Category Archives: Antivirus Vendors

Antivirus Vendors

AVG

Lack of Trust Hampering App Downloads

4th February 2015: MEF, the global community for mobile content and commerce, today announced the results of its third annual Global Consumer Trust Report.

The report, supported by AVG Technologies N.V. (NYSE: AVG), analyses data from 15,000 mobile media users in 15 countries across five continents.

The study explores the key areas of trust, privacy, transparency and security to identify their impact on mobile consumers globally from purchasing a new device to downloading apps or paying for goods and services.

Key findings:

  • Half of all consumers surveyed (49%) say a lack of trust limits the amount of apps they download, compared to 37% last year
  • 72% of mobile consumers are not happy sharing personal data such as location or contact details when using an app
  • A third (34%) say trust prevents them from buying more goods and services using their mobile device

 

The impact of trust

Trust remains the largest single obstacle to growth in the mobile content and commerce industry. 40 per cent of respondents indicated that a lack of trust is the number one factor that prevents them from downloading items more often.

This is particularly the case with apps – where almost half of respondents (49 per cent) said that trust prevented them from downloading apps or using them once they are installed. Over a third (34 per cent) said it stopped them buying any mobile apps and services. The US experienced the largest increase in a lack of trust of the markets studied, at 35 per cent (up nine per cent year-on-year).

 

App privacy expectations

Alongside this growing mistrust, the study also revealed an increase in resistance to sharing personal information such as location, address book details or health records, with apps. 72 per cent of mobile users said that they are not happy sharing such information and almost two in five (39 per cent) claimed never to do so.

Linked to this unease, is the need to improve the way apps communicate about the data they collect. Many consumers feel that app stores and device manufacturers should take greater responsibility for protecting their personal information. 30 per cent of respondents said this would foster greater trust in the mobile platforms and 63 per cent said that they considered transparency important or extremely important (compared to 49 per cent last year).

Methods of self-protection have also decreased across the board – with less people taking the time to read app store descriptions, long privacy documents or ask friends and family for advice. The most popular method for self-protection was ‘downloading a privacy protection app’, at 31 per cent.

 

The need to protect devices

While the results showed that the threat of malware is rising in consumers’ consciousness – with most people acknowledging that it is likely to affect them – caution around malware has decreased. Only 48 per cent of respondents said malware would make them think twice when downloading apps compared with 74 per cent last year.

“Andrew Bud, MEF Global Chair, said: “Trust is the most important asset of any business, and consumer confidence must underpin the mobile ecosystem.  The sustainability of the mobile industry depends on it. As mobile devices and services evolve, consumers will hold business ever more accountable.

“MEF’s 2015 Consumer Trust Report highlights how trust issues are impacting consumer behaviours in different markets.  It is absolutely clear that the mobile industry must create equitable, informed partnerships with consumers, putting trust at the centre of the relationship. Consumer trust must be earned by consistently applying high levels of transparency, security and privacy to every mobile interaction.”

 

Judith Bitterli, Chief Marketing Officer at AVG Technologies, added: “Building consumer trust is an integrated process. While the mobile industry across the board must step up and take responsibility for increasing transparency across user privacy policies, it is equally important that consumers take their own steps to educate and protect themselves in order to better protect their rights and understand their choices online. This research shows that while consumers are taking certain proactive steps towards greater protection there is still some way to go in order to ensure their privacy and security are not at risk.”

Part of MEF’s ongoing activities to champion and advance consumer trust in the mobile industry, the annual Global Consumer Trust Report is now in its third year and provides vital data, analysis and insights on how consumers consider the efforts of the mobile industry in tackling the trust issues that affect their ongoing participation in every aspect of mobile content and commerce.  

 

About MEF

MEF is the global community for mobile content and commerce and the leading international trade association for companies wishing to monetize their products and services via mobile. Headquartered in London with operational chapters and offices in Asia, EMEA, Latin America, the Middle East, Africa and North America, MEF is a member network with international reach and strong local representation, ideally placed to drive market growth.

Established in 2000, MEF represents the total mobile ecosystem, providing an impartial and powerful voice for pioneering companies from across the mobile content and commerce value chain. On 17th – 19thNovember, MEF will host its 2nd annual MEF Global Forum in San Francisco where the findings of this join report will be discussed as part of a 3-day agenda looking at innovation, global growth and monetization.

www.mefmobile.org

Avira

Is the Maker Movement a security threat?

For a lot of budding technology creators, software programming has been one of the best places to start, but thanks to the Maker Movement (which is powered by people who want to build things and tinker with hardware), hardware projects are also becoming a great way to learn about technology and build interesting and interactive things. In fact, if you’ve heard about Arduino or Raspberry Pi, then you’re already familiar with some of the devices that are being used as part of the Maker Movement.

The educational possibilities with this DIY hardware are endless, but just like with anything solidly based in technology, there are security concerns to think about. When we think about hacking attacks, we usually think of software that’s been designed by hackers to cause problems or steal data, but with the rise of DIY hardware, hackers now have another outlet in which they can orchestrate sophisticated attacks.

You see, if a regular computer user can use open hardware to build and program a physical device, then a skilled hacker can easily build a device that has security threats embedded within. One individual even showed how you can build a USB device that can hack a computer in about sixty seconds.

Some of these threats can sound pretty dramatic, but if you avoid plugging in or interacting with unknown homemade hardware devices, then you’re taking the right step to keep yourself protected. For years, we’ve had to train ourselves to be careful about where we click, but thanks to the Maker Movement, we also need to start training ourselves to be more cautious about hardware, too.

The post Is the Maker Movement a security threat? appeared first on Avira Blog.

Panda Security

Be careful with Facebook! A researcher has hacked it using a Word document

Who hasn’t checked their Facebook page from work? In addition to a distraction, it has been proved that this practice is also a risk to the security of the company. A researcher has hacked the platform using a simple Microsoft Word text document.

like facebook

Mohamed Ramadan is an Egyptian hacker who discovered a bug in Facebook last July that is very dangerous for user security but that had simply gone by unnoticed; it could be hacked with a simple Word document.

It was not discovered by chance; for some time, Ramadan had been looking for possible vulnerabilities to demonstrate his potential as an ethical hacker and he had already done so by finding bugs in the Facebook apps for Android, iOS and Windows. The time had come to go one better and try with the company’s websites and servers.

He knew that this was a significant challenge; not only is it one of the technologies that have implemented the most security measures, but for years many security experts have been reporting and patching new holes. The company had even claimed that all of the holes in its servers had been patched. But it was wrong.

After thoroughly researching the topic, the hacker discovered the website Careers at Facebook, where anyone can look for work in the company and upload their CV. So, he decided to give it a go. To start checking (and find out if the platform was secure), he tried uploading a file where CVs are usually uploaded and he noticed that only .pdf or .docx files were admitted.

careers at facebook

Docx files are compressed files and the data they contain can be modified if they are decompressed. So Ramadan took a .docx file and decompressed it (using the 7-zip program) in order to access its code and modify it. More specifically, he changed a line of code to command this Word document to communicate with a twin file hosted on his computer wherever it was.

Despite his good idea, Ramadan was aware that it could fail. It was probable that even if the modified document were sent to the server, the file would not be able to communicate with the twin file on his computer.

So before uploading the modified Word document to the Facebook server, he checked if it were possible to get a result from uploading this document to any other server (more specifically, to one he programmed for the purpose). The result was as expected; a few minutes after performing the test, the external server that he had just created tried to communicate with his computer, so Facebook’s would too, and it did.

“I forced Facebook’s servers to connect to my computer using a simple Word document,” says Ramadan on his page.

With this trick Mohamed Ramadan was able to contact the data belonging to anyone who had uploaded their CV to the Facebook platform, and also their profiles on the social network and the computers that these people normally use.

facebook message

Therefore, any company’s data could be compromised if its employees use Facebook at work from the company’s computers. In this case the page that had the problem was Careers at Facebook and fortunately, it was Ramadan who detected it. However, the vulnerability on this server could have affected many others, according to the expert.

Although the bug has been fixed – and Ramadan has collected a reward of $6300 – its existence shows that compromising Facebook accounts is easier than it seems.

The post Be careful with Facebook! A researcher has hacked it using a Word document appeared first on MediaCenter Panda Security.