Security is the most important building block in any OS’s success. Everyone’s greatest concern is to secure personal information and private data. Smartphones are occupying most of the mobile market shares and will possibly replace all the ordinary phones in coming few years. Similarly mobile computing and tablets are also becoming popular. That is the most attractive and appealing scenario. Blackberry, Android, Windows Mobile and Apple’s iOS, everyone is claiming their operating system as word’s most secure OS, but reality is bit bitter.
Google’s Android and Apple’s iOS are most popular and widely used mobile operating systems in the world. Apple has attended Black Hat conference and unfortunately failed to prove its iOS as the most secure operating system. Android is at the top of mobile market and have more market shares than any other mobile OS. However, there are almost 20,000 or more Android applications reportedly having malware that can put your privacy in jeopardy.
There are also few reported apps on both Android and iOS that is capable of spamming, one of the most popular is “Find and Call.” It is being reported by an application named as Clueful that millions of application at Apple’s App Store does not perform proper encryption while transmitting your data. Although, these statistics are not authentic enough because Apple has removed Clueful from App Store, but still questionable.
A research has been conducted at University of Luxembourg by Ralf-Philipp Weimann, who is researching on GPS (Global Positioning System). According to him, The GPS technology itself is not causing any trouble instead it is A-GPS (Assisted Global Positioning System) that most of the latest Smartphones are equipped with. A-GPS is a new and under development technology that is why it has soft spots that let caught into your device, let them track your location, grab your passwords/logins and even sometime attacker could control your whole device and can access your stored data.
Whenever you use a location-based application or to find any place (hospital, fuel station, etc.) nearby, your application (all most all the location-based applicatyion) asks your network provider for estimated location and use GPS (your device’s built-in hardware) status and transmits your GPS readings over a “non-secure data link.” By doing some hardware and/or software exploits caught can get these messages containing your location and other information. Ralf-Philipp Weimann said that these messages went directly to CPU (processor) rather than GPS or Mobile Radio Systems, so, remote takeover of your device is possible via malware code.
Android is a Linux-based open-source platform by Google, who is spending hundreds of millions to secure their users from the curse. Newly released Android Jelly Bean is remarkably better than earlier in terms of security and encryption to prevent malicious codes.
The Defense Advanced Research Projects Agency (DARPA) has funded to develop X-Ray, application for Android that scan your device and indentify if any vulnerability found. Microsoft warns that there is a fake Skype malware for android, which sent premium sms. Apple is also highly concerned about security and privacy of users.
I love movies belonging to action, crime and si-fi genre, So, I am thinking that A-GPS vulnerability could be a possible way for security agencies to trace location of criminals. What do you think? Write below in the comment box.
You can like our Facebook Page, follow us on Twitter or add us to your circle on Google+ to stay along with our updates.
{ 4 comments… read them below or add one }
Complete non-sense. The only difference between GPS and AGPS is that in AGPS, the chipset is provided with external information:
- coarse time
- estimated initial receiver position and frequency offset
- satellite position, velocity, and clock offset
This information is only used to improve time to first fix.
At the end, the OS or chipset doesn’t care whether you have assistance data or not. The chipset can function with or without assistance data. Also, any Android app which the user has allowed to access location information will have the same set of information. The location information passed from the chipset to the Android framework and apps get location infromation thorugh the Android framework API.
If a user unwittingly signs their life away by downloading and installing apps that track user position, that’s a users problem – not AGPS. As a matter of fact, whether or not the device even has GPS doesn’t matter since a rough position can be acquired with any WiFi enabled Android device that has geolocation capabilities enabled. Where the vulnerability lies is not with the AGPS, but rather, the user installing malicious apps or someone sniffing out unsecured communication.
That research has been conducted at University of Luxembourg by Ralf-Philipp Weimann, who is a well reputed and he is definitely a respectable researcher, so please don’t call his research as “non-sense.” Constructive Criticism, like yours is always worthy for us. I have spent a couple of days reading and collecting information after a news had passed through my eyes, so I am pretty much sure about authenticity of information provided in my article.
Hello, i believe that i noticed you visited my blog thus i got here to go
back the prefer?.I am attempting to to find things
to improve my web site!I guess its good enough to make
use of a few of your ideas!!
rights of access to a child resident in UK recently posted..rights of access to a child resident in UK
“A-GPS Vulnerability And Malware
Tinyurl.com recently posted..Tinyurl.com
{ 1 trackback }