Cyber Security Landscape

Q: Is it true that flashlight apps for your smartphone may contain malware?
A: It’s not just flashlight apps. Over 90% of freeware (free computer software for photos, converting Youtube videos, etc.) and free app downloads contain malware that is secretly added to your device. Besides stealing your data, they can corrupt files or worse. Quite often they use your connection and device to attack other people making it look like you are the bad guy. Attacks on the Whitehouse, FBI, CIA and military bases (such as Andrews Air Force Base) have happened this way. As far as smartphone apps go, there are not that many legit apps. Apple is of particular concern because their developer’s “tool kit” has been compromised. The result was many legit app developers used the official Apple tool kit, but ended up incorporating malware. This is what happened with most of the flashlight apps. (1)

By the way, the apps developed for Facebook are often used to compromise your Facebook account and steal your identity, as well as, attack all your friends. If Facebook doesn’t make the app, don’t use it. Examples of bogus apps include “What song was a hit on your birthday?”, “How loyal are you?”, “Who is stalking you?”, “Which season of the year are you?”, “3 reasons to love yourself!”, “Let’s make a drawing of you” and “Yourself as an oil painting”.

Q: How do I know if Facebook makes the app?
A: If Facebook makes the app, it is usually automatically integrated into the interface. Examples include when Facebook added more choices to the “like” button and the app they put in your feed about “1 year ago today”. Those are Facebook apps. The ones that tell you about your loyalty, stalkers, hit record on your birthday, compare you to your friends, etc. are clickbait and should be avoided. Almost all of these apps abuse your friends. Some of them allow your account to do criminal activity, such as, post sunglasses or shoes for sale tagging your friends without your knowledge. Some of them do even worse stuff, such as, compromise your account and use your account to surreptitiously to do a host of bad activities.

Q: Are Android apps safer than Apple apps?
A: Most apps are not developed by Google, Microsoft or Apple. If someone is giving an app away, it is probably for ill purposes. Nevertheless, the advantage of Android — it is built on Linux (open source code.) This means anyone can see the source and/or fix the computer code. That is not the case with Apple or Microsoft. We suggest Android on your phones and Linux on your computers.

Q: My tech-savvy son says it is safe to download apps from Google. Is the Google app store safe?
A: it’s not Google… it is the open source community. Google doesn’t own Android. Android is based on Linux (free open source software) the Linux community is serious about security. We’ve been involved with Linux development since the 1990’s. Apple and Microsoft are based on proprietary software which is the opposite of the open source philosophy. In any event, none of us like Google for other reasons; however, their exploitation of Linux is better for mankind than Apple and Microsoft. Google Android apps are a better bet than other OS’s (operating systems) because they use Linux. That doesn’t mean you should trust Google. Do not trust Google.

Q: What about GPS apps?
A: GPS apps are the most exploited function/app of a smartphone. Not only do private companies exploit the data but bad guys and our government do, too. So my advice is what I did for my Dad. He suffers from dementia and tends to wonder off. We got a Metro PCS smartphone and the sole use is for tracking my Dad with a GPS app. If you want a GPS, use a separate device.

An example of a GPS smartphone app scam recently happened in Chester County, PA. Bad guys hacked GPS apps and sent fraudulent email traffic tickets to unsuspecting motorists. (2)

References:
1) Apple’s App Store infected with XcodeGhost malware in China after major security breach. China’s “Great Firewall” may have been partly to blame for the first major attack on Apple Inc’s (AAPL.O) App Store, but experts also point the finger at lax security procedures of some big-name Chinese tech firms and how Apple itself supports developers in its second biggest market. A malicious program, dubbed XcodeGhost, hit hundreds – possibly thousands – of Apple iOS apps, including products from some of China’s most successful tech companies used by hundreds of millions of people. (Reuters)

2) “Beware This Crazy Speeding Ticket Scam” Philadelphia-area residents have been targeted, and the level of information the perpetrator has is downright scary. The Tredyffrin Police Department in Chester County announced the speeding ticket scam this week, explaining that three local residents reported receiving emails notifying them of speeding infractions. Tredyffrin doesn’t have speed cameras, and the police say that they have nothing to do with these citation notices, but here’s the thing: The residents were, in fact, speeding at the locations cited in the citations. How is this possible? Well, investigators suspect that a hacker has exploited a security flaw in some GPS-enabled smartphone apps. (Philly Magazine)

More Internet Security

This entry was posted in Security and tagged , , , , , , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.
  • Categories

  • Archives

Created by: Daniel Brouse and Sidd
All text, sights and sounds © BROUSE
"You must not steal nor lie nor defraud."