Tag Archives: Mobile

AVG Cleaner Adds 3 New Features to Clean Up Your Phone

A new release of the AVG Cleaner for Android 3 is now out just in time for spring. (Get it or update to the newest version here, if you haven’t already.) Our engineers have been hard at work finding new ways to clean up even more long-forgotten or useless stuff from your phone. Our latest release (3.1.0.1. to be exact) also cleans out WhatsApp photos, screenshots, and huge videos.

We’ll walk you through the three new additions:

Number 1: WhatsApp cleaning

You think that your apps, music, or photos consume all your phone’s storage? Think again. A big hidden memory eater are your messaging apps. All the photos you send and receive in WhatsApp are stored on your phone. Depending on how active you and your friends are, this can quickly get out of hand.

When using WhatApp, you see associated files when you tap on the name of your friend:

/var/www/now.avg.com/18.45.0/wp content/uploads/2016/05/image 2016 05 23

In this example, it is just two photos. Now multiply that by every conversation you have had and every photo you have sent or received. AVG Cleaner reveals how quickly it adds up, and lets you just as quickly clean out files replicated from your photo library.

/var/www/now.avg.com/18.45.0/wp content/uploads/2016/05/^3c3462cc744cf6c1a69d21aceb9873b8dfe8d76be9919d9437^pimgpsh fullsize distr1

Number 2: screenshots

I don’t think one day of my life goes by without me taking a screenshot of an app or desktop software. Screenshots are now used by almost everyone to create quick reminders, share a message, show someone a snapshot of Facebook, provide guidance on an app – and for lots of other quick and dirty uses.

Unfortunately, these shots don’t delete themselves. They also have a tendency to consume a lot of free space. On my Galaxy S6, the average screenshot of an app (e.g., Facebook or Google Maps) or a game is 1-2 Megabytes. That’s because Android stores these shots in uncompressed PNG format, which sports decent quality but can eat up quite a lot of storage.

Our AVG Cleaner for Android shows you leftover screenshots and – with a tap – helps you get rid of them.

/var/www/now.avg.com/18.45.0/wp content/uploads/2016/05/screenshot 20160427 153703

 

Number 3: huge video

Being more of a tech guy than most, I knew that WhatsApp and screenshots could weigh heavily on my phone. But I completely overlooked large videos that I either took myself or downloaded from the web. I forgot I had almost a gig of these files hidden away when I could’ve used that space for apps or photos that I actually needed.

Our Cleaner takes care of it.  It detects and helps you get rid of these huge videos once and for all!

How to Recover a Stolen Smartphone

recuperarmovil1You wake up to the beep-beep! ring of an alarm and, as you eat your breakfast, you comfortably read about the current events on your Smartphone screen without needing to listen to the radio, watch television or turn on the computer. On your way to work, while on public transportation, you take advantage of the time and play a game you’ve downloaded. You chat with your friends on WhatsApp at all hours of the day and even share photos of your outings on Facebook. Even checking emails from your boss has become a somewhat lighter task thanks to this thing that goes with you everywhere: your Smartphone.

 

Mobile phones and tablets have become part of our day-to-day. Most people argue that without them, our lives would be more complicated and boring. Their necessity makes it of upmost importance that we educate ourselves on how to protect these devices to ensure the privacy of the personal data they hold.

What if your Smartphone disappeared?

What would you do if you lost your Smartphone or it was stolen?

 

We have shared a multitude of tips that will help keep your terminal from disappearing into the reach of a cyber-criminal, but what if your Smartphone physically disappeared? What would you do if you lost it or had it stolen? Let us hope that you will never have to find out, but just in case, you should prepare yourself.  We have good news: we present to you a free App that will help you if your phone is stolen, and help you hunt the thief who took it.

 

The App, which you can test for free, allows you to locate the terminal in case of theft or loss. You can see the location of your mobile phone or tablet on a map and can even lock the device or erase data remotely. This will prevent a third party from using your phone and accessing your personal information.

What about Smartwatches?

 

Connecting Panda Security to your Android Wear Smartwatch is one of the simplest ways you can protect and recover your device. If you activate the anchor mode in your watch you will know where it is at all times.  If it’s too far away, an alarm will go off.  If it is stolen, you will be able to see its location on a map, block it from being used and delete information.

 

What are you waiting for? Protect your most precious technological goods with the best anti-theft application.

The post How to Recover a Stolen Smartphone appeared first on Panda Security Mediacenter.

When a Metaphor means more than an implied comparison

You are going to want to ​think twice before clicking on that LOLCat. A new proof of concept security vulnerability, dubbed Metaphor, could affect hundreds of millions of Android users.

NorthBit, an Israeli based software research company, has created an exploit in the same software library that the Stagefright vulnerability took advantage of. You may remember that last July 950 million Android devices were put at risk by Stagefright, in which it used an MMS (multimedia messaging service) software weakness that put Android customers at the mercy of hackers who could take complete control of their phone.

Metaphor, was demonstrated by NorthBit by sending an email message with a link to cat photos. The victim clicks the link to view the adorable and hilarious cat photos but unknowingly, in the background the malware is delivered.  This exploit is a hole that allows a hacker to gain access.  This access could be used to deliver malware that could potentially take control of key operations of your phone.  In this particular example, the exploit is not instant – the user does need to engage with the content on this page for the exploit to be successful.

NorthBit’s research paper detailing the findings is not malicious, it’s for demonstrative purposes only. However, there is enough information provided that a professional hacker could use it to create their own fully working exploit and as you see in the video, to take control of some of the operations of your phone.

Since the original vulnerability was disclosed last year, Google released a number of patches that resolved Stagefright; but as we can see with this new disclosure, the media software still offers hackers a route to exploit devices.

The Metaphor exploit affects devices that are using Android Operating Systems: 5.1, 5.0, 4.0, down to 2.2 with some devices more vulnerable than others.

If you have an Android phone, what should you keep in mind?

  • Be cautious of clicking on links from senders you do not recognize: In the example with the cat photos, the victim is opening the MMS it based on emotion around the content. If you don’t recognize it then don’t open it (no matter how cute or grumpy the cat is)!

And remember, the content could be targeted to something that you might be interested in, for me this would be motorbikes.

  • Always download and accept the updates to the operating system: While many phones do this by default some older versions do not. Keep in mind that patching your phone today may not fix this issue but it could fix other issues, so it’s always a good idea to run the updates.
  • Ask Questions: If you are unsure whether there are updates or how to download them a simple internet search should help. If you’re still unsure then contact your carrier.

 

Follow AVG on Twitter @AVGFree

Follow me on Twitter @TonyatAVG

 

 

From Cars to Toothbrushes and Everything in Between – MWC 2016

Mobile World Congress is the largest gathering of the mobile industry and takes place at the end of February every year. According to the latest attendance numbers, it was bigger and more attended than any previous congress.  Every possible brand associated with smartphones you can think of was there and even some of the brands you may not know but they provide the stuff to make it all work behind the scenes.

There is a dramatic change afoot in this industry and it’s clear to see at MWC.  The focus of this year’s show is very much about the Internet of Things (IoT). Most of us consider this to mean fitness trackers, a few connected fridges, and maybe for the select few, a car.

IoT is going to affect all of us in ways that we can’t yet imagine — everything will be connected and adding data to a world that will operate based on the analysis of everything around us. This may sound like a science-fiction movie, it’s not. There’s technology on its way that really does mean that there are very few things that won’t be connected.

What was hot at this year’s MWC 2016?

There is a device for tracking everything from fitness to air quality. While they’re exciting toys and gadgets for us to own and play with, the bigger story is how these stepping stones are being placed for a far more connected world. We continually hear about self-driving cars and other cool innovations, but for many of us these are still news stories rather than reality. One such company is Seat’s connected car tech that allows drivers to check the availability of parking spaces, access breakdown services and connect to household appliances.

Seat’s connected car

Do you ever leave home in the morning having missed a tooth when brushing? With Oral-B’s smart toothbrush it will be a thing of the past! A smartphone app connects to the toothbrush and detects which teeth are still dirty.

Visa announced their new payment system, the Visa Ready program, which will allow transactions to be made from any suitable connected device. For anyone traveling through London recently, they may have seen people waving their phones on the tube payment terminals to pay for their trip. With the new service from Visa, this facility will be extended to other devices and use tokens rather than card details. This means that personal data is never transmitted in a similar way that Apple Pay and Android Pay work and should be considered a security enhancement over the current process.

Honda has already signed up to the program to use an in-car fuel app that will be integrated into their vehicles dashboards. Once the car is running low on fuel the driver will be automatically be directed to the nearest gas station. The app will know the exact amount of fuel needed and pay for the fuel and calculate the cost. Of course, this does mean the pump needs to accept wireless payments and you will still need to get out and actually put the fuel hose into the car.

Virtual reality

A technology that has been heard about for years is about to become both affordable and usable, and will soon establish itself as a normal part of our lives. I was lucky enough to get a full hands-on demo of Intel’s RealSense™ virtual reality technology that is being made available to developers in the next few months.

of Intel’s RealSense virtual reality technology

Put the headset on and be immersed in a virtual world where you can actually interact using your hands. Yes, they actually appear in the virtual world allowing you to move objects and to be part of what you are seeing. Or allow the headset to map, in real-time, the environment you are in and to add things to it — you can mix our physical world with a virtual one.  For example using the demo headset I scanned a table and then a cat jumped up onto it. I moved away and the cat jumped off the table. The possibilities for this technology in our normal lives, especially if you are a gamer, are really exciting  and I can’t wait to see them realized.

There is a common concern with all the new IoT devices and cool services that they deliver, that is one of security. With every connected device a new opportunity is created for hackers to attempt to breach the device and access your personal data. While many device manufacturers may create their products using a ‘secure by design’ approach, this may not be the case with the small innovative companies that have the hottest technology.

The concern should not stop with hackers. Devices are collecting data that we may not realize. This raises questions about who has access to our data and what is it being used for — did you read the privacy policy of every connected device you already own, and will you read the privacy policy of all the new ones? Unfortunately, the answer is most likely no. Besides presenting us with new and impressive connected devices, Mobile World Congress has also highlighted the need for us to be aware of the “what” and “who” is holding our data and for what intent.

Privacy Took Center Stage at Mobile World Congress

Privacy has been part of the Mobile Security discussion for some time now. In fact, privacy and security were both highlighted as one of the top five themes at Mobile World Congress (MWC) this year.

We and many other security providers have been offering privacy tools (like our HMA Pro VPN) for a while, however the focus and discussion around privacy was heightened this week.  It was partially spurred by the Apple/FBI iPhone security discussion but was more robust than just that single (albeit interesting) data point.

There was a great turnout to both the Putting Privacy at the Core of Digital panel and to our partner event focused on Mobile Security Threats.  At the panel there was a consensus that the “war on privacy” was reaching a boiling point.  More and more users are becoming aware of the trade-offs and looking to take action.  We can see this in the uptake of Ad Blockers, which is partly motivated by privacy, and also from numerous studies showing increased awareness.

It is well known that people will share their data in exchange for services.  The issue is that not all of the sharing is known, transparent, or controllable. Services from Meeco are working to make the tradeoffs more accessible to users; Telefonica labs have some interesting tools under development, and Facebook continues to build their products around core privacy principles.  Given AVG’s position in the ecosystem, we often see the less desirable sides of unintended sharing. While our VPN and privacy tools are a great start, we have more work to do, both in educating users and with giving them more control.

Whether or not a “personal data economy” will evolve is still an open question, but the experimentation around the idea is very healthy. I emphasized that we need to make solutions much easier for consumers and that providers need to embrace a federated and distributed structure – basically, the ability for end users to move their data and their “trust provider” at will, without a lot of friction.

At our event titled, “Mobile Threats: Fact or Fiction”, Telefonica, Verizon, TCL, and Sony presented their views of mobile security and privacy, and then we participated in a panel discussion.  Network providers are in an interesting position in that they see a lot of data and also have regulatory checks and balances in place.  With the balance between those two, they have the opportunity to become “trust brokers” for their user bases.

Todd Simpson at Mobile World Congress

Consumer product development companies are looking to build privacy controls deeper into their products, and ensure that permissions and data flows make sense for users.  Of course, with the Internet of Things (IoT) we end up with a plethora of operating systems, connectivity options, data flows, and business models.  With no standardization in sight, security companies will have to develop comprehensive solutions that can address issues across many different technologies.  In order to act on all of this IoT data, security solutions need to be in the data flow. AVG’s relationships with carriers, combined with our VPN and our work in router solutions, puts us in that prime position.

There is a general consensus that users will not adopt IoT as quickly if security and privacy are not addressed, and rightly so. It is a complicated problem, spanning identity, authentication, malware, permissions, and data usage. We do not yet have a good framework for looking at all of these, but there are encouraging signs within each specific area, so that better protection is in sight.

When Will Our Data Be Secure?

As CES gets underway, it’s even more apparent that 2016 is projected to be the year of the “reluctant sharer”. The overwhelming common denominator of the conference seems to be cybersecurity, whether regarding drones, autonomous sport cars, or wearables; practically every device announced at CES has some type of Internet connection, adding to the already-reluctant sharer’s worries.

The latest MEF Global Consumer Trust Report 2016, in partnership with AVG, addresses digital citizenship – consumers’ responsibility to secure their online data and privacy. As an industry, are we sufficiently holding up our end of the deal, our responsibility to the consumers? One of the most striking findings in this year’s report, is the rise of the “reluctant sharer,” a growing 41% who don’t want to give up their personal information but know they need to in order to use an app. While consumers recognize more than ever how vital it is to protect themselves online, they feel caught. In just a single year, 20% more consumers shared personal information they would rather not have, just to be able to use apps and services.

With innovation in the connected world happening at an incredible pace, is resignation really the feeling we want customers to have at the beginning of our relationship with them? Year over year, this report has revealed a decrease in consumer trust, and in 2015, more people than ever (36%) said that lack of trust is the number one reason they decided against using software or apps. As an industry we can do better.

We needn’t look far to see how this might play out. Consumer distrust, leading to complete intolerance, has irrevocably disrupted the business model of digital publishing, in regards to ad blockers. While controversy surrounding the phenomenon is nothing new, Apple’s recent decision to allow ad-blocking apps has tipped the issue into mainstream consciousness and forced an entire industry to re-evaluate how it operates; and, perhaps most important, the value it offers to the people who make it all possible: their readers (consumers).

I predict that as high-profile hacks, like those on Talk Talk, Ashley Madison, the US Office of Personnel Management, and even the FBI, continue to dominate mainstream media conversations, fewer and fewer consumers will be willing to take this ‘devil’s bargain’ of privacy in exchange for services. And who can blame them? In fact, nearly half (47%) of everyone surveyed for this year’s report said they’d be willing to pay for an app that guaranteed not to share any collected data. That number is surely on the rise as consumers at large become more aware of the risks.

Given all this, I think the real question is not whether 2016 will signal a tipping point for consumers, but whether it will be the tipping point for us, the industry.

We, in mobile, have to decide if we want more than simply to avoid digital publishing’s troubles. We must put our customers first, and go beyond being only “good enough” at protecting them. Transparency and education need to go hand-in-hand with an industry-wide commitment to set, adhere to, and hold each other accountable for honorable, human-centered behavior principles. It is no longer enough to show consumers the “what” of data collection and sharing—we need to explain the purpose and consumer benefit of doing so, without spin, in real-life terms.

Who will step up to the challenge?

Ultimately, people should not have to trade privacy and security to benefit from the wealth of data-enabled services that are available now and on the horizon. Our customers are speaking loud and clear. Will we listen?

Notes from the 2016 AT&T Developer Summit

The 2016 AT&T Developer Conference took place on January 2-5 in Las Vegas, Nevada.

The 2016 AT&T Developer Conference took place on January 2-5 in Las Vegas, Nevada.

For nearly 10 years, AT&T has been bringing an annual developer conference to their partners and collaborators. This year, they creatively chose to combine their conference with a hackathon in order to encourage the participation of budding developers and to support young talent in achieving career-related goals.

This year’s conference and hackathon, which took place on January 2-5 in Las Vegas, Nevada, was packed with an array of topics split into six main sessions: devices and wearables, IoT, real-time communications, video, network advances and the connected home.

I’ve put together several of the sessions that stood out to me as especially relevant to the evolution of today’s technology.

Your world, protected and connected // Stephen Vincent

Abstract: Interactive security and home automation systems are evolving to become effortless for end users. Devices like smart thermostats learn the routines and patterns of users to ensure the consumer is returning home to their optimal temperature, thus increasing comfort and lowering home energy costs. Voice command and response systems allow users to speak naturally to their home security and automation system without learning complicated rules or programs. Lawn sprinklers and window blinds can be controlled by weather data indicating rain or shine. A day’s worth of user-generated surveillance video can be reviewed for significant events quickly and at the user’s convenience. Securing the home is a great benefit, but what about securing the personal IoT for the end user when not at home? In this session, we’ll discuss how Digital Life is a key contributor in the latest industry trends. We invite the developer community to join us on our quest to put the connected home to work for the end user.

View the slides from this session here.

Smartphones and beyond :Technologies for devices and IoT // Ginger Chien

Abstract: Smartphones, which will still be dominant in people’s lives for some time to come, have reached a state of maturity. This year’s phones will see mostly incremental advances offering improved capability and performance. Yet the smartphone will play an essential role through its familiar power and presence that will support the rising category of connected IoT devices, whether those be personal, wearable, distributed, or other forms yet to be seen. Join this session to learn about advances in the areas of smartphone and IoT device technology as well as get an idea of what the future of devices may hold.

View the slides from this session here.

Monetizing behavioral data analytics // Carole Le Goff and Dr. Brian Eriksson

Abstract: What can your home discover about your habits? When does a change in behavior at home demand intervention? How does this differ when considering yourself, or your teenager, or your mother across the country? This information can all be learned from home IoT sensor data combined with intelligent analytics, which can help you make a decision about how to act. Unfortunately, there is a wide gap between raw sensor data and actionable information. In this session, we will discuss gleaning behavioral context from this data and initial use cases to monetize this information. We’ll describe the science and challenges behind learning from IoT sensor data from the point of view of marketers and product managers explaining new revenue generating services as well as software engineers and data scientists.

View the slides from this session here.

Best Practices for the Unknown: Wearables, Devices & Things // Bill Weir and Pete Rembiszewski

Abstract: There are exciting new areas to explore in the bold new world of IoT and wearables, but there are also big land mines waiting for developers. Not only will we cover issues such as standards, security, network issues, data overload, and privacy, but also actionable tips, strategies, and techniques that developers can use to mitigate the risks.

View the slides from this session here.


As announced at the AT&T conference, a new tool called AT&T ARO helps users analyze their apps’ performance. Users can utilize the free diagnostic tool to improve their battery life, data usage, and responsiveness.

In addition to these valuable sessions led by highly talented speakers, Kevin Spacey was in attendance as the conference’s celebrity speaker. Spacey delivered a quality talk that emphasized the importance of companies making an effort to support and motivate young developers and IT professionals in their career paths.

This year’s AT&T conference and hackathon was a unique and educational experience. At Avast, we’re already looking forward to next year’s event!


Follow Avast on FacebookTwitterYouTube e Google+ where we keep you updated on cybersecurity news every day.

Detox Your Messy Photo Gallery with AVG Cleaner for Android

It’s the start of a New Year, and it’s time to Detox! Try this now: Pick up your phone, open up your photos app, swipe through your gallery and look at how many bad or duplicated photos of your daily lunches, sunsets or the cat sticking its tongue out, you’ve been hoarding over the months, or even years. Surprised by how many there are?

Well, you’ll likely be as shocked at my results: 27 poor selfies; 230 nearly identical shots; 81 blurry images. That’s a total of 3 GB wasted in just 6 months of using my Galaxy S6. And if you’re as lazy as I am about sorting out a messy photo collection on a weekly basis, here’s something for you.

New AVG Cleaner for Android 3.0 with Smart Photo Cleaner

Our own AVG Cleaner for Android has helped millions of users clean up browser traces, hidden temporary app files, forgotten downloads, among other performance tools. But today, we’ve taken a massive leap to focus on one of – if not the – single most storage-hungry type of data: your photos.

Upgrade now to get Smart Photo Cleaner, which scans your entire photo gallery and allows you to identify & clean:

    • Similar photos: Since the dawn of digital photography, the practice of carefully framing and taking pictures are long gone. Now we take 5 photos of our lunch, but only post one to social media or send to our friends. Smart Photo Cleaner doesn’t just identify similar-looking photos, but also figures out the best ones from the group – and allows you to get rid of the rest!
    • Bad photos: AVG Cleaner for Android also knows which photos are under- or over-exposed and blurry, giving you an instant way to de-clutter your photo gallery. It analyzes various aspects of a photo, such as sharpness, color, and lighting, and gives you the choice of what to keep and what to get rid of.

  • Review photos: If our Smart Photo Cleaner isn’t 100% sure about a bad photo, it lets you review it. Swipe to the left to delete; swipe right to keep it!

Best of all, Smart Photo Cleaner gets smarter about your choices and will give you more personalized suggestions on which photos to keep or clean up. Keep an eye out for an upcoming post soon, explaining how Smart Photo Cleaner works and how to use it. And that’s not all…

One-Stop-View to Fix and Clean

AVG Cleaner has received a major redesign, a term which probably doesn’t do it justice. Let me explain:

See the big fat ANALYZE button in the middle? Hard to miss. One tap on it, and AVG Cleaner will identify all the top resource-draining apps, bad photos, wasteful junk files and battery-draining settings, on one, simple screen – and helps you instantly fix it all. Basically, you get all of AVG Cleaner’s key features on one screen; and as you scroll down, you see all the issues with your device, such as Cache files, history leftovers, low-battery warnings, bad photos or battery-hungry apps:

Tap on one tile to fix these issues. Here’s what’s behind them:

  • Cache Cleaner: Identifies and cleans hidden, unused files to free up lost space
  • History Cleaner: Identifies browser history and old call logs that can be deleted to get rid of users’ traces
  • App Manager: Identifies ‘resource hungry’ apps (as detailed in AVG’s latest App Performance & Trends Report) and helps users stop or delete them:
    • Running Apps: Shows running apps and how much RAM they’re consuming
    • Unused Apps: Identifies apps that you haven’t used in a long time
    • Data Usage, Battery Usage and Storage: Helps you spot the largest apps and the ones with the most battery and mobile traffic drain
  • Battery Manager: Helps you optimize battery life with one tap, or allows your phone to automatically turn off power-sapping features and settings based on where you are, such as at home, at work or in their car (“Battery Profiles”)
  • NEW Smart Photo Cleaner: As above, automatically identifies all of the poor quality and similar photos on the device and enables users to ‘clean’ them easily, to free up device storage
  • NEW One-Click Dashboard Overview: Provides a one-tap-analysis of the device’s status across performance, battery life and storage, helping users easily fix and clean top resource hogs, bad photos, and temporary files, all on one screen

If you’re looking for a quick clean-up of all of your unwanted photos, check out our newly re-launched Cleaner today for free!

In 2016, your home will be a target for hackers

Your home and the devices in it will be a viable target for cybercrooks in 2016.

Back in the good ol’ days of the early 2000s until just a few years ago, all we had to be concerned about was security on our desktop computers and laptop. In the intervening years, mobile devices have become so ubiquitous that hackers have turned their sights on them, especially Android devices.

But starting in 2015, everyone began to realize just how close to home cybersecurity really is. Home networks are the new gateway, and 2016 will be the year that vulnerabilities in the Internet of Things (IoT) and wearable devices combined with weak home router security will lead to personal attacks.

Our internet-connected world will be increasingly difficult to secure

Our internet-connected world will be increasingly difficult to secure

The weak link is your home router

“The security situation with home routers is actually pretty bad,” Ondrej Vlcek, COO of Avast told Fast Company. “Most of the companies do a relatively good job of . . . patching the vulnerabilities, but the problem is that no one updates the firmware in the routers. The user doesn’t at all, and usually the ISP doesn’t either.” He added that we saw the most attacks on routers by far in 2015.

“Right now, attackers are targeting routers en masse,” said Pavel Sramek, an Avast Virus Lab research analyst. “It’s highly probable that they’ll expand their target list to network-attached storage  and “smart” TVs as well, since the security aspect of these devices has been almost completely neglected by their manufacturers so far.”

“Many of the companies and engineers don’t really think about security,” says Vlcek. Data, for example, is often transmitted without any encryption, making it easy to steal or fiddle with.

Since this is the time of year to look forward, I asked several of our Avast Virus Lab research analysts about what to expect in 2016 for home networks, wearable devices, and all the gadgets that make up the Internet of Things.

Router and ethernet cable

2015 was the biggest year for router attacks

Is it easy for hackers to break into home networks and is there enough motivation at this time to go to the trouble?

As it stands now, home networks are still not the easiest way for cybercrooks to hack into people’s lives, our team of experts agreed. “Not the easiest way, but too easy to be comfortable with,” said Sramek.

“As more and more devices are becoming smarter and connected to the net, through the Internet of Things, cybercrooks will have more chances to get into the personal home network,” said Sramak’s colleague in the Virus Lab, Nikolaos Chrysaidos.

The motivation is already there too.

“For years, (PC) viruses were the ultimate goal for the bad guy. The goal was to get their hands on users’ data, like credit card information, or to create botnet networks to allow them to send out spam or to do DDoS (distributed denial of service) attacks,” said Vlcek. In a similar manner, cybercrooks have already started to turn internet-connected home devices into “zombies to collect data.”

“The amount of attacks will rise rapidly in 2016,” said Sramek. “Turning IoT devices into zombies is half of their plan. The other is hijacking the network connections of users with devices that are difficult to attack otherwise, like iPhones.”

How do regular people make their home gateways smarter and more secure?
“As a bare minimum, people need an automated vulnerability scanner on a PC in their network, like Avast’s Home Network Security, to check for the most common issues leading to cyberattacks,” said Sramek.

Since we’re still in early days, can threats for IoT devices be eliminated before it gets out of control?

Just like with PC and mobile security, home users can prevent many attacks by applying safe practices and using existing solutions like Avast’s Home Network Security to understand what the vulnerabilities are.

Jaromir Horejsi adds that in addition to educating users about badly configured and insecure home IoT devices, we could use “more secure web browsers, because Firefox, Chrome, and IE are so easy to hack.” He predicts that cybercrooks will create DDoS malware to infect various IoT devices with weak passwords and it will take a combination of home user’s knowing what they’re up against along with manufacturers and ISPs taking more responsibility for safety to overcome the looming threat.

Do you expect to see an increase in attacks through wearable devices?

“In 2015, we have seen many vulnerabilities in wearables. Those vulnerabilities could be used by attackers to extract stored data and use them in personalized social engineering attacks,” said Chrysaidos.

“Today we are seeing a big shift toward social engineering attacks which are ingenious and sophisticated,” said Vlcek. Social engineering uses techniques to trick people into installing malware or adjusting settings that they don’t fully understand.

The biggest target for 2016 is mobile

Phones and tablets are the data collection points for most wearables and Internet of Things devices, so they are targeted for the data they store or the data that passes through them. Mobile devices – smartphones and tablets – are where people are now, and the bad guys know this.

“Bad guys today realize that most people are moving their computing to mobile,” said Vlcek. “They are catching up by coming up with new techniques that gets the job done even without malware.”

“Phones store a lot of personal information nowadays that can be monetized in underground forums. As valuable data exist in our devices those can be treats, and targets, for the cybercrooks,” said Chrysaidos.

Visit our blog tomorrow to read about the upcoming mobile threats for 2016.


Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

 

 

Autumn 2015: A season full of Android conferences

David Vávra is our team’s talented Google Developer Expert (GDE) for Android. Throughout this autumn, he attended a collection of valuable Android conferences. In this post, David walks us through his experiences and outlines his most interesting takeaways from the conferences.

Droidcon Stockholm (September 3-4)

 

Droidcon Stockholm was a two-day event held in Debaser Medis, a classic rock club in Stockholm. As you might imagine, it proved to be an interesting venue for a tech conference! The organization was  a little more “punk” than most other conferences, but the conference was still jam-packed with talks containing strong content and served as a great opportunity to network with fellow industry professionals. Fun fact: Czech beers are quite popular in Stockholm. We visited a place where they served five different Czech beers on tap.

One talk that I found to be especially useful discussed building Android SDKs from Fabric, a platform for mobile developers from Twitter. It was also interesting to take a closer look at Spotify’s automated testing environment in a talk Sustainable test automation. As for me, my presentation at the conference dealt with Android TV development. All the Droidcon talks can be found here.

Droidcon Greece (September 11-12)

 

This year’s Droidcon Greece was the very first Droidcon event in the country. It was organized by the very enthusiastic GDG Thessalonikigroup. Based on the number of attendees present, it was a smaller conference, but I loved it. G(r)eeks (Greek geeks) showed us true Greek hospitality. We had a tour of beautiful Thessaloniki and many parties along the way. Did you know that Greeks usually go to restaurants around 11 p.m. and start eating around midnight? Needless to say, we didn’t sleep much.

All talks were recorded. I suggest watching a talk about Kotlin on Android from Jetbrains — it really shifted my point of view on the language. Java 7 is so outdated now! I also enjoyed a workshop about RxJava from Big Nerd Ranch. You can do the workshop yourself here. It’s an innovative approach to learning a new language — it’s based on tests that all fail in the beginning, and your job is to make them ‘green’. At Droidcon Greece, I delivered a talk about Doze Mode & App Standby in Android M. All talks from the conference can be found here.

Big Android BBQ Amsterdam (November 12-13)

 

Big Android BBQ is a new conference brand with roots in Texas. It’s primarily supported by Google and is known for a less formal environment (and a real BBQ party!). This autumn, the conference came to Europe for the first time, so I gave it a shot. The conference itself was fine, and the content of the talks was strong. However, I had a few reservations about the organization of the event. There wasn’t sufficient care given to speakers, and we had to organize the speaker’s dinner by ourselves. Additionally, talks were not recorded. Nevertheless, we did have a great time in the end, and Amsterdam is a charming city.

I recommend a talk, Testing it & Loving it, from Marks & Spencer; if you don’t have automated tests yet, this talk will make you start. I also enjoyed  Event Buses: The @channel of Android Architecture from Big Nerd Ranch –it showed fitting examples from real life which illustrate when and when not to use event buses. I gave an updated talk about Doze Mode & App Standby in Android M. All of the talks can be found here.

Google Experts Summit (November 19-20)

 

gde-summit

The Google Experts Summit is one of the best perks of being a GDE. Google invites us once a year for the summit in Mountain View, California. It’s two days full of deep technical insights with product teams and lot of networking with other experts. The networking was probably the best — I met many exceptional people from all over the world. This year, GDEs were joined by marketing, design and product experts, making it the biggest summit ever with around 200 attendees present.

We had some really interesting sessions based on our expertise. I was part of a focus group in which Google shared some very confidential early prototypes. We were fortunate enough to be able to play with the prototypes and gave feedback directly to Googlers. I’m grateful that Googlers take the GDE program so seriously.

Android Dev Summit (November 23-24)

 

Android Dev Summit was a blast. I would summarize it as mini Google I/O focused only on Android. The conference was less show, more technical deep dives and direct access to Googlers from Android framework and tools teams. It appropriately took place in the geekiest venue in Silicon Valley — the Computer History Museum.

All the talks from Android Dev Summit are recorded in high quality. The highlight of the event is, of course, the introduction of Android Studio 2.0 with Instant Run, which should drastically speed up the Android development lifecycle. Watch What’s new in Android Studio to get all the details. The best talk for me was probably Android Studio for Experts. It was all live demos of various features in our favorite IDE, which included mostly tips and tricks for underlying IntelliJ IDEA. There are many small frustrations in everyday development, which the IDE elegantly solves. It was great to have direct access to Android celebrities like Chet Haase, Chris Banes, Tor Norbye, Reto Meier, Dianne Hackborn and others. Fireside chats with all of them were both funny and informative,and lots of burning questions were answered. Check out the fireside chat with the framework and tools teams.

I’m grateful that Avast supported me in attending all of these conferences and am looking forward to another conference season!


Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.