...from:
http://www.cbc.ca/news/technology/story/2011/08/08/technology-smartphone-se…
Smartphone malware infections soaring
The Associated Press Posted: Aug 8, 2011 9:04 AM ET Last Updated: Aug 8, 2011 9:04 AM ET Read 144comments144
The German government warned Apple about the urgency of the threat posed by a security hole in Apple Inc.'s iPhones discovered a month ago. (Reuters)
Security experts say attacks on smartphones are growing fast — and attackers are becoming smarter about developing new techniques.
"We're in the experimental stage of mobile malware where the bad guys are starting to develop their business models," said Kevin Mahaffey, co-founder of Lookout Inc., a San Francisco-based maker of mobile security software.
Wrong-doers have infected PCs with malicious software, or malware, for decades. Now, they are fast moving to smartphones as the devices become a vital part of everyday life.
Last week, security researchers uncovered yet another strain of malicious software aimed at smartphones that run Google's popular Android operating system. The application not only logs details about incoming and outgoing phone calls, it also records those calls. That came a month after researchers discovered a security hole in Apple Inc.'s iPhones, which prompted the German government to warn Apple about the urgency of the threat.
Some 38 per cent of American adults now own an iPhone, BlackBerry or other mobile phone that runs the Android, Windows or WebOS operating systems, according to data from Nielsen. That's up from just six per cent who owned a smartphone in 2007 when the iPhone was released and catalyzed the industry. The smartphone's usefulness, allowing people to organize their digital lives with one device, is also its allure to criminals.
All at once, smartphones have become wallets, email lockboxes, photo albums and Rolodexes. And because owners are directly billed for services bought with smartphones, they open up new angles for financial attacks. The worst programs cause a phone to rack up unwanted service charges, record calls, intercept text messages and even dump emails, photos and other private content directly onto criminals' servers.
Evidence of this hacker invasion is starting to emerge.
Lookout says it now detects thousands of attempted infections each day on mobile phones running its security software. In January, there were just a few hundred detections a day. The number of detections is nearly doubling every few months. As many as one million people were hit by mobile malware in the first half of 2011.
Google Inc. has removed about 100 malicious applications from its Android Market app store. One particularly harmful app was downloaded more than 260,000 times before it was removed. Android is the world's most popular smartphone operating software with more than 135 million users worldwide.
Symantec Corp., the world's biggest security software maker, is also seeing a jump. Last year, the company identified just five examples of malware unique to Android. So far this year, it's seen 19. Of course, that number pales compared with the hundreds of thousands of new strains targeting PCs every year, but experts say it's only a matter of time before criminals catch up.
"Bad guys go where the money is," said Charlie Miller, principal research consultant with the Accuvant Inc. security firm, and a prominent hacker of mobile devices. "As more and more people use phones and keep data on phones, and PCs aren't as relevant, the bad guys are going to follow that. The bad guys are smart. They know when it makes sense to switch."
When it comes to security, smartphones share a problem with PCs: Infections are typically the responsibility of the user to fix, if the problem is discovered at all.
The emergence in early July of a previously unknown security hole in Apple Inc.'s iPhones and iPads cast a spotlight on mobile security. Users downloaded a program that allowed them to run unauthorized programs on their devices. But the program could also be used to help criminals co-opt iPhones. Apple has since issued a fix.
It was the second time this year that the iPhone's security was called into question. In April the company changed its handling of location data after a privacy outcry that landed an executive in front of Congress. Researchers had discovered that iPhones stored the data for a year or more in unencrypted form, making them vulnerable to hacking. Apple CEO Steve Jobs emerged from medical leave to personally address the issue.
The iPhone gets outsize attention because it basically invented the consumer smartphone industry when it was introduced in 2007.
But Apple doesn't license its software to other phone manufacturers. Google gives Android to phone makers for free. So, Android phones are growing faster. As a result, Google's Android Market is a crucial pathway for hacking attacks. The app store is a lightly curated online bazaar for applications that, unlike Apple's App Store, doesn't require that developers submit their programs for pre-approval.
Android malware strains skyrocket
Lookout says it has seen more unique strains of Android malware in the past month than it did in all of last year. One strain seen earlier this year, called DroidDream, was downloaded more than 260,000 times before Google removed it, though additional variants keep appearing.
Lookout says about 100 apps have been removed from the Android Market so far, a figure Google didn't dispute.
Malicious applications often masquerade as legitimate ones, such as games, calculators or pornographic photos and videos. They can appear in advertising links inside other applications. Their moneymaking schemes include new approaches that are impossible on PCs.
One recent malicious app secretly subscribed victims up to a service that sends quizzes via text message. The pay service was charged to the victims' phone bills, which is presumably how the criminals got paid. They may have created the service or been hired by the creator to sign people up. Since malware can intercept text messages, it's likely the victims never saw the messages — just the charges.
A different piece of malware logs a person's incoming text messages and replies to them with spam and malicious links. Most mobile malware, however, keep their intentions hidden. Some apps set up a connection between the phone and a server under a criminal's control, which is used to send instructions.
Google points out that Android security features are designed to limit the interaction between applications and a user's data, and developers can be blocked. Users also are guilty of blithely click through warnings about what personal information an application will access.
iPhone malware rare
Malicious programs for the iPhone have been rare. In large part, that's because Apple requires that it examine each application before it goes online. Still, the recent security incidents underline the threat even to the most seemingly secure devices.
A pair of computer worms targeting the iPhone appeared in 2009. Both affected only iPhones that were modified, or "jailbroken," to run unauthorized programs.
And Apple has dealt with legitimate applications that overreached and collected more personal data than they should have, which led to the Cupertino, Calif.-based company demanding changes.
"Apple takes security very seriously," spokeswoman Natalie Kerris said in July. "We have a very thorough approval process and review every app. We also check the identities of every developer and if we ever find anything malicious, the developer will be removed from the iPhone Developer Program and their apps can be removed from the App Store."
Phishing works well on mobile users
A criminal doesn't even need to tailor his attacks to a mobile phone. Standard email-based "phishing" attacks — tricking people into visiting sites that look legitimate — work well on mobile users. In fact, mobile users can be more susceptible to phishing attacks than PC users.
The small screens make it hard to see the full internet address of a site you're visiting, and websites and mobile applications working in tandem train users to perform the risky behaviour of entering passwords after following links, new research from the University of California at Berkeley has found.
The study found that the links within applications could be convincingly imitated, according to the authors, Adrienne Porter Felt, a Ph.D. student, and David Wagner, a computer science professor.
They found that "attackers can spoof legitimate applications with high accuracy, suggesting that the risk of phishing attacks on mobile platforms is greater than has previously been appreciated."
A separate study released earlier this year by Trusteer, a Boston-based software and services firm focused on banking security, found that mobile users who visit phishing sites are three times more likely to submit their usernames and passwords than desktop PC users.
Mobile users are "always on" and respond to emails faster, in the first few hours before phishing sites are taken down, and email formats make it hard to tell who's sending a message, Trusteer found.
Still, mobile users have an inherent advantage over PC users: Mobile software is being written with the benefit of decades of perspective on the flaws that have made PCs insecure. But smartphone demand is exploding, with market research firm IDC predicting that some 472 million smartphones will be shipped this year, compared with 362 million PCs. As a result, the design deterrents aren't likely to be enough to keep crooks away from the trough.
"It's going to be a problem," Miller said. "Everywhere people have gone, bad guys have followed."
...from:
http://www.zdnet.com/blog/igeneration/university-of-wisconsin-hacked-75000-…
University of Wisconsin hacked: 75,000 social security numbers, student names exposed
By Zack Whittaker | August 11, 2011, 5:06am PDT
Summary: The University of Wisconsin is investigating a breach which may have exposed 75,000 social security numbers of students and staff.
The University of Wisconsin’s Milwaukee campus has been subject to a malware attack, which has exposed names and social security numbers of students — past and present — and staff alike.
Malware was discovered on a database server, which contained 75,000 social security numbers, and was shut down immediately after the malware was found.
While law enforcement and school investigators have yet to find evidence that data was stolen, the university sent out a letter to those who may have been affected by the breach.
In a statement, the vice-chancellor — the university boss — believes that the motive was theft of research project data; data and research programmes the university itself excels in. Staff found back-door malware, which can scan and view documents on a server, which is used by many of the university’s departments to store crucial research.
One of the concerns is that the malware could have had access to other servers, indicating the likelihood of a wider hack.
The malware is thought to have been installed on May 25th, and local and federal law enforcement were called in to investigate. On June 30th, however, it was discovered that the database containing social security numbers was compromised, also.
University officials, via a notice on their website, warn students to monitor their financial informationand credit card statements to be on the safe side.
This news comes only days after it was discovered that users’ data, including social security numbers — predictable in nature — can be taken from sites like Facebook and other publicly government sites.
While data in this case may not have been downloaded — only exposed to hackers by malware — it once again calls questions on the data that universities have on its students.
It is, however, another reminder to users of Facebook and other social networking sites not to make birthday and date of birth data available on the web. While though it may be benign on in singular form, hacks like these, which include your full name, make you even more vulnerable to identity theft and bank account hacks more likely.
...from:
http://fosspatents.blogspot.com/2011/08/oracle-and-google-keep-wrangling-ov…
AUG 6, 2011
Oracle and Google keep wrangling over potentially impactful Lindholm draft email
Florian Mueller
[...]
Around midnight Friday/Saturday, several new documents related to this case were filed with the U.S. District Court for the Northern District of California, and the most important one of those filings is a joint letter by Oracle and Google concerning the so-called Lindholm email.
[...]
Judge Alsup -- the federal judge presiding over this litigation -- attaches a great deal of importance to that particular document. At a recent hearing, he essentially said that a good trial lawyer would just need that document "and the Magna Carta" (arguably the origin of common law) to win this case on Oracle's behalf and have Google found to infringe Oracle's rights willfully. The judge told Google that "you are going to be on the losing end of this document" with "profound implications for a permanent injunction". Let me add that a finding of willful infringement would not only make an injunction much more likely than otherwise. It can also result in a tripling of whatever damages will be awarded.
The two potential killer emails: the Lindholm draft email and the Rubin email
This is the content of the Lindholm draft email:
"What we've actually been asked to do (by Larry [Page] and Sergey [Brin]) is to investigate what technical alternatives exist to Java for Android and Chrome. We've been over a bunch of these, and think they all suck. We conclude that we need to negotiate a license for Java under the terms we need.
[...]
[a second email message -] a certain email written by Android founder Andy Rubin may be even more revealing. In that one, Rubin outlined two options, the second one of which was apparently chosen: it amounted to going ahead with Java on an unlicensed basis, despite being fully aware of the risk of blowback at a later point in time ("Do Java anyway and defend our decision, perhaps making enemies along the way").
The Rubin email is almost five years older than the Lindholm email. At the time of the Rubin email, Android had not been released yet, but quite some development work had already been done at that point, so if the Android team had decided to switch to a non-Java programming language, it would have had to rewrite large parts of its software (the Rubin email describes this as "[a]bandon our work and [switch to .NET/C#]". By contrast, the Lindholm email was written in August 2010, shortly before Oracle's lawsuit against Google. At that point, the Android team had already developed far more Java-related code than five years earlier, but even more importantly, a huge number of Android applications had already been written in Java. Android's developers were way beyond the point of no return, and the assessment that all other alternatives "suck" has to be seen in light of that circumstance. There were significant switching costs (including a very significant delay) at the time of the Rubin email, but switching costs at the time of the Lindholm draft email were prohibitive.
It's certainly remarkable that those two emails show a consistent attitude: the Android team basically says "let's just infringe" whenever an intellectual property issue comes up. If they did this to Oracle, what about the intellectual property of other companies like Apple, Microsoft,eBay and Skyhook?
[...]
Willful infringement reduces all assertions of antitrust violations to absurdity
On Wednesday, Google's chief legal officer, David Drummond, posted to Google's corporate blog an article entitled "When patents attack Android". That one contains a number of antitrust allegations (without any evidence presented so far) against Apple, Microsoft, Oracle "and others" asserting intellectual property rights against Android.
Any claim that other companies act anticompetitively is completely undermined by a finding of willful infringement. It's not just a credibility issue such as in connection with Google's newly-minted general criticism of software patents. It's worse than that. Antitrust law simply wasn't designed to provide immunity to reckless infringers who just decide to infringe rather than rewrite code to adopt a different programming language.
[...]
Decision should be handed shortly
I'm sure the court will decide very quickly -- in light of the upcoming deposition of Mr. Lindholm -- on the issues raised by the new joint letter.
Google's lawyers may have a point if it's true that the Lindholm document is actually just an auto-saved draft of an email that ultimately was protected by the attorney-client privilege. But so far the court doesn't seem to buy Google's arguments that the Lindholm draft email is subject to the attorney-client privilege.
The truth is out there anyway. The question is only whether this particular piece of evidence will have legal weight.
Wayne Billing
Classroom Technology Support
Audio Visual and Classroom Technology Support
130 Machray Hall Building
474-6649
474-7625 (fax)
Wayne_Billing(a)umanitoba.ca
...from:
http://techcrunch.com/2011/08/04/googles-patent-problem/
Why Did Google Blog About Patents Today?
Because The Nortel Loss Was Just The Beginning.
MG SIEGLER
posted 11 hours ago40 Comments
As you’ve undoubtedly seen by now, Google decided to go on the offensive today with regard to patents. No, they didn’t go after any company for violating their patents. Nor did they spend billions acquiring new ones. Instead, David Drummond, Google’s SVP and Chief Legal Officer, took to the Google Blog to lash out at Microsoft, Apple, Oracle, and others for using “bogus patents” to attack their Android mobile platform.
But why now? In the past, Google has remained fairly mum on the topic. And they certainly weren’t calling out rivals by name. They’ve talked generally about the broken patent system, and even did a post explaining why they were willing to spend big money on the Nortel patents — for defensive purposes. But those approaches haven’t worked. Google is now arguably more vulnerable than they’ve ever been. And the stakes are about to go even higher.
When Google lost the Nortel bidding, they’re believed to have bid north of $4 billion before dropping out. Apple, backing Rockstar Bidco, eventually won with a bid of $4.5 billion. Now a battle for an even bigger treasure of patents looms.
Both Apple and Google have been looking into making bids to acquire InterDigital, according to multiple reports. Samsung is also now looking to get into the action as well, Bloomberg reports today. You can bet Microsoft is sniffing around as well. Whereas the Nortel win granted Apple, Micrsoft, RIM, and the other consortium partners access to over 6,000 mobile patents, InterDigital holds around 8,800 patents in the same space.
In other words, this latest battle is going to be insane. We’re looking at $5 billion easy, and likely even higher, based on the Nortel deal.
Google is clearly willing to pay to acquire patents, but they’ve reiterated time and time again that they won’t overpay for them. “This anti-competitive strategy is also escalating the cost of patents way beyond what they’re really worth. Microsoft and Apple’s winning $4.5 billion for Nortel’s patent portfolio was nearly five times larger than the pre-auction estimate of $1 billion,” Dummond wrote today.
Of course, Drummond failed to mention Google’s own $4 billion+ bid on those same patents. It just happened to be a losing one. (He failed to mention something else too.)
The $4 billion+ bid was likely well out of Google’s comfort zone, but they knew they had to win. Well, at least until they realized they likely couldn’t win against Apple, Microsoft, etc.
The same is likely to be true here. And Google knows it. They have nearly $40 billion in cash and cash equivalents to spend. But Apple has almost double that. And if Apple teams up with Microsoft again, they’ll have over $100 billion in buying power. At the end of the day, Google will not be able to out-bid Apple, and they’re running out of options.
Google’s official line is that there are plenty of patent opportunities out there. And the truth is that there are a lot — look at the deal they reportedly just did with IBM, for example. But that deal was for only 1,000 or so patents. This effectively doubled Google’s arsenal. But they’re still nowhere near Apple’s 10,000+ patents after the Nortel deal. And Microsoft should be well over 20,000 now. If Apple or Microsoft get another 8,800+ from InterDigital…
It’s massive deals like these that Google needs to be going after. And there aren’t too many of them.
Google’s only play is try to acquire enough patents to work towards a mutual assured destruction agreement with their rivals. But again, that’s going to be hard given who they’re going up against. This leaves three options: 1) appeal to the courts. 2) appeal to the public for support. 3) pray.
Today’s blog post was Google moving on to option 2. Option 3 may be just around the corner…
= - = - = - = - =
...and the other thing not mentioned...
...from:
http://techcrunch.com/2011/08/03/microsoft-just-kicked-google-in-the-nuts/
Google Threw A Punch, Microsoft Fires Back With A Missile
MG SIEGLER
posted 14 hours ago107 Comments
Earlier today, Google came out swinging. Seemingly sick of being continuously slapped in the face by the patent issue, Google’s SVP and Chief Legal Officer, David Drummond, wrote a blog post calling out several of Google’s rivals for attempting to use “bogus patents” to destroy Android. Chief among the rivals called out was Microsoft. Drummond noted that the software giant had been getting in bed with other rivals to hurt Google.
Among the accusations was that Microsoft teamed up with Apple to buy Novell’s old patents, implying that they did so in order to keep them away from Google.
Microsoft didn’t take too kindly to that remark.
“Google says we bought Novell patents to keep them from Google. Really? We asked them to bid jointly with us. They said no,” Brad Smith, Microsoft General Counsel tweeted out in response.
Damn. Shit just got real.
Just in case that wasn’t enough, Frank Shaw, Microsoft Head of Communications, followed up with the real heat-seeker. “Free advice for David Drummond – next time check with Kent Walker before you blog. ,” Shaw tweeted, referring to another Google SVP and General Counsel. Attached to that tweet was the picture of an email Walker apparently sent to Smith on October 28, 2010. It reads as follows:
Brad –
Sorry for the delay in getting back to you — I came down with a 24-hour bug on the way back from San Antonio. After talking with people here, it sounds as though for various reasons a joint bid wouldn’t be advisable for us on this one. But I appreciate your flagging it, and we’re open to discussing other similar opportunities in the future.
I hope the rest of your travels go well, and I look forward to seeing you again soon.
– Kent
While it’s only one instance, this really does undercut Google’s entire argument. Google was attempting to set up a pattern of Microsoft teaming up with other Google rivals to damage them. But the first instance listed was actually the result of Google turning Microsoft down, as the email shows. That does not look good for Google.
Does that mean Google’s totally wrong and Microsoft is totally right? Of course not. But it sure makes Google look pretty stupid. And it reinforces something that many observers think about Google’s position here: that they simply weren’t taking the patent situation too seriously until recently, and now they’re all up in arms about it.
God I love it when Google and Microsoft take these fights to the streets.
@BradSmi
Brad Smith
Google says we bought Novell patents to keep them from Google. Really? We asked them to bid jointly with us. They said no.
about 19 hours ago via webReplyRetweetFavorite
@fxshaw
Frank X. Shaw
Free advice for David Drummond – next time check with Kent Walker before you blog. http://t.co/PfKle9H
...from:
http://www.bbc.co.uk/news/technology-14340470
29 July 2011 Last updated at 08:55 ET
Apple holding more cash than USA
Continue reading the main story
Apple now has more cash to spend than the United States government.
US President Barack Obama is known to be an iPad owner, along with 28 million other people
Latest figures from the US Treasury Department show that the country has an operating cash balance of $73.7bn (£45.3bn).
Apple's most recent financial results put its reserves at $76.4bn.
The US House of Representatives is due to vote on a bill to raise the country's debt ceiling, allowing it to borrow more money to cover spending commitments.
If it fails to extend the current limit of $14.3 trillion dollars, the federal government could find itself struggling to make payments, and risks the loss of its AAA credit rating.
The United States is currently spending around $200bn more than it collects in revenue every month.
Apple, on the other hand, is making money hand over fist, according to its financial results.
In the three months ending 25 June, net income was 125% higher than a year earlier at $7.31bn.
Spending spree
With more than $75bn either sitting in the bank or in easily accessible assets, there has been enormous speculation about what the company will do with the money.
"Apple keeps its cards close to its chest," said Daniel Ashdown, an analyst at Juniper Research.
Industry watchers believe that it is building up a war chest to be used for strategic acquisitions of other businesses, and to secure technology patents.
Bookstore Barnes and Noble and the online movie site Netflix have both been tipped as possible targets, said Mr Ashdown.
The company may also have its eye on smaller firms that develop systems Apple might want to add to its devices, such as voice recognition.
Apple dipped into some of its reserves recently when it teamed-up with Microsoft to buy a batch of patents from defunct Canadian firm Nortel.
The bidding consortium shelled out $4.5bn for more than 6,000 patents.
...from:
http://www.tomshardware.com/news/apple-ipad-2-tablet-xoom-galaxy-tab,13157.…
Why Apple Can Produce Tablets for Less Money
5:00 PM - August 2, 2011 by Douglas Perry -
source: IHS
IHS* (http://www.ihs.com/about/index.aspx)released a report that describes some of the reasons why Apple has critical advantages in designing the iPad and why it may be able to keep those advantages in the foreseeable time.
The market research firm believes that Apple's control over the entire platform, especially the software provides it with a unique opportunity to design tailored hardware that deliver cost and integration scenarios its rivals cannot achieve.
“Apple takes a vertically integrated approach to its products, from the operating system to the user interface, to the hardware design, down to the selection of individual parts used in the device,” said Wayne Lam, senior analyst, competitive analysis, at IHS. “For example, Apple even uses its own applications processor design in both the iPad and iPad 2. In contrast, Android tablet makers buy those capabilities from the likes of Nvidia, Texas Instruments and Qualcomm. This gives Apple greater control in multiple areas of product development.”
For example, IHS said that Apple's ability to control the OS enables the company to reduce cost by limiting the quantity of memory in the iPad. The current-generation iPad 2 uses 512 MB SDRAM, while its rivals use 1 GB. "This memory density reduction results in a nearly $14 reduction in the bill of materials of the iPad 2 compared to other tablets, the market research firm noted.
“Since Apple controls both the operating system and hardware design of the iPad, it is able to attain design efficiencies that other tablet manufacturers cannot,” Lam said. “These efficiencies become obvious in areas like the memory and the battery, where Apple maintains advantages in cost, space savings and performance compared with every competitor in the business.”
*IHS is a global information company with world-class experts in the pivotal areas shaping today’s business landscape: energy, economics, geopolitical risk, sustainability and supply chain management. We employ more than 5,100 people in more than 30 countries around the world.
...from:
http://community.ca.com/blogs/securityadvisor/archive/2011/08/01/a-trojan-s…
A Trojan spying on your conversations
Published: August 01 2011, 12:11 AM
by Dinesh Venkatesan
We have been recently blogging about many Android malware as the threat landscape has been witnessing an increasing trend in targeting the mobile platforms and today we have received an Android package to our collection and observed that this piece of malware walks an additional mile by having a neat configuration and has a capability to record the telephonic conversation the infected victim makes. In one of our earlier blogs, we have demonstrated how a Trojan logs all the details of incoming/outgoing calls and call duration in a text file. This Trojan is more advanced as it records the conversation itself in “amr” format. Also it has got many other malicious activities that we have seen in many of the earlier malware incidents targeted for Android platform.
Hence, in this blog, we will demonstrate this particular conversation recording payload of the malware.
Fig.1: Permissions needed by the “app”.
It is always recommended to have a logical decision making before allowing an app to have certain permissions.
Once the malware is installed in the victim device, it drops a “configuration” file that contains key information about the remote server and the parameters. Fig.2 shows the contents of this file.
Fig.2: The config information
To see the payload in action, the Trojan is installed in a controlled environment with two mobile emulators running along with simulated internet services.
Fig.3: Making a phone call from the victim device to trigger the payload.
As the converstation goes on, the Trojan stores the recorded call in a directory shangzhou/callrecord in the SDCard. Fig.4 is the snapshot of the directory structure in SDCard.
Fig.4: the recorded file in amr file format.
As it is already widely acknowledged that this year is the year of mobile malware, we advice the smartphone users to be more logical and exercise the basic security principles while surfing and installing any applications.
Share this post: EmailShare
Leave a comment
By: Dinesh Venkatesan
Dinesh has been part of HCL Technologies from March 2006. He has started his career in HCL's Security Solutions group and later moved to CA-ISBU where he specialized in Anti-Malware Research. His major research areas are: Parasitic file infection, Botnets, Cross platform threats, Mobile threats
