Posts tagged July
Android Malware Up 472% Since July, Juniper Says [Infographic]
Nov 15th
Looking back at 2011, we could call it subtitle it as The Year Of Android Malware. It started with DroidDream and reports have been issued all year that have shown exponential growth in Android malware. It is not getting any better. If Juniper’s research can be believed, it is getting much worse.
Juniper says there has been a 472% rise in Android malware samples since July 2011. Juniper says that almost all of the Android malware contains code for root access that will force the device to communicate with a command-and-control server and download additional instructions. Most (55%) of Android malware acts as spyware and the rise of “SMS Trojans” has become a significant problem.
Sponsor
Recent Jump In Android Malware
Juniper notes that Android’s open market structure, where almost any developer can pay $25 for developer access that can be anonymized, is the primary culprit for the rise of Android malware. Juniper notes that iOS may or may not be any safer but that Apple makes it safer by requiring code signatures and pre-screening all apps. Smart Android publishers put code signatures into their apps because they know that the security applications have the capability of white and black listing certain signatures and that helps them keep their app out of the malware repository that security apps scan for.
October and November have seen the highest growth rates for Android malware samples since the rise of the platform, according to Juniper. The number of samples grew 28% in September, October had a 110% increase over September and a 171% increase from July 2011.
Spyware with root access is the main threat from malicious Android applications. Juniper notes that the vulnerability to root access from malicious apps is prevalent in 90% of Android devices in the consumer market. Outside of spyware, the SMS Trojan makes up 44% of Android malware. Juniper published another post today showing that much of the SMS Trojan activity is coming out of Russia.
SMS Trojans work by getting users to click on text messages or links in emails that will prompt them to pay for an app through premium text messages. These are often from pirated of cracked apps. The problem is that users end up paying for free apps, like Opera Mini for Android, or developers do not get paid for their premium apps.
How The SMS Trojan Works
Here is how it works for Opera, according to Juniper’s research:
Step 1: User gets a link by text or email.
Step 2: User opens the link within Android but is redirected to a site that tells the user to upgrade Opera.
Step 3: User show a message that brings them to a screen that says to download the browser, they have to pay with three premium text messages.
Step 4: User agrees and texts are sent. This supposedly costs $11 or 338.67 Roubles.
Step 5: The fake Opera reveals the URL for the real Opera that is free in the Android Market.
Source: Juniper Research
Check out the infographic below for Juniper’s research findings. Also, remember that mobile security often comes down to common sense. Do not click on malicious links and make sure to read your app permissions.
Does the big, scary red Android scare you? Let us know in the comments.
View full post on ReadWriteWeb
CEO Beckstrom to Leave ICANN in July Amid gTLD Controversy
Aug 17th
His vision was to internationalize the oversight body of the Internet naming system, to structure it less like a spider and more like a starfish. (A starfish, you see, can regrow lost limbs.) To some extent, the dashing security expert Rod Beckstrom has accomplished that as President and CEO of ICANN since mid-2009, most notably by removing the U.S. Dept. of Commerce from its direct oversight role over ICANN.
Come the end of his term next July, Beckstrom will leave the President and CEO role of ICANN, presumably to resume his career as a world-renowned security expert. But the twilight period of his term he may have to fight at least two more significant battles, neither of which may conclude before his departure. First and foremost is ICANN’s adoption of a controversial generic top-level domain (gTLD) plan for the domain name system – one which would give any applicant with $185,000 to spare (PDF available here) a new root domain of its own alongside .com, .net, and .org.
Sponsor
The latest criticism of this plan came Monday from Randall Rothenberg, CEO and President of the Internet Advertising Bureau. The IAB represents some 500 leading media firms that represent as much as 86% of the ad buys in the United States.
“ICANN’s potentially momentous change seems to have been made in a top-down star chamber,” Rothenberg said. “There appears to have been no economic impact research, no full and open stakeholder discussions, and little concern for the delicate balance of the Internet ecosystem. This could be disastrous for the media brand owners we represent and the brand owners with which they work. We hope that ICANN will reconsider both this ill-considered decision and the process by which it was reached.”
Rothenberg’s comments follow up on a letter sent earlier this month to Beckstrom by Robert Liodice, the President and CEO of the Association of National Advertisers (ANA), which alleges the proposed gTLD system violates the world’s existing system of trademarks.
“Implementation of a program with unlimited TLDs is economically unsupportable and likely to cause irreparable harm and damage,” Liodice wrote. “At the same time, the program contravenes the legal rights of brand owners and jeopardizes the safety of consumers. By introducing confusion into the marketplace and increasing the likelihood of cybersquatting and other malicious conduct, the program diminishes the power of trademarks to serve as strong, accurate and reliable symbols of source and quality in the marketplace. Brand confusion, dilution, and other abuse also poses risks of cyber predator harms, consumer privacy violations, identity theft, and cyber security breaches.”
All that together might mean a fairly negative legacy for an outgoing ICANN chief. But in his response to Liodice a few days later, Beckstrom stated that Liodice had not done his homework, failing to account for strict guidelines for gTLD applicants (PDF available here) that were developed with the full cooperation of both major DNS stakeholders and the U.S. Government.
Multiple public meetings and at least 45 lengthy public comment periods were conducted and thousands of comments, representing a broad range of interests, were received. Every comment submitted (including those submitted by the ANA) was read, summarized, posted for all to see, and factored into the decision-making process. The extent of this collaborative process, the responsiveness to public comment, and the volume of changes (across seven full drafts of the Applicant Guidebook) in response to stakeholder input are well documented.
…
Your quotations from the economic studies are highly selective and lead to an unsupported conclusion that more domain names will lead to cyber security lapses or consumer privacy violations. Your claim of “enormous financial burdens” and other broad statements are offered without supporting data or rationale. I invite you to review the entire set of economic studies, which explored the current marketplace, and applied expert analysis to an examination of the potential risks and benefits as far as possible (noting that the benefits of innovation are difficult to predict). As you point out, these studies recommended the implementation of additional protections against trademark abuse and malicious conduct. ICANN formed teams of internationally recognized experts to adopt both these recommendations and incorporate many significant new safeguards into the program.
Beckstrom went on to respond to Liodice’s allegation that companies would be forced to shell out a six-digit figure to protect their trademark interests on the Web, by saying protections will be put in place to prevent any applicant from violating the legal interests of any other parties. As for whether new gTLDs will bring appreciable benefits to the Internet as a whole – as Web creator Tim Berners-Lee suggested in 2004 that they should – Beckstrom suggested that hopefully anyone taking on the task of buying a gTLD would recognize the enormous responsibility that would be assumed. “This is clearly not for everyone,” he wrote.
Is ICANN concerned that the fallout from this dispute may not subside prior to the close of Beckstrom’s tenure? ICANN spokesperson Jim Trengrove told RWW, “By the time Rod Beckstrom’s term comes to end, the new gTLD program application period will have been completed and the evaluation of those applications will be well underway. Rod already has remarked on the solid professional executive staff he has put together which will carry on implementation of the gTLD program even while a professional search for his successor is underway.”
Meanwhile, the other battle that ICANN is mitigating concerns another aspect of Beckstrom’s bold internationalization plan: It wants the U.S. Dept. of Commerce to remove itself from responsibility for the Internet Assigned Numbers Authority (IANA), which manages the assignment of names to country-code TLDs (like .co and .tv), as well as to the zone where gTLDs would be managed.
ICANN administrator Fiona Alexander made it very clear last March: It wants IANA to step aside. “Narrowing the scope of the IANA functions framework would promote the global public interest. Narrowing the scope of the framework subject only to [National Telecommunications and Information Administration] oversight would increase global confidence in the performance of these functions.”
Is ICANN concerned this situation may not be resolved before next year? “Rod is pleased with the increased internationalization of ICANN during his watch, beginning with the Affirmation of Commitments agreed to within months of his taking over as president and CEO of ICANN,” ICANN’s Trengrove tells us. “He believes ICANN’s relationship with IANA continues to evolve in a positive direction.”
View full post on ReadWriteWeb
ReadWriteWeb Events Guide, July 30, 2011
Jul 30th
We’re always on the lookout for upcoming Web tech events from around world. Know of something taking place that should appear here? Want to get your event included in the calendar? Let us know in the comments below or email us.
Sponsor
View full post on ReadWriteWeb
SearchCap: The Day In Search, July 28, 2011
Jul 28th
Below is what happened in search today, as reported on Search Engine Land and from other places across the web. From Search Engine Land: Search For Hotels With Google Hotel Finder Forget using Google Maps when you want to find a hotel to stay at for a business trip or family vacation! You can now…
Please visit Search Engine Land for the full article.
View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing
SearchCap: The Day In Search, July 27, 2011
Jul 27th
Below is what happened in search today, as reported on Search Engine Land and from other places across the web. From Search Engine Land: Google Search Testing New “Clean” Design: For Tablets Only? Google is testing yet another design, this one is the same gray and black bar look but…
Please visit Search Engine Land for the full article.
View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing
SearchCap: The Day In Search, July 26, 2011
Jul 26th
Below is what happened in search today, as reported on Search Engine Land and from other places across the web. From Search Engine Land: Official: Google Panda 2.3 Update Is Live Google has confirmed to Search Engine Land that late last week, it pushed out a small update to the Panda filter….
Please visit Search Engine Land for the full article.
View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing
SearchCap: The Day In Search, July 25, 2011
Jul 25th
Below is what happened in search today, as reported on Search Engine Land and from other places across the web. From Search Engine Land: Tech Celebs Most Followed On Google+ While “Real World” Rules On Twitter & Facebook How do you measure the success of a social media site? One of…
Please visit Search Engine Land for the full article.
View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing
ReadWriteWeb Events Guide, July 23, 2011
Jul 23rd
We’re always on the lookout for upcoming Web tech events from around world. Know of something taking place that should appear here? Want to get your event included in the calendar? Let us know in the comments below or email us.
Sponsor
View full post on ReadWriteWeb
