What Does the Future of Mobile Look Like? Here’s a Peek

April 5, 2012

Business insider just hosted their Future of Mobile conference, and kicked it off by creating a presentation of current mobile trends. It’s pretty cool and worth not only looking through, but also pondering the implications for your own mobile use as well as that of whatever company you work for.

Among the stats:

  • In 2011, the number of smartphones sold exceeded the number of PC’s sold but that’s just the tip of the iceberg because….
  • Off all the mobile device users, only 835 million are smartphone users, whereas 5.6 Billion are still on ‘dumb phones’.
  • Mobile apps are now a ~10 billion dollar market – growing at 100% a year.
  • It took AOL 9 years to get 1 million users. It took Facebook 9 months. But it only took the new “Draw Something” mobile app 9 days.  (NOTE: Draw something roared onto the mobile app scene to now be the #1 App in 79 countries, with more than 20 million downloads. It generates over $100,000 in revenue a day, and has more than 12 million users a day.

Take 5 minutes to flip through the deck and be awed by the sheer volumes represented.



Top Tips to Avoid Malicious Apps

November 28, 2011

17.7 billion mobile apps are estimated to be downloaded in 2011 (a 115% increase from 2010). By 2012, mobile apps are projected to generate more than $15 billion in app store revenues from end-users alone, according to “Forecast: Mobile Application Stores, Worldwide, 2008-2015,” by Gartner.

“As the application market continues to boom, users should be more cautious that they know what they’re installing,” said Lawrence Pingree, Gartner analyst. “For example, they should only install applications from trusted sources and ensure that permissions match up with the respective application’s core features. Anti-malware protection will also go a long way in helping to ensure the user’s mobile device has the latest protection.”

To help consumers stay safer when selecting mobile apps to download, McAfee has just released their Top Five Tips to Avoid Bad Apps.

These include:

  1. Although smartphone malware is remains a relatively low threat compared to malware targeting PCs; being aware that it exists is the first step toward protecting yourself and your data.
  2. Always research any app and its publisher and check the ratings before downloading – you’re safer if you install apps that are broadly used or are recommended by friends or colleagues.
  3. Purchase from a well-known reputable app store market. For Android users, avoid installation of non-market applications by de-selecting the “Unknown sources” option in the Applications Settings menu on your device. If the option is not listed, it means your mobile service provider has already done this for the user.
  4. When installing an app, pay attention to the list of permissions it wants to access the hardware and software on your device, like your contacts, camera and location. If it wants permissions for things the app doesn’t need, don’t install that app! For example, an alarm clock app shouldn’t need to access your contacts or have the ability to transmit that data from your device.
  5. Install antivirus software on your phone. Always install an antivirus program when you get a new mobile device – before you add any other apps.

“Maliciously modified apps have started to become more prevalent,” said Vincent Weafer, senior vice president, McAfee Labs. “Based on McAfee detections, we’ve seen approximately 200 malicious apps versus tens of thousands of good apps. However, with mobile devices becoming a targeted platform for malware, it’s becoming more common for cybercriminals to attempt to corrupt a legitimate app. The best advice for users is to be careful, protect the mobile device and the mobile apps that reside on the device.”

These are tips to live by.

To learn more about mobile threats, see my blogs It’s No Accident – Mobile Money and Mobile Malware Set to Go Big in 2011, McAfee Threat Predictions for 2011 – Mobile: Usage is rising in the workplace, and so will attacks, More Mobile Apps Caught Inappropriately Collecting User Info and Installing Malware and Twenty-Five New Malicious Apps on Android; 30,000 to 120,000 Users Affected.


Freedom From Cell Phone Surprises – Wireless Users To Get Alerts Before Overage Charges

November 2, 2011

It has only taken 15 years, and a ruling by the Federal Communications Commission  for the mobile industry to step up to voluntarily providing consumers with a notice when they are nearing their monthly limits on voice, data or text plans, and are therefore at risk of incurring extra charges.

Over the past 18 months, the F.C.C. has looked into the issue of consumer “bill shock” that nasty feeling one gets when opening your monthly wireless statement and find unexpected overage charges in the tens, hundreds or even thousands of dollars.

Wireless carriers will be able to choose from four methods of notifying consumers that they’re reaching their budgeted limits, but within the next twelve months the companies must have these notices started, and within 18 months all of the alerts must be in place. Equally important, the notices must be free of charge and automatic, though consumers can choose to opt out if they prefer.

This change in notification is critical at a time when smartphone and wireless tablet adoption is skyrocketing. As this illustration points out, smartphones use 24 times the data of a conventional cell phone, and tablets take 122 times more data than smart phones.

The enormous increase in data capacity and usage makes the risks of overage charges a significant and growing threat to consumer’s pocketbooks, particularly as the ‘all-you-can-eat’ phone plans are vanishing.

According to an FCC survey conducted in April-May of 2010, 30 million Americans have experienced cell phone bill shock. More than half those consumers saw an increase of $50 or more and 23% had unexpected charges of $100 or more.  In another report published in October 2010, the FCC data showed that 20% of the bill shock complaints it received during the first half of 2010 were for $1,000.

“Consumers have been telling us about ‘bill shock’ for a long time, and we’ve been pushing for reforms to crack down on the problem. Ultimately, this is about helping people protect their pocketbooks, so we applaud the F.C.C. and the industry for this effort to do right by consumers.” said Parul P. Desai, policy counsel for Consumers Union.

With hope on the horizon, it is still critical to keep a close tab on your data use.


Great Infographic with Sobering Stats on Mobile Malware and User Ignorance

September 12, 2011

Over half (53%) of smartphone users say they are unaware that there is security software available for smartphones according to research by security company BullGuard, a shocking data point when mobile malware is skyrocketing.

In just the first six months of 2011, malware aimed at the most vulnerable platform, Android, has grown by 400% according to BullGuard, but that isn’t to say that Symbian, Apple or Windows Mobile users are safe.

The company has just released a new infographic titled Mobile Malware: – The Growing Threat of Smartphone Hackers & What You Need to Know’ that gives a great overview of the landscape of mobile malware, the lack of awareness about mobile threats among consumers, and what to expect for the second half of this year and into 2012 (the news isn’t great).

By the time you’ve finished scanning through the infographic, you may just be persuaded to install the mobile security software smartphones now desperately need.


Hacker Conference Focused on Web Browsers and Mobile Devices. Who Was Hacked and Who Withstood, and does it Matter?

March 21, 2011

In a wake-up call to security-complacent Apple users, the first browser to get hacked in the Pwn2Own hacker competition was Apple’s Safari, and it took just a matter of seconds. Pwn2Own is a part of the CanSecWest conference in Vancouver every year, and the term is geek speak for pwn (=hack) and to own (the device). Participants are given the challenge of exploiting common software, this year the focus was on two hot areas – browsers and mobile devices.

Other browers in the completion included Microsoft Internet Explorer Mozilla Firefox and Google chrome. The Opera browser has such a low adoption rate that it was not included.

Microsoft’s IE 8 fell to hackers later that same day. Firefox and Chrome were not hacked, and this was particularly impressive for Google’s Chrome as they had sweetened the reward for anyone who did hack their service.

Day two pitted the mobile devices against hackers and both the iPhone 4 and Blackberry Torch fell to attackers while Android and Windows 7 remained standing.

What makes the Pwn2Own hacker contest different from real world risk is that it does not reflect the percentages game.

Criminals want the biggest bang for their malware buck which means the dominant operating systems, browsers, platforms etc. are always going to be the better targets.

Windows, though it has slipped a little, is still so far ahead in user penetration rates[i] that writing malware for any other OS is still a marginal proposition.

As with operating systems, the ongoing browser market shares have changed little in the past year. IE still takes the lion’s share[ii] with the only real contender being Firefox at this point. That said, much of the browser malware is written to hit multiple services.

In the mobile world, smartphone platform penetration rates have dramatically shifted. [iii][iv] Entering into 2010, RIM, was the clear giant, but it slipped by 11% points to land in second place in January 2011. Google skyrocketed from barely registering to taking first place in penetration rates.

Given the amount of buzz around IPhone’s you’re probably surprised to hear their market share actually declined. Microsoft was the biggest loser, dropping from 18% to 8% year over year, and Palm continued its steep demise losing about 50% and now down to only 3.2% of the market share.

From the criminal point of view, Google’s Android platform is beginning to look very interesting – particularly as Google does less than the other mobile platforms to test products offered through their market place. See More Mobile Apps Caught Inappropriately Collecting User Info and Installing Malware for more information.

For Apple lovers, the Mac OS and Apple device’s underdog status against PC’s and the Windows OS long served as a hardy defense against criminal exploits. But with predictions that the Mac OS will make stronger inroads, Apple is facing new threats. (See Part 3: McAfee Threat Predictions for 2011 – Mobile: Usage is rising in the workplace, and so will attacks).  So it now appears that assuming you’re safe from malware on Apple devices is no longer a safe bet.

Though still an underdog, here’s insight into why criminals are taking an interest in Apple. Consider the company’s 2010 Sales data (Fiscal year ended Sept 25th 2010) results, and it is easy to see why criminal interest is perking up. In just the past three years, Apple has sold 33.7 million computers, 72.5 million iPhones, and iPad sales are soaring.  Add to that the over 300 thousand applications in the Apple App store and the potential for exploitation becomes even more interesting. (To learn more about threats to the iPhone see Researcher warns of risks from rogue iPhone apps).

Now, Apple has taken another step to address some of their security gaps. The company has changed their practices with regard to unreleased software[v]. They are now sharing advanced copies of their next OS (called Lion) with security researchers, not just with developers.  Time will tell whether their efforts pay off.

More on mobile risks:


More Mobile Apps Caught Inappropriately Collecting User Info and Installing Malware

March 8, 2011

Twenty-one mobile applications from a single publisher have been pulled from the Android Market after Google learned they were exploiting consumers according to a new Washington Post article. Google has also remotely removed these apps from user’s devices, but that does not remove any malicious code that has already been downloaded.

These applications were apparently not only stealing consumer’s information, they left a back door open on consumer’s phones so they could download malware without the user’s knowledge.

According to Mashable, between  50k and 200k Android users downloaded these applications, which Mashable says “are particularly insidious because they look just like knockoff versions of already popular apps. For example, there’s an app called simply “Chess.” The user would download what he’d assume to be a chess game, only to be presented with a very different sort of app.”

To learn more about malicious and unethical applications offered through various marketplaces, see my blogs:

Mobile malware is expected to explode in 2011, and it’s time to protect yourself with mobile security software. See my posts:

The bottom line? Just because an app is offered doesn’t mean it’s been tested and guaranteed safe – case in point, if it weren’t for the diligence of the Android Police, the malicious apps on Android Marketplace would still be exploiting consumers.

Here’s a list of the malicious apps:

  • Falling Down
  • Super Guitar Solo
  • Super History Eraser
  • Photo Editor
  • Super Ringtone Maker
  • Super Sex Positions
  • Hot Sexy Videos
  • Chess
  • 下坠滚球_Falldown
  • Hilton Sex Sound
  • Screaming Sexy Japanese Girls
  • Falling Ball Dodge
  • Scientific Calculator
  • Dice Roller
  • 躲避弹球
  • Advanced Currency Converter
  • App Uninstaller
  • 几何战机_PewPew
  • Funny Paint
  • Spider Man
  • 蜘蛛侠


Use of Mobile Banking Increases – Are You Protected?

November 30, 2010

Consumers have become more confident about using their mobile phones for banking transactions according to new research from The Nielsen Company. This trend is also outlined in a recent white paper from Juniper Research that projects the number of worldwide mobile phone users who perform mobile banking will double from 200 million this year to 400 million in 2013. In the U.S., it is the more affluent consumers who are leading the charge, but in the rest of the world, it’s far more likely to be the norm for all users.

For consumers, the appeal of mobile banking is clear; it’s convenient, and empowers us through real-time balance checks and transfers of funds, and provides a more consistent banking experience. However, with all these benefits come risks that every mobile user of financial services should be aware of, and take precautions against.

The risks are pretty straightforward: crooks want your cash and/or your credit – and they’re willing to go to some work to try collecting the information they need to steal it.

Ask yourself three questions before transacting through your phone:

  • Is your phone secure? As more consumers use smart phones, and a few key market leaders emerge, malware targeting phones will continue to increase. Be sure you have up-to-date security software, which means antivirus and anti-spyware protection installed.
  • Do you have a secure password/PIN? Every phone should have a password lock to prevent others from using it. However, if you have any sensitive information stored on your phone, you need to be particularly diligent in ensuring your phone’s password is strong.  See my blog Safe passwords don’t have to be hard to create; just hard to guess. Then, don’t share your password with anyone or respond to any e-mail requesting that information.
  • Is your connection secure? If you are surfing over your phone carrier’s network, you are quite safe, however, if you are using WiFi to connect, be sure you know and trust the WiFi connection. Do Not use a public WiFi for financial transactions. See my blog Like Lambs to the Slaughter? Firesheep Lets Anyone be a Hacker

If you’ve successfully answered all of the above then you’re off to a good start. The bottom line: Before you conduct your most sensitive financial transactions you need to be absolutely certain both the Internet connection and the mobile device or computer you’re using is secure. If you don’t have 100 percent confidence – don’t take the chance.