Tag Archive for: privacy

Most secure mobile devices: Apple or Android?

How secure your data is may depend on the mobile you use. Much has been said about choosing the right mobile phone for the needs of each user. Most people seem to tend to Android or iOS operating systems. But which is the safest operating system when it comes to protection against malware?

secure mobile

Malware and secure mobile devices

The most common method of importing phone spying software is by sending an SMS, which contains the malware. When the message is opened by the users, their devices have just been hacked! Another method is to transfer the program over Bluetooth. This method is often used by people who are spying on their relatives such as husbands who think that their wives are cheating on them. Once installed, the program logs every activity of the device.

If the user wishes to do so, he can intercept calls, SMS messages, MMSs, e-mails and all the files that the phone sends and receives. The user can also activate the GPS location service and therefore is able to know the phone’s position on the map – at all times. The software also gives the user full control over the device.

Apple mechanisms for secure mobiles

In data protection, Apple (iOS) has made the big difference. The security level of their devices is much higher than the others’. Factors that enhance the security of iOS devices are that the user cannot unlock the bootloader. In addition, a powerful malware protection mechanism is pre-installed on the device.

Also, due to the strict inspections that Apple makes on app-store applications, viruses are extremely rare to exist. In the past, malware incidents had been reported inside the app store, but the company was able to detect, remove them and achieve secure mobile devices.

From the 100 malwares that hackers create, 97 are made for Android and just 3 for iPhone.

Using iCloud protection against malware

ICloud is one of the major security mechanisms of iOS devices. In addition to its ability to store data, it secures the files of our device with a lock code which, even the most experienced hackers can’t crack. Furthermore, this lock, is not only applied on the device. Apple’s servers are informed that the iPhone with the specific IMEI (International Mobile Equipment Identity) is locked. Thus, the owner can lock it at any time or even remotely delete everything. Even if someone bypasses this security mechanism, the only thing they can do is to format the device. This means completely erasing the device’s data without the possibility of data retrieval.

Apple’s Surveillance Policy for mobile security

iOS

Apple, as a company seems to be really strict when it comes to cellphone spying even in extreme cases. A typical example was the investigation of the terrorist attack in San Bernardino. When asked by the authorities to unlock a device, the response was: “The government is asking us to hack our own users and ruin many years of work on mobile phone security. This has no precedent in any American company and carries a huge risk of future attacks.”

iOS devices may undoubtedly be more difficult to use, especially for people who have never used them before, but the security benefits provided are worth the minimum time it takes for the new user to get familiar.

How to tell if someone is spying our mobile

When there is a malware installed on the phone, whether for spying on facebook conversations or for stealing credentials, it is just an application that uses resources. This means, that the phone’s processor has to execute more tasks, there is an increase in mobile data usage and an increase in battery usage. When the processor and battery are used to the maximum, the phone’s temperature usually rises.

secure mobile

Spying software sends the information collected over the internet. Thus, the usage of mobile data doubles. These indications can tell us if our device is infected with malware.

Spying on the spies

The methods for dealing with spying are often the same as spying is executed using software. The first method is to check the applications that are installed on the device. Any application that is not installed by the owner must be considered suspicious.

secure mobile

If the software is presented as a system application in order to avoid being detected, an online search for certified system applications of the device can give us the answer. Otherwise it is necessary to reset the phone to factory settings. This will erase all data and the mobile will return to its original secure state. Generally, if the origin of a file, message or application is not known, we should immediately delete it from our device or not download it at all.

Article written by Themis Georgiadis, Software engineer with expertise in web technologies.
Find a version of the article in Greek here

Meet the Cybersecurity experts among us!

The new generation of Stone Soupers contributing to brain gain and cybersecurity! They have studied and worked abroad, and they are now back to their homeland contributing directly or indirectly to the Greek ecosystem.

Meet Orestis and Nikos, the Greek members of CyberLens, a company focused on cybersecurity and privacy technologies, based in London, UK, and Eindhoven, Netherlands. “Our job is to use data retrieved from research and apply them in everyday situations” they tell us. CyberLens acts and responds to the European Commission’s open calls for various topics that require a solution. They collaborate with several partners and stakeholders to bring competitive advancements to the European market. The fact that they now operate in Athens brings the opportunity for more collaborations with Greek partners and organisations on such projects.

Who is who?

Nikos has lived his life moving from Athens to Utrecht and then Brighton due to his studies and now he is back to Athens using all his knowledge and experience. Nikos speaks Greek, English and Italian and may help you if you need any clarification on the concepts of cybersecurity and privacy issues while browsing on the web. His passion is to scan research projects and deduct useful outcomes that can be utilised in the proposals they are working on. He thinks the most accurate approach of cybersecurity in filmography is Citizenfour, a national security documentation with Edward Snowden regarding one of the biggest news stories of our time.

research cybersecurity
cybersecurity

Orestis has studied and worked in England for 4 years and returned back to the Greek capital a year ago. Orestis speaks Greek, English and German. He is a master of disaster regarding all cybersecurity and privacy topics and when he is not busy saving the world, he is dancing latin dances! Orestis considers the way hacking is depicted on screen as misinformation. He agrees with Nikos’ view of Citizenfour, and he adds Zero Days documentary to the list.

Tips from Cybersecurity experts

Being involved professionally with the web often makes you the ambassador of its proper and safe use among your company. Here are some tricks Nikos and Orestis shared with us on how you can protect yourselves when using the web.

  • Security incidents usually happen when you try to avoid paying for an online product (e.g. illegally downloading a game, streaming a movie/tv-series from non-official provider). But, hey! You know what they say; “if you don’t pay for a product, usually you are the product”. So, you better thoroughly consider the risks before you act.
  • When you create a password it is better not to use information such as date of birth, because they are very easily traceable. Instead, you could use password managers or use medium length sentences; such as “switch off the led lights tonight”.
  • And last but not least, try not to use the same password for all your accounts. But everybody knows that..right?..right! hmm..! Well, yes, it is wise to have that in mind as it makes us extremely vulnerable if one of our accounts is part of breach (such as the ones we hear on the news..).

Residents at Stone Soup Comment on GDPR Compliance

The General Data Protection Regulation (GDPR) aims to introduce a single legal framework applicable across all EU member state which would result in a more consistent set of data protection compliance obligations for businesses. Not only does GDPR concern businesses working with data within the EU, but also the non-EU companies. The GDPR has been passed keeping in mind the safety and security of the users’ personal data. Therefore, GDPR is focused on achieving a high degree of data security. Knowing that their data will be safe, the clients will put their trust in companies which would be beneficial as that would result in an increase in the companies’ customer base.

However, besides the advantages of a complete GDPR compliance, companies are facing a few problems in regard to full compliance. Too much regulation in terms of adding consent prompts for everything might reduce customer’s enjoyment of online services. Another common problem of GDPR compliance is the costs to be incurred in order to fully comply with the regulation since, not all companies can meet these costs. When asked about her opinions on complete GDPR compliance, Xanthippe Lemontzoglou, a data analyst working from Stone Soup feels that 90% compliance with the GDPR might be a better idea which would involve companies to do the best they can without trying to cover extreme possibilities, yet being aware of them. She feels that complete compliance might not be beneficial for either the companies or the users.

Other than its effects on the companies and the users, GDPR also has an impact on the designers as it will alter how the products are developed both in Europe where the law applies in every country, and in the United States, where many companies have European customers. Thus, this will partly reshape the work that the designers do. According to Dimitris Niavis, a designer currently residing at Stone Soup, designers are required to act on these changes almost immediately and that involves taking into account current and future User Experience. The information now needs to be more accessible and the users should have an option to easily opt out of the subscriptions.

Therefore, GDPR now requires companies to respect the users more than ever and this can be done by making some prominent changes at the company level which would involve training of the employees keeping in mind the new regulations, and also the user experience.

Although, there are many visible cons of the GDPR compliance regarding the costs incurred by the companies and ignorance on the user’s side, these problems are only temporary. The companies and the users need time to adapt to the new regulations and once that is in place, GDPR will prove to be effective in terms of the user experience and cybersecurity.

If you would like to read more, refer to the following websites:

https://www.fastcompany.com/90171699/what-is-gdpr-and-why-should-designers-care
https://www.endpointprotector.com/blog/gdpr-the-pros-and-the-cons/
https://www.cbsit.co.uk/2017/07/28/gdpr-risks-business/
https://www.welivesecurity.com/wp-content/uploads/2017/02/Is-GDPR-good-or-bad-news-for-business.pdf
https://www.tripwire.com/state-of-security/security-awareness/gdpr-the-good-the-bad-and-the-ugly/