While brazen mobile malware grabs most of the headlines when it comes to the ever-threatened security of our phones and tablets, perhaps greater levels of concern are currently growing over the more passive threat of innocuous looking mobile apps invading our privacy behind the scenes.
This was identified as the most pertinent problem in mobile security when we discussed the subject with industry experts recently, and it appears Romanian firm Bitdefender – who ITProPortal met at this week’s Infosec in London - is thinking along the same lines.
The company is preparing to launch a new Android application known as Clueful (previously available on iOS) next month, reversing the trend of users being clue-less when it comes to what their apps are really up to. Even mainstream, ‘respected’ applications have been found to access information they just shouldn’t need to, such as contacts and photos – and in addition to this being a simple invasion of privacy, such encroachment can open the door for data-stealing.
Bitdefender’s chief security researcher, Catalin Cosoi, argues that most mobile users, almost by reflex, claim they do care about privacy when questioned in studies, but in reality they readily surrender personal details to social media and know little about much of the software running on their devices.
Clueful makes it easy for people to get on top of their privacy status, “offering you all the details you want to know before making the decision whether to use an app or not,” says Cosoi. “We’re not saying that an app is good or bad, we’re just telling you ‘this is what the app does.’” The user is also given a full breakdown of the app’s behaviour and what it is accessing after it has been downloaded, with Clueful able to calculate a privacy score out of 100 for your device (note the risk being run by the tablet pictured).
This is a valuable tool for the smartphone and tablet owner said Bitdefender CTO Bogdan Dumitru, who added that “users don’t have any other way of finding out this information, unless they can reverse engineer the app process,” - not something undertaken by the everyday user too often.
Clueful features among a staggering wealth of innovation and solutions at Infosec that are all designed to ease the pressure on the user, and generally cover their backs when it comes to using technology safely. But no matter what security products we have at our disposal, the Bitdefender team said the old adage of user responsibility still rings true.
With both mobile and desktop, it is our own human actions that ultimately determine whether the threats penetrate, the group emphasised. “We like to say that the main problem is between the chair and the keyboard,” noted Cosoi with a smile.