Category: mobile

Un malware à retardement s’est glissé sur Google Play

Google Play a été purgé en urgence de trois applications qui hébergeaient un malware redirigeant vers des contenus malveillants via des messages d’alerte.

Tout est parti d’un message posté dans la soirée du 23 janvier sur les forums d’Avast. L’éditeur de sécurité IT d’origine tchèque a été informé, par l’un des utilisateurs de son antivirus mobile, de la probable présence d’un malware sur Google Play.

Il s’est écoulé dix jours avant qu’Avast ne communique l’information à Google… qui a réagi en retirant, ce mercredi 4 février, trois applications dans lesquelles l’agent malveillant en question s’était infiltré.

En tête de liste, le jeu de cartes Durak, téléchargé entre 5 et 10 millions de fois en quelques semaines, d’après les statistiques du Play Store.

Les deux autres applications touchées étaient également classées dans la catégorie « Divertissement ». La première consistait en un test de QI ; la deuxième proposait une approche ludique de l’histoire russe.

Ces trois applications – qui trouvent justement leurs racines en Russie (sans qu’on n’en connaisse précisément les créateurs) – auraient dû être bloquées selon la politique en vigueur sur le Play Store et à laquelle sont soumis les développeurs.

Un motif en particulier aurait dû motiver leur suspension : l’affichage de publicité à travers le système de notification d’Android, alors même qu’il ne s’agissait pas d’une « fonctionnalité à part entière » desdites applications. Et pour cause : c’est précisément le malware qui les déclenchait.

Alerte(s) à la pub

Plusieurs utilisateurs des forums Avast expliquent avoir signalé le problème à Google « début janvier » et déplorent l’absence de réaction du groupe Internet américain.

Ils ont tous détecté plus ou moins les mêmes symptômes : à chaque déverrouillage de leur appareil mobile (smartphone ou tablette), une page Web – ou une notification – s’ouvre pour afficher un message d’alerte.

Connexion Internet lente, infection virale, système d’exploitation pas à jour, fichiers illicites détectés en mémoire : quel que soit le désagrément, l’utilisateur est invité à prendre des mesures immédiates.

Mais s’il suit les conseils prodigués, il est redirigé vers des contenus malveillants. Aussi bien des sites Internet hébergeant des scripts malveillants que des applications volant des données personnelles ou envoyant des SMS surtaxés.

Pour ne pas éveiller les soupçons, le malware fait preuve de… patience. Il ne s’active qu’à deux conditions : que l’application infectée soit lancée au moins une fois et que l’appareil soit redémarré par la suite.

Dès lors, un compte à rebours s’enclenche. Les premiers comportements suspects ne sont généralement perceptibles qu’au bout d’une semaine. Il faut parfois même attendre jusqu’à un mois. Ce qui rend le malware d’autant plus difficile à détecter.

Trois réseaux publicitaires « légitimes » sont exploités pour afficher les messages d’alerte. Les instructions sont contenues au sein même du paquet d’installation (APK), dans un fichier nommé ads_settings.json.

Des commandes peuvent être reçues depuis un serveur distant via la composante mobi.dash.overapp.DisplayCheckService. La vérification du redémarrage de l’appareil est effectuée par mobi.dash.overapp.DisplayCheckRebootReceiver. Il est même possible de modifier la page d’accueil du navigateur avec mobi.dash.homepage.AdsHomepageUtils.

Ci-dessous, une démonstration du malware en vidéo par l’utilisateur qui a découvert le pot aux roses :

{{ source }}

9 Typing Tips Every Android and iOS User Should Know

Wish it were a little easier to type in ALL CAPS on your Android or iPhone, or ever get stumped while looking for the em dash? What about typing letters with accent marks, or dealing with cumbersome URLs? Or maybe you’re just hankering for an alternative to tapping on a slippery glass screen.

Read on for 9 ways to make typing on your iPhone, iPad, or Android device a little easier, from how to turn on “caps lock” to a simple shortcut to the exclamation mark.

1. “.com” made easy (iOS)

Want to type a URL directly into the address bar in Safari (on iOS) or Chrome (for Android)? Don’t bother with laboriously tapping in “.com” or “.net”.

ios_typing_tips_dotcom-100538035-largeNever type dot-com or dot-org or dot-lots of things with this iOS trick.

Instead, just tap and hold the “.” key; when you do, a pop-up balloon will reveal a series of shortcuts, from “.com” to “.us”.

2. Accent marks (Android and iOS)

Don’t get caught skipping the accent grave in “voilà” while typing that email on your iPhone or Android phone.

android_typing_tips_accent-100538029-largeImpress your international friends with your canny use of accents and other marks.

You can access a generous portion of accent marks—acute, grave, circumflex, and otherwise—by tapping and holding a letter key (like “a”).

3. Swipe to type (Android and iOS)

Sick to death of painstakingly tapping out messages on your Android or iPhone touchscreen? Here’s a nifty trick: swiping to type.

The concept is simple: Rather than tapping each individual key when typing a word, swipe-to-type keyboards let you slide your fingertip from one key to the next.

As your finger loops around the keys, your phone predicts the work you’re trying to type—er, swipe.

Sound weird? Indeed, swiping to type does take some getting used to, but it’ll become second nature with practice.

The “stock” Android keyboard has its own built-in “swipe to type” feature. Just tap Settings > Language & Input, tap the Settings icon next to Google Keyboard, then tap the checkbox next to Enable gesture typing.

There are also plenty of third-party, swipe to type-ready keyboards in the Google Play store, with Swype being the most notable.

Wondering why there’s no Caps Lock key on the keyboard of your Android or iOS device? Well, there is, actually—it’s just well hidden.

The standard iOS keyboard lacked the swipe-to-type capabilities of Android until iOS 8 came along. That update finally brought third-party keypads—particularly Swype—to the iPhone and iPad.

android_typing_tips_caps_lock-100538030-medium4. Lock the Caps key (Android and iOS)

See the Shift key? Just double-tap it. When you do, a little horizontal line will

appear near the bottom of the Shift key, indicating that you’re in ALL CAPS mode.

 

Caps Lock has always been there, just undercover.

5. You’re so money (Android and iOS)

Want to type the currency symbols for the yen (¥), the euro (€), or the pound (£)? Simple.

Just tap and hold the key for the dollar sign. When you do, a pop-up bubble will display a series of additional money-minded options.

6. Em dash & bullets (Android & iOS)

I’ve rarely met an em dash I haven’t liked—and come to think of it, I’m also a sucker for bulleted lists. How does someone like me survive typing on an Android phone or iPhone? Easy.

ios_android_typing_tips_bullet_em_dash-100538034-largeTapping and holding symbol keys will yield buried typing treasure.

Tap and hold the dash key to reveal even more dashing buttons, including the em dash, a bullet key, and the indispensable underscore.

Bonus tip: Try tapping and holding other symbol keys. For example, you’ll find “curly” quotes by tapping and holding the quote key.

7. Emoticons galore (Android & iOS)

android typing tips emoticons
The world is not running out of emoticons anytime soon.

 

What’s a text message without a smiley? Good question. Luckily, both the Android and iOS keyboards come with more emoji (a.k.a. emoticons) than you can shake a stick at.On the stock Android keyboard, tap and hold the “Done” or carriage-return key in the bottom-right corner of the keypad, then slide your finger over the pop-up emoticon button. You’ll see the first of hundreds of available emoticons—just keep swiping to see the dizzying number of variations and categories.

android_typing_tips_dictation-100538031-largeTake a break from typing! Just press the Talk icon on your phone to dictate input.

For iOS, you’ll first need to enable the emoji keyboard. Tap Settings > General > Keyboard, tap Keyboard (again), then check to see if “Emoji” is in the list of installed keyboards. Not there? Then tap “Add New Keyboard” and find Emoji in the list. Now head to the keyboard, tap the key with the globe icon, and feast your eyes on all the emoticons.

8. Talk instead of type (Android & iOS)

It’s easy to forget that both iOS and Android phones will take dictation whenever you’re not in the mood to type.

Just tap the little microphone icon on the keyboard. For iOS, it’s to the left of the space bar, while on Android phones it’s sitting in the top-right corner (assuming you’re using the “stock” Android keyboard).

9. A shortcut for oft-used symbol keys (Android)

On the stock Android keyboard, there’s no need to flip to an alternate set of keys to get to the exclamation mark, the percent sign, or other everyday symbols. (See the lead image at the top of the article.)

Instead, just tap and hold the period key. When you do, a pop-up of more than a dozen common symbols will appear—everything from the ampersand key (&) to the question mark.

{{ source }}

mobile device security

Security measures designed to protect the sensitive information stored on and transmitted by smartphones, tablets, laptops and other mobile devices. Mobile device security spans the gamut from user authentication measures and mobile security best practices for protecting against compromised data in the event of unauthorized access or accidental loss of the mobile device to combat malware, spyware and other mobile security threats that can expose a mobile device’s data to hackers.

Most mobile devices feature mobile operating systems with built-in mobile device security features, including iOS for iPhones and iPads, Google’s Android platform and Microsoft’s Windows Phone. Additionally, a variety of third-party mobile device security solutions are available for providing an additional layer of protection for mobile devices.

{{ source }}

10 Mobile Security Best Practices

Mobile security best practices are recommended guidelines and safeguards for protecting mobile devices and the sensitive data contained on them. Mobile security best practices apply to mobile devices used in business environments as well as for personal use, and the guidelines are largely the same in either scenario.

10 Mobile Security Best Practices

Some of the most common mobile security best practices include:

  • 1. User Authentication

    Restricting access to the device by requiring user authentication. Most mobile devices can be locked with a screen lock, password or personal identification number (PIN), but these measures are typically turned off by default.

    By requiring authentication before a mobile device can be accessed, the data on the device is protected in case of accidental loss or theft of the mobile device. Ensure the use of a powerful password in order to make it more difficult for a potential thief to access the device.

  • 2. Update Your Mobile OS with Security Patches

    Keep the mobile operating system and its apps up to date. Mobile operating systems like Apple’s iOS, Google’s Android platform and Microsoft’s Windows Phone provide regular updates to users that resolve security vulnerabilities and other mobile security threats, as well as provide additional security and performance options and features to users. These upgrades aren’t always updated automatically, so mobile devices users may need to turn on automatic updates or update their phones and apps manually on a regular basis.

  • 3. Regularly Back Up Your Mobile Device

    Ensure the mobile device’s data is regularly backed up. By backing up a device to another hard drive or to the cloud, the data can be restored in the event the device gets damaged or is lost or stolen. A backup utility or app that runs automatically on a specified schedule is recommended for keeping the backed-up data as current as possible.

  • 4. Utilize Encryption

    Utilize encryption for data stored on the phone as well as for data in transit with secure technologies such as VPN. It’s also a mobile security best practice to never transmit sensitive or personal information over a public Wi-Fi spot, especially one that is unsecured, without using a secure transmission option like VPN.

  • 5. Enable Remote Data Wipe as an Option

    Ensure a remote data wipe option is available on the device and that users know how to utilize it in case the device is stolen or lost. Apple’s Find My iPhone app, for example, offers a remote data wiping option in addition to the ability to find the iPhone if it’s lost.

  • 6. Disable Wi-Fi and Bluetooth When Not Needed

    Limit the potential for access by hackers through Wi-Fi or Bluetooth by disabling these connectivity options when not needed.

  • 7. Don’t Fall for Phishing Schemes

    Avoid potential phishing schemes and malware threats by avoiding clicking on links or opening e-mail attachments from untrusted sources, as they may be from a fraudulent source masquerading as a friend or legitimate company.

  • 8. Avoid All Jailbreaks

    Ensure that the phone remains locked down as opposed to being jailbroken. While jailbreaking a smartphone can enable the user to run unverified or unsupported apps, many of these apps carry security vulnerabilities. In fact, the majority of security exploits for Apple’s iOS only affect jailbroken iPhones.

  • 9. Add a Mobile Security App

    Research and select a reputable mobile security app that extends the built-in security features of the device’s mobile operating system. Well-known third-party security vendors such as Lookout, Avast, Kaspersky, Symantec and Qihu offer mobile security apps for iOS, Android and Windows Phone.

  • 10. Communicate Your Mobile Security Best Practices

    In enterprise and small business environments, it’s vital for IT staff to ensure the company’s policies and mobile security best practices are clearly communicated to employees so that they are aware of what to do and what not to do in terms of protecting the security of their mobile devices and their data. In addition to explaining best practices, this communication should also include which apps, BYOD and BYOC solutions are permitted in the work environment and which aren’t allowed for use.

{{ source }}

mobile security threats

Mobile security threats include both physical and software-based threats that can compromise the data on smartphones, tablets and similar mobile devices. Mobile security threats include everything from mobile forms of malware and spyware to the potential for unauthorized access to a device’s data, particularly in the case of accidental loss or theft of the device.

Mobile malware and spyware security threats can access a device’s private data without a user’s knowledge or consent and can also perform malicious actions without the user knowing, including transferring control of the device to a hacker, sending unsolicited messages to the device’s contacts, making expensive phone calls on smartphones, and more.

Physical Mobile Security Threats and Other Types of Threats

When it comes to physical mobile security threats, phones that lack passwords, screen locks or other forms of authentication are vulnerable to unauthorized access, which can compromise sensitive information stored on the mobile device. And if the device gets lost or stolen, hackers can bypass many forms of authentication in order to gain access to the device’s sensitive information.

Additional types of mobile security threats include applications that take advantage of vulnerabilities in the mobile operating system or a mobile application to gain access and/or control of the device, phishing scams, Web browser and network-based exploits, Wi-Fi packet sniffing for accessing mobile device data in transit, and more.

{{ source }}

mobile device management – MDM

MDM is short for mobile device management.

What is Mobile Device Management (MDM)?

Mobile device management (MDM) is a type of security software used by an IT department to monitor, manage and secure employees’ mobile devices that are deployed across multiple mobile service providers and across multiple mobile operating systems being used in the organization. Mobile device management software is often combined with additional security services and tools to create a complete mobile device and security Enterprise Mobility Management solution.

The Gartner research firm defines mobile device management as “a range of products and services that enables organizations to deploy and support corporate applications to mobile devices, such as smartphones and tablets, possibly for personal use — enforcing policies and maintaining the desired level of IT control across multiple platforms.”

Mobile Device Management Solutions

Most mobile device management solutions provide organizations with end-to-end security — meaning the mobile apps, network and data used by the mobile device (in addition to the mobile device itself) are managed by an organization’s IT department with a single mobile device software product.

Some enterprise MDM solutions combine mobile security and expense management in a single product. Depending on the vendor and what specific features it supports, you can typically expect mobile device management software to contain some or all of the following features: management and support of mobile applications, mobile policy management, inventory management, security management and telecom service management.

BYOD and Mobile Device Management

The widespread proliferation of consumerization of IT means more personal consumer computing devices — such as smartphones, laptops and tablets — are brought to the workplace by employees for use and connectivity on the corporate network. The phrase BYOD (bring your own device) has become widely adopted to refer to these employees. Today’s category of mobile device management software is one way that an organization can deliver secure mobile solutions to its BYOD workforce.

Recommended Reading: Webopedia’s BYOD, consumerization of IT and security software definitions.

MDM is also short for master data management.

consumerization of IT

Consumerization of IT (“consumerization”) is a phrase used to describe the cycle of information technology (IT) emerging in the consumer market, then spreading to business and government organizations, largely because employees are using the popular “consumer market” technologies and devices at home and then introducing them in the workplace.

Consumerization of IT Security Concerns

Consumerization of IT not only refers to the use of personal consumer electronics at work — like iPhones and tablet PCs — but also online services, including online data storage, Web-based email services (“web mail“), and social media or social networking sites like Facebook and Twitter.

Consumerization of IT is driven by employees who buy their own devices, use their own personal online service accounts, install their own applications and then connect to the corporate network with the device, often without the organization’s knowledge or approval.

For small business, corporate and government organizations, the biggest challenge for IT is that employees using unapproved technologies and devices at work is a network security risk, but even with that understanding is the knowledge that these devices will still come in to the workplace and be used by employees, even if corporate security policies are in place.

Companies Embrace Consumerization of IT

Many companies today have realized that by embracing the consumerization of IT, this will not only save money and increase business agility, but also improve employee productivity.

One popular initiative is called BYOD (“bring your own device”). This phrase has become widely adopted to refer to mobile workers bringing their own mobile devices, such as smartphones, laptops and PDAs, into the workplace for use and connectivity on the corporate network.

Instead of fighting employees who want to BYOD to work, many corporations allow employees to use their own mobile devices at work and implement a “BYOD policy” to help IT better manage these devices and ensure network security is not compromised.

Learn How to Embrace the Consumerization of IT in this CIO Update article.

security software

A general phrase used to describe any software that provides security for a computer or network. There are many types of security software including antivirus software, encryption software, firewall software and spyware removal software. Additionally, many operating systems also come preloaded with security software and tools. The two most common types of security software used for personal computer security are antivirus software (virus protection software) and antispyware software (spyware removal software).

sources :

 

BYOD – bring your own device

BYOD is short for bring your own device.

In the consumerization of IT, BYOD, or bring your own device, is a phrase that has become widely adopted to refer to employees who bring their own computing devices – such as smartphones, laptops and PDAs – to the workplace for use and connectivity on the secure corporate network.

BYOD Security

Today, employees expect to use personal smartphones and mobile devices at work, making BYOD security a concern for IT teams. Many corporations that allow employees to use their own mobile devices at work implement a BYOD security policy that clearly outlines the company’s position and governance policy to help IT better manage these devices and ensure network security is not compromised by employees using their own devices at work.

BYOD security can be addressed by having IT provide detailed security requirements for each type of personal device that is used in the workplace and connected to the corporate network. For example, IT may require devices to be configured with passwords, prohibit specific types of applications from being installed on the device or require all data on the device to be encrypted. Other BYOD security policy initiatives may include limiting activities that employees are allowed to perform on these devices at work (e.g. email usage is limited to corporate email accounts only) and periodic IT audits to ensure the device is in compliance with the company’s BYOD security policy.

Learn more about BYOD security and policies at  CIO Update.

BYOD VoIP Subscription

Another common use of the phrase BYOD can be found in the VoIP industry, and used to describe a specific type of VoIP subscription or plan. Subscribers who have their own VoIP device (a SIP-capable device) when signing up for a VoIP service will usually be able to take advantage of a cheaper subscription plan when they use BYOD – however not all VoIP service providers will offer special rate plans for subscribers with their own equipment. If the BYOD subscription is unavailable through a VoIP provider you will need to use the provider’s equipment instead of your own.

{{ source }}

Recrutement mobile : avantages et inconvénients

En 2015, 55% des annonceurs recruteront via smartphone selon l’étude JobAroundMe menée en partenariat avec HR Speaks auprès d’entreprises françaises interrogées en novembre 2014. Entrepreneurs, HRBP, DRH, RRH, le recrutement mobile est peut-être l’un de vos chantiers 2015, voici donc les chiffres importants de cette infographie tirée des réponses de ces 158 entreprises et directions des RH françaises.

Recrutement mobile : les 3 chiffres clés

Parmi les entreprises répondantes :

  • 40% sont passées au recrutement mobile
  • 26% permettent aux candidats de consulter les annonces grâce à un site carrières dont le développement est optimisé pour être visible sur tout type d’appareil (ordinateur, smartphone, tablettes).
  • 14% permettent aux candidats de postuler via leur smartphone (en envoyant son CV via LinkedIn, DropBox, Google Drive et JobAroundMe, par exemple).

(Comme le précise CultureGeek : en 2014, 18 millions de smartphones ont été vendu, soit une augmentation de +15% par rapport à 2013, et rappelons aussi que les 3/4 des mobiles vendus en France sont maintenant des smartphones, selon les instituts comScore, GfK et Médiamétrie)

Recrutement mobile 2014 : motivations versus freins

Côté avantages :

  • répondre à un nouvel usage des candidats (68%)
  • gain des candidats surfant sur un site carrières via leur smartphone (64%)
  • modernité et innovation face aux concurrents, un plus côté marque employeur (57%)

Côté inconvénients :

  • mise en place technique adaptée à mon SI (49%)
  • dégrader la qualité de la candidature (25%)
  • coût (22%)
Pour finir, l’étude nous éclaire également en livrant le top 3 des secteurs ayant intégré ce nouveau mode de recrutement :
Audit-Ficalité et Banque-Assurances (12% ex æquo), puis Hôtellerie-Restauration (10%) et Informatique (8%). Le m-recrutement est donc une réalité depuis 2014 et se développera davantage naturellement en 2015. Alors, et vous ? Où en êtes-vous avec cette pratique innovante en passe d’entrée dans la norme ?
Infographie-Recrutement_Mobile-by_JobAroundMe

{{ source }}

L’état du smartphone en France : Google, Apple et Microsoft dominent le marché

Comscore, GfK et Médiamétrie ont collaboré avec la Mobile Marketing Association afin de faire le point sur l’état de la mobilité en France. Et malgré la crise et les difficultés économique du pays, les données compilés permettent de comprendre que le secteur mobile reste très dynamique dans l’hexagone. En 2014, il se sera en effet vendu plus de 18 millions de smartphones (+15% par rapport à 2013). Les 3/4 des mobiles vendus en France sont maintenant des smartphones.

iPhone-6-Plus-iPhone-6-iPhone-5s-iPhone-5c-560x280En base installé, Apple reste le premier fabricant.

30 millions de français sont désormais équipés de mobiles, un chiffre en augmentation de 4,6 millions en un an, ce qui démontre bien l’extrême vitalité du secteur. Du côté des fabricants, le marché semble bien partagé entre 3 sociétés, Google, Apple et Microsoft, qui occupent à eux trois 92% du secteur mobile en France.

Apple-vs-Google-Android-560x270Google et Apple dominent le marché français du smartphone

Google et son Android est présent sur les 2/3 des smarthones (soit 20 millions) tandis que les 10 millions restants se partagent entre les appareils iOS du fabricant Apple (7 millions) et les mobiles équipés du système Windows Phone de Microsoft (3 millions). Comme on peut le constater, on base installée, c’est encore Apple qui reste le premier fabricant de smartphone, même si les ventes actuelles placent Samsung assez nettement devant.

{{ source }}