Tag Archive for online security

marblesecurity

US is No: 1 source of risky or dangerous apps in the world, says security firm

An oft-held view that the risk of using mobile devices was limited to jailbroken or rooted devices in Asia, & to apps that were downloaded from fly-by-night app stores other than Apple App Store or Google Play, has been challenged by new research.

According to the California, USA-located Marble Security, a firm that specializes in mobile devices security, it had been found after analyzing over a million apps available on the North American versions of the Apple App Store or Google Play, that most never required a jailbroken or rooted device. Marble Labs has determined that more than 40% of the “dangerous apps” on these stores were developed by publishers based in the United States.

This came as a surprise to Marble’s analysts, who before examining the data would have
perhaps bet that most malicious apps originated from publishers in Eastern Europe or Asia. While China, Korea, India & Taiwan do generate a great number of malicious or risky apps, their combined total did not amount to that of the United States, claimed this report.

Marble Security said this research underscored the fact that consumers & businesses
needed to pay close attention to what apps they downloaded onto their mobile devices, & how those apps used or rather “misused” personal data.

What is a Malicious or Highly Risky App?

For this study, Marble Labs examined apps that were malicious or highly risky. These were apps that, among other things:
• Sent user’s private data without their knowledge
• Copied contact databases & sent them to untrusted locations on the Internet without the user’s knowledge
• Sent users’ browser histories over the Internet
• Installed helper apps to display unwanted advertising
• Communicated prohibited tracking information, including hardware identifiers
• Send premium rate SMS messages to defraud consumers

 

risky mobile apps

The report said it was a common belief that Chinese or Russian app developers were responsible for the majority of malicious apps. While that could be true for malware that targeted jailbroken iPhones or rooted Android mobile devices, Marble Securities said when its team had looked at apps that were available on legitimate app stores for non-tampered devices, the story was very different.

In fact, United States companies published the largest number of malicious or highly risky apps in the world, the research found. More than 42% of global dangerous apps that target non-jailbroken & non-rooted devices originated with companies or publishers purportedly located in the United States.

China was the second largest publisher of malicious and highly risky apps for standard iOS & Android devices, at almost 18% of the world’s output. India, Korea & Taiwan followed, with approximately 4.5 % of all published apps from those countries categorized as highly risky & malicious apps, said the report.

Image Credit: Marble Security

 Advertising Message

Most messaging apps & tools flunk this security best practises test

The Electronic Frontier Foundation is a unique org – it’s an NGO in the field of defending civil liberties in the digital world.

The Foundation has now spearheaded research & published a kinda score card on its outcome for Internet messaging services, indeed Online communication tools, including mobile apps to povide users a guide on which ones are really safe & secure.secure messaging appsThis scorecard represents only the 1st phase of the campaign. In later phases, the Foundation is planning to offer closer examinations of the usability & security of the tools that score the highest here.

(Warning: As such, the results in the scorecard should not be read as endorsements of individual tools or guarantees of their security; they are merely indications that the projects are on the right track.)

Most apps that were analyzed failed in 1 or multiple categories. Only the following came out with flying colors:

ChatSecure + Orbot (encrypted chat application for iPhone and Android)
Cryptocat (Available for iOS, Os X, and web browsers)
Signal (iOS only)
Silent Circle (available for Android and iOS)
Silent Text (available for Android and iOS)
TextSecure (Android)

The EFF, in collaboration with Julia Angwin at ProPublica & Joseph Bonneau at the Princeton Center for Information Technology Policy, have joined hands to launch a campaign for secure & usable crypto. As it spells it out on their Site: We are championing technologies that are strongly secure and also simple to use.

The Secure Messaging Scorecard examined dozens of messaging technologies & rated each of them on a range of security best practices. The campaign was focused on communication technologies — including chat clients, text messaging apps, email applications, & video calling technologies. These are the tools everyday users need to communicate with friends, family members, and colleagues.

For the survey, they also chose technologies that had a large user base–and thus a great deal of sensitive user communications–in addition to smaller companies that were pioneering advanced security practices.

If our readers wanna know further, click here to read up on this report.

 

Image Credit: EEF

 

Advertising Message