Category Archives: Avira

Avira

What can actually happen #IfMyPhoneGotHacked

Everybody will know what you did last summer

The danger of getting your data stolen might seem rather abstract to you as the word “data” usually makes you think of valuable information you would not have on your phone. With “data” we mean everything on your phone: photos, videos, documents and browsing information, regardless of their economic “value”. Remember the selfies you took with your phone this summer but never had the courage to share with your friends? How about the Justin Bieber playlist you secretly stored in a hidden music folder? Well, if your phone gets hacked, it will all become public. And do trust us when we tell you that the “I don’t know how they got there” argument doesn’t stand a chance.

PS: don’t even make us open up the Browsing History subject; once it’s compromised, no superpower can save you from what’s coming next. Moving to a different country might be the only option left.

I just called to say…who are you?

If only the thought of some strangers having your phone number scares you, imagine how it would be if those strangers could also access all of your contacts and your recent dials? Not only would they be able to store and even sell all this private information about your family, friends and colleagues but they might also bother them with all sorts of pranks. And no, texts are not protected either so make sure you don’t ruin the flirt you’ve got going on because of some disturbing replies coming from people controlling your phone. Some of them can have a pretty twisted sense of humor.

Peekaboo I see you

We all use the “Big brother is watching” expression often enough that it has become a matter of speech more than a matter of fact. What if your newest “big brother” is a hacker who can activate your phone’s camera and spy on you whenever he feels like? One thing is sure: you’ll regret not being able to separate yourself from your phone in no situation. Too many examples of exposing the smartphone to private…events come to our mind (we’ll let you think of the most uncomfortable ones yourself). Now imagine sharing those images with a bunch of strangers. In real time. Sufficiently awkward yet?

Social Networks come just as a cherry on top of any hacking scheme mentioned on the #IfMyPhoneGotHacked thread. All of your data could go public (and even viral depending on the level of compromising information you store on your devices) in a matter of hours after your phone gets hacked. Just make sure you stay protected.

The post What can actually happen #IfMyPhoneGotHacked appeared first on Avira Blog.

Online dating is the latest trend – But is it also safe and secure?

The Internet is new territory, apparently. To government officials perhaps, but not when it comes to finding a partner. According to a study, 30% of relationships begin online[1]. And many of those are made to last offline: in 2013 16.4 % of all new partnerships in Germany began with the couples flirting online[2]. It’s great when things work out with the neighbor, but just as searching for a partner in the supermarket, bar or swimming pool isn’t without its risks, the online world has its pitfalls too. Take untruthful profiles for example. “Men make themselves taller, women younger”, that’s what a former product manager of Yahoo Dating said summarizing her experiences. These sorts of little white lies are relatively harmless as they’re easy to spot on the first date. It gets more difficult when something doesn’t add up about the job, and the chosen one doesn’t turn out to be a doctor after all, but unemployed, in debt, and on the hunt for some funding.

Cyber scammers have created an entire industry from people’s desire to be together. The “romance scammers” search the lonely hearts sites specifically for woman with whom they initially email and call for weeks at a time to establish trust only for them to then ask for money for medical treatment, medication for mom, a trip to their sweetheart’s country or whatever it may be. The meet-up itself isn’t risk-free either. Blackmail through secretly or openly filmed sex tapes has already happened more than once, just like alleged pregnancies which nobody will ever find out about if the victim contributes to the abortion costs. While this is dramatic, generally the worst thing those who flirt online have to fear is enduring an endlessly boring evening on the first date.

Here are a few simple tips that will help guard against both dangers – criminality and boredom. On the first date, meet in public and never at your home. Tell a friend, relative or your parents where you will be and arrange for them to call you at a set time so you can give them the all clear. By the way, you can also use the call to your advantage to fake an emergency and escape a boring date early.

Spam messages from those looking for love can also end up in your mailbox through no fault of your own, and people who date online are more likely to open the wrong attachment by mistake. Not every jpg image is what it appears to be, and those ominous-looking Word, PDF, and PowerPoint attachments from romance-seeking Natashas from Belarus are also best sent directly to the recycling bin. The latest version of a comprehensive antivirus software solution like Avira Antivirus Pro, Avira Internet Security Suite or Avira Free Antivirus blocks viruses, worms and Trojans and, in the best case, also evaluates websites before you click them. This minimizes digital dangers and searching for a partner online doesn’t lead to additional risks.

You should, however, pay particular attention to potential risks posed by revealing personal information. Even if endlessly long email conversations over many weeks are rather counterproductive, you should not be forthcoming with your personal information. Before you give your address and telephone number to the person you’ve been messaging, you should be absolutely sure that you won’t regret it. It’s a good idea to have a throw-away email address you only use for dating purposes. Another good tip is to stay completely within the dating provider’s web environment as it usually doesn’t allow real identities to be inferred from online identities. Above all choose the dating provider cautiously. Services you pay for sort at least some chaff, in the form of joke or fake profiles, from the wheat. All the best for your next date ;-)

 

[1]German study “Online-Dating-Marktreport 2013/2014″ (“Online Dating Market Report 2013/2014″) – singleboersen-vergleich.de, 2014

[2]“Vom Online-Dating zum Traualtar” (“From Online Dating to the Alter”, German survey of 827 German registry offices – singleboersen-Vergleich.de, 2013

The post Online dating is the latest trend – But is it also safe and secure? appeared first on Avira Blog.

Are all data breaches created equal?

Companies both small and large have had to deal with a lot of hacker headaches recently, and for many people, news about these data breaches has caused them to change how they interact with the companies that have been affected. Not only is this bad for business for the companies, but it’s also embarrassing.

Even though revealing this information can make life difficult for the companies, it still makes sense that the public should always know about it, right? Well, maybe not. At least that’s what some executives have been saying lately.

It might come as no surprise that corporate executives would be the ones saying that not all data breaches need to be disclosed, but there are a couple different ways to look at this as a consumer that we’re going to focus on.

Tell me everything – In this situation, no matter what the hackers were able to get access to, you want to know about it. This could be sensitive data related to your password or credit card number, or it could be data about the company that’s not related to you.

Just tell me when it’s serious – Under this scenario, you’d only be notified when hackers access sensitive data about you that could be used to cause problems. Data breaches that don’t have a direct bearing on you or your privacy would not be publicly disclosed.

Which one of these options do you personally prefer? Disclosure might be the rule, but with the constant barrage of attacks that many companies have to deal with, some consumers might say that ignorance is bliss to some extent and the companies need to address their security issues privately unless there’s the chance that sensitive customer data has been compromised.

We’d love to hear your thinking on this matter in the comments section.

The post Are all data breaches created equal? appeared first on Avira Blog.

Eliminating file sharing security threats with subscription services

Quite frankly, it became an addiction. Active users accumulated thousands of songs, and before too long, this file sharing madness spread into other areas, such as movies and software.

Getting whatever content you want whenever you want it sounds great on paper, but these early networks made it extremely easy to share content illegally, and that’s what they became popular for. Even though the Napster of old and other similar applications don’t exist anymore, downloading content illegally is still a simple task thanks to torrent sites and other dark corners of the Internet.

Of course, it’s not a good idea to be involved in this sort of activity just because it’s easy. For one thing, you’re accessing content illegally, and additionally, hackers love to use interest in illegal files to spread malware. Not only do many of the files contain security threats, but the sites that are used to distribute them can also often be plagued with malware.

Thankfully, if you want to access content online in a legal and secure way, then you have plenty of options that didn’t exist in the early days of Napster. Sure, you can buy a song or movie individually, but the trend these days is focused on subscription services. Part of the appeal of file sharing services is that they can give you access to everything at once, and that’s exactly what subscription services can provide legally for a small monthly fee. There are services like Netflix for movies and television shows, Spotify for music, Kindle Unlimited for books, and the list goes on.

The truth is that many of the people who download files illegally don’t necessarily want to do it, but they feel forced to do it because they can’t access the content in the digital way that they’d like to. Affordable subscription services are turning these people into legal consumers of content, and that’s a better solution for them and the content creators. Not only is the overall quality and experience enhanced for the user, but they’ll also have a clean conscience and avoid the security threats that come along with illegal file sharing.

The post Eliminating file sharing security threats with subscription services appeared first on Avira Blog.

Science @ Avira, the ITES project

It is well known that classical computer architectures were not designed with security in mind. We intend to change that. The ITES project is creating a system purposefully built for high-security environments.

The current ITES system deploys verified compartments via Virtual Machines for different tasks. A compartment contains an operating system and the required programs (e.g. email client). Each compartment has restricted permissions that are unique. For example the browser compartment does not have access to the business plan, so if an exploited browser is running on a different OS than the email client, which has access to critical information, the impact of an attack is reduced.

ites

 

 

 

Our goal in the ITES research project has been to extend the compartments system to identify hacked Virtual Machines and start countermeasures. We identify hacked machines by observing them with different sensors (user-space hooking, memory forensics and VMI – Virtual Machine Introspection).

After gathering information about the current situation in Virtual Machines, a central component will classify the state of the machines into ‘trustworthy’ or ‘suspicious’. Depending on the decision, the machine can be stopped, analyzed, repaired or restored from a snapshot.

The goal of a scientific project is to learn by building a „Demonstrator“ (an Alpha Prototype) – it is not to create a product. The operating system is split into several compartments with Antivirus (AV) technology and hypervisor sensors attached.

However, many of the pioneering technologies we developed to build Demonstrator are or will soon be integrated into our internal processes. One of our backend systems in the Virus Lab at Avira is now classifying samples for our customers based on this new technology.

Classification

Identifying malicious files is the Virus Lab’s first task when encountering unknown software.
Three methods are usually deployed to identify malicious code.

1. Static

This is Avira’s traditional forte and is how we’ve been identifying malicious code for years. Malware is, for example, identified by exact hash, fuzzy hash, byte patterns, structural generics, or by an AI while the engine complements the analysis by gathering behavioral patterns. It is not part of the ITES project.

2. Dynamic

Dynamic analysis monitors the behavior of malware. You can do it on the end-user’s system (behavior analysis performed by the AV software) or using specific analysis systems (e.g. Analysis Sandbox like Cuckoosandbox or our internal cloud-enabled Autodumper tool).

Depending on the type of the malware, we will have to monitor it in different ways. By monitoring the User-Space API, we are able to detect the Dropper of malware. Sensors in Kernel Space or below are required to identify rootkits. Kernel space sensors are drivers, and you get those with your AV software.

They will have a different (less detailed) point of view, but cannot be easily tricked by the malware in the User-Space API. Monitoring the OS from outside of the Virtual Machine is even better. One existing tool that does this is Volatility. It uses a memory snapshot of a real machine or a virtual machine and checks for anomalies in the OS data structures. As a part of the ITES project, we integrated Volatility into a Cuckoo Sandbox and use it as a second sensor.

A disadvantage of Volatility is that it only uses a snapshot, so it is possible to observe the effects of the infection, but not the process of the system being infected. Additionally User-Space events are not observed at an acceptable level of quality.

Virtual Machine Introspection (VMI) takes this approach to the next level and is currently being researched by the RUB (Ruhr University Bochum) & IFIS (Institute For Internet Security) as part of the ITES project. By monitoring the system through the hypervisor we could achieve a similar perspective as with Volatility, but without having to create snapshots. Soon we will know what granularity of data will be possible.

3. Reputation

Having a cloud service and large databases on our backend servers, it is possible to identify specific spread patterns that are typical for malware. Suspicious patterns can be defined by scripts. Rules might look like

  • If a user is running a sample, which has not been seen by the cloud yet, and is strangely packed:  trigger a warning
  • If a computer executed an unknown file, after the user visited a suspiscious page on a freehoster, and the computer is running an outdated PDF reader program: trigger a warning

You get the idea. The ITES project does not cover this area.

There will be more blog posts covering the details soon.

TL;DR

Avira is investing into scientific research to deliver superior protection to our customers.

For Science,
Thorsten Sick

Sponsored_by_Federal_Ministry_of_Education_and_Research

The post Science @ Avira, the ITES project appeared first on Avira Blog.

Two-factor authentication – Extensive protection

“As a user, there is little one can do” is a statement often heard, followed closely by “everything was better offline”. However, there are in fact many possibilities to protect access to your data without having to be a technically gifted user.

The two-factor authentication enables extensive protection without neglecting usability. Its fancy name comes from the way it validates one’s identity: by verifying something s/he knows and something s/he has.

How does this work?

Users have login credentials to a website, usually consisting of an email address and a password. Anyone who tries to log in with this data, would be routed to another page where they must once again verify their identity with the secondary verification method This often is a temporarily valid code sent via SMS to a previously defined number, similarly to the mobile banking TAN procedure. Access to the data is only permitted following successful entry of this code. In the event of a data theft, the thief doesn’t have access to the victim’s cell phone (2nd factor) and the stolen information is thus worthless. The hackers won’t be able to access the account.

Some vendors offer additional ways to complete the extra verification: via hardware tokens (USB crypto devices, SSL certificates, e.a.); QR codes, which are scanned with a smartphone and generate a one-time code, are in the meantime also broadly available. There are thus several possibilities for better safeguarding access without making it complicated and laborious.

We believe that the combination of a virus-free system and strong passwords, changed on a regular basis and used for that sole service, is vital. The two-factor authentication provides an additional major security bonus for one’s own data. Even if your account data has been stolen, your data is worthless for the hacker without the corresponding 2nd authentication method.

All the famous & common services offer two-factor authentication these days and we strongly encourage you to activate them too.

The post Two-factor authentication – Extensive protection appeared first on Avira Blog.

Geotagging: what your photos reveal about where you live

A recent project out of the University of Florida entitled I know where your cat lives highlights how easy it is to identify people’s home address based on the pictures of their cats, uploaded to popular photo sharing platforms such as Instagram or Flickr.

I know where your cat lives

Researchers from the University of Florida located, with an accuracy of 7.8 meters, the exact place where pictures tagged with the word “cat” were shot.

They started by extracting metadata (including the latitude and longitude of where the picture was taken) from a sample of 1 million images, accessible from publicly available APIs from popular photo-sharing websites. The photos were then run through clustering algorithms with the help of a supercomputer. The researchers then created a website, where cat images were superimposed with GoogleMaps, pinpointing their exact location. Well, that’s just purrfect…

I know where your cat will be 24 hours from now

Okay, chances are even you don’t know that (much less your cat). But that’s where the technology is heading. Two years ago, a team from Birmingham University developed an algorithm that successfully detected where a test sample of people were going to be 24 hours in advance… How did they do it? By combining information on where they’d been (think of every time you checked into Foursquare) with the past movements of contacts in their Smartphone’s address book.

How your address finds its way into your pictures

When taking a picture, information is stored in the form of Exif tags. These detail the camera’s model, the image’s resolution in pixels, the time/date the picture was taken… This type of metadata is typically fairly innocuous. However as Smartphones now include in-built GPS, Exif tags frequently include the longitude and latitude as well. This functionality is referred to as Geotagging.

How to disable geotagging on your Smartphones

As your GPS is necessary for certain applications we’re just going how to show you how to remove geotagging when taking pictures.

If you’re an Android user:

  1. Access your phone’s camera application
  2. Select “Store location” on the left hand side, below “color effect”
  3. Switch off the geotagging

If you’re an iPhone user:

  1. Go to settings
  2. Select “Privacy”
  3. Select “Location Services”
  4. Find “Camera app” and switch it off

How to remove geotags from existing pictures

To remove geotags from all your pictures, you can do so with free software.

  • For Windows users:

Try Microsoft Pro Photo Tools version 2. This free tool enables you to easily edit or delete Exif tags from your digital photographs, including the GPS location.

It is also possible on Windows to remove Exif tags manually without installing additional software. For an overview of the process with step-by-step screenshots, please visit: www.technorms.com/38749/remove-personal-exif-information-from-digital-photos

  • For Mac users:

Try SmallImage or ImageOptim. Both tools are free and offer an easy drag-and-drop functionality for removing Exif tags.

Conclusion

Although privacy concerns over metadata is not new, the project I know where your cat lives did a great job of raising awareness for the problem. We recommend that you think carefully about what information you’re going to share (many users contacted the researchers at the university of Florida and asked them to upload their cat’s pictures and location to their map). If you are uncomfortable with sharing your location, please be sure to remove the Exif tags.

P.S. Avira developed a free tool to prevent companies for tracking your web activities. If you would like to learn more, please visit: www.avira.com/en/avira-browser-safety-lp

The post Geotagging: what your photos reveal about where you live appeared first on Avira Blog.

Browse the Internet smart and safely with Avira Browser Safety and SafeSearch

The features are called Avira Browser Safety, (available for Chrome and Firefox) and Avira SafeSearch, and they both work as browser extensions.

Browse the Internet safely…

Why the focus on browsers? These days, as firewall protection has improved significantly, most malware and identity theft no longer come from e-mail attachments but instead come from infected websites exposing visitors to drive-by downloads, code injection, password-stealing Trojans, etc. Even perfectly legitimate sites can be temporarily compromised and website owners usually don’t even know their site has been hacked, so avoiding dodgy sites is no longer a guarantee that you won’t be infected.

Avira Browser Safety and Avira SafeSearch protect you and your privacy by blocking these website-based threats.

The new features work together to guide you to safe websites when you browse the Internet and warn you about harmful websites before you click on the links. They also block trackers and advertising scripts that are trying to profile your browsing activity.

… and smart

In addition to the security focus, when you are doing online shopping on e-commerce sites, Avira will notify you if the item you are looking at is available at a lower price on other sites.

avira-offers-screenshotThis additional feature makes online shopping safer by directing you to e-commerce sites from our trusted partners—which Avira has checked out for their security and privacy policies. We have researched these merchants for you to make sure they have appropriate data privacy procedures, reasonable return policies, no history of payment complaints, and no aggressive third-party ad networks running on their sites. So you save money, time and avoid potential hassles.

In case anyone might be wondering if Avira needs to track users’ web browsing habits in order to present these shopping offers, the answer is NO. Avira just compares the product SKU that is on your screen at that moment against a list of inventory among our partners. Avira does not permanently track your web habits in any way and you will never receive a re-targeted advertisement because of us, nor will we ever sell your information to anyone.

Avira also earns a commission from these shopping referrals. We use these earnings to help support our 350+ engineers so that we can continue to offer you the world’s best security software (which earned a 100% perfect detection rate as measured by AV-TEST)—all for free.

Of course, if you’d rather not use Avira Browser Safety or Avira SafeSearch you can always turn them off. The rest of our software will keep on protecting you as before.

CONSTANT IMPROVEMENT

The introduction of Avira Browser Safety and Avira SafeSearch represent just the latest step in Avira’s constant improvement.

When we opened our doors in 1986, the definition of computer “security” meant stopping annoying but relatively benign programs that spread via floppy disks! By the late-1990s, security had evolved to include e-mail viruses, and the growing use of the Internet lead to new forms of sending and contracting viruses, worms, Trojans and other malware. Professional spammers and organized crime syndicates took over from ‘recreational’ hackers in the mid-2000s, and introduced some of the first malware that actually stole credit card numbers and collected personal identity information.

To keep up with these changes in the nature of online threats, Avira constantly has to invent new technologies for detecting and disabling malware. You don’t even notice most of these innovations because they work behind the scenes.

The coders and virus hunters at Avira today are proud of the software that we have engineered for you, and we hope you’ll try out Avira Browser Safety (install for Chrome or Firefox) and Avira SafeSearch. Stay tuned for exciting future developments.

The post Browse the Internet smart and safely with Avira Browser Safety and SafeSearch appeared first on Avira Blog.