Mocana's Weekly News Roundup, Ed 14
Updates on mobile phones, especially Androids, continue to be a prominent news front for the Roundup. This includes the newest update on certain carriers.
Another cautionary note includes being careful before flippantly installing apps, since many can have vulnerabilities and malware that put your confidential information at risk.
What does this mean for the future of mobile security? That's always the million dollar question. The key is to stay informed, and always make sure your OS is up-to-date.
This is especially true while traveling, as a Huff Post article relays many WiFi destinations across the world have been shown to be insecure.
To read more on these topics, check out our links for the Roundup below:
A vulnerability note from the Computer Emergency Response Team (CERT) shows Android devices on certain carriers are potentially at risk. This even includes Google's newest update Marshmallow. Some of the issues and flaws span from "incorrect permission assignment for critical resource" and "improper access control." If you have an Android device on the two carriers mentioned, you may want to pay attention to this.
One "poor decision" on installing an insecure app can lead to your information being stolen, or even having your device locked. The study demonstrated here by HF/E researches at North Carolina University show fascinating results for multitasking while on mobile devices. This leads even the most educated students and study participants to be susceptible to insecure apps.
An update from SourceDNA has "detected the 256 rogue apps" that have been download 1 million times. Most were shown to be from Chinese app developers, and have thus been removed by Apple from the App Store. There are suspicions that the Chinese firm Youmi "has been working on ways to hide the identity-seeking features for years deep within its software code." While unsettling, it's important to realize the many risks of downloading insecure apps.
Due to the many security risks posed, many apps for mobile and computers are screening "which applications can be trusted and offered for download." There are codes of conduct and a generally censored and "filtered experience," which, if not followed, can make the app banned. This article explores some of the other app stores, from Google Play to Microsoft's, and explains how applications are scanned.
As time goes on, we are becoming more on-the-go, which is why companies are looking to create "mobile first" development, which is primarily friendly toward mobile platforms. However, this ability for apps to work across all devices means security efforts must be "doubled down." The article elaborates on protection efforts, which include encrypting the data and being able to "remotely wipe the device if it's lost or stolen."
Huff Post Travel
This is a great piece which explains mobile threats at popular tourist locations. Mobile threat defense company Skycure tracked attacks over a year and compiled an insightful list where the most common "involve the capture of private information such as banking logins and passwords or personal communications." The article is a great reminder why you should take "precautions prior to departure" so you can safely document your trip and use your mobile phone without risks of compromising security.
We value your input as a reader; let us know your thoughts in the comments here or tweet us @mocana.