Someone May Be Spying on You If You Have These Apps | #android | #security | #cybersecurity | #infosecurity | #hacker

6 / 16

Future Publishing/Getty Images


“This is a call to action for users who may be living under a rock and unaware of the vulnerabilities that were disclosed earlier this year,” says Michael Covington, VP of Product for mobile security leader Wandera. “The vulnerabilities with WhatsApp—both iOS and Android versions—allowed attackers to target users by simply sending a specially crafted message to their phone number. Once successfully exploited, the attackers would be granted access to the same things WhatsApp had access to, including the microphone, the camera, the contact list, and more.”

Yes, that means attackers had the ability to do a lot of scary spying. “This was one of the most widespread issues I’ve seen impacting mobile devices, and we continue to see out-of-date versions on enterprise devices,” Covington says. Luckily, this one is easy to remove: Simply update the app to the latest version. At the time of writing, the latest version for Android is 2.19.339 and the latest version for iOS is 2.19.112. If you’ve already caught yourself wondering “is Whatsapp safe?” you’ve got good instincts.

7 / 16



Whatsapp and Instagram are both owned by Facebook, which is part of what makes them all a risk. Dave Salisbury, director of the University of Dayton Center for Cybersecurity and Data Intelligence, says that Instagram “requests several permissions that include but are not limited to modifying and reading contacts and the contents of your storage, locating your phone, reading your call log, modifying system settings, and having full network access.”

Even more worrisome, updates may automatically add additional capabilities. “People need to remember that at Facebook, and plenty of other places, you’re the product, not the customer,” Salisbury says. “Information about you, what you do, where you go, who you interact with, etc., is valuable. If you’re OK with giving that up for some free services, that’s a valid choice. What I’d hope is that people actually think through the choice in an informed way and make sure they’re getting as much as they’re giving.”

8 / 16

Facebook Messenger

Since Messenger is a separate Facebook app, Attila Tomaschek, digital privacy expert at ProPrivacy, feels that it’s important to address as well. “Deleting Facebook Messenger is a no-brainer, based upon the company’s frighteningly lax approach to protecting user privacy,” Tomaschek says. “The messages you send and receive using the Facebook Messenger app are not encrypted, meaning that all your messages are plainly viewable to any Facebook employee with the appropriate permissions.”

While the company is planning to roll out a “Secret Conversation” mode that will offer encryption, it won’t be the default option and won’t be available for the calling feature. “What’s more, the app automatically scans any links or photos you send, and if any suspicious content is flagged by the algorithm, your messages will be read by moderators employed by the company,” Tomaschek adds. “Basically, if you don’t want your personal data to be subject to Facebook’s flimsy data-privacy practices and you don’t want anyone potentially eavesdropping on your private messages, then it’s best to cut your losses, delete the app, and look elsewhere.”

If you’re looking for an alternate private messaging app, Tomaschek recommends the secure messaging app Signal. “Your messages in Signal are secured by the app’s proprietary encryption protocol, which many consider being the most secure messaging protocol available today,” he says. “In fact, Edward Snowden has even endorsed Signal as a secure messaging app.”

Original Source link

National Cyber Security Consulting App





National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.