News

27 Oct 2014
by Carol Wong
Comments are closed
Flashlight Apps Shed Light on Privacy Issues

Flashlight Apps Shed Light on Privacy Issues

Almost everyone has a flashlight app installed on their smartphone. They are among the most practically useful apps to have, but a series of recent reports indicate that many flashlight apps have far greater nefarious capabilities. The FTC charged one developer last year with deceiving their customers and sending precise GPS location data and unique device identifiers to ad networks, even if the customers opted out of location tracking. Currently available flashlight apps may also be providing advertisers with detailed information about your physical whereabouts, web browsing history, and contacts.

In fact, SnoopWall reports that ten of the most popular flashlight applications have access to all of this information and more. […]

Read more about: Flashlight Apps Shed Light on Privacy Issues

16 Oct 2014
by Reggie Pierce
Comments are closed
Whisper Shows How App Privacy Concerns Can Damage Brands

Whisper Shows How App Privacy Concerns Can Damage Brands

For Whisper users, anonymity is paramount; millions of messages are posted on this public confessional every day, which the authors would not feel comfortable sharing anywhere else. But The Guardian has revealed that Whisper users aren’t quite as anonymous as they assumed.

As a Whisper user, it’s impossible to tell who has posted a message, and it’s impossible to tell if any two messages were posted by the same person. The Whisper staff, however, have a bit more information at their disposal. In addition to tracking all posts by the same user, Whisper tracks the date, time, and approximate location of each message, in some cases even if the user has turned off geolocation. […]

Read more about: Whisper Shows How App Privacy Concerns Can Damage Brands

13 Oct 2014
by David Jannetta
Comments are closed
Snapchat Blames Leak of ‘Private’ Photos on Third-Party Apps

Snapchat Blames Leak of ‘Private’ Photos on Third-Party Apps

The Wall Street Journal reports that Snapchat blamed unauthorized apps for recently intercepting and posting tens of thousands of photos shared privately on its service. The Journal notes that this incident “shines a light on the dangers of using unofficial third-party apps to share private messages and photos.”

We love apps at IP Lasso. And we’ve been highlighting the fact that using unofficial third party (i.e. counterfeit) apps for anything is dangerous. This Snapchat incident shows the damage counterfeit apps can do to a major brand.

We hate to see companies spend millions of dollars to build their brands, only to have them ripped off in the app marketplaces. […]

Read more about: Snapchat Blames Leak of ‘Private’ Photos on Third-Party Apps

28 Aug 2014
by Reggie Pierce
Comments are closed
Microsoft Starts Cleaning Messy App Stores

Microsoft Starts Cleaning Messy App Stores

In the wake of recent uproar over the vast numbers of confusingly similar and cloned apps in the Windows Store, Microsoft has released a statement regarding the steps they are taking to improve the situation.

The Windows Store app certification requirements have been modified to reduce the number of  misleading apps published, and these requirements will reportedly apply to the Windows Phone Store as well. IP Lasso has often seen egregious brand abuse and intellectual property infringement on the Windows Phone store, such as this collection of apps by so-called “Youtube” and this collection of apps from “WP8Apps2014,” which includes apps using Gmail, YouTube, BBC, and Facebook logos. […]

Read more about: Microsoft Starts Cleaning Messy App Stores

25 Aug 2014
by Reggie Pierce
Comments are closed
Personal Data Can Be Stolen From Trustworthy Apps

Personal Data Can Be Stolen From Trustworthy Apps

Seemingly innocuous apps could be stealing your personal information, including your Social Security Number, passwords, and credit card information. These apps aren’t getting this information directly from you, though. Instead, they are hijacking apps like Gmail and H&R Block, which you already trust with your sensitive information.

Researchers at the University of Michigan and the University of California, Riverside discovered the vulnerability, which affects Android, Windows, and iOS mobile operating systems. This new type of hack, called a user interface state interference attack, consists of a malware app that runs in the background of a user’s phone, unseen and undetected. […]

Read more about: Personal Data Can Be Stolen From Trustworthy Apps

18 Aug 2014
by David Jannetta
Comments are closed
The Windows Store Is Full Of Scams

The Windows Store Is Full Of Scams

Microsoft says they have “a world of apps in the Windows Store,” but is this a world you want to live in? How-To Geek points out that the Windows Store has been riddled with scammy apps and cheap lookalikes since its inception two years ago, and Microsoft hasn’t been doing much about it.

The unsavory apps are piling up, in some cases to a ridiculous level. Here are the search results for “iTunes” on the Windows Store. Most of the apps here use the iTunes logo, and some of them collect a fee as high as $8.99 before simply directing users to the appropriate place to download iTunes (from Apple, for free). […]

Read more about: The Windows Store Is Full Of Scams

11 Aug 2014
by Reggie Pierce
Comments are closed
Windows Phone Store Tops 300,000 Apps

Windows Phone Store Tops 300,000 Apps

The Windows Phone Store now contains over 300,000 apps, and its growth is accelerating. Microsoft published the new total on its by the Numbers page on Friday, and a Microsoft spokesperson confirmed the count to TNW.

The spokesperson added, “In the past year alone the Windows and Windows Phone app catalog has grown 94%, while the number of active developers has grown by 50%.”

The numbers do seem to be rising quickly for Microsoft, which had only 100,000 apps in its Windows Phone store in June 2012 and 200,000 in December 2013. […]

Read more about: Windows Phone Store Tops 300,000 Apps

02 Aug 2014
by Reggie Pierce
Comments are closed
Hackers Can Assume Remote Control of Smartphones

Hackers Can Assume Remote Control of Smartphones

Gaining access to the private data on your smartphone doesn’t always involve you downloading a malware app or, in fact, doing anything at all. Matthew Solnik, who works at security firm Accuvant Inc., claims he can take total control of a smartphone from 30 feet away. He can read emails, take photos or videos with the phone, or install apps.

With the help of a fake cell tower device that costs under $1000, Solnik says, “anything [hackers] choose to do, they can,” all without notifying the user or the cellular network provider.

Solnik will present his research at this week’s Black Hat security conference in Las Vegas, and he will not be alone in presenting mobile security attacks. […]

Read more about: Hackers Can Assume Remote Control of Smartphones

29 Jul 2014
by Reggie Pierce
Comments are closed
Android Fake ID Bug Leaves Millions at Risk for Banking Data Theft, Malware Infection, and More

Android Fake ID Bug Leaves Millions at Risk for Banking Data Theft, Malware Infection, and More

Millions of people are vulnerable to malware attacks on their Android devices that could potentially access sensitive information such as banking data, according to a report published this morning by mobile security research firm Bluebox Labs, which has named this threat “Fake ID.”

Every Android app has its own identity certificate, which is passed down from the developer who created it. However, Bluebox Labs has discovered a bug in the Android operating system that allows rogue developers to copy these identities and gain undue privileges for their malware apps.

Bluebox says this can result in a variety of consequences, including “insert[ing] a Trojan horse into an application by impersonating Adobe Systems; gain[ing] access to NFC financial and payment data by impersonating Google Wallet; or tak[ing] full management control of the entire device by impersonating 3LM.”

Using the Fake ID vulnerability, hackers can create an app that impersonates multiple identities at once, meaning users could be hit with all of the attacks listed above, and more, after downloading a single malicious app. […]

Read more about: Android Fake ID Bug Leaves Millions at Risk for Banking Data Theft, Malware Infection, and More

24 Jul 2014
by Reggie Pierce
Comments are closed
China Requires App Developers to Register with Real Names

China Requires App Developers to Register with Real Names

Since more Chinese citizens browse the web on mobile devices than PCs, the authorities are looking to improve the integrity of app stores by cracking down on apps that serve viruses and pornographic content, which are both illegal in China.

On Wednesday, the Ministry of Industry and Information Technology (MIIT) announced that in order to publish mobile apps, developers will be required to register with their real names.

Developers who break the rules will be placed in a blacklist database so app stores can prevent the publication of any further content from those individuals. […]

Read more about: China Requires App Developers to Register with Real Names

IP Lasso © 2019  - Privacy  - Terms