ItsGeekToMe.co

I’ve received numerous e-mails from readers responding to the column about malware lurking in smartphone flashlight apps (I.G.T.M. # 389, Jan 4-10, 2015).  The replies ranged from bare URLs, which I was apparently intended to visit and read (but, with no accompanying explanation, I often just ignored) to pages-long diatribes about how great certain particular flashlight apps are, and thus could not possibly be stealing anyone’s personal information.

Since this is obviously an important issue that affects so many people, I did a bit of non-technical research on my own, and here’s what I decided.  First, Gary Miliefsky (the guy from Snoop Wall who appeared in the original Fox News report) was citing the GooglePlay store in his comments.  That app store caters strictly to users of phones that run Google’s Android operating system.  Unfortunately, even as Mr. Miliefsky spoke, the news report was showing images of an Apple iPhone and even the iPhone icon that launches the flashlight that’s built-in to the operating system!  This has led to a lot of confusion in and of itself.

Further, there are some who are saying that Mr. Miliefsky based his presumption of the presence of malware simply on the size of the apps.  Not true.  Although he didn’t go into detail (which, for a news segment, would have A) been extremely boring, and B) run way too long) he did clearly state that he had “been tracking down” the destinations where personal data are being sent.  He also said that the Snoop Wall team did “a vulnerability assessment of the top-10 flashlight apps” (again, in the Google Play store only).  Although details of the analysis would perhaps be more convincing, it seems to me that an organization involved in Cyber-security would know better than to reveal their techniques and abilities, lest they be compromised to the very people they are trying to defend against.  One thing he very clearly stated is that the company that was sued by the Federal Trade Commission over this issue now has a monstrous Privacy Policy that users must acknowledge before running the app, in which the company uses 25 pages of legalese to state that they are spying on you, geolocating you, and taking information off your mobile device.  It doesn’t take a lot of technical research to understand that, yet people are still mindlessly agreeing to this without reading it.

Personally, I’m inclined to believe that there are apps out there that are sending personal data to places where that data has no business going.  I would be surprised if it was limited to Flashlight apps.  Although the report didn’t say it, and many people will get upset with me for saying it, I believe this problem is not limited to Android devices, but extends to iPhones, and almost certainly Windows phones.  At the end of the day, it’s important for you to make your own decisions.  Be informed, but don’t believe every last thing you see or read on the Internet.  When it comes to your smartphone, because of the unique nature of the data it contains, and the sites that many of us access with it, be very careful which apps you choose to install.  The fewer apps you select, and the more mainstream they are, the less vulnerable you will be to theft of your data.

 

---

 

New feature at ItsGeekToMe.co: The Geek’s Website of the Week.  I’m launching a new feature over on my website next week, and I’d like your help.  Everyone seems to have their favorite website, or website feature that they’ve discovered, and I want to help you share these with your fellow Geeks so we can all benefit.  I’m going to work up a new online submission form, but for now nominate your favorites by e-mailing me at ItsGeek2Me@gmail.com. I’ll pick a different website each week, and credit the person (or people) who nominated it.  Oh, and “family friendly” sites only, please!