How Security Helped Chrome Become the World’s Most Popular Browser

Share this
Print Print
May 25, 2012
By Jason

According to StatCounter, Google’s Chrome browser is now the number one browser in the world, replacing Microsoft’s Internet Explorer after a nearly a decade and a half. Microsoft has disputed StatCounter’s numbers but no one can deny that Chrome’s rise has been “meteoric”.

Why has Chrome grown so quickly since it was first launched less than four years ago?

Our Chief Research Officer @Mikko Hyppönen has a theory: Security.

He gave this explanation at Google Zeitgeist 2012 on May 22:

Chrome is actually excellent in security senses. And I’m not saying that just because we are at a Google event.

Looking at real world statistics of people who surf the web and happen to visit a website that has an exploit kit waiting, users surfing with IE or Firefox have—in practice—a much higher risk of getting infected than users with Chrome. And I do believe that’s one of the reasons why Chrome bypassed IE in popularity globally just yesterday—after IE had been the number one browser in the world, Chrome became number one just yesterday.

Leave a comment

What You Need to Know About Mobile Malware

Share this
Print Print
May 18, 2012
By Anna

Last week we told you how to protect yourself from mobile malware. For people who want to go a step further and understand the threats your smartphone faces, we’re going to take a quick look inside the F-Secure Mobile Threat Report Q1 2012. What you’ll find is a Android landscape where threats are quickly maturing.

(You can download the whole report here.)

1. A vast majority of mobile malware is targeting the Android operating system.
New families and variants of Android malware keep cropping up each quarter, and this trend isn’t slowing down. In Q1 2011, 10 new Android malware families and variants were discovered. A year later, this number has nearly quadrupled. 37 new families and variants discovered in the first quarter of 2012 alone. In the first quarter of 2011, 139 malicious Android application package files (APKs) were identified. In the first quarter of that number grew to 3063.

2. If Android users stick to official Google marketplace Play, they should be fine for now.
F-Secure Labs has seen a handful of examples of bad apps popping up in the official Android Marketplace, which has now become Google Play. But these examples are extremely rare compared to the thousands and thousands of good apps available. Apps that you haven’t found inside an official marketplace and begin installing themselves on your phone are much more likely to be malicious.

3. Mobile malware developers are after your money and they’re increasingly sneaky.
We’ve now reached the era where the bad guys believe there is money to be made by invading your smartphone. A vast majority of Android malware is now profit motivated. And with money on their minds, criminals tend to step up their game. Malware authors craft their infected or trojanized applications to defeat anti-virus signature detection. They distribute their malware in different application names, and trojanizing versions of widely popular applications including the most popular app ever to come out of Finland—Angry Birds.

What’s especially sneaky about today’s malware is just how well it can hide itself.

F-Secure Labs Security Advisor Sean Sullivan explains: “Today what we’re seeing are malicious Android applications that have bundled legitimate apps such as Rovio’s Angry Birds Space. First the malicious “wrapper” tricks and manipulates the user into granting permissions that allow the malware to subscribe to premium rate services. But then… the malware actually dos install a working copy of the promised game. At this point there is little to be suspicious of and nothing to troubleshoot. The user gets the game that he was promised.”

How long might a user go without knowing he or she is infected? That remains to be seen.

[CC image by keith.bellvay]

1 Comment

5 Ways to Keep Your Mobile Phone Safe

Share this
Print Print
May 8, 2012
By Jason

Think about how it feels to lose your wallet. The money, the credit card, all the essential data you need to function in the world.

Now think about this: 57% of the mobile phone users we surveyed said their mobile phone contains more important information their wallet. MORE!

Over the last few years, our mobile phones have grown from a useful toy to our digital connection to world. Think about what’s on your phone’s hard drive. Your have your email, your phone numbers and contacts, texts. What else? You use it to bank, shop, enjoy apps and, in some places, even as your digital wallet.

F-Secure Labs has pointed how phishing scams are newly effectively on mobile phones. Bad apps, mobile botnets and spyware are no longer theoretical threats. Mobile malware that is designed to to seek make money grows more sophisticated all the time.

Is your phone as protected as it could be? Here are 5 ways you can secure your phone

1. Do not click links in your email.
Phishing scams are more powerful on mobiles and links can lead to scams or possibly even bad apps. You’d never click on an attachment from a stranger in your email. Think of links in emails the same way whether you’re on your phone or your PC.

2. For apps, stick to trusted marketplaces and vendors.
Apple’s walled garden method of approving all the apps in the iOS store has created a level of security that hasn’t been available on for Android users. There have been somewhat rare instances of bad apps showing up in the Android Marketplace, which is now Google Play. In general if you stick to the official marketplace, check reviews and research vendors you’ve never heard of, you’ll have a good chance of only installing safe apps.

3. Never install software you did not seek out.
Did you know QR codes can trigger an app install on your phone? The likeliest way you’ll get mobile malware is by installing it. So if any app asks to install itself without you intentionally seeking it out, immediately cancel if possible.

4. Lock your phone and put a remote wipe app on it.
Would you leave your open wallet lying around? You should always lock your phone the same way you lock your PC when you aren’t using it. For extra protection consider a remote-wipe software such as our free Anti-Theft for Mobile. It gives you the power to lock and erase your phone wherever you are.

5. Keep your system updated and get a quality security app if available.
You phone is a little computer. Old software can have vulnerabilities that can lead to mobile malware trouble. Take any software update your provider or phone manufacturers offer. And keep your apps updates. For the kind of protection for your mobile you’ve grown to expect for your PC, consider mobile security software. You can try F-Secure’s Mobile Security for free.

Cheers,

Jason

3 Comments

How We Give Away Our Privacy (And How to Take It Back)

Share this
Print Print
May 3, 2012
By Jason

Deciding what information should be public isn’t just important for your reputation and mental health. Keeping your account numbers and identifying information secret can help prevent financial fraud, protecting you and property. In a country like Syria in the midst of turmoil, your privacy can be a matter of life and death.

But for most of us, we’re willing to trade a litte of our privacy for a service we like, or a little company.

Thorin Klosowski recently published a piece on Lifehacker called “Living in Public: What Happens When You Throw Privacy Out the Window”. In it, he describes how he, a very private person, decided to live his life in public.

For three weeks, Thorin shared his location through location-based social networks wherever he went. He made all of his activity on his favorite apps public. He allowed all of his Internet activity to be tracked by anyone who wanted to track it.

After three weeks, he asked a stranger to take a look at all of his activity and tell him what she thought. What she said and what Google thought about him (see what Google thinks about you here) turned out to be pretty accurate.

The reason that social networks are addictive, I’d argue, is that they are pretty good representations of who we are in real life. The problem arises as we share we may create evidence online that can look bad out of context—like those party pictures. The old notions of a private self that your boss doesn’t know are transforming drastically every day. Some of it is beyond your control. But there is a lot you can do.

The first thing to do is to think about the tools that may give away your privacy.

Here are a few:

  • Social networks—Facebook, Twitter, LinkedIn. Do we need to mention Google+?
  • Location-sharing services like Foursquare or posting pictures that include your location data on it.
  • Browsing the Internet without turning off tracking tools.
  • Allowing services like Google to track your history.
  • Apps that encourage social sharing.

How can you limit the privacy you give away?

  • Master the privacy settings on every social network you use.
    You always need to keep whom you’re sharing with in mind. And it’s always best to share under the premise that anyone in the world could come across your post. Settings for Facebook may be ‘Labyrinthian’. But settings generally resemble Twitter’s two basic choices: public or locked down. You should also enable two-step authentication tools when available, such as for Google.
  • Avoid using private computers or open Wi-Fi networks when you don’t have a VPN running.
  • Use strong passwords your friends can’t guess.
  • Use tools that stop your web activity from being blocked. Klosowski has a good list of them in his post under the heading “Letting Websites Track and Collect All the Data They Want”.
  • Avoid apps that encourage social sharing and turn off location data in your images.
  • Keep ALL of your devices patched and protected with the latest system and security software. Our free Health Check makes that easy for your PC.
  • Always think before you click publish, post or check-in.

For every free service we use, there is a cost. On the Internet that cost is usually privacy.

You can’t always expect people to respect your privacy. But you can always respect your own.

What tools am I missing that give away or protect your privacy?

Cheers,
Jason

(CC image by Lance Nielsen.)

Leave a comment

Trust Us. It’s Not the Police.

Share this
Print Print
April 24, 2012
By Anna

F-Secure Labs has been investigating ransomware trojans as they evolved into a scam that has now been identified in at least thirteen countries.

What do these trojans do?

Our Chief Research Officer Mikko Hypponen explains, “They lock up your PC, claim that it was locked by the police as you had illegal content on your system and demand a payment to open up the PC.”

So, yes. Your files are literally held ransom (which is a great reason to always have some sort of backup).

The Trojans have claimed to be representing Bundespolizei, New Scotland Yard and the United States Department of Justice. (@Mikko has posted the examples shown here.) Of course, they are actually representing online criminals.

This story has been misreported to suggest that POLICE are actually behind them. Maybe this speaks to our willingness to listen to anyone pretending to be an authority—since who among us hasn’t ended up somewhere online we probably shouldn’t have been?

But, no. Do not be fooled. Criminals are simply exploiting our fear of authority to extort money.

The best way to prevent infection is to keep your PC and your system software patched and protected.

If you do see a screen that resembles one of the examples shown in the GIF above and you are an advanced computer user, you can use our Ransomcrypt Decryption Script.

As much as we all might fear the police, online, it’s the bad guys who are usually out to get us.

Leave a comment
Close
Powered by ShareThis