SiliconFilter

Mobile Security Takes a Front Row Seat at MWC

/

Not too long ago, nobody really worried too much about mobile security. The worst thing that could really happen to your data on your phone, most people thought, was that you would lose the physical device and somebody could make calls or browse your address book. Today, however, with the proliferation of mobile malware that can do anything from downloading your contacts list to a remote server to sending you pricey premium SMS messages, as well as a general trend toward letting employees use a mobile phone of their own choosing, the issue of mobile security have become far more pressing. This trend was clearly on display at the Mobile World Congress in Barcelona this week, where numerous well-known security firms and even more startups showed off their latest products.

Security and Android

Most of these security products today focus on Android. To some degree, Google's mobile operating system provides the perfect breeding ground for malware, as its open nature allows users to install apps from numerous sources and stores besides Google's official app store. It's far easier then for a malware developer to create an app that exploits flaws in Android's security and get it into circulation than it would be for somebody who wants to create iPhone or iPad malware. Apple, after all, only lets users download from one store and exercises complete control over it.

Kindsight security demo

Earlier this week, I had a chance to talk to Brendan Ziolo, the VP of marketing at Kindsight. The Alcatel-Lucent spin-off provides desktop and mobile security products, but here in Barcelona, the company focused on its newly released mobile security tools for Android.

While there are now numerous Android security tools available, Kindsight takes a somewhat different approach than most of its competitors, as it also works directly with mobile carriers to provide both software to end-users that can scan a phone for known malware as well as detection software that runs on the carrier's servers. The company is working with a number of mobile operators to bring its tools to their users and there is a good chance that you will find its software on your phone at some point in the future. Given the nature of these deals, though, you may never know that it's Kindsight that is running in the background (the carriers are more likely to give it their own name).

What Hackers Can do With Your Compromised Phone

Ziolo showed me a demo of a malware app the company developed for Android. Just by installing a malware-infested clone of Angry Birds, a hacker could – within seconds of starting the app – start spamming your friends with SMS messages, download your address book, locate you and even get access to your phone's camera and see a live stream from it without you ever noticing it.

With the company's software running, of course, users quickly get an alert about what is happening and can then uninstall the application. The scan on the phone itself is similar to a standard anti-virus or malware scan you would run on your desktop. At the same time, the company's software on your carrier's servers also keeps an eye out for suspicious traffic and can even detect some malware it has never seen before.

While there has been some discussion over how widespread the Android malware problem really is today, most reports indicate that it's growing quite rapidly. As Kindsight's Ziolo also rightly pointed out, unlike the early days of desktop malware, hackers can now rely on an established infrastructure for selling personal information and other data, making the whole business even more attractive and lucrative for these criminals.



8:31 am


Google+ Finally Launches Brand Pages – Now Open For All (Updated)

/

Ever since the launch of Google+, businesses have been wondering when they could finally open up their own outposts on Google+. After a long delay, Google finally pulled back the curtains from its product for brands today. These new so-called Google+ Pages look pretty much exactly like regular Google+ profiles, but with a ‘page’ icon next to the page’s name, a +1 button and the ability to share a page with your friends. While Google isn’t ready to just let any brand onto the service yet, it is launching a number of pages with well-known brands like H&M, Toyota and Pepsi.

While you can’t create a brand page yourself yet, Google notes that it wants local businesses, brands, products, companies, arts and entertainment organizations and sports teams to set up their own pages on the service.

Update (1:15pm PT): Google just announced that the rollout is now complete and that anybody who wants to can now sign up for a Google+ Page. 

What Took Them So Long?

The Google+ Pages themselves aren’t really that exciting. Indeed, looking at them now really makes you wonder why it took Google so long to release this feature. The Google+ team regularly noted that it wanted to get this feature right and hence wasn’t ready to release it yet. I gather designing a ‘page’ icon and putting a +1 on a page doesn’t quite account for the long delay.

The only major difference between regular profile pages and Google+ pages is that they feature a cumulative +1 count that adds up all the +1s on a given site.

Direct Connect: More Interesting than the Pages it Powers

More interesting than the pages themselves, then, is the second new feature Google announced today: Direct Connect from Google search. The idea here is that you can now search for [+], followed by a page and Google will immediately take you to that brand’s page. This doesn’t work when searching for regular people, but it does work for Angry Birds.

According to Google, a page’s eligibility for being included in the Direct Connect program “is determined algorithmically, based on certain signals we use to help understand your page’s relevancy and popularity.” Publishers should also ensure that their content is linked to their Google+ pages.

Enhanced by Zemanta


6:29 pm