Category Archives: mobile security
Bitdefender discovers that most iOS users are at risk from data leaks
Rating: Roughly 30 per cent of apps display ads, too
Ever wondered how many apps are downloading your private information without informing you? Pondered how great a risk there is of personal data leaks via apps? These questions have obviously bothered Bitdefender, the security specialist. For some reason, the company decided to look at the risk posed by iOS apps only. Which is curious because Bitdefender has an offering for Android but not for iOS at present. Anyway the company conducted a month-long study of more than 65,000 iPhone apps. Guess what? It found that most Apple iOS users are probably at risk from data leaks. Continue reading
Guest Blog: Bring Your Own Device and the Mobile Perimeter
by David Harley CITP FBCS CISSP, ESET Senior Research Fellow
I crept into the IT industry (and thence into security and eventually the anti-malware industry later than you might think, but still early enough to find myself using and supporting dumb terminals, dedicated word processors, and some pretty primitive PC and Apple desktops – often using terminal emulation software so as to access ‘real’ computing power: Unix or VMS, mostly). Kermit may be a frog to you, but it’s still a communications protocol to me! [Oops, I remember Kermit too. Ed] Continue reading
BYOD is not popular with most UK organisations McAfee reveals
Rating: Smartphones still not seen as proper business tools
There has been a great deal of buzz around ‘Bring-Your-Own-Device’ (BYOD) schemes as some suppliers and observers would have us think. These facts emerged from a recent survey of 100 IT professionals from UK organisations, carried out by security specialist – McAfee. We know that BOYD is popular with employees – asked if their users valued certain devices over others, 89 per cent of those surveyed claimed that this was the case. However, these IT professionals are pretty scared of letting mobile devices into their environment. Continue reading
Guest Post: Mobile phone tracking menace endangers US 4th Amendment
James Clark for Mobistealth looks at the dangers
People are slowly realising that mobile phones are becoming tools for surveillance. The American Civil Liberties Union has realised this fact; hence they have been engaged with law enforcement agencies in investigating if agencies are tracking mobile phones to monitor the activities of users. The Union has been joined by like-minded organisations to pursue this issue. They claim that some of the agencies don’t even have the necessary warrants to keep track of mobile phones. These actions jeopardise the US 4th Amendment, which guarantees US citizens protection against unreasonable searches. Continue reading
Lookout wants to stamp on malpractices in mobile advertising
Reckons 5% of apps are from an aggressive ad network
Mobile security specialist, Lookout, has been analysing some 380,000 free apps to examine the privacy threats people face. It believes that approximately 50 per cent of free apps are powered by ad networks. However, it has concluded that some ad networks can be aggressive in their advertising techniques. In order to counter that threat, the company has released its mobile app advertising guidelines: – ‘A Framework for Encouraging Innovation While Protecting Privacy’, apparently. These are aimed at the ad providers and can be found here. The company claims that apps with aggressive networks have been downloaded at least 80 million times by conservative estimates. Continue reading
Guest Post: Chinese telecom companies come under US Congressmen’s scrutiny
Jane Andrew looks at US concerns with ZTE and Huawei
ZTE and Huawei, considered among the Who’s Who of China’s telecom giants, have become the cause of apprehension for the US congress as concerns over their actions being detrimental to US national security mount. The duo has had to explain their connection with the Chinese government to another duo of US congressmen, as the telecom business hides in the garb of mobile phone spyware. Republicans Mike Rogers and C.A ‘Dutch’ Ruppersberger had the companies under the interrogation gun as they questioned the pair’s ‘interactions and relationships’ with regards to the government agencies of China. These agencies include the Chinese National Defence Ministry and their Ministry of State Security. Continue reading
Guest Post: Stella Rabecca on how the smartphone could be overshadowing our lives
Spyware apps have provided some check and balance for parents
Technology has given a lot of power to everyone. For some this is a good thing and can be used positively but on the other hand, it is sadly being used negatively by many. Technology is bringing more negatives than positives as a result of which, children and people are exposed to things they should not know. These could include sexual content, interaction with unknown people which could lead to other menaces like drug dealing as well. Continue reading
Lookout builds on its tie-up with T-Mobile in Europe
Rating: Hoping to make millions of mobile users feel safer
Lookout has announced a major alliance with Germany’s Deutsche Telekom to deliver its Lookout Mobile Security app to Deutsche Telekom’s European customers. The partnership will focus on distribution and joint innovation, aiming to bring mobile security and increased device health to Telekom’s millions of European customers. Deutsche Telekom (through T-Mobile) already provides an optimised network including security, privacy and other critical device controls. By partnering with Lookout, Deutsche Telekom makes it easier for its customers to secure their devices; better manage their mobile privacy and device performance. Lookout has already seen its Android app pre-loaded on several of T-Mobile’s Android handsets including the Samsung Galaxy Blaze 4G in the USA. Continue reading
UK mobile industry acts with PhonepayPlus against mobile malware
Rating: Sadly, PhonepayPlus’ own helpline is, in itself, a rip off
The UK’s regulator for premium rate telephone services (PRS), PhonepayPlus, has hosted a summit which brought together all the key elements of the country’s mobile industry. This included Internet security experts, law enforcement bodies and activist body – GetSafeOnline. The aim was to tackle the emerging threat of PRS malware attacks on smartphones. Participants at the summit agreed to take steps to develop greater intelligence sharing between industry players. The aim is to increase early detection of mobile malware attacks. Continue reading
Location data is hidden in EXIF files
Rating: Some applications want to ensure it is present not missing
Following up on your recent story ‘Danger of cameraphone photos’ location data exposed‘, ironically, I have been worrying about the exact opposite problem, writes Geoff Dennis, a mobile software specialist. I want to tell people how to ensure that location based information is present and exposed in their photos. The data held in picture files taken with cameraphones, for example is called EXIF data. It is normally only contained in photos saved in JPEG and TIFF formats. There has been a lot of chat on the Net about accidentally losing EXIF data, as it appears this can often happen when using photo editing software. Perhaps this is what happened to the alleged hacker – Higinio O. Ochoa III? Naturally there are ways to expose this EXIF data should you want to. Continue reading
McAfee says Android malware is getting more sophisticated
Rating: Targets mobile banking users in particular
McAfee is warning that Android malware which attempts to defraud smartphone owners by obtaining their mTANs (Mobile Transaction Numbers) is getting more sophisticated. The security specialist is claiming that it may be possible to obtain the necessary information to defeat the two-factor authentication security scheme which is commonly used by High Street banks. GoMobile News has already covered the banking ‘token generator ‘ scam which seems to have afflicted Spanish banks here. However, McAfee now says that it has now found Android malware that not only has the man-in-the-middle (MIM) functionality but can also be controlled remotely. This means it can grab the initial password from a mobile device without infecting the user’s PC. To avoid being caught out, McAfee has published a number of handy tips of Android owners. Continue reading
Smartadserver combat’s Apple’s UDID ban
Rating: Provides a solution with SecureUDID
According to Smart Adserver, Apple has started rejecting some applications making use of the device UDID (Unique Device IDentifier) from the iTunes App Store. This development raised concerns amongst developers, publishers and advertisers. That’s because – until now, UDID has been used on the Smart AdServer network and by most advertising systems for user identification purposes, analytics and in-app tracking. The company has reacted to Apple’s move by introducing a new SDK which incorporates SecureUDID. Smart Adserver advises its customers that live iOS applications do not have to be submitted again. However, it strongly recommends that its customers to use the new SDK version for future application submissions. Continue reading
SANS claims first ever survey to assess mobility risk
Rating: The dangers of BOYD will be exposed
On April 12th [2012] SANS Institute will be releasing the results to its first annual survey on mobility security. The organisation is planning to release full results and a link to a copy of the report during a webcast on that date. The survey was actually launched back in December [2011], and claims to be the first ever mobility survey to discover if and how organizations are managing risk around their end user mobile devices. What SANS has already discovered is that only 9 per cent of organisations surveyed felt they were fully aware of the devices accessing corporate resources. Additionally, half felt only vaguely or fairly aware of the mobile devices accessing their resources. Continue reading
thumbsUp! develops Chameleon Case for iPhone4
Rating: Claims it will make iPhone theft a thing of the past
An ingenious gift and gadget developer, thumbsUp!, claims to have developed the ultimate theft deterrent for iPhone thieves. The company says that its Chameleon Case for iPhone 4 is an intelligent cover that will blend almost seamlessly into its environment. The technology behind the Chameleon Case, developed by thumbsUp!’s in-house product development team, works using a similar premise to an ambi-light. That’s where the light cells on the back of the case change colour according to the surroundings. In effect, each circular cell transforms as it picks up nearby hues, thus creating a camouflaged effect. The CCL*-based developer is offering the case on its web site here at a special price for today only [April 1st 2012] for £24.99. Continue reading
UKFast claims users can’t be sure where a QR code is taking them
Rating: Don’t blame the QR code – a lack of security is the issue
A Press release put out by a web hosting specialist, UKFast is definitely scaremongering over the dangers potentially involved with scanning in a QR code/barcode from dubious origins. The implication is that if you don’t know what you are doing you can end up with malware on your smartphone. The company claims that a recent attack exposed the security risk after infecting victims’ mobile devices with malware. Those malicious apps then handed over access to all SMS messages, emails and call logs on the device to the crooks, UKFast says. Continue reading
