Once upon a time, computers were the absolute focal points of most people’s lives. They did everything on it: work, gaming and most recently, social networking; if there was something that couldn’t necessarily be done by hand, it was done digitally, and computers were the prime way to do it.
However, many of those functions have been taken over by mobile platforms, and it shows: mobile gaming is bigger than console gaming in some parts of the world, and plenty of companies have been scrambling to make mobile versions of their more popular products. Why? Mobile is more convenient: why take out a laptop or console when you can do whatever you want on the go?
Unfortunately, this convenience has come at a price: privacy. Whenever you’re using a mobile device, you can be almost certain that the app in use is collecting your data. Of course, this isn’t inherently a bad thing, as some of those apps (such as Facebook and Twitter) need that data to function at their peak, which ultimately benefits the user. The problem is just how many of those apps have access to data or permission to perform functions that they shouldn’t.
For example, both FourSquare and Angry Birds at one point had access to the user’s address book. Similarly, a generic weather app could try to send an email on the user’s behalf.
This was a widespread issue, too: a study by HP in 2013 found that, of the 2,107 mobile applications scanned, 97 percent accessed private data sources, including personal address books, social media pages and connectivity options like Bluetooth or Wi-Fi.
Things have changed since then, as many of these apps now explicitly tell users that they are about to access certain data, and give you the option to opt out if you’d like. Unfortunately, the problem is that there are still plenty of companies that don’t give users any such notice, and even if they do give a heads-up, the data accessed isn’t adequately protected.
That same study found that 86 percent of the applications lacked the security measures to protect them from even the simplest of exploits, such as misuse of unencrypted data, cross-site scripting and insecure transmission of data. In addition, 86 percent of applications tested lacked binary hardening, leaving applications vulnerable to information disclosure, buffer overflows and poor performance. Lastly, 75 percent of applications did not use proper encryption techniques when storing data (such as passwords, documents, chat logs and photos) on mobile devices, leaving unencrypted data accessible to an attacker.
The results are clear: not only do these apps take your data (some of which don’t even tell you they’re doing so), but they don’t even handle it correctly, often leaving users exposed to attackers. It’s one thing when an app has your data (it’s for your benefit, or so the app claims), but it’s a different story for attackers who are looking to harm potential victims.
It would be great if it was just our apps that left us exposed, but sometimes, it’s the mobile phone itself.
For example, back in 2015, Nomi Technologies, Inc. reached a settlement with the FTC after it was found to be using sensors in retail stores to track customers’ purchasing behaviors by recording their mobile device’s MAC addresses. Nomi’s privacy policy promised it would provide an opt-out mechanism at stores using its services, but the FTC found that, not only did Nomi fail to provide this opt-out option, it didn’t even inform customers that they were being tracked.
Long story short? If you are using a mobile phone, you can be sure your data is being accessed. At one point, mobile phones were simply used to make calls, but now, they pack more features (you can even store your credit card information on phones and use them to make purchases), and with each new feature, attackers gain yet another way to access your data.
With the stakes raised, mobile privacy is more important than ever, and fortunately, there are several apps that are up to the task, such as Hexlock, a 100-percent-free app-locker that protects privacy and secures apps with a password to prevent unauthorized access. Developed by Liquidium, it has been awarded the badge of Editors’ Choice by Google, which immediately sets it apart from other apps of its ilk.
Key features for Hexlock include the aforementioned app-locker, an automatic lock based on network or location, a Media Vault for photos and videos, uninstall prevention, fingerprint unlocking, customizable lock screens and boosted parental controls.
If mobile privacy is important to you, and you want to be sure that personal apps like WhatsApp and Facebook are secure, then this is the app for you. Download it here
No comments:
Post a Comment