Tag Archive for Android

| December 27, 2012
Comments Off

F-Secure’s Top 7 Security Predictions for 2013

F-Secure's Top 7 Security Predictions for 2013As the new years looms, all kinds of firms start making predictions, mostly to boost their sales next year,  I will be looking at a number of firms predictions for next year, a lets see how smart they are this time next year.

Here are top 7 security predictions for 2013 from Finland based F-Secure Labs’ shared with Help Net Security.

The end of the Internet as we know it1. The end of the Internet as we know it? – Secure Labs predicts that the ITU WCIT in Dubai could mean the end of the Internet (which I covered here and here). Sean Sullivan, Security Advisor at F-Secure Labs says that the World Conference on International Telecommunications, could have a major impact on the Internet as we know it. “The Internet could break up into a series of smaller Internets,” Sullivan says. “Or it may start to be funded differently, with big content providers like Facebook and Google/YouTube having to pay taxes for the content they deliver.”

rb- WCIT has concluded with the US and most of Europe refusing to sign the treaty due to language backed by Russia and China that could have large ranging impacts on Internet freedom.

2. Leaks will reveal more government-sponsored espionage tools – “It’s clear from past leaks about Stuxnet, Flame, and Gauss that the cyber arms race is well underway,” says Mikko Hypponen, Chief Research Officer at F-Secure Labs. While we may not always be aware of nation-states’ covert cyber operations, we can expect that governments are more and more involved in such activity.

Commoditization of mobile malware will increase3. Commoditization of mobile malware will increase – The Google (GOOG) Android operating system has solidified in a way that previous mobile operating systems haven’t, extending from phones to tablets to TVs to specialized versions of tablets. The more ubitiquous it becomes, “the easier to build malware on top of it and the more opportunities for criminals to innovate businesswise,” Sullivan says. Mobile malware will become more commoditized, with cybercriminals building toolkits that can be purchased and used by other criminals without real hacking skills. In other words, malware as a service, for Android.

4. Another malware outbreak will hit the Mac world – First it was Mac Defender and then Flashback that attacked Apple (AAPL) Macintosh’s. According to the article, the Labs predict 2013 will bring another Mac malware outbreak that will have some success within the Mac community. Sullivan says. “And while there have been smart security changes to the Mac OS, there’s a segment of the Mac-using population who are basically oblivious to the threats facing Macs, making them vulnerable to a new malware outbreak.”

Smart TVs will become a hacker target5. Smart TVs will become a hacker target – Smart TVs are wide open to attacks. “It’s very easy for hackers to scan for smart TVs on the Internet,” says Sullivan. “When found, they only need to use the default username and password, and they’re in.” 2012 already witnessed LightAidra, a breed of malware that infected set-top boxes. 2013 could see smart TVs being used for such purposes as click fraud, Bitcoin mining, and DDoS attacks.

Help Net Security reports that hackers can tak control of Samsung Smart TV’s (rb- I wrote about this threat a year ago, here).

6. Mobile spy software will go mainstream – 2013 may see a rise in popularity of tracking software, and not just for parental control purposes speculates the author. There has already been growth in child safety apps that monitor kids’ activities, such as, their Facebook behavior. “Of course this kind of software can also be used to spy on anyone, not just kids,” Sullivan says. “The more smartphones there are, the more people will be seeking out software like this – to find out what their ex is up to, for example.”

Free tablets will be offered to prime content customers 7. Free tablets will be offered to prime content customers – Tablets and e-readers are all the rage, and more and more often in closed ecosystems such as the iPad with iTunes or the Kindle with Amazon (AMZN). As the Kindle price keeps dropping, the Labs predict that 2013 may bring a free e-reader or tablet for prime customers of companies who charge for content, like Amazon or Barnes & Noble (BKS). “Closed ecosystems are more secure, but you have to trust the provider to protect your privacy,” says Sullivan.

Do you think F-Secure’s Top 7 Security Predictions for 2013 are right?

Related articles
Category: Security | Tags: , , , , , , , , ,
| October 9, 2012
Comments Off

The End of Microsoft?

The End of Microsoft?The BusinessInsider published some awesome charts from Horace Dediu of Asymco that shows the collapse of Microsoft (MSFT) and Intel’s (INTC) monopoly in personal computing. Henry Blodget says the chart shows how Google‘s (GOOG) Android and Apple (AAPL) have successfully eaten into Wintel‘s market share. Is the end of Microsoft?

Share or personal computing platforms

Blodget included a chart from BI Intelligence showing the unit sales of PCs, smartphones, and tablets.

Global Internet Device Shipments

rb-

This does not say that Microsoft is going to collapse. It still has a number of successful businesses. It’s just not going to run the world like it once did according to the article. So this is not the end of Microsoft.

Related articles
Category: Hardware | Tags: , , , , , , , , ,
| September 22, 2012
Comments Off

SmartPhone Zombie Apocalypse

Cellphone malwareIf you have a smartphone, online criminals may soon have your number. Smart phone malware is getting increasingly sophisticated, and MIT‘s Technology Review reports that a security researcher has created software that turns a smart phone into a “zombie” that can be controlled remotely. The blog says Georgia Weidman created the program, which controls a Google (GOOG) Android phone via short message service (SMS) to bring about a smartphone zombie apocalypse.

Georgia WeidmanOnce only theoretical, real-world cell-phone viruses are becoming more common. The article reports the most famous was a scam in Russia tricked users into installing malicious software on Android phones, and using the SMS functionality to send messages to a number that charged a premium fee. In late 2010, a Chinese virus for Android devices was used to steal personal data according to the article.

Botnets have become a staple of Internet crime. They can be used to attack other systems, host attack tools, send spam, or just steal data. The blog says this type of attack has been rare with mobile devices, but that seems to be changing. “We have been taking down Internet botnets for years now, but there is not as much understanding [of telecom networking],” Weidman says. “I definitely see criminals going more and more toward using the telco’s network.”

TR explains that Weidman’s program is one of the first known to turn SmartPhone Zombie Apocalypsesmartphones into zombie nodes of a botnet. Her attack works like this: After infecting a phone with a rootkit, she uses that phone to send spam text messages, take part in a denial-of-service, or degrade the communications of the phone—all without the user knowing. The techniques apply to any smart phone, Weidman says.

Today’s smart phones have multiple layers of defense. For one, they can block malicious applications. They also have managed channels, such as the Apple (AAPL) App Store and Google’s Android Marketplace, for applications.

As a result, Weidman says, infecting a smartphone is not easy. “TRobby the Robothe hurdle with any malware is infecting the phone,” she told Technology Review, noting that the methods used by cybercriminals usually do not work. “More of what you see of malware is peoplee downloading applications for their phone that are infected,” she says.

The problem of cybercriminals targeting consumers’ phones will only get worse Kevin Mahaffey, chief technology officer of mobile-security startup Lookout told the author. Because the control of phones is so easy to turn into cash via premium text messages, criminals will be drawn to attack the devices.

Lookout mobile security logo“I always tend to look at the economics of the problem to ask myself whether it will continue in the future,” the CTO explained. “And because there is an incentive for attackers to compromise mobile phones, and the cost of compromising is not that high, that says it will become more prevalent in the future.”

Using the telecommunications network, rather than the Internet, for botnet control allows attackers to hide their actions from users. When the attacker does it using malicious software, the user has little chance of detecting it, says Weidman.

Botnet“When I infected a phone in my botnet—my lab botnet—with malware, the smart phone would receive a message through SMS and I would check to see if it has botnet instructions in it,” she says. “If it does, it would perform the functionality requests, and then it would swallow the message, so the user does not know that there was a message at all.”

While phones do not have the computing power of more traditional computers, they are hefty enough to handle many of the tasks that cybercriminals desire, she says. She adds that the sheer number of smart phones means that any botnet could be “a real threat” to create a smartphone zombie apocalypse.

Related articles
Category: Security | Tags: , , , , , , ,
| July 17, 2012
3 comments

IPv6 Compromise Smartphones Users’ Privacy

IPv6Now that the IPv4 address pool is depleted and the IPocalypse is at hand, wrinkles are emerging in IPv6.  One of the wrinkles is with mobile devices. Most of the cool mobiles devices have been able to handle IPv6 for a while. Apple’s (AAPL) iPhones, iPads and iPods have been capable of handling IPv6 Since version 4 of the iOS operating system and most Google (GOOG) Android devices have been capable since version 2.1. H  Security is reporting that these mobile operating systems send information about their users to the network.

A device on an IPv6 network usually determines half of theirSmartphone risks address (the “interface identifier”) themselves, but H Security says that smartphones are sloppy with this task. According to the article, the smartphones simply add the same two bytes to their globally unique MAC address and use it as their identifier. As a result, they transfer a unique hardware ID whenever they communicate with an IPv6-enabled server.

The basic problem isn’t an IPv6 issue because there are other methods for generating the address. The article says that a device can generate a random interface identifier and replace it on a regular basis. This is called Privacy Extensions method and is the factory-set option in Windows; it can also be enabled in other operating systems. The article points out that devices running Apple’s iOS or Android offer neither the option to enable Privacy Extensions nor the option to disable IPv6, anyone who uses an affected device on an IPv6-enabled wireless network will send their ID.

IPocalypseThe only thing the smartphones are lacking is a control option in the user interface, as the Privacy Extensions do come as part of their kernel. For instance, on a (jailbroken) iOS 4 device with root access, they can be enabled with the same command that enables them on a desktop device running Mac OS X:

sysctl -w net.inet6.ip6.use_tempaddr=1

The blog claims the problem is only affecting a small number of users because IPv6 is not yet in widespread use. However, more ISPs plan to offer IPv6 in addition to the old IPv4 in the future. In addition, there are routers like the Cisco (CSCO) Linksys E3000, which will, automatically set up an IPv6 connection via a 6to4 conversion when their internet access is purely IPv4.

The author concludes that the issue is particularly sensitive because such devices tend to be used by one specific person. As a result, the MAC address, which is accessible to any server operator and network monitor, allows this user to be identified.

rb-

If this sounds familiar, it is I wrote about mobile apps uploading  UDID’s here.

Related articles
Category: IPv6, Security | Tags: , , , , , , , , , ,
| May 10, 2012
Comments Off

What Happened to the Paperless Society?

The Economist wonders whatever happened to the “paperless office”? Thirty years ago the rise of computers was hailed as the beginning of the paperless-office era. In a 1980 briefing in The Economist, “Towards the paperless office”, they recommended that businesses trying to improve productivity should “reduce the flow of paper, ultimately aiming to abolish it”.

Unfortunately not many people listened to The Economist. Since they extolled the virtue of a paperless society, global paper consumption has increased by half.

Global paper consumption

The average American uses the paper equivalent of almost six 40-foot trees a year. Gizmodo says don’t feel too bad, the EU bureaucracy in Brussels pushed the Belgian paper consumption to a whopping 8.5 trees per person, which is like taking four Rockefeller Center Christmas trees and setting them on fire.

The trend is unlikely to change if a report from ITnewsLink is to be believed. More than half of Americans think the U.S. will never go paperless. Pollster Poll Position conducted a national scientific telephone survey to see if Americans think the U.S. could ever be a paperless society.

Poll Position’s research (PDF) found that 56% of Americans said they don’t think the U.S. would ever be a paperless society, while 20% said yes, one day we’ll all go paperless. Twenty-four percent of Americans were undecided or had no opinion on the question.

Other Poll Position finding

  • 63% of the 18-29 age group said the U.S. would never be a paperless society and 23% said we could be a paperless society.
  • 56% of men and women said we could never be a paperless society.

You can still vote in their online companion poll.

rb-

I would think that in an era of computers, Amazon (AMZN) Kindle Fire and Apple (AAPL) iPad tablet computers, iPhones and Google (GOOG) Android smartphones that paper consumption would decrease. apparently it takes more than buzzwords like “paperless” and “green” to make a difference.

Related articles
Category: Green | Tags: , , , , , , , , , , ,
« Older Entries  

Switch to our mobile site