Beware of the catch in new privacy regulations

By Anna Larkina and Victor Chebyshev

 

NOTHING is truly free in life.

Unfortunately, the current business model for free services means that – essentially – we pay with our data.

Social networks, some messengers and search engines make money off advertising and the more personalised it is the better.

In fact, Facebook and other companies have been doing this through its services for the past few years.

The good news is that (i) most companies – including Facebook – are being transparent about its policies; and (ii) WhatsApp doesn’t read your conversations because it includes end-to-end encryption.

All they’re tracing is technical and account information.

Moving forward, the integration between Facebook and WhatsApp will only continue to increase, and users will need to decide what level of information sharing they’re comfortable with and which messaging applications they prefer.

Luckily there is a variety of alternative messaging platforms and currently users can decide for themselves what works best for them.

Which messenger is safer?

Most messaging apps today are relatively safe since they use encryption when sending messages.

On iOS (iPhone operating system), this fact makes such applications really quite reliable. However, it’s worth remembering that the user may face an attack on the device or an attempt by attackers to infect it.

That’s why the situation is a bit different on Android given, for example, there is a built-in Accessibility Service.

Attackers are known to have exploited the capabilities of this service in order to collect user data.

In particular, last year we discovered stalkerware that could receive the text of incoming and outgoing messages from instant messengers using this standard function.

That’s why, in order to protect your data, we recommend that mobile device users adhere to the following rules:

  • Don’t download messengers and other programmes from third-party sources. Use only official application marketplaces.
  • If possible, acquaint yourself with the user agreement. There are situations when the developer of the app openly warns that they may share user data with third-parties.
  • Do not follow suspicious links from messages even if they were sent to you by your friends.
  • Use security solutions when possible on your mobile devices.
  • Pay attention to which permissions downloaded applications request. If the requested permission is not necessary for the full functioning of the application, then there is a reason to be wary. For example, the flashlight app clearly doesn’t need access to the microphone. – Jan 15, 2021

 

 

Anna Larkina is a senior researcher while Victor Chebyshev is a mobile threat researcher at Kaspersky, a Moscow-based multinational cybersecurity and anti-virus provider.

The views expressed are solely of the author and do not necessarily reflect those of Focus Malaysia.

Subscribe and get top news delivered to your Inbox everyday for FREE