News & Analysis
Comment
pinxlin
Propose a meeting to discuss and raising the issue on OS & Free Software is to ...
GREAT-Terry
It tells again the open system indeed is not a good idea at the end. I think ...
McAfee talks angry robots and rotten apples at Design West
Sylvie Barak
3/29/2012 12:15 PM EDT
SAN JOSE, Calif.--McAfee expects mobile threats to continue along the trends set in the PC world, moving from simple monetary gain towards deep privacy loss, corporate espionage and cyber war, according to a company representative.
Speaking at a Design West panel entitled “Angry Robots and Rotten Apples,” McAfee engineer Ryan Permeh said the threats affecting mobile devices are “real and serious” and are moving beyond the simple malware seen in the space thus far.
Discussing the implications of multi-platform dynamic mobile botnets, Permeh said the impact of long term compromise of a mobile device could be severe, allowing an attacker to go anywhere the owner goes.
“They can listen in, collect all sorts of sensitive data, and use the mobile phone as a bridge into sensitive networks,” he said, adding that current protection strategies from Apple and Google just did not go deep enough to stop the threats.
“Smartphones have become extensions to our lives, both in work and play. They are our constant companions and keepers of our secrets,” said Permeh, noting that the “bad guys” had begun to realize this and make ever more serious attempts to compromise devices in any way possible.
Permeh said that even though the current round of threats are probably more focused on quick turnaround for monetary gain, the broad deployment of devices opens up a plethora of new avenues that could unlock long term value for an attacker.
“The combination of an increasingly competent adversary paired with an environment blocked by vendors and tradition from those who would serve as protectors is a powder keg waiting to happen,” said Permeh, adding that understanding current threats, as well as their history, offered McAfee a better understanding of how to protect billions of devices.
Part of McAfee’s plan of attack is embodied in a new initiative the firm is calling “Trace” which focuses in on threats that haven’t yet become part of the general threat landscape, in an effort to build understanding and protection proactively.
The method relies on using the same concepts, techniques and technologies available to would be hackers, with McAfee’s team looking for new areas of vulnerability and methods to plug those holes.
In terms of relative security, iOS was by far the more secure platform, said Permeh, admitting that “Apple is blowing Android out of the water,” and that Google needed a much better bouncer to reduce “evil apps” and other threat vectors.
“Historically, Android has been beaten up more than Apple, because it’s open and that unfortunately makes it more susceptible to malware,” he said, outlining some of the more common threats.These ranged from malware hidden in marketplace apps, to alternate marketplaces and even sideloading, which is allowed on the Android platform.
There are also, said Permeh, “Ddive-by exploits” which exploit webkits and app related bugs.
“Premium SMS is by far the most lucrative malware scheme,” said Permeh, though he noted that data collection and function hijacking was also on the rise.
Meanwhile, on Apple’s iOS, malware can only really target jailbroken iPhones and apps, without much more in the way of any “direct evil in public," he said.
“Apple spends a lot of time cleaning up after itself,” said Permeh, before showing the audience a couple of demos attacks on both platforms for prevention hacking learning purposes.
“You have to think like a bad guy,” said Permeh, emphasizing that McAfee would never publish anything that could be considered hostile, but noting that awareness was key to dealing with the problem at its roots.
“Intel is very serious about becoming a major Android player, and as such, both Intel and McAfee are having to take a fresh new look at how to deal with Malware,” he concluded.
Speaking at a Design West panel entitled “Angry Robots and Rotten Apples,” McAfee engineer Ryan Permeh said the threats affecting mobile devices are “real and serious” and are moving beyond the simple malware seen in the space thus far.
Discussing the implications of multi-platform dynamic mobile botnets, Permeh said the impact of long term compromise of a mobile device could be severe, allowing an attacker to go anywhere the owner goes.
“They can listen in, collect all sorts of sensitive data, and use the mobile phone as a bridge into sensitive networks,” he said, adding that current protection strategies from Apple and Google just did not go deep enough to stop the threats.
“Smartphones have become extensions to our lives, both in work and play. They are our constant companions and keepers of our secrets,” said Permeh, noting that the “bad guys” had begun to realize this and make ever more serious attempts to compromise devices in any way possible.
Permeh said that even though the current round of threats are probably more focused on quick turnaround for monetary gain, the broad deployment of devices opens up a plethora of new avenues that could unlock long term value for an attacker.“The combination of an increasingly competent adversary paired with an environment blocked by vendors and tradition from those who would serve as protectors is a powder keg waiting to happen,” said Permeh, adding that understanding current threats, as well as their history, offered McAfee a better understanding of how to protect billions of devices.
Part of McAfee’s plan of attack is embodied in a new initiative the firm is calling “Trace” which focuses in on threats that haven’t yet become part of the general threat landscape, in an effort to build understanding and protection proactively.
The method relies on using the same concepts, techniques and technologies available to would be hackers, with McAfee’s team looking for new areas of vulnerability and methods to plug those holes.
In terms of relative security, iOS was by far the more secure platform, said Permeh, admitting that “Apple is blowing Android out of the water,” and that Google needed a much better bouncer to reduce “evil apps” and other threat vectors.
“Historically, Android has been beaten up more than Apple, because it’s open and that unfortunately makes it more susceptible to malware,” he said, outlining some of the more common threats.These ranged from malware hidden in marketplace apps, to alternate marketplaces and even sideloading, which is allowed on the Android platform.
There are also, said Permeh, “Ddive-by exploits” which exploit webkits and app related bugs.
“Premium SMS is by far the most lucrative malware scheme,” said Permeh, though he noted that data collection and function hijacking was also on the rise.
Meanwhile, on Apple’s iOS, malware can only really target jailbroken iPhones and apps, without much more in the way of any “direct evil in public," he said.
“Apple spends a lot of time cleaning up after itself,” said Permeh, before showing the audience a couple of demos attacks on both platforms for prevention hacking learning purposes.
“You have to think like a bad guy,” said Permeh, emphasizing that McAfee would never publish anything that could be considered hostile, but noting that awareness was key to dealing with the problem at its roots.
“Intel is very serious about becoming a major Android player, and as such, both Intel and McAfee are having to take a fresh new look at how to deal with Malware,” he concluded.
|
|
|
|
|
Navigate to related information
chanj
3/29/2012 12:50 PM EDT
Apple is policing the apps that are submitted to apps store. I am sure they at least check the data traffic going between iPhone/ iPad and network. The policing process has increased the time to market of the apps. Nonetheless, it helps protecting the apps users.
What policy has Google added? Is policing enough to keep malware and threat away? Is there other better criteria to keep yourself from "trouble"?
Sign in to Reply
t.alex
4/1/2012 4:46 AM EDT
I think for Google, once submitted the app is approved immediately. Chance of getting malicious app is high.
Sign in to Reply
Frank Eory
3/29/2012 1:07 PM EDT
Security was a factor in my decision to go with Apple rather than Android for my tablet and smartphone. I can't say that I have 100% trust and confidence in Apple's policing of apps, but on the other hand, the Android Marketplace is a wide open free-for-all.
Sign in to Reply
iniewski
3/29/2012 2:37 PM EDT
Sylvie: where are the angry robots? anything below the title seems to be confined to malware...angry robots sounds much more exciting and was the only reason I clicked on your article ;-)...Kris
Sign in to Reply
toutou
3/30/2012 12:08 PM EDT
imbécile
Sign in to Reply
kinnar
3/30/2012 3:27 AM EDT
Microsoft has come with Microsoft Security Essential, this was the long waited initiative from the Windows users. Also if the OS Developer works for working against threats that will be the best way for it. Google and Apple as well can focus their development and will be able to provide best possible security solution.
Sign in to Reply
iniewski
3/30/2012 11:15 AM EDT
How is Microsoft Security Essential going to help? @kinnar...it sounds impressive but what exactly does it do? Kris
Sign in to Reply
prabhakar_deosthali
3/31/2012 7:33 AM EDT
What we need is some security in the network layer traffic itself by which a data packet coming from a malicious source can be quickly identified and destroyed there itself
Sign in to Reply
defendor
3/31/2012 12:38 PM EDT
and what you don't know... just to make eveybody extemely paranoid (anybody in the DOD listening?):
The PRC, Indian, and Arab Foreign Intellegences Agencies have covertly penitrated the ASIC and cellphone driver develop teams, and have buried undocumented hardware registers and software backdoors under several layers of obfucated and poorly written code to bypass security layer. how would you ever know they didn't? their code sucks so badly it would take an army of engineer to decode it and translate it back into something readable...
Example:
send SMS message to cellphone Y.
security is kicked off and cellphone enters zombie suck downmode for uploading spy applications:
malicious hacker video and audio steaming from your iphone to any location on the internet.
malicious hacker fake battery powerdown to shut off your phone while you are talking about something don't like.
Malicious hacker wifi packet sniffer or stealing online passwords for any computer on your private wifi network.
Sign in to Reply
defendor
3/31/2012 12:40 PM EDT
Malicious hacker gps tracker. so the indian, arab, and chinese foreign intellegence spy agencies that are finding you your next job know exactly where you are at to harass you.
%@#@%^$%@#EWHWGDFGHDV$^%#%^@#$%!RG$%$^sfgkjdlkfg35jn1
crazy but strangely possible? strangely true to life? hmm....
Sign in to Reply
defendor
3/31/2012 12:52 PM EDT
what's that? you didn't notice the special, "DISABLE-NO-EXECUTE" opcode they inserted into the ARM-core RTL buried beneath layers of obfuscated memory BIST and DFT modifications to the licensed ARM-core RTL?
Sign in to Reply
wilber_xbox
3/31/2012 1:01 PM EDT
Security venerability can be a dangerous for the android OS in the long run. Loss for someone is gain for another, so i do see an opportunity for mobile Windows OS here. Historically, Windows OS is not something you would think for a stable and reliable system but they can change this.
Sign in to Reply
GREAT-Terry
4/2/2012 3:57 AM EDT
It tells again the open system indeed is not a good idea at the end. I think people has to think about Apple's strategy of doing everything by its own and have tight control on the software (apps) publications.
Sign in to Reply
pinxlin
11/1/2012 9:32 PM EDT
Propose a meeting to discuss and raising the issue on OS & Free Software is to be given.
Not enough to fix the problems that Microsoft has led to the platforms. It should consider the issue of security with greater depth and breadth, otherwise errors remain on the Cloud.
The remnant of McAfee in the comments, makes stressed upon who will be the biggest seller of OS: whether Microsoft (who has acquired McAfee as support platform, and the same time reflects the main exponent of malware for PC-Desktops) .
So persuade the user regarding Apple in the field of practical and avoiding the negligences regarding technical support, leave the firm uncovered on a Ideal course.
No what happens under Android platforms that are so criticized and reviled, how the same Google.
"Recalling the various demands on operating platforms, become increasingly visible his achievements as each company's offer, even without the consent of any engineer would approve of it."
Even, we must not fail to remember that the new Microsoft operating hardware on Android, it does not stand out.
Sign in to Reply