Posts

Serious privacy problems found in most health apps – Security – Software

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


A large-scale investigation of mobile health apps available in Australia and worldwide suggests that many contain serious privacy issues, with hundreds transmitting user information to third-party service providers.

Researchers at Macquarie University’s Department of Computing analysed over 20,000 health apps for Android in Google Play and say patients should be informed about privacy practices before use and installation.

“Our results show that the collection of personal user information is a pervasive practice in ‘mHealth’ apps, and not always transparent and secure,” the researchers wrote.

Since neither Google Play nor the Apple App Store provide privacy auditing functionality, clinicians should check health apps’ functionality and articulate that to patients in simple terms.

This includes checking the permissions that health apps request such as accessing sensitive areas of the phone like location data, cameras and microphones.

Clinicians should review health apps’ privacy policies and practices as well, the researchers recommended.

However, the researchers also discovered that over 28 percent of the apps in their sample provided no privacy policies.

Google and Apple should examine privacy statements made by developers before their apps become available in the stores, the researchers said.

“Through a vetting process, mobile app marketplaces should ensure that a valid and meaningful privacy policy document is always provided, unlike the current situation, where we observed that the links to privacy policy pages accessible from Google Play were often broken or led to empty webpages,” they said.

Even when privacy policies were declared, the researchers found that around half of the apps were not compliant with what was stated. 

User data collection was also a concern.

A total of 15,838 health apps in Google’s Play store were analysed in detail, with their privacy practices compared to a random sample of over 8000 non-health programs.

The results of the investigation showed that almost nine out of ten health apps contained code that could potentially collect user data.

Of the apps investigated, automated testing found that 616 or 3.9 percent…

Source…

How to stop robocalls on iPhone, Android: These apps fight spammers

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Remember back in the day when your phone rang, and you would answer it? Robocallers have ruined that. Now we stare suspiciously at every call and send unknown numbers, even when it looks local, straight to voicemail. And for good reason!

So far, in 2021, scammers have made 22 billion calls nationwide. That’s roughly 67 calls to every man, woman, and child in America. Answering calls from an unknown number invites a scammer – and in many cases, actual criminals – into your life.

Here are the five most straightforward ways to block robocalls and eventually get them to – mostly, hopefully, fingers crossed – stop calling us for good. 

The FTC says  robocalling – which it defines as calls meant to sell your something without your express permission – is illegal, period. Full stop.

1. Don’t answer. Ever.

Never pick up a call you.suspect is spam. Every single time you engage, even a little, it paints a giant red target on your head and means you will get more calls, period.

Every time you engage with a scam caller, you’re encouraging a criminal industry to continue harassing us all.

I know it’s tempting to “try to mess around with the scammers.” I’ve heard from hundreds of people throughout the years who think they’ve found the exact right way to annoy the annoy-ers – and oh, isn’t that great fun? 

Source…

Fake Versions Of Popular Apps Used To Spread Malware On Android


According to Bitdefender, a cybersecurity company, fake versions of popular apps were used to spread malware on Android. Criminals actually spread most of their malware through sideloading.

As most of you know, Android allows you to sideload apps, you don’t have to install them via the Play Store. That is contrary to Apple, and one of Android’s biggest strengths, many would say. Well, it turns out that’s a weakness too, if you’re not careful.

Fake apps have been spreading malware, masking themselves as popular applications

The TeaBot and Flubot are the newest trojans, spotted early this year. Bitdefender spotted a batch of new malicious Android applications that impersonate real ones, and they’re usually doing that for rather popular apps.

The company found five such apps that were containing the TeaBot trojan, and at least one of them has been installed over 50 million times. Those apps use fake ad blocker apps to spread around malware.

Those apps will ask your permission to display over other apps, show notifications, and install apps outside of the Play Store. Once they do that, icons for such apps remain hidden from the app drawer.

TeaBot can do some serious damage, so be extra careful. It can “overlay attacks via Android Accessibility Services, intercept messages, perform various keylogging activities, steal Google Authentication codes, and even take full remote control of Android devices.”

On the flip side is Flubot. This malware is spread through SMS spam. Flubot steals banking, contact, SMS, and other types of private data from infected devices. It can send an SMS with content provided by the CnC.

Stick to the Google Play Store when installing apps, or be extra careful

Flubot usually imitates shipping apps like DHL Express Mobile, Fedex, and Correos. Bitdefender suggests that you stick to the Play Store when installing apps, in order to avoid such problems.

If you take a look at the image / table below, you’ll see a comparison between fake and real apps. Some of the examples include PlutoTV, Kaspersky Antivirus, and VLC.

TeaBot malware fake and real apps

Source…

Western Digital UFS 3.1 enables storage for new apps in mobile, automotive and IoT industries

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Western Digital announced its new embedded flash platform for Universal Flash Storage (UFS) 3.1 to enable new applications in mobile, automotive, IoT, AR/VR, drones and other emerging segments that are reshaping the way we live, work and play.

In an increasingly mobile world of always on, always connected and always available, Western Digital’s unique UFS 3.1 platform, based on the JEDEC-compliant UFS 3.1 specification, provides the speed, reliability and feature versatility that customers count on to build small, thin and lightweight solutions.

Leveraging its vertical integration capability to optimize NAND, firmware, controller design, software and drivers, Western Digital can efficiently design purpose-built solutions for a variety of markets including mobile, IoT, automotive, and more – all leveraging a common UFS 3.1 architecture. Setting a new benchmark, this new platform is expected to deliver up to 90% improvement in sequential write performance, compared to its previous generation.

This improvement will help realize 5G and Wi-Fi 6 download speed potential, delivering a better experience when consuming rich media files such as 8K video, as well as improved performance for applications such as burst mode photography.

“We are just scratching the surface today on what services, technologies and devices will be built around mobility, but one thing is clear, flash storage is central to their success,” said Huibert Verhoeven, senior vice president of Automotive, Mobile and Emerging, Flash Business, Western Digital. “With our new UFS 3.1 platform, we are opening up new opportunities that never could have existed before, and we are thrilled to continue our collaboration with our customers to help them design, differentiate and add value to their solutions.”

Western Digital has developed products based on this platform, starting with its new family for mobile and consumer applications, and is working with its hardware ecosystem partners to enable it on their upcoming solutions. The company expects to deliver products to market in 2H2021.

Source…