MelissaLoudon's blog
Posted by MelissaLoudon on Dec 22, 2011
Vibe burst onto the scene following reports that protesters were using it to coordinate with each other at the recent Occupy Wall Street demonstrations and camps.
As a smartphone app for anonymous broadcast messaging, Vibe is going after an important idea. In fact, it’s been promoted as an anonymous version of Twitter. Anyone with the app can post - there are no accounts - and users are able to limit the lifetime of the messages (from a few minutes to a few days) and the location to which they are broadcast (from a few meters to anywhere).
Vibe is clearly a useful tool. Some of the ways it has apparently been used include asking anonymous questions at a conference, and communicating with neighbours about local events. The ‘anonymity’ of not having to create an account may be perfectly adequate for these situations. However, when it comes to its use by activists - where it is being promoted as an appropriate tool for people with serious security implications should their identify be revealed - we need to delve deeper into promises of anonymity.
In the case of Vibe, our analysis revealed some serious concerns. Some of these have come up in other reviews as well.
Posted by MelissaLoudon on Sep 22, 2011
Particularly for smartphones, there are many apps that promise improved privacy and security for your mobile communications. Like all apps, some are very good, but other are poorly written or overpriced, and may even be malicious. This article will help you evaluate whether you should trust their promises.
Before You Start
Security apps are most useful as part of a coherent security policy covering all your mobile communications. The Mobile Risk Assessment Primer will help you complete an inventory of mobile communications risks, and decide which are most important and most feasible to mitigate.
Once you’ve completed a risk assessment, it’s important to search broadly for security apps. MobileActive is in the process of reviewing many of these from our current list of security apps, but the mobile security landscape changes quickly. Ask friends and colleagues, read about your specific security need online, and search your device’s app marketplace. Once you’ve identified as many options as possible, it’s time to start evaluating your security apps.
Will It Work on Your Phone?
As with computer software, some mobile apps are built to work on one platform - Android, iPhone, Blackberry, Symbian, Java - and may not work on others. There may be other requirements too, such as particular phone models. Make sure the apps you have chosen are all going to work on your device.
Also consider how you will actually get the app - can it be downloaded from a web link that you open on your phone, or can you get it from an app marketplace? Some apps can also be downloaded to a PC and transferred via bluetooth or a data cable. This step sounds obvious, but it can be tricky when you don’t have stable Internet access on your phone or aren’t used to the app install process.
Posted by MelissaLoudon on Jul 11, 2011
HTTP, the Hypertext Transfer Protocol, is the data communication protocol you use when you broswe the web - as you probably know if you've noticed that website addresses usually begin with http://. HTTPS is the secure version of HTTP, which you might have seen being used for sensitive transactions like online banking and online shopping. When you are using the secure part of a site, the web address will begin with https://.
When using your mobile phone for sensitive communications, it is important to ensure that your online activities - whether researching or reading about an issue, sending an email, writing a blog post or uploading photos - are done over a secure connection. There are three elements of secure web browsing:
Posted by MelissaLoudon on Jun 30, 2011
Smartphones (iPhone, Android, Blackberry, Windows Mobile, Symbian) and many feature phones allow you to download and install mobile applications (“apps”). Apps do many useful things. However, some apps (and other types of software, such as your mobile operating system) can also present security risks. These include:
Apps and other software may have access to information stored on or generated by your phone.
Apps and other software may have the ability to transmit this information using your phone’s Internet connection.
Malicious apps or other mobile software installed on your mobile device can expose you to the following risks:
Your conversations may be listened to or recorded without your knowledge.
Your text messages, emails and web traffic may be monitored and logged.
Data stored on your phone (contacts, calendar entries, photos and video) may be accessed or copied.
Passwords stored or entered on your phone may be stolen and used to access your online accounts.
Your locationmaybetracked, even when your phone is switched off.
With smartphones gaining market share, malicious apps are beginning to pose a serious threat. In an article titled “Your Apps Are Watching You”, the Wall Street Journal tested popular iPhone and Android apps, and found that of 101 apps tested, 56 transmitted a unique identifier for the phone without informing the user or asking for consent. 47 apps also transmitted the phone’s location, while 5 sent age, gender or other personal details to various companies. The App Genome Project reports that 28% of all apps in the Android Market and 34% of all free apps in the Apple App Store have the capability to access location, while 7.5% of Android Market apps and 11% of Apple App Store apps have the capability to access users’ contacts.
It can be very difficult to tell which apps are safe and which are not. App behaviours that might not bother most users, such as transmitting the phone’s location to an advertising server, can be unacceptable to people with higher privacy and security requirements.
This article offers suggestions on how to assess risks to security and privacy posed by apps.
Posted by MelissaLoudon on May 27, 2009
At the turn of millennium, tech journalists (clawing their way back from the Y2k=K non-disaster) found smartphones. Futuristic interfaces, newly-discovered mobility and the work-anywhere promise of the Blackberry kicked off the trend, later boosted by the emergence of high-speed mobile Internet and a new crop of Internet-enabled devices. Market figures are for smartphones are certainly impressive, with Gartner recording device sales of 139.4 million in 2008, up 13.9% from 2007.
That same year, the meteoric rise of the iPhone gave us the ability to purchase third-party smartphone applications through the App Store which became a major selling point for the hardware. In the first quarter of 2009, smartphone sales represented 13.5% of mobile phone sales worldwide. Sales show no sign of slowing, and neither does the blistering pace of innovation in hardware, interfaces and 'ecosystems' like the App Store.
Posted by MelissaLoudon on Apr 25, 2009
NetSquared just announced the top ten projects in UCB Human Rights Center Mobile Challenge, as chosen by community vote. The challenge, which was open to any project using mobile technology to support human rights work, had over fifty entrants from a wide spectrum of human rights organisations, technical experts and issue-based groups. Three winners will be announced at the Soul of the New Machine conference in May.
