Tag Archive for: Invasive

I’m a security expert – delete ‘invasive’ apps silently spying on your iPhone and Android using my settings trick

/in


CYBERSECURITY experts have warned about invasive apps that can infiltrate your phone and steal your data.

Malicious invasive apps can easily compromise both Android and iOS devices.

Cybersecurity experts have warned about invasive appsCredit: Getty

WHAT ARE INVASIVE APPS?

Invasive apps are software that use a phone’s permission settings to spy on its user by accessing the phone’s camera, microphone, and more.

What’s more, these apps look like legitimate apps, “yet they have an ulterior motive,” security software company McAfee said in a blog post.

They are similar to spyware, except that spyware is malware that enables a hacker to obtain information about another’s computer activities.

“Both invasive apps and mobile spyware snoop on you and your phone, yet invasive apps work differently than mobile spyware. Invasive apps use a phone’s built-in functionality to spy and gather information on you,” McAfee explained.

A telltale sign of an invasive app is when the app asks for permissions it doesn’t need.

For example, if a flashlight app wants access to your microphone, that’s probably a red flag.

“The tricky bit with invasive apps is that many people quickly click through the user agreements and permission screens when they get a new app,” McAfee said.

HOW TO STAY SAFE

There are a number of ways to protect your device from invasive apps.

For starters, check your mobile device’s permission settings and manage anything that looks fishy.

For iPhone, go to Settings > Privacy & Security, then tap Safety Check > sift through apps’ permissions.

On your Android device, open Settings > select apps > tap the app you want to change > tap Permissions.

You can also run an antivirus or antimalware software on your device to run a security check.

Along with enabling security software, keeping your phone’s operating system up to date can help keep it protected.

You should also avoid downloading any suspicious-looking apps – especially if they’re only available outside of your device’s official app store.

Source…

Invasive computer warrants used six times in first year – Security

/in


The two Australian law enforcement agencies which last year won the right to take over computers obtained six warrants in the first year of the law’s operation.

Enacted last August, the controversial Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 gave the Australian Federal Police and Australian Criminal Intelligence Commission three new kinds of warrants: the account takeover warrant, the data disruption warrant, and the network activity warrant.

Official reporting shows that two of each warrant type were issued in 2021-2022. 

On Wednesday, the Attorney-General tabled the department’s Surveillance Devices Act 2004 annual report for the period 2021-2022. 

The report stated that the AFP applied for, and received, two data disruption warrants in 2021-2022; while the ACIC and AFP each applied for and received one network activity warrant.

The account takeover warrant is reported by individual agencies. According to their annual reports, the AFP was issued two such warrants in 2021-2022, while the ACIC did not apply for any.

The Attorney-General report said that the older computer access warrants – which allow law enforcement to search computers for information relating to an offence – are much more common, with 18 such warrants requested in 2021-2022 (down five from 2020-2021).

Four computer access warrants were granted to the ACIC, 12 to the AFP, and two to the Law Enforcement Conduct Commission.

By far the most popular surveillance warrant remains some kind of surveillance device, whether audio, data, video, tracking, or a combination of capabilities.

A total of 789 surveillance device warrants were issued in 2021-2022, mostly to the AFP which received 695.

Source…

The 10 most invasive sites on the internet

/in


We all know that our online browsing habits are being tracked. Unless you take steps to prevent it, most websites see where you come from, what you are searching for and what you like. Tap or click here for 8 hidden maps and trackers you need to switch off.

All this data is valuable to sites and services, as they use it to serve targeted advertising. Ever searched for something on Amazon and then seen an ad for a similar product on Facebook? That is targeted advertising at work.

Thankfully, not all websites treat you as a treasure trove of information. You might be pleasantly surprised to find out which sites have the least amount of trackers. But on the other end of the spectrum, the biggest culprits shamefully stuff their sites with hundreds of trackers.

Here’s the backstory

There are plenty of ways for a website to track you. Some might be subtle, like an invisible pixel or cookies, while others access your device’s GPS to locate you on the globe. But who are the biggest offenders? 

VPN provider SurfShark launched an investigation to find out, and some of the results are somewhat surprising. Its findings revealed that some of the most commonly-used websites hide up to 100 trackers, all designed to collect as much information on you as possible.

SurfShark analyzed a typical browsing session over the course of a weekend and noted which trackers were activated, who the trackers belonged to and where the information goes once collected.  

Here’s the good news. Websites with the least amount of trackers:

  • Wikipedia (3)
  • TikTok (3)
  • Instagram (4)
  • XVIDEOS (4)
  • Netflix (5)
  • Bandcamp (5)
  • FB Messenger (5)
  • XNXX (6)
  • National Parks Service (6)
  • GameForge (7)

SurfShark explained: “Wikipedia’s privacy summary notes that ‘that some of these [tracking] technologies do not have the best reputation in town and can be used for less-than-noble purposes’ – and that the company uses automatically-received data to ‘administer the sites, provide greater security, and fight vandalism’.”

The most invasive sites

SurfShark found 143…

Source…

Boffins propose Pretty Good Phone Privacy to end pretty invasive location data harvesting by telcos • The Register

/in


Computer science boffins have devised a way to prevent the location of mobile phone users from being snarfed and sold to marketers, though the technique won’t affect targeted nation-state surveillance.

“We solve something that had previously been thought impossible – achieving location privacy in mobile networks,” said Paul Schmitt, an associate research scholar at the Center for Information Technology Policy (CITP) at Princeton University, told The Register.

In “Pretty Good Phone Privacy,” [PDF] a paper scheduled to be presented on Thursday at the Usenix Security Symposium, Schmitt and Barath Raghavan, assistant professor of computer science at the University of Southern California, describe a way to re-engineer the mobile network software stack so that it doesn’t betray the location of mobile network customers.

“It’s always been thought that since cell towers need to talk to phones then all users have to accept the status quo in which mobile operators track our every movement and sell the data to data brokers (as has been extensively reported),” said Schmitt. “We show how it’s possible to protect users’ mobile privacy while at the same time providing normal connectivity, and to do so without changing any of the hardware in mobile networks.”

In recent years, mobile carriers have been routinely selling and leaking location data, to the detriment of customer privacy. Efforts to alter the status quo have been hampered by an uneven regulatory landscape, the resistance of data brokers that profit from the status quo, and the assumption that cellular network architecture requires knowing where customers are located.

But thanks to evolving networking technology, which has shifted many core cellular functions from hardware to software, it’s now possible to redesign mobile networks to limit the availability of location data.

The SUPI…

Source…