The wording in this is slanted and that's true starting with the research paper's title. Nevertheless, there's more than bogus wording since the research revealed security exposures in the Android process. (Science Daily: Android apps can conspire to mine information from your smartphone)
The only conspiracy is that the apps have the capability to pass information between each other so it's likely that exactly the same non-conspiracy exists in the iPhone iOS code since those apps share information between each other as well. Beware the lingo.
Mobile phones have increasingly become the repository for the details that drive our everyday lives. But Virginia Tech researchers have recently discovered that the same apps we regularly use on our phones to organize lunch dates, make convenient online purchases, and communicate the most intimate details of our existence have secretly been colluding to mine our information.
- SD
The opening is just tech according to Doctor Phil. There is no collusion, only poor security. Normally for that kind of melodrama, we need Ray Milland or Facebook.
"Researchers were aware that apps may talk to one another in some way, shape, or form," said Wang. "What this study shows undeniably with real-world evidence over and over again is that app behavior, whether it is intentional or not, can pose a security breach depending on the kinds of apps you have on your phone."
The types of threats fall into two major categories, either a malware app that is specifically designed to launch a cyberattack or apps that simply allow for collusion and privilege escalation. In the latter category, it is not possible to quantify the intention of the developer, so collusion, while still a security breach, can in many cases be unintentional.
- SD
After the intro hype, we see them repeatedly saying there is not any collusion; any problem is unintentional.
The team studied a whopping 110,150 apps over three years including 100,206 of Google Play¹s most popular apps and 9,994 malware apps from Virus Share, a private collection of malware app samples. The set up for cybersecurity leaks works when a seemingly innocuous sender app like that handy and ubiquitous flashlight app works in tandem with a receiver app to divulge a user¹s information such as contacts, geolocation, or provide access to the web.
The team found that the biggest security risks were some of the least utilitarian. Apps that pertained to personalization of ringtones, widgets, and emojis.
- SD
Ed: what did they find?
They studied quite a bit but didn't report anything we don't already know. Apps talk to each other across devices and a number are sloppy about it. That creates a security exposure which also isn't a surprise.
There's no beef in terms of what percentage of apps were dangerous and all we see is trash apps (e.g. emojis, etc) are likely to have trash security. We really didn't need an intensive computer analysis to discover that.
The only conspiracy is that the apps have the capability to pass information between each other so it's likely that exactly the same non-conspiracy exists in the iPhone iOS code since those apps share information between each other as well. Beware the lingo.
Mobile phones have increasingly become the repository for the details that drive our everyday lives. But Virginia Tech researchers have recently discovered that the same apps we regularly use on our phones to organize lunch dates, make convenient online purchases, and communicate the most intimate details of our existence have secretly been colluding to mine our information.
- SD
The opening is just tech according to Doctor Phil. There is no collusion, only poor security. Normally for that kind of melodrama, we need Ray Milland or Facebook.
"Researchers were aware that apps may talk to one another in some way, shape, or form," said Wang. "What this study shows undeniably with real-world evidence over and over again is that app behavior, whether it is intentional or not, can pose a security breach depending on the kinds of apps you have on your phone."
The types of threats fall into two major categories, either a malware app that is specifically designed to launch a cyberattack or apps that simply allow for collusion and privilege escalation. In the latter category, it is not possible to quantify the intention of the developer, so collusion, while still a security breach, can in many cases be unintentional.
- SD
After the intro hype, we see them repeatedly saying there is not any collusion; any problem is unintentional.
The team studied a whopping 110,150 apps over three years including 100,206 of Google Play¹s most popular apps and 9,994 malware apps from Virus Share, a private collection of malware app samples. The set up for cybersecurity leaks works when a seemingly innocuous sender app like that handy and ubiquitous flashlight app works in tandem with a receiver app to divulge a user¹s information such as contacts, geolocation, or provide access to the web.
The team found that the biggest security risks were some of the least utilitarian. Apps that pertained to personalization of ringtones, widgets, and emojis.
- SD
Ed: what did they find?
They studied quite a bit but didn't report anything we don't already know. Apps talk to each other across devices and a number are sloppy about it. That creates a security exposure which also isn't a surprise.
There's no beef in terms of what percentage of apps were dangerous and all we see is trash apps (e.g. emojis, etc) are likely to have trash security. We really didn't need an intensive computer analysis to discover that.
No comments:
Post a Comment