» »

Mobilci in programska zaščita zanje

Mobilci in programska zaščita zanje

Trancedeejay ::

Mene pa zanima koliko med vami vas ima AV zaščito za Android telefon. Ker sem začel delat z Bitdefenderjem sem se v to stvar malo bolj poglobil. Ste kdaj doživeli kakšnega od simptomov - npr., da ste imeli konkretno več prenesenih podatkov kot ste mislili ali pa pogovorov, da vam je klic prekinilo kar tako, večkrat zapored, ali pa ste imeli občutek, da imate nek delay pri delovanju telefona? Ali pa imate nek dražji telefon pa bi ga radi locirali če ga izgubite ali ga ukradejo, so na telefonu pomembni podatki ali žgečkljive vsebine (slika z ljubico- hehe), saj je možno tudi izbrisat podatke s telefona na daljavo. Želite biti obveščeni, če z Google Play naložite aplikacijo, ki je malware in pošilja vaše podatke na nek X strežnik? Želite imeti nadzor kaj dela katera izmed naloženih aplikacij?

Če imate nek dražji android telefon (skoraj nič ni pod 100 EUR), se vam zdi vredno dat npr. 8-10 EUR / leto, da imate aplikacijo, ki vam omogoča, da na računalniku vidite kje se telefon nahaja (seveda mora biti povezan z internetom), da imate avtomatsko skeniranje in preverjanje nanovo naložene aplikacije, da vidite do katerih zadeva posamezna aplikacija dostopa...

Kakšna so vaša mnenja? Sedaj ne gre več za klasične telefone, temveč dejansko mobilne računalnike katere upravlja določena programska koda. Se vam zdi, da je to nateg ali pa je možno, da so se spravili na android platformo. Torej zanima me vaše mnenje, ker od enega mobilnega operaterja sem dobil zahtevo za testiranje aplikacije, ker imajo povpraševanja za te zadeve, pri drugem operaterju niso zasledili povpraševanja... a so šli ravnokar tudi sami v testiranje aplikacije.

Kakšno je vaše mnenje - popolnoma brezvezna zadeva, nepotreben strošek, zavajanje ali pa mogoče stvar o kateri se splača razmislit, se za nekaj EUR splača da imamo opcijo preko katere lahko najdemo telefon, vidimo kaj delajo naše aplikacije, prepreči morebitne dodatne stroške?

 Bitdefender Mobile Security

Bitdefender Mobile Security




Mobilna zaščita

Link
Music is the key

RejZoR ::

Uporabljam avast! Mobile Security Free.

- antivirus
- SMS spam blocking
- firewall (root)
- anti-theft
- app locking (2 aplikaciji v free verziji)

Nekako ima že v Free verziji vse kar potrebujem. Antivirus je že od začetka med najboljšimi, je eden redkih, ki za rootane telefone ponuja firewall (ki je kar uporabna zadevca), anti-theft je napreden in an CyanogenMod telefonih preživi tud flashanje novega firmwara, app locking pa je tud zelo uporaben.
Si lahko zakleneš do 2 pomembni aplikaciji, v mojem primeru dostop do nastavitev (Settings) in pa Google Activator.
Angry Sheep Blog @ www.rejzor.tk

Trancedeejay ::

HI
Glede na to, da je govora o free varianti, si lahko brezplačno vzpostavite free Bitdefender aplikacije za mobilce:

Povezava

Prilagam še opcijo za desktop enote:

Povezava

Have a nice Day

Matt
Music is the key

Trancedeejay ::

Ko je že govora o zaščiti vaših mobilnikov, bi vam rad copy/pastal informacije, ki jih imam glede raznih aplikacij, ki jih zdownloadate preko Google Play. Upam, da ni nič narobe, če je v angleščini:


Mobile Operating System Wars -
Android vs. iOS


When we introduced Clueful for Android, we thought mobile users should know what the applications on their devices were doing. One year and a couple hundred thousand analyzed applications later, Clueful intelligence has picked up an interesting trend: applications are equally invasive and curious on iOS as on Android, even though one may argue that one of the operating systems is safer.
For roughly a year, we have been collecting applications from the Play Store and iTunes to analyze both statically and dynamically. For the Android version of Clueful, we're aggregating 314,474 free applications, while the iOS version of Clueful holds references for 207,843 free apps. These applications are broken down into clues which give the user a transparent and comprehensive overview of what the application tries to access, what privileges it requires and how it is going to handle the data it has access to when sending it over the web.

A primer on application permissions
Before digging further, we need to mention that application permissions differ from one operating system to another. For instance, while Android permissions are declared at install and cannot be altered later, iOS permissions are granted at runtime, when device owners have to allow or deny access to various resources, such as current location. Regardless, both applications for Android and iOS can perform a range of interactions with the user's device, but also with third-party internet services.

Comparable clues
Our analysis focuses on the most intrusive behaviors that the application developer may have included in their software products. We have also taken into account behaviors that are very similar in both Android and iOS:

1. Tracking location
Location tracking is a major concern for both Android and iOS platforms. Its implementation and use are similar in both platforms and is often requested by advertisers via framework APIs to track users' habits. The Clueful test reveals that 45.41% of the iOS apps have location-tracking capabilities, even if they don't explicitly do that, as opposed to only 34.55% of the Android applications.
Some Android applications that track location:
o Latest Nail Fashon Trends (v. 3.1) - com.nail.fashion.trends - with an estimated user base of between 100,000 and 500,000.
iOS applications that track location
o PokerStars TV (v. 2.2.2.0) - uses geolocation to track users' exact location
o Cheezburger (v. 1.2.2 ) - uses geolocation to track users' exact location

2. Reading contact list
While only 7.69% of Android applications could read the contact list, iOS applications are much snoopier - 18.92% of applications designed for iOS are technically able to looking into the contact list.
Android applications that read the contact list:
o Longman Contemporary English (v. 1.81) - com.flexidict.data.longmancontemporary, currently removed from the Play Store;
o Cambridge American Idiom (v. 1.81) - com.flexidict.data2.cambridgeamericanidioms - currently removed from the Play Store.
Some iOS applications that read the contact list:
o OLJ (v. 1.1) - reads contact names and contacts' email addresses and send them to a remote server.
o 3D Badminton II (v. 2.026) - reads contacts' emails and sends them to a server in Hong Kong.

3. Leaks your email address/ device ID
Among the most interesting pieces of information for an advertising network are e-mail addresses and unique device IDs / IMEI. This data also may be shared with third parties to, for example, send consumers behaviorally targeted advertisements, according to a recent Federal Trade Commission report.
About 14.58% of the Android applications may leak your Device ID and 5.73% of the total number of apps may leak your e-mail. Again, iOS applications appear to be more focused on harvesting private data than those designed for Android. Following the security incidents in 2012, when the Blue Toad advertising agency leaked one million UDIDs, Apple decided to deprecate the UDID API.

Some Android applications that leak the e-mail address:


o Logo Quiz Car Choices (v. 1.8.2.9) - car.logo.quiz.game.free - between 100,000 and 500,000 installations

o Blowing sexy girl's skirt (v. 1.6.0) - yong.app.blowskirt - between 100,000 and 500,000 installations

Some Android applications that leak the device ID:

o Football Games - Soccer Juggle (v. 1.4.2) - com.madelephantstudios.BallTapp - between 100,000 and 500,000 installations
o Logo Quiz NFL NHL MLB NBA MLS (v. 1.0.2.8) - com.fesdra.logoquiz.ussport - between 100,000 and 500,000 installations

iOS applications that leak the device ID:
o Ringtone Maker (v. 1.7)- sends device id to "adfonic.net"
o Paradise Island: Exotic (v. 1.3.14) - sends device id to third-party websites (to "offer.17bullets.com", "islandexotic.17bullets.com", "ma.mkhoj.com", "1.trace.multiclick.ru", "a.jumptap.com", "soma.smaato.com")

4. Leaks your phone number
Phone numbers are the link between a user's physical identity and virtual persona. It allows an aggregating party to correlate information about the user's behavior in applications (what content they are interested in, what applications they have installed and so on, and possibly link this information to an existing person, represented by a name and surname. 8.82% of the applications analyzed by Clueful for Android might leak the device's phone number to third-party advertisers. Applications integrating the AirPush and (in some circumstances) LeadBolt frameworks allow the developer to collect, encrypt and send the device's phone number. In some countries, carriers block this behavior to safeguard the user's data.
Some Android applications that try to leak phone numbers:
o Football Games - Soccer Juggle (v. 1.4.2) - com.madelephantstudios.BallTapp - between 100,000 and 500,000 installations
o Button Football (Soccer) (v. 1.10.3) - com.sicecommentr.buttonfootball - between 1,000,000 and 5,000,000 installations

One major difference in Android is that it lets consumers choose where they install their applications from. Not only can users install applications from third-party markets, but they can also download APK files directly from the developer's website so they won't be able to enjoy the security mechanism implemented by Google in the Play Store (Google Bouncer). In the absence of supervision from Google, these applications could collect much more data than they actually need to function properly.

Grey-area behavior in applications
While accessing location services can be used legitimately by applications, sending location information over the web is not necessary for some apps and may pose risks for users in case of a data breach with the information harvesting company. This is a typical case of grey-area use, when something obviously unnecessary for the application's functionality gets retrieved just to complement the amount of user data aggregated already.
About 10% of the analyzed Android applications are may be doing this with or without the user's prior information, depending on the way the advertising SDK is configured and the way it is set up at the initial boot. Others applications that send location information also leak the phone number and the user's e-mail address to ad vendors.
Negligent malicious behavior in applications
While tracking location, reading contacts or interacting with social media sites can be part of functionality, significant threats come from improper implementations of technologies, such as protocols for sending data from the user's device to the cloud. For instance, leaking unencrypted device IDs or sending plain-text passwords during the authentication process is highly dangerous for a mobile device that is often connected to public, potentially monitored Wi-Fi access points.

Conclusions
An old proverb has it that if you're not paying for it, then you are the product being sold. The free application ecosystem is actually free for the user, but is heavily monetized by the developer. Succinctly put, the application becomes free only after the user has paid for it with his or her privacy. And the situation is even worse, as paying for an application neither stops the private information flow, nor brings back the information already stored on file. More than that, information collection takes place without the user even being aware of what they agree with during installation.
The ad-supported model has been around since the emergence of Internet and dramatically contributed to the expansion of the Web as we know it. Sources all over the world have signed up for advertising programs that pay for traffic and allow content to be distributed for free to the user.
But mobile adware is totally different: adware tightly integrates with the device - it does not run inside the browser, isolated from other applications. On mobiles, advertising frameworks can learn your communications habits, friends, friends' contacts, location and - more frequently - all of the above at the same time. This turns them into the modern equivalent of spyware built into the device you're using the most throughout the day.
Clueful's mission is to shed some light into the application ecosystem as well as to clearly pinpoint the privacy threats the user exposes to when installing something as simple as an application.
Music is the key

Trancedeejay ::

Prilagam še video o uporabi Bitdefender Mobile Security:

Link

Have a nice Day

Matt
Music is the key

rdecaluc ::

Si pa nabrisal reklame -.-"

Sam sem imel Avasta na telefonu. Fajna zadeva anti-theft in vse, škoda le da moraš rootat telefon da dela cel paket. Ampak glede na to da imam sedaj cyanogenmod to ni več problem :D.

Morda probam še bitdefender, mogoče celo celotno verzijo, glede na to da imam že polno za PC.
Est modus in rebus. ,typos

RejZoR ::

Root funkcijam se ne moreš izognit, ker je to tehnična omejitev sistema in ne omejitev programske opreme. Ima pa avast! (in verjetno še kakšen drug) anti-theft opcijo tud za nerootane telefone, ampak je manj odporno na odstranjevanje in ni tolk prikrito. Čeprav vsaj pri avast!-u vem da lahko anti-theft aplikacijo poimenuješ kakor hočeš in jo s tem prikriješ med goro drugih aplikacij na telefonu.
Angry Sheep Blog @ www.rejzor.tk

Chev ::

Bedarija, če mene vprašaš. Dodaten zaslužek, ko ti nabijejo reklame v antivirus app :)). Lociranje telefona je že vgrajeno v android, ostalo pa je neuporabno.

Nisem še nikoli opazil kaj "čudnega" na telefonu, če pa bi, pa obstaja enostaven hard reset.
Pomembni podatki so pa itak sinhronizirani še z dvema napravama.

P.S. tudi na PC-ju (in tabletu) ne uporabljam zaščite, pa sem še vedno zdrav. Ne hvala z antivirusi.

Yacked2 ::

Chev je izjavil:

Bedarija, če mene vprašaš. Dodaten zaslužek, ko ti nabijejo reklame v antivirus app :)). Lociranje telefona je že vgrajeno v android, ostalo pa je neuporabno.

Nisem še nikoli opazil kaj "čudnega" na telefonu, če pa bi, pa obstaja enostaven hard reset.
Pomembni podatki so pa itak sinhronizirani še z dvema napravama.

P.S. tudi na PC-ju (in tabletu) ne uporabljam zaščite, pa sem še vedno zdrav. Ne hvala z antivirusi.


Misliš, da si zdrav. Kaj ko bi si downloadov Malwarebytesov program ter z njim poskeniral cel sistem nato pa log prilepil sem.

On topic: uporabljam Samsungov telefon, ki je bolj oldschool narave, tako da je skrb da bi fasal svinjarijo odveš, ker mi mobi ne podpira Androida, prav tako pa ne nameščam nobenih .jar datotek.

Moje mnenje pa je, da se bo začela masovna produkcija applikacij za vohunjenje, saj je z androidov tako rekoč vse dosegljivo.
Korak naprej ni vedno ustrezen...sploh če si na robu prepada!

Chev ::

daj link malwarebytes programa

bluefish ::

Podobna finta kot pri običnih računalnikih. Če uporabnik lahko le tega ohrani čistega brez virusov in podobne nesnage, je velika verjetnost, da bo enako na telefonu.

Hayabusa ::

Chev je izjavil:

daj link malwarebytes programa

Vpišeš "malwarebytes" v tvoj priljubljeni iskalnik.

Oddin ::

Cel android je spyware
Corsair Obsidian 750D, i5 3570 & 4.4GHz, Sapphire R9 290 Tri-X OC,
CPU+GPU EKWB Custom Liquid-Cooling Loop, Asus P8Z77-V DELUXE, Corsair Vengeance
Pro 8gb 1600MHz, Samsung SSD 850 EVO, Corsair AX860i

Trancedeejay ::

Pridem na šiht in v enem izmed mailov je bila ta novica:

Link

Koliko vas je informatikov tukaj, so take novice natolcevanje? Pri nas se mi zdi, da še noben izmed informatikov ni imel take izkušnje. So nam pa enkrat vdrli na strežnik in gor postavili fake amazon.de stran.

Izmed teh aplikacij se meni za mobilca najbolj pomembna zdi anti theft funkcionalnost, varianta, ki nadzoruje kaj delajo aplikacije (se pravi razni prenosi podatkov, povezovanje preko telefona v lokalno omrežje, vzpostavitev klicev in podobno, povezovanje na kontaktne podatke, koledar)in pa blokiranje fake strani - nebi ravno rad vpisal podatke od dostopa v fake stran, kot je to naredil moj sodelavec - fake Paypal stran.

Have a nice day

Matt
Music is the key

Chev ::

Hayabusa je izjavil:

Vpišeš "malwarebytes" v tvoj priljubljeni iskalnik.

Ja šit no, sem vpisal in sem dobil več rezultatov kot za porniče. Zato sem vprašal za link, ker nekateri pač to uporabljate, namesto da jaz nekaj inštaliram, potem pa bo kriv program.

Đizs dolgo dela, anyway:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.02.02

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
<em>XXXXXXXXX</em> :: <em>XXXXXXXX</em> [administrator]

Protection: Enabled

2.1.2014 14:49:32
mbam-log-2014-01-02 (14-49-32).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 287072
Time elapsed: 24 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


 asd

asd


 fgh

fgh



Happy?

Yacked2 ::

@Chev: čestitam 8-)
@Trancedeejay: zakaj se ti zdi to tako neverjetno ? Dandanes ljudje s telefoni hodijo povsod, še na WC. Ker imajo novejši telefoni že podporo Android, se bodo začele množiti zlonamerne aplikacije za prisluškovanje ali kaj podobnega.
Korak naprej ni vedno ustrezen...sploh če si na robu prepada!

Chev ::

Hvala! :)

bluefish je izjavil:

Podobna finta kot pri običnih računalnikih. Če uporabnik lahko le tega ohrani čistega brez virusov in podobne nesnage, je velika verjetnost, da bo enako na telefonu.

Yep.


Vredno ogleda ...

TemaSporočilaOglediZadnje sporočilo
TemaSporočilaOglediZadnje sporočilo
»

Ne glede na nastavitve iPhone 11 pozna lokacijo

Oddelek: Novice / Apple iPhone/iPad/iPod
445354 (2500) tardusm
»

Google predstavil novi pametni telefon Pixel 3 (strani: 1 2 )

Oddelek: Novice / Android
869809 (5001) pirlo
»

Nokia predstavila N9 (strani: 1 2 3 4 5 6 )

Oddelek: Novice / Nokia / Symbian
26639870 (25286) flameir
»

Kaj Nokiaši pričakujejo od Windows Phone 7

Oddelek: Novice / Windows Mobile
336616 (4713) Bor H

Več podobnih tem