Friday, February 26, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Google’s policy change affects 75% of users of ESET’s Android anti-theft service

January 10, 2019
in Internet Security
Google’s policy change affects 75% of users of ESET’s Android anti-theft service
590
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

The unfortunate implications of a well-intentioned change to Google Play Developer policies – and the negative impact it has on ESET’s Android app customers

When downloading an app from the Google Play store it’s likely that you are oblivious, unless you’re an app developer, to the Google Developer Policy that needs to be adhered to in order to get the app listed and made available for download.

You might also like

SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021

Facebook bans Myanmar military-controlled accounts from its platforms

Cloud, data amongst APAC digital skills most needed

The policies are well-documented, publicly available documents and are there to protect users and developers alike. Restricted content, intellectual property, privacy, security, deception and monetization are among the many topics covered.

As a diligent cybersecurity company, ESET frequently notifies Google’s policy team when it identifies apps that have malicious intent, so they can be removed. However, bad apps slip through the automated compliance processes by using evasion techniques. Our research into malicious apps is often published here on WeLiveSecurity. A few recent examples include Banking Trojans and fake finance apps.

We proudly consider ourselves a contributor to keeping users safe from the malicious endeavors of cybercriminals flouting Google Play Developer Policy. This is also demonstrated by our partnership that provides Google with the technology to protect Chrome users against unwanted software.

As with all policies, they need to be flexible to change and adapt, taking into account new legislation and acceptable behavior; they also need to be modified to fight against bad developers finding methods to do things that are not in the spirit of the policy.

A recent change to the Permissions Policy has caused some of our own security-focused apps to fall foul of the policy. This specific issue refers to the use of the SMS permission group, the ability to read, write, send and receive SMS messages by an app. The new policy states that an app is required to be the default SMS or assistant handler on the device to be granted these permissions. So only an app that’s replacing the default SMS messaging abilities on the device can be granted the permissions.

The change was made to protect user privacy and to stop apps that misuse the access to SMS messages, abusing the user’s privacy. On first reading it seems like a sensible policy amendment, but this blanket non-granular change affects legitimate app developers, like ESET, from using the permission for security, privacy and safety reasons.

More specifically we are talking about ESET’s Parental Control app which allows parents to communicate with and locate their child’s device even when there is no internet connection. It does this by using SMS. A parent can send a specially-coded SMS to the device and — if received from a pre-registered number — it will respond accordingly, either displaying a message to the child or returning the location of the device to the parent. Just under 30% of parents have configured the app to utilize this safety feature.

In the scenario where a child is in a location where internet services are not available, for example in the woods, and the child has been hurt, is lost or something more sinister is happening, then the parent will know the location and be able to act accordingly. Without SMS access, this functionality will not be available unless there is an internet connection, thus reducing the standard of safety afforded to the parent and child through the app.

ESET’s Mobile Security app also uses SMS permissions, with 75% of the anti-theft service users electing to use SMS. When the device is lost or mislaid, a specially-coded SMS can be sent to the device to lock, locate or wipe the device. This protects the device when outside of normal connectivity and in the case where it has been stolen and the thief is aware that most anti-theft systems, such as Google’s, only work when there is an internet connection. The SMS permission provides essential functionality to protect security and privacy of the device and the data stored on it.

When the change was announced, we received official notification to remove the use of the SMS permission from our apps. We, of course, requested an exception to this restriction. We even reached out directly to our contacts at Google and requested assistance in gaining an exception, especially since we are a trusted source of research on malicious behavior in apps listed in the Play Store.

Unfortunately, our request for an exception continues to be declined, despite the fact that our use of the permission is for the very reason the policy was amended, to enhance safety, security and privacy.

We urge the Google policy team to reconsider their position and grant an exception, before the deadline in January, set by them, allowing our customers and their children to remain safe and secure.



Tony Anscombe 21 Dec 2018 – 11:01AM


Credit: Source link

Previous Post

Get 10 Popular Books To Learn Advanced Hacking [2018 Bundle]

Next Post

Replace Last Command in Shell

Related Posts

SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Internet Security

SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021

February 26, 2021
Facebook bans Myanmar military-controlled accounts from its platforms
Internet Security

Facebook bans Myanmar military-controlled accounts from its platforms

February 25, 2021
Cloud, data amongst APAC digital skills most needed
Internet Security

Cloud, data amongst APAC digital skills most needed

February 25, 2021
Ukraine reports cyber-attack on government document management system
Internet Security

Ukraine reports cyber-attack on government document management system

February 25, 2021
More than 6,700 VMware servers exposed online and vulnerable to major new bug
Internet Security

More than 6,700 VMware servers exposed online and vulnerable to major new bug

February 25, 2021
Next Post
How to Change the WordPress Admin Login Logo

Replace Last Command in Shell

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021
Internet Security

SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021

February 26, 2021
Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations
Internet Privacy

Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations

February 25, 2021
DataStax Astra goes serverless | ZDNet
Big Data

DataStax Astra goes serverless | ZDNet

February 25, 2021
Tesla Working on Full Self-Driving Mode, Extending AI Lead 
Artificial Intelligence

Tesla Working on Full Self-Driving Mode, Extending AI Lead 

February 25, 2021
Cloudera aims to fast track enterprise machine learning use cases with Applied ML Prototypes
Machine Learning

Cloudera aims to fast track enterprise machine learning use cases with Applied ML Prototypes

February 25, 2021
Facebook bans Myanmar military-controlled accounts from its platforms
Internet Security

Facebook bans Myanmar military-controlled accounts from its platforms

February 25, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • SolarWinds cybersecurity spending tops $3 million in Q4, sees $20 million to $25 million in 2021 February 26, 2021
  • Chinese Hackers Using Firefox Extension to Spy On Tibetan Organizations February 25, 2021
  • DataStax Astra goes serverless | ZDNet February 25, 2021
  • Tesla Working on Full Self-Driving Mode, Extending AI Lead  February 25, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates