices. They consider the smartphone to be a physical key. It helps to have touch ID or passcode on the smartphone as well



bgc_fan said:


> I am not sure if you mean the big 5 Canadian banks, or banks that offer accounts to Canadians. However, HSBC has a security fob that you use to generate a one-time PIN upon login. It is in addition to the regular security password you would use.


HSBC is UK based and IB is US based and they both require a form of 2 stage authentication. I'm surprised that none of the Canadian banks offer it. Tangerine allows touch ID now but that is not yet 2 stage authentication.


----------



## m3s (Apr 3, 2010)

james4beach said:


> In my opinion, a smart phone (even an iPhone) is less secure than a current-version Windows PC in the category of innovative, zero-day attacks... the kind that no virus scanner can catch. Apple, and Apple users, have been a bit complacent about security and they're somewhat in denial about Apple products' vulnerability to intruders. For instance, I found malware that had deeply infiltrated a Macbook and there was no common defense against this. People generally over-estimate the security of Apple devices.


Maybe you should apply to the NSA, j4b. I hear they are having trouble to crack an iPhone. Never heard them say they couldn't crack a PC! As far as I understand the iPhone apps are a closed system vetted by Apple, whereas many people install apps from the internet on Macbooks (and there is always a security warning on a MacBook whenever you do that) I can see the privacy concerns on smartphones, and I'm sure there are holes

I think smartphones have potential to be safer than PCs as they have many sensors and they are more often within your physical reach (like a physical key) If you try to use paypal or log into google from your laptop in a strange country, I can tell you it will trigger their security based on IP address. That's the only sensor they really have to know something strange is up.. whereas a smartphone has GPS, wifi location, 3G location

To log into a google account in a suspect country I can confirm that you will likely need your smartphone either to get an sms verification code (good luck with that!) or you previously setup 2 step authentication so your smartphone can authenticate your laptop. If what you say is true maybe you should apply to google as well, after unlocking the iPhone for the NSA :biggrin:


----------

