Tag: smartphone security

Thousands of applications running on this code have been found to be collecting and sharing private data.

According to researchers at Citizen Lab in Canada, there are currently thousands of popular mobile apps that are running code created by Baidu, the internet giant from China, and the code has been causing those applications to collect the personal information of the users and transmit it to the company.

The researchers pointed out that a great deal of that personal information would be very easy to intercept.

It is estimated that the mobile apps using Baidu’s code have had hundreds of millions of downloads. The researchers have traced the issue back to problems in the software development kit (SDK) by Baido for creating Android applications. The mobile security threat applies to the Baidu browser as well as the apps that were created by the company and other firms that employ the same SDK in their app development. That said, while it was primarily Android applications that were affected, the Windows browser from Baidu was also among them.

The same researchers said that comparable types of security issues were present in the Alibaba UC Browser mobile app.

The UC Browser from Alibaba and another popular mobile browser that is broadly downloaded and used in the largest internet market on the planet have also both been affected with unsecured personal data transmission.

That said, while Alibaba has already moved forward and has repaired the vulnerabilities, Baidu had yet to have completed that task at the time of the writing of this article. The company was, however, in the process of making the repairs to the holes in the kit’s encryption. Still, it admitted that it would not cease to collect data for commercial use. Some of the data collected by Baidu will also be shared with third parties. Still, the company said that it “only provides what data is lawfully requested by duly constituted law enforcement agencies.”

Among the unencrypted information collected through the Baidu code based mobile apps are the search terms that have been used by the user, his or her website visits, and his or her location. This, according to the Citizen Lab chief researcher, Jeffrey Knockel.

The iPhone maker is urging the American government to do this as it fights demands to unlock a San Bernardino shooter’s phone.

Apple Inc. is currently in the middle of a high profile battle in mobile security and encryption, as the company resists the demands being made by the government of the United States, in which the tech giant is being ordered to unlock the iPhone used by one of the San Bernardino shooters.

The company has now urged the American government to create a panel of experts or a commission for this subject.

The purpose of the commission being requested by Apple, would be to discuss the implications of this type of order on national, personal and mobile security, among other issues and freedoms. On the company’s own website, it shared a post entitled “Answers to your questions about Apple and security,” in which it said that “Apple would gladly participate in such an effort.” The iPhone maker went on to explain that “the best way forward would be for the government to withdraw its demands” to unlock the smartphone.

The FBI made the request of the company to break the mobile security barriers in the device, as a part of their investigation.

The Federal Bureau of Investigation says that it wants to be able to access the contents of the iPhone used by Syed Rizwan Farook as a part its examination of the evidence that was created before the shootings in San Bernardino. Apple is being ordered to disable some of the passcode protections on the device.

On December 2, Farook and another man, Tashfeen Malik, opened fire at a holiday party in San Bernardino, California, murdering 14 people and leaving another 22 people injured. A police shootout ensued and both attackers were killed.

In response to the demands that it has received, Apple has said that, while it is technically able to unlock the iPhone through the creation of a new operating system, a precedent could be established that might lead to dangerous situations in mobile security and privacy freedoms. It underscored the fact that it has never unlocked a smartphone on behalf of law enforcement, though it has previously extracted data from one of its devices that had been operating on an older version of iOS when following a “lawful court order.”

The U.S. Department of Justice has now filed a motion to attempt to force Apple’s compliance in breaking through the mobile security of the device and unlock the iPhone.