Tag: Android

Android Menace – MALICIOUS APPS

Android Menace – MALICIOUS APPS:

In June 2012, the number of Android malware threats increased to a whopping 25,000 samples. More specifically, 5,000 new malicious Android apps were found in Q1 2012 while 15,000 were found so far in Q2 2012. Put another way, in all of Q1 2012, the number jumped by 5,000, while just one month in Q2 2012 was responsible for another 10,000.

The data come from Trend Micro, which originally predicted the number would hit 11,000 by this time of the year. It turns out the company has found closer to 25,000 Android malware samples in the wild, so far.

 Various tactics cyber criminals use to trick users into downloading malicious apps. Official Android app storeGoogle Play became host to infected apps. Fake versions of Skype, Instagram, Angry Birds Space, Farm Frenzy, and other legitimate apps were used to send messages to premium numbers at the users’ cost. Users’ curious nature was monetized by spying apps like Spy Tool and Spy Phone Pro+. The particularly sophisticated BotPanda strain opens rooted devices for remote access while hiding its routines

The security firm Trend Micro elaborated a bit on the top malware types and released a corresponding infographic:

The last statistic mentioned above is that one in five Android devices has a security app installed.

source: Trend Micro, ZDnet

Mobile Security: 10 Simple Things You Can Do

Mobile Security: 10 Simple Things You Can Do:

BYOD (Bring-Your-Own-Device) concept is a popular trend in recent times. As per surveys just 23 percent of enterprise employees are using company sanctioned mobile devices, remaining 77 percent of employees using their own devices.

Mobile devices are more prone to malware attacks compared to earlier. Either you are using your personal mobile device or company sanctioned mobile device at work, you should be aware of latest security threats.

To understand the threat better, it’s important to review the stats found in recent study of IT Professionals:

  1. 51% organizations had experienced data loss, 59% organizations experienced an increase in malware infections as a result of insecure mobile devices in the workplace.
  2. Found 59% employees circumvent or disengage mobile security features, such as passwords and key locks, on corporate and personal mobile devices.

A single successful mobile attack can open the door to possible identity theft or worse, results in financial loss to either you or your organization.

Most of the mobile devices vulnerable because of the apps, users use to download from the internet.

In case of iPhone Apple strictly controls and inspects its App store which apps are approved for listing, but it’s not clear exactly what security measures they are checking for.

Android is more open with more distribution channels including third-party market places. Security researchers startled to find that Android malware (malicious apps) grew 3,325 percent in 2011 alone.

 App store have been very quick to remove malware once discovered, but that is typically after the damage is done.

 F-Secure has found that between Q1 2011 and Q1 2012, the number of Android malware families has increased from 10 to 37, and the number of malicious Android APKs has increased from 139 to 3,069.

For full F-Secure mobile threat PDF report, check the below link:

http://www.f-secure.com/weblog/archives/MobileThreatReport_Q1_2012.pdf

It’s time to start protecting our smartphones just like we all learned a decade ago to protect our laptops and PCs from online threats and to think seriously after looking at the sobering facts on rising mobile attacks.

10 Ways to Secure Your Mobile Gadget:

1.    Use Password protected access controls:

All mobile devices come with the ability to set a lock requiring a passcode or pattern for access. Some mobile users don’t employ even this basic safety feature! It may take you a couple extra seconds to unlock your smartphone before using it, but it could take a thief a very long time to figure out your PIN.

PINs aren’t the only locking mechanisms in use.

 Grid-based pattern locks work fine, but they leave smudge marks on the touchscreen that may be easier to guess than passwords.

 Some devices are rolling out facial recognition as an access mechanism, but this technology isn’t perfected yet so it’s not recommended.

 2.  Control Wireless Network & Service Connectivity:

 Turn Wi-Fi off completely and turn it on only when you need it, which will also save your battery power.

 It’s safest to set your phone to automatically connect only to your trusted networks, and to ask you before connecting to any other network it finds. The general rule is to limit your phone’s automatic connection capabilities to just the networks that you know.

 Select Bluetooth connectivity option also manual.

3.    Control Application Access & Permissions:

 Many of the apps store sensitive data that must be protected.

 Most of the apps require a network connection to operate. They may store data in the cloud, constantly track your location, or push updates to your smartphone. Get to know the permission settings of each app or service and what data or systems they access. You may be permitting services to access your phone without prior approval, or your apps may be pushing alerts and updates when you aren’t specifically requesting them. You can restrict all notifications at once by looking under your device’s settings.

 Turn off location based services entirely as well, so your phone isn’t constantly broadcasting your GPS location, no matter which apps request it.

4.  Keep Your OS & Firmware Current:

 Your device has an operating system that runs all of its apps and services, as well as firmware which runs the device hardware itself. It’s definitely important that you routinely accept the major updates from Apple, Google, or whoever the manufacturer is.

 Criminals are innovative; their attacks are at an alarming rate, with growing sophistication. Connect often and download security patches and other minor updates that are released to block the latest exploits. Most of these updates will be free of charge. No manufacturer wants a major attack to cripple its users, so they have a vested interest in helping you stay up-to-date.

 Android users currently using outdated firmware and OS versions that can’t be updated due to hardware incompatibility. Upgrade your device every couple years, if and when promotions are offered by your carrier.

5. Back Up Your Data:

 Small and compact, mobile devices are easy to lose or steal. Take time to backup your data, it is useful in case your phone lost, stolen or corrupted. Take data backup daily, weekly or monthly depends on your mobile usage.

6. Wipe Data Automatically if Lost or Stolen:

 Enroll your phone in a “find my phone” service. It will help you to locate your device when it is lost or stolen. These services typically have the ability to wipe your phone data remotely.

On some devices you can add extra protection such as a total device reset if the PIN is guessed incorrectly a certain number of attempts.

7. Never Store Personal Financial Data on Your Device:

 As a behavior that all mobile users should adopt, this one is pretty straightforward. Never store personally identifiable information such as such as Social Security Numbers, credit card numbers, or checking account numbers on your smartphone, especially in text messages.

8.  Beware of Free Apps:

 The problem is, more and more free and innocent apps are trying to make money from their offerings, so sometimes they track your personal information with limited disclosure or authorization, then sell your profile to advertising companies. The app developers in question may not even be aware of their privacy violations – leaking your location, gender, age and other personal data to embedded mobile ad networks while in the pursuit of revenue. Free apps are just wrappers for malware, unfortunately.

9.  Try Mobile Antivirus Software or Scanning Tools:

 The well-known PC antivirus vendors are now offering similar services to mobile users that scan and protect your smartphone just as they did your desktop.

 Some even offer additional mobile security services such as download protection, SMS/call-screening services, parental controls, and anti-phishing features.

10. Use MDM Software:

Mobile Device Management or MDM is being increasingly employed by IT departments to secure, manage and support all mobile devices that are authorized to access enterprise networks. These services control and protect sensitive and confidential business data by distributing mobile application.

 The goal of MDM is to optimize the functionality and security of your mobile computing experience, not to impede the way you like to work.

 If your organization doesn’t offer MDM, there are other options like SIM card locks and credential storage functions protect the phone by requiring a passcode to use network dependent services, and operate similar to screen/key access PINs. SIM locks prevent anyone from making unauthorized calls with your smartphone, or from removing your SIM and using it in another phone.

source: veracode,f-secure

Phone-in-a-Phone

Phone-in-a-Phone : 

VMware Horizon Mobile solution basically enables a user to run a “phone-in-a-phone,” meaning run both work and personal mobile environments separately on the same device. With VMware Horizon Mobile users would be able to have two phone numbers and data accounts on the same smartphone.

Note: We are not talking about dual sim phones.

Think of it like a partition on a computer hard drive, but in terms of virtualization with far less dedicated space for the work phone, and it’s much easier to toggle between the two user interfaces.

The work environment is entirely encrypted and tied to the requirements of the respective enterprise providing the phone number (and possibly the smartphone), but the personal side is unaffected and can download as well as use any apps.

If the phone is lost or the employee leaves, the company data on the phone can be remotely wiped. The work phone can also be switched off leaving the personal phone still connected.

The trend is powered not only by the growth in mobile devices but also by cloud computing, with companies able to buy ready-to-go virtual desktops.

Running a phone within a phone raises some questions about the impact on processing speed, power management, memory and the like. But VM and the host phone should work well with any ARM processor typically used on mobile devices. There could be an application performance penalty because an Android OS is running inside another Android OS, but that “will be pretty minor, with ‘minor’ being less than 10 percent.”

As seen in the screenshots below, the personal phone is truly the main screen with an icon to the “work phone.” One click on that icon takes you to the VMware UI, shown in the second screenshot. The work side takes up less than 1GB of space, and it also allows pre-approved apps (i.e. Salesforce, etc.) from a corporate app store so the users don’t have to worry about more expenses and the configuration.

Screen shot 1
Screen shot 2

Management of that store as well as the devices can be controlled by IT departments (alleviating some of those bring-your-own-device security worries) in the platform seen below.

What is VMware MVP? 

VMware MVP (VMware Mobile Virtualization Platform)is a thin layer of software that will be embedded on a mobile phone that decouples the applications and data from the underlying hardware. It will be optimized to run efficiently on low-power-consuming and memory-constrained mobile phones. The MVP is planned to enable handset vendors to bring phones to market faster and make them easier to manage. 

Benefits to Handset Manufacturers:

  • Accelerated time to market:

Today handset vendors spend significant time and effort in getting new phones to market due to the use of multiple chipsets, operating systems and device drivers across their product families. The same software stack does not work across all the phones, and therefore, must be ported separately for each platform. This process is slow and expensive and ultimately slows time to market. VMware MVP will virtualize the hardware, enabling handset vendors to develop a software stack with an operating system and a set of applications that is not tied to the underlying hardware. This will enable the vendors to deploy the same software stack on a wide variety of phones without worrying about the underlying hardware differences. At the same time, by isolating the device drivers from the operating system, handset vendors can further reduce porting costs because they can now use the same drivers irrespective of the operating system deployed on the phone.

Increasingly, handset vendors and carriers are looking to migrate from proprietary operating systems to rich, open operating systems to enable their customers to access the widest selection of applications. With this transition to open operating systems, protection of trusted services such as digital rights management, authentication, billing, etc. is becoming an increasing concern. VMware MVP will allow vendors to isolate these important trusted services from the open operating system and run them in isolated and tamper-proof virtual machines so that even if the open environment is compromised, the trusted services are not impacted.

Benefits to Businesses and End Users:

  • Multiple Profiles:

Companies are under increasing pressure from employees to support employee-owned mobile devices (BYOD). Choice, however, brings with it complexity in managing a wide variety of devices in terms of both cost and security. It also brings increased risk in securing and managing employee-owned devices, especially if they contain confidential information. VMware MVP will allow IT organizations to deploy a corporate phone personality that can run alongside the employee’s personal phone on the same physical device.

  • Persona on the Go: 

Smart phones are quickly becoming a combination of a PC and a wallet rolled into one package. A person’s phone persona – an individuals’ collection of applications, pictures, videos, music, emails, bank info, credit card information, PIM, etc. – is becoming much richer and more valuable. Consequently, the ability to protect and migrate personas will become an important purchasing decision. VMware MVP will save the persona as a set of files so that all the applications and data on the phone can be managed as a collection of files. People can then easily move their persona to a new device making the upgrade to a new phone virtually painless.

The Mobile Virtualization Platform (MVP) hypervisor allows users to run multiple operating system instances on top of a phone’s physical platform. That means employees can manage a personal and work phone on one device, simplifying life for IT administrators.

  Understanding and using VMware MVP

The Mobile Virtualization Platform essentially creates two usable phones on the same physical device by installing a guest OS in a virtual machine (VM). Because VMware MVP is a hosted hypervisor, you can have two OSes running on the device, resulting in a work environment that is isolated from a user’s personal applications and data. Currently, VMware MVP works only on Android devices. If VMware gets MVP into the Android kernel, you could theoretically run even more than two OSes on the same mobile device.

VMware MVP extends an enterprise’s “bring your own device” (BYOD) initiative beyond laptops and tablets to phones. With it, an employer can centrally manage an OS image and isolate corporate applications such as email from apps that users download for personal use, which have the potential to corrupt corporate data.

Running VMware MVP makes subtle changes to the Android OS interface. When you look at the Android phone’s notification bar, you’ll see events for two mobile virtualization partitions – both the work and personal data. These appear in different colours to differentiate between the events that occur in each partition. When you respond to a notification, the Mobile Virtualization Platform hypervisor intelligently switches the phone to the appropriate partition and application.

The VMware MVP work partition is managed by VMware’s Horizon Mobile Manager, which is currently only offered by Verizon for use by business customers. By using Horizon Mobile, IT departments can provision, manage and cut off mobile devices over a cellular signal. The software also allows managers to push applications to the device and set policies for the corporate profile. That means it’s no longer a huge problem if you lose your mobile device, as the business can easily retrieve corporate data.

Horizon also allows direct access to Windows applications and Software as a Service tools. Employees can access a catalogue of corporate-approved applications, which load directly onto the phone’s work profile.

There has been substantial manufacturer support for VMware MVP. LG and Samsung both build phones containing VMware’s mobile hypervisor. One of the biggest benefits of developing phones with the Mobile Virtualization Platform is that it makes the devices more attractive to the corporate sector. Still manufacturers will be competing against RIM’s popular BlackBerry mobile devices, which feature a secure enterprise server connection and are very popular in the enterprise.

For a closer look at VMware’s mobile initiatives, check out the promo video about VMware’s partnership with LG below:

VMware MVP challenges

As with most new technologies, there are some challenges facing VMware’s Mobile Virtualization Platform and Horizon Mobile. Here are three major concerns about VMware MVP that have been voiced in the IT community:

Battery life and performance

Battery life, as with any smartphone, is always a concern. You are potentially running two full instances of the Android OS to support the VMware MVP environment. Couple that with applications running on separate virtual slices and there are serious concerns as to how long a battery will last. Although the hypervisor itself may be very thin, active users operating multiple apps and running on a 4G network should be prepared for some decreased performance and shortened battery life.

What about the iPhone? 

At this time, VMware MVP only supports Android devices. To see truly widespread adoption of MVP, VMware will have to get access to Apple’s portion of the smartphone market. But if VMware is developing an Apple iOS implementation, they are probably already aware of Apple’s notorious ability to lock down its OSes. If VMware wants to run the Mobile Virtualization Platform and Horizon Mobile on iPhones, they may need a different strategy with Apple products.

Android development fragmentation

It’s well known that Google depends on carriers and phone makers to test, deploy and update users on any OS changes that may occur. So there is sometimes a significant time gap between Google’s updates and when the carriers or manufacturers actually deploy the update.

This places VMware in an awkward situation with its Mobile Virtualization Platform. VMware doesn’t have control over Google’s development cycle and won’t know when it needs to push VMware MVP updates to the end user. That means there may be instances when Android phones receive updates and their secondary OS no longer functions. VMware will need to work with Google, the phone manufacturer and the carrier to make sure its mobile virtualization hypervisor is always supported and updated.

Source: zdnet, vmware,searchvmware.techtarget