Posts

Are Your Mobile Apps Up To No Good?

Most of us have heard the saying “It’s 2am, what are your kids doing?” and you may know, but do you know what your mobile apps are doing? I know before I started working in the industry, I would not have given a second thought to this, but consider this.

Why would an app designed to monitor your mobile’s battery need to know your location via your GPS? How come some gaming applications ask users for their phone numbers? Mobile applications, especially free ones, require some level of your personal data in order to supplement development costs. This means “free” isn’t exactly free.

Unsurprisingly 97% of users don’t understand how permissions correspond to the risk of an app. The consequences of not knowing is once you share your personal data, it now can be use and sometimes abused and is out of your control forever. Check out this infographic…

 

If it’s digital then that means it’s also “repeatable” and can be copied, pasted, duplicated and sent an infinite amount of times. For example 18.3 million US adult Smartphone owners have looked up medical information.  32.5 million US adult Smartphone owners access banking information. Using applications that don’t care much about your privacy can expose this data.

Android applications can ask for 124 types of permissions and with these permissions someone can turn on your camera, monitor or modify or even kill outgoing calls, record images of your screen while you enter personal information, monitor and view texts or pictures and even scarier capture conversations in the room when no call is active!!

What’s troubling is 33% of apps ask for more permissions than they need, 42% of users don’t know what these permissions are and 83% of users don’t pay attention to permissions when installing an app. This all adds up to needing to know what your apps are doing.

To help you protect your privacy and identity when using apps you should:

Research apps by checking their ratings and reviews before you download

Only download apps from reputable apps stores

Read the Terms of Service (TOS) to determine what data the app is going to access on your mobile device.

Use comprehensive  mobile security app with app privacy features, such as McAfee Mobile Security, that will provide insight into the activity and safety of your apps

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

Free Mobile Apps = Drained Battery

Go through your smartphone right now. Look at each app and seriously consider whether you need it. If not, delete it. Then, determine which of the free apps are worth upgrading to the paid versions, since free apps that contain advertising that puts an additional drain on your battery.

Using a special energy-profiling tool, researchers from Microsoft and Purdue University found that when a mobile is run over a 3G connection, Android and Windows Mobile apps operating third-party ad services dedicate up to 75% of their power requirements to ads rather than game play.

Applications often communicate with their sources, transferring data back and forth between your mobile phone and the app’s home server. This information could be about you, gleaned from your mobile use, or it could be new advertising. The most effective way to deal with this is to either delete the app, or in some cases you are given an option to prevent it from running in the background.

But don’t stop there. There are numerous other battery drains affecting your smartphone. To preserve battery life:

Set your phone to lock automatically after being idle for one minute

Disable Wi-Fi and Bluetooth when they are not in use

Disable all unnecessary notifications

Disable any unused location services

It’s also a good idea to get yourself set up with extra chargers for your car, travel bag, and various rooms of your home. I like getting a mix of extra long and very short cables for different applications. They can often be found inexpensively on eBay.

Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)

FBI launches FBI Child ID App

The last thing anyone ever wants to think about is your child getting taken away from you by a stranger or even someone you know. And while the statistics aren’t nearly are bad as one would think, parents think about child abduction all the time.

Regardless of statistical probabilities, there is a chance your child can go missing. In response the FBI has created the FBI Child ID application.

Straight from iTunes:

“The free FBI Child ID app provides a convenient place to electronically store photos and vital information about your child so that it’s literally right at hand if your child goes missing. You can show the pictures and provide physical identifiers such as height and weight to security or police officers on the spot. Using a special tab on the app, you can also quickly and easily e-mail the information to authorities with a few clicks. The app also includes tips on keeping children safe as well as specific guidance on what to do in those first few crucial hours after a child goes missing.”

Information stored on the application is local, meaning the FBI isn’t tapping into your phone or seeing your kid’s information. The app isn’t password protected, which it should be. But as long as your phone is password protected then you should be all set.

Robert Siciliano personal and home security specialist toHome Security Source discussing Child Abductions on MSNBC. Disclosures

 

 

My Top 5 Mobile Commerce Apps

The day when your wallet becomes a relic, like an 8-track tape, isn’t here quite yet. But we are getting close.

Thinning out your wallet isn’t just nice for your pants pocket. It’s also a good way to minimize your risk for identity theft, should your wallet ever be lost or stolen. As long as you’re keeping your smartphone safe and secure, the following mobile payment options offer safe, convenient alternatives to traditional payments.

Mint: Personal finance tools from Mint.com help you track, budget, and manage your money while you’re on the go. Sign up for a free Mint.com account, add your online banking and credit card accounts, and access your personal finances, all from your iPhone. One cool feature Mint offers is optional alerts to any high dollar transactions.

Square: This application and free credit card reader allow users to accept credit cards via iPhone, iPad, or iPod touch without a contract, monthly fees, or merchant account required. You can become your own merchant with this truly amazing app, which is ready to take payments within minutes of downloading. This can be handy when splitting a dinner check with a group in which everyone has a credit card, but no cash.

KeyRing: Never carry plastic or paper loyalty, membership, or library cards again! You can save time, space, and money by storing cards and coupons on your phone, so you’ll never miss a discount at the point of sale again. I especially like that KeyRing fully backs up your credit and store cards. Not every merchant is ready to accept a digital card at this point, but many are, and the number is increasing.

Paypal: Send money to your friends, manage your account, and more with the PayPal app. It’s free, secure, and more convenient than going to an ATM, writing checks, or sending gifts the traditional way.

I haven’t listed my bank’s application because they don’t currently offer mobile check deposit. But if your bank does, add them to the list, because that’s cool.

Robert Siciliano is a personal security expert contributor to Just Ask Gemalto. (Disclosures)

Mobile Apps Are Leaking Data on You

Tracking users is all the rage. A battle is being waged over our data, and there are several parties involved in this fight. We voluntarily offer our data to various companies, only to discover that they are using it in ways that we never anticipated.

Smartphones have become almost an extension of ourselves. They are as integral to our lives as clothing. I have mine clipped to my suit when I’m working, jeans when I’m shopping, and pajamas when I’m lounging. And then, of course, it’s on the nightstand when I’m sleeping. It’s even right outside the shower.

And then there are the applications. Most people spend more time navigating their apps than actually making or receiving calls.

The Wall Street Journal found that many app developers haven’t been upfront with their intentions:

“An examination of 101 popular smartphone “apps”—games and other software applications for iPhone and Android phones—showed that 56 transmitted the phone’s unique device ID to other companies without users’ awareness or consent. Forty-seven apps transmitted the phone’s location in some way. Five sent age, gender and other personal details to outsiders. The findings reveal the intrusive effort by online-tracking companies to gather personal data about people in order to flesh out detailed dossiers on them.”

One developer of online ads and mobile apps declared, “We watch what apps you download, how frequently you use them, how much time you spend on them, how deep into the app you go.” The motivation here is money. The more they know about you, the more targeted ads they can deliver, and the more likely you are to buy.

So what to do? Privacy concerns are justified, but what can be done with this data, other than ad targeting? Not much. I don’t see any fraud or identity theft happening as a result of this. They aren’t going to try to sell you anything by cold calling you, and hopefully they’ll refrain from emailing sales pitches.

If you want to cleanse yourself of this type of tracking you can delete and avoid apps, or you could provide false information, but that could violate terms of service, and might even be a useless tactic.

The best you can do is try to understand what you are giving and what you are getting in return, and make conscious decisions as to whether the tradeoff is worth it to you.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses leaky applications on Fox News. (Disclosures)