Mikko in the Labs

Join Mikko for the next F-Secure Labs Threat Report Webinar

To celebrate the release of Internet Security 2014 and the F-Secure Labs latest Threat Report, our Mikko Hypponen and the F-Secure Labs will be hosting a live webinar on Monday, September 23 at 10 AM EDT/5 PM Helsinki time.

Click to RVSP for the event and tweet your question to @Mikko using the hashtag #WWPY.

If you’re wondering why we’re using the hashtag #WWPY, check out this video:

Join us to get the latest information about what’s going on in security now.

Cheers,
Sandra

More posts from this topic

BYOD

Why Bring your own Device (BYOD)?

Do you ever use your personal phone to make work related calls? Or send work related e-mails? Maybe you even use it to work on Google Docs, or access company files remotely? Doing these things basically means you’re implementing a BYOD policy at your work, whether they know it or not. BYOD – that’s bring your own device – isn’t really a new trend, but it is one that’s becoming more widespread. Statistics from TrackVia suggest that younger generations are embracing BYOD on a massive scale, with nearly 70% of surveyed Millennials admitting that they use their own devices and software, regardless of their employer’s policies on the matter. This is essentially pressuring employers to accept the trend, as the alternative could mean imposing security restrictions that limit how people go about their work. Consequently, Gartner predicts that 38% of businesses will stop providing employees with devices by 2016. It kind of seems like workers are enforcing the trend, and not businesses. But it’s happening because it’s so much easier to work with phones, tablets, and computers that you understand and enjoy. Work becomes easier, productivity goes up, life becomes more satisfying, etc. This might sound like an exaggeration, and maybe it is a little bit. BYOD won’t solve all of life’s problems, but it really takes advantage of the flexibility modern technology offers. And that’s what mobility should be about, and that’s what businesses are missing out on when they anchor people to a specific device. BYOD promotes a more “organic” aspect of technology in that it’s something people have already invested in and want to use, not something that’s being forced upon them. But of course, there are complications. Recent research confirms that many of these same devices have already had security issues. It’s great to enjoy the benefits of using your own phone or tablet for sending company e-mails, but what happens when things go wrong? You might be turning heads at work by getting work done faster and more efficient, but don’t expect this to continue if you happen to download some malicious software that infiltrates your company’s networks. You’re not alone if you want to use your own phone, tablet, or computer for work. And you’re not even alone if you do this without telling your boss. But there’s really no reason not to try and protect yourself first. You can use security software to reduce the risk of data breaches or malicious infections harming your employer. And there’s even a business oriented version of F-Secure's popular Freedome VPN called Freedome for Business that can actually give you additional forms of protection, and can help your company manage an entire fleet of BYOD and company-owned devices. It’s worth bringing these concerns to an employer if you find yourself using your own devices at the office. After all, statistics prove that you’re not alone in your concerns, and your employer will most likely have to address the issue sooner rather than later if they want the company to use technology wisely.  

Apr 17, 2015
BY 
sign license

POLL – How should we deal with harmful license terms?

We blogged last week, once again, about the fact that people fail to read the license terms they approve when installing software. That post was inspired by a Chrome extension that monetized by collecting and selling data about users’ surfing behavior. People found out about this, got mad and called it spyware. Even if the data collection was documented in the privacy policy, and they technically had approved it. But this case is not really the point, it’s just an example of a very common business model on the Internet. The real point is what we should think about this business model. We have been used to free software and services on the net, and there are two major reasons for that. Initially the net was a playground for nerds and almost all services and programs were developed on a hobby or academic basis. The nerds were happy to give them away and all others were happy to get them for free. But businesses run into a problem when they tried to enter the net. There was no reliable payment method. This created the need for compensation models without money. The net of today is to a significant part powered by these moneyless business models. Products using them are often called free, which is incorrect as there usually is some kind of compensation involved. Nowadays we have money-based payment models too, but both our desire to get stuff for free and the moneyless models are still going strong. So what do these moneyless models really mean? Exposing the user to advertising is the best known example. This is a pretty open and honest model. Advertising can’t be hidden as the whole point is to make you see it. But it gets complicated when we start talking targeted advertising. Then someone need to know who you are and what you like, to be able to show you relevant ads. This is where it becomes a privacy issue. Ordinary users have no way to verify what data is collected about them and how it is used. Heck, often they don’t even know under what legislation it is stored and if the vendor respects privacy laws at all. Is this legal? Basically yes. Anyone is free to make agreements that involve submitting private data. But these scenarios can still be problematic in several ways. They may be in conflict with national consumer protection and privacy laws, but the most common complaint is that they aren’t fair. It’s practically impossible for ordinary users to read and understand many pages of legalese for every installed app. And some vendors utilize this by hiding the shady parts of the agreement deep into the mumbo jumbo. This creates a situation where the agreement may give significant rights to the vendor, which the users is totally unaware of. App permissions is nice development that attempts to tackle this problem. Modern operating systems for mobile devices require that apps are granted access to the resources they need. This enables the system to know more about what the app is up to and inform the user. But these rights are just becoming a slightly more advanced version of the license terms. People accept them without thinking about what they mean. This may be legal, but is it right? Personally I think the situation isn’t sustainable and something need to be done. But what? There are several ways to see this problem. What do you think is the best option?   [polldaddy poll=8801974]   The good news is however that you can avoid this problem. You can select to steer clear of “free” offerings and prefer software and services you pay money for. Their business model is simple and transparent, you get stuff and the vendor get money. These vendors do not need to hide scary clauses deep in the agreement document and can instead publish privacy principles like this.   Safe surfing, Micke     Photo by Orin Zebest at Flickr

Apr 15, 2015
BY 
Spring Clean your Devices

How to Spring Clean your Devices for Free

Spring cleaning is a popular pastime in many parts of Europe and North America. The cold weather is (hopefully) gone, and many people have already started the dusting, mopping, and sweeping that a good clean entails. Getting rid of clutter, old junk, and other types of waste never hurts. It avoids damage due to build up and lets you see that everything in your home has a proper place. Smart phones and computers need similar tender loving care, and I don’t mean just wiping down the dust. Computers and phones accumulate considerable amounts of wear and tear damage when you use them. Not just the mechanical parts either. Software performance degrades over time, and can cause computers to break down, or even result in security issues. Spring cleaning your phone doesn’t have to take a lot of time, or a lot of money. You can do it for free and can probably get through it in less than 10 minutes. Here’s a quick review of three things you can do to keep your phone running safe and sound. Check your Internet set-up: Many people don’t know this, but your router can be hacked. Things like weak passwords and outdated software allow hackers to break into your router and change the settings, essentially letting them manipulate what you see and do online. F-Secure recently launched a new tool called Router Checker that can help you check to make sure you’re connecting to the Internet safely. Router Checker launched less than a month ago, but has already received positive attention from websites like Tom's Hardware and Geek.com. It’s fast, free, and simple to use, so it’s worth taking a second to check the Internet set-up on your phone (or PC) to make sure it's working the way you want. Get rid of waste: Waste builds up in computers and phones, and over time this causes their performance to deteriorate. Spending a few minutes to clean out this waste and tighten the digital nuts and bolts on your software can pay off with longer lasting batteries, faster browsing and apps, and more storage space. F-Secure Booster is a free Android app that makes cleaning out your phone easy. Lots of the maintenance that phones and computers need is time consuming and difficult. F-Secure Booster centralizes different maintenance tasks into a user-friendly app. You can use it to shut down unnecessary processes that eat up your battery and memory, clean out temporary files and other data that wastes storage space, and even delete digital traces stored by your browser and other apps. It’s a quick way to make sure your phone runs quickly and securely. The PC version has a freemium offering that can clean our your computer, but also a premium variant with even more features, like a software updating tool. Secure your apps: According to F-Secure Labs, Android is a favorite target for mobile malware writers. That means people using Google’s platform need to be extra cautious about the apps they use. Fortunately, there’s a free app that can help protect your mobile phone from malware. Freedome is a popular, one-button VPN that offers users a number of different forms of protection, including App Security. App Security for Android basically checks the apps on your phone or mobile device to see if there’s anything dangerous about it. Freedome is available for a free 14-day trial for Android users. You need to buy a subscription if you want to keep using Freedome after your trial ends, but App Security will continue to function, even if you don’t subscribe. It’s a great way to keep an eye on your apps, and Freedome also offers mobile phone users communication encryption, web browsing protection, and even a selection of virtual locations that they can use to access region locked content. It’s a great way to make sure your phone stays protected after your spring clean!  [ Image by uncoolbob | Flickr ]

Apr 10, 2015
BY