Hidden Apps Carrier IQ and Privacy in Mobile Devices.

Slides:

Advertisements

Similar presentations

By Amelia Hart.  Both have a lot in common:  1. Both are Linux-based operating systems for smartphones that have been put together by companies best.

Advertisements

The Future is Global One World One World One Service One Service One Button.

What’s new in this release? September 6, Milestone Systems Confidential Milestone’s September release 2012 XProtect ® Web Client 1 Connect instantly.

Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.

Mobile Security 310KM Lab 4 Group Presentation NG KING TUNG MA HO YIN CHE CHUN KIT WOO SHUN CHAK.

Nokia Research Center Usable Security for Smartphones Cynthia Kuo Senior Researcher October 26,

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.

Vivek-Vijayan University of Tennessee at Chattanooga.

UNDERSTANDING JAVA APIS FOR MOBILE DEVICES v0.01.

Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

Student Name: Group.  Developed by Microsoft  Alliance with Nokia in 2011  4 main functions:  Outlook Mobile  Windows Media Player for Windows Mobile.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

2.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.

Optimize tomorrow today. TM 1 Optimize tomorrow today. Arlene Minkiewicz, Chief Scientist PRICE Systems, LLC Software.

2. Setting Up Your Android Development Environment.

Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Privacy and Encryption The threat of privacy due to the sale of sensitive personal information on the internet Definition of anonymity and how it is abused.

Presentation By Deepak Katta

Android 2: Introduction to the Technology Kirk Scott 1.

Internet Safety Child proofing your home. Personal info No Jesus Know Jesus Entered IT security 5 years ago Certified Ethical Hacker Computer Hacking.

Lesson 8 Operating Systems

 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.

Google Wallet By: Amanda Tazbaz ITMG 10. How it works ● Download application on Android smartphone ● Set up payment information ● Shop in store ● Click.

1 Spyware Ryan Myers Andrew Sullivan ECE 4112 – Spring 2005.

Cloud Computing New Technology Presentation Riley Woldt EDT 661.

1 Personalization and Trust Personalization Mass Customization One-to-One Marketing Structure content & navigation to meet the needs of individual users.

Frequently Asked Questions NCSC Product Certification Payroll Anytime, Anywhere!

Software refer to all the programs that can be run on the computer.

Convenience product security Collin Busch. What is a convenience product? A convenience product is a device or application that makes your life easier.

Windows 10 & Office 2016 Presented By: Cody Pierson & Patrick Wall.

Lecture 13: Anonymity on the Web Modified from Levente Buttyan, Michael K. Reiter and Aviel D. Rubin.

What’s a mobile app? A mobile app is a software program you can download and access directly using your phone or another mobile device, like a tablet.

FriendFinder Location-aware social networking on mobile phones.

Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.

Operating Systems Morrison / WellsCLB: A Comp Guide to IC 3 3E 1 Morrison / Wells.

THE WINDOWS OPERATING SYSTEM Computer Basics 1.2.

Cybersecurity Test Review Introduction to Digital Technology.

Ms. Tracy  Identify the purpose of an operating system.  Identify different operating systems.  Describe computer user interaction with multiple.

WIDESCREEN PRESENTATION Tips and tools for creating and presenting wide format slides.

30 Apps for Librarians Sana Moulder & Bryson Kopf.

Technical Sales Specialist Software - OS and Applications John R. Moegling Sr. Systems Engineer.

TECHDOTCOMP SUPPORT TECHDOTCOMP nd Ave, Seattle, WA 98122, USA Phone:

Office 365 is cloud- based productivity, hosted by Microsoft. Business-class Gain large, 50GB mailboxes that can send messages up to 25MB in size,

1 Lesson 8 Operating Systems Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

Šarūnas Končius Technology Strategist of Microsoft Microsoft Lithuania.

Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.

Android and IOS Permissions Why are they here and what do they want from me?

Mobile Device Security Management Leyna Belinsky.

Integrating Lawful Hacking with NiceTrack Target360° Daniele Milan, Hacking Team Omri Kletter, NICE Systems.

Tech and Construction Mobile Technology in the Field Allen Small, Distribution Director Austin Energy SWEDE 2015 Workshop.

Mobile Computing Lecture#01 Mobile Horizon. Leading Mobile Phone Technologies  iOS  Android  Blackberry  Symbian  Windows Phone  J2ME.

Intro to Digital Technology Review for Final Introduction to Digital Technology Finals Seniors Monday, 5/16 – 2 nd Tuesday 5/17 – 1 st,3 rd Underclassmen.

Firmware threat Dhaval Chauhan MIS 534.

Office 365 is cloud-based productivity, hosted by Microsoft.

MOBILE DEVICE OPERATING SYSTEM

Introduction to Mobile Devices

SVTRAININGS. SVTRAININGS Features of SCCM  Application management  Provides a set of tools and resources that can help you create, manage, deploy, and.

Frequently Asked Questions NCSC Product Certification

With IvSign, Office 365 Users Can Digitally Sign Word Documents in the Cloud from Any Device Without Having to Install Any Digital Certificates OFFICE.

Lesson 8 Operating Systems

Chapter 10: Privacy, Security, and Ethics

HOW DO I KEEP MY COMPUTER SAFE?

Firefox focus Lana Marinculic.

Security in mobile technologies

Introduction to mobile app development Module 1 - Introduction

Presentation transcript:

Hidden Apps Carrier IQ and Privacy in Mobile Devices

Hidden Apps Your device: The expectation of privacy Their service: How hidden apps can be a threat Who is affected?

Your device: The expectation of privacy Hidden Apps

Most people take the privacy of phone service for granted. Regulations provide our phone calls with an expected level of security. With the widespread use of smartphones, the level of privacy we have on mobile devices is changing.

Hidden Apps While phone calls are protected, apps and the data stored on smartphones are not protected in the same way. o Carriers often use network monitoring software without the user’s knowledge o Carriers are not specific as to what data is gathered o Regulations protect some user data but not all

Hidden Apps The most common way to gather private user data is through hidden apps. These are programs: o Generally run without the user’s knowledge o Can be installed by the carrier, the manufacturer or by a user looking for other functionality o Are often completely legal, protected by end-user license agreements with obscure and difficult language Return to Menu

Their service: How hidden apps can be a threat Hidden Apps

Carriers and app developers use hidden apps to collect various kinds of data. This data can have legitimate purposes: o Improving quality of service o Identifying common trouble spots on cellular networks o Troubleshooting common user issues o Identifying hardware malfunctions and failures

Hidden Apps However, some apps are either not developed with security as a priorty. Recently, this has come to the forefront with Carrier IQ, a company that develops a hidden app for many major carriers to monitor networks and provide a “better user experience.”

Hidden Apps Carrier IQ, in most configurations, is completely hidden from the user and cannot be disabled. It collects: o Network performance information o Hardware fault information o All user interface events (what the user taps on or selects) o All keystroke information from phone, SMS or web browser

Hidden Apps Apparently, Carrier IQ does not transmit information other than network performance and other anonymous data. However, other apps could read the data because it is logged in a completely unprotected way.

Hidden Apps This is a video demonstration by a developer of the potential abuses of Carrier IQ software:

Hidden Apps Carrier IQ may not be transmitting this data, but that doesn’t mean other apps can’t read logfiles it creates. The potential for abuse in the logs generated by Carrier IQ is immense. o Carrier IQ can see all traffic, even encrypted web traffic. o Carrier IQ could be compromised to collect users’ credit card data, contacts, location or anything they type into a keyboard or touchscreen. o Carrier IQ could presumably be used to infiltrate corporate or public networks.

Hidden Apps An important note: As of this writing, no evidence exists that proves Carrier IQ has been abused in any way. However, the publicity generated by this issue virtually guarantees that it will, given enough time. Return to Menu

Who is affected? Hidden Apps

Carrier IQ is currently known to be in use by the following carriers: Sprint AT&T T-Mobile Other carriers have not yet responded to inquiries about their use of this software.

Hidden Apps Android and Blackberry phones are the most likely to use Carrier IQ and are the most susceptible to security threats. Carrier IQ is only implemented in a limited way on Apple’s iPhone and will soon be removed completely through an iOS upgrade. Carrier IQ’s future is uncertain. US Congress and the FCC have inquired into the exact nature of their data collection and software.

Hidden Apps Carrier IQ is only a single app in a much larger world. All users are affected by the privacy concerns these issues have raised. Some platforms may be safer than others; all of us should be wary of the drawbacks any technology presents.

Hidden Apps Many carriers have denied using Carrier IQ but this does not mean they don’t use a similar type of tracking software. Every carrier tracks users on their networks. What is being tracked and how will we know our data is protected?

Hidden Apps To learn more about this issue and read stories as they develop, visit the following links: o The Verge – Carrier IQ Controversy The Verge – Carrier IQ Controversy o CNN Money CNN Money o All Things Digital All Things Digital Return to Menu