“Many functions on Apple’s wildly popular iPhone and iPad rely on users’ physical locations to deliver services like real-time maps, and location-based social networking and commercial offerings.
However, unbeknownst to most users, the devices are storing that information in a hidden file, two British researchers announced Wednesday at the Where 2.0 conference in Santa Clara, Calif., 72 kilometers (45 miles) south of San Francisco.
“There is still the question of when Apple gets access to this data, if ever,” Gus Hosein, the deputy director of the London-based advocacy group, Privacy International, told Deutsche Welle. “Apple seriously screwed up here. It’s time we start keeping an eye on what all these smart phone operating systems are doing. I don’t know how, but over the years, location data has suddenly become fair game.””
From Deutsche Welle
Posts tagged “Mobile security”
“If people want to know everything about you, they need look no further than your smartphone. It contains a host of your personal information and leaves a trail of digital footprints everywhere you go.
A proposed class-action lawsuit filed last week alleges that Apple and a handful of app makers are invading user privacy by accessing personal data from customers’ smartphones without permission and sharing it with third-party advertisers.
Concurrently, federal prosecutors in New Jersey are investigating whether several smartphone app makers, including Pandora, are transmitting customer information without proper disclosure.”
“When you whip out your smartphone to transfer money, deposit a check, or “tap” it on an electric reader to buy milk at your local 7-Eleven, do you ever wonder how secure it is?
The good news is, using your phone as a “mobile wallet” is largely considered safe. In fact, some experts argue the security of mobile payments is on par with online banking, with the added layer of password protection.
But that isn’t a license to throw caution to the wind. A February report by McAfee (which sells anti-virus software) found a whopping 20 million new pieces of “malware” — aka: malicious software — in 2010, a trend expected to surge in 2011 as cyber criminals catch up with the latest mobile technologies.”
“Every day cybercriminals and hackers are launching increasingly sophisticated, targeted attacks. In its Internet Security Threat Report, Volume 16, Symantec Corp. finds that, in addition to an increase in targeted enterprise attacks, mobile attacks are on the rise and hackers are increasingly using Java as a way into your network. Symantec identified more than 286 million new threats in its report, chronicling incidents between Jan. 1, 2010 and Dec. 31, 2010.
“While we didn’t see the number of attacks this year really grow, what we did see was a 93% increase in the number of web-based attacks. People tend to think of attachments in email, and if you click on that attachment, you’re going to get infected, but the real growth area, where they’re moving, is into Web sites,” says Kevin Haley, director at Symantec Security Response.”
From CIO Insight
“Encryption has long been a mainstay of securing mobile data, but that measure assumes that the main threat comes from the outside. Today, however, the main mobile security threat is the user, cautions John Herrema, senior vice president of corporate strategy at Good Technology, and encryption doesn’t counter that threat.
“In the ‘there’s an app for that’ world we now live in, the greatest threat comes from the 100 percent well-intentioned end-user who is simply trying to be more productive and get more work done, more quickly,” Herrema writes in a post at VentureBeat.”
From Fierce CIO
“Pandora’s Android app transmits a plethora of personal information to third parties after all, at least according to an analysis done by security firm Veracode.
The company decided to do a follow-up on the news that Pandora—among other mobile app makers—was being investigated by a federal grand jury, and found that data about the user’s birth date, gender, Android ID, and GPS information were all being sent to various advertising companies.”
From Ars Technica
“Scotland Yard’s inquiry into allegations of phone hacking by the News of the World took a dramatic turn on Tuesday as the paper’s chief reporter, Neville Thurlbeck, and its former assistant editor Ian Edmondson were arrested on suspicion of conspiring to intercept mobile phone messages.
The News of the World until recently insisted that the only phone hacking carried out on behalf of the paper was by a “rogue reporter”, Clive Goodman, and the only other arrests linked to the long-running saga took place in 2006, when Goodman, the News of the World’s former royal editor, and two associates were arrested.
Suppressed evidence of further phone hacking was not revealed until a Guardian investigation in July 2009.”
From The Guardian
“The online radio service Pandora has received a subpoena from a federal grand jury investigating whether popular smartphone applications share information about their users with advertisers and other third parties.
Pandora said it shared information with third parties to help it track how users interact with the service and to deliver targeted advertising. But the company, based in Oakland, Calif., said it was “not a specific target” of the grand jury investigation.
The disclosure comes at a time of mounting concern about Internet privacy and growing unease about the vast amounts of personal information that companies are scooping up online — from Web browsing habits to smartphone locations to Facebook preferences — and then mining to direct advertising.”
From The New York Times
“A favorite pastime of Internet users is to share their location: services like Google Latitude can inform friends when you are nearby; another, Foursquare, has turned reporting these updates into a game.
But as a German Green party politician, Malte Spitz, recently learned, we are already continually being tracked whether we volunteer to be or not. Cellphone companies do not typically divulge how much information they collect, so Mr. Spitz went to court to find out exactly what his cellphone company, Deutsche Telekom, knew about his whereabouts.”
From The New York Times
“Smartphones are getting pretty clever these days but it is unlikely they will outwit the cybercriminals as fraudsters increasingly go mobile.
Last week Android Market, the shop front for applications aimed at Android smartphones, was hit by around 60 malicious apps.
It is thought that they did little real damage other than to Android’s reputation, but the incident put the issue of mobile security back in the headlines.”
From BBC News