Your browser is obsolete!

The page may not load correctly.

Spies are everywhere


Other issues in this category (27)
  • add to favourites
    Add to Bookmarks

Who’s that knocking at my door?

Read: 24445 Comments: 3 Rating: 9

Monday, October 22, 2018

Opinion polls show that users are concerned about the security of their personal data. However, in practice they act as though they aren't: most people disregard basic security recommendations and provide information about themselves wherever they can. And never read the fine print of agreement terms. But some users do change their system settings to disable remote tracking. And those users could indeed have a trouble-free life if it weren't for inquisitive marketers.

Mozilla rolled out the browser extension Telemetry coverage, which collects statistics on how many users disable the telemetry feature in the browser's settings.

The extension gets enabled without user consent.

Users can go to about:config and use the parameter "toolkit.telemetry.coverage.opt-out" to disable the extension. But they will have to create the parameter themselves (searching for it yields no results) and set its value to "true".

However, data is transmitted as soon as the extension is automatically installed, and preventing that from happening is a hassle.

You can learn about the new extension at "about:support" in the "Firefox Features" section. Enter "about:telemetry" in the address bar to check the current status of the feature.

The extension is activated without user consent, and you have to create a parameter manually—we are lost for words here.

And this information emerged on just one news site! And how many reports about this issue never found their way to news portals?

We are constantly buying new computers, gadgets, and software since our old gear stops working after a year or two. Thanks to China, we can order as much as we want of whatever we want.

Lenovo, the Chinese PC and handheld manufacturer, can implement backdoors in its products if required by the laws of the country in which it operates.

In other words, if the government asks us to do it, we'll do it. That's an honest answer. And there’s more:

This is common practice among technological companies entering the Chinese market.

However, no backdoors are implemented to conduct surveillance in other countries for any government agencies. But if you come into possession of a device from a shipment containing backdoors, that will be purely coincidental, right?

And now here’s the question: should an anti-virus remove the backdoors it discovers on devices?

I got a response from support about the application HwIntelligentRecSystem (a system activity logging utility). This utility can track users' actions and get notifications about actions being performed with other applications.

And then things get really interesting. The problem is that devices can host hacker-deployed malware just as well as applications that have been installed upon some government’s request. The fact that “white hats” discover a huge number of backdoors only demonstrates how little manufacturers care about the security of their devices. Weakly password-protected remote administration services that are never mentioned in documentation are a typical example.

Other utilities that get preinstalled on devices by manufacturers are essentially part of their telemetry system. Manufacturers collect information about equipment failures because users often can't provide an adequate description of an issue, or they submit their reports very belatedly. So we can't say that this business serves no purpose. Is it annoying? Definitely. But, on the other hand, a problem discovered on one device can help resolve the issue for many other users. Here one must know where to draw the line and to not snatch up too much information.

But there is also another category: those who offer a lower price and believe that because of that they can stuff their firmware with whatever they please.

Whereas we refer to everything as a backdoor, in practice security researchers always have to decide what exactly they have just discovered: another example of incompetence and negligence that is being exploited by hackers or a manufacturer's secret technique for generating extra profits.

#anti-virus #backdoor #malware #personal_data #remote_access

The Anti-virus Times recommends

Recently, Doctor Web security researchers detected and examined a new Android Trojan named Android.Backdoor.260.origin. This malicious program is distributed among Chinese users and is intended to spy on its victims.

In the middle of 2017, Doctor Web analysts discovered a new, Trojan Android.Triada.231, in the firmware of some cheap models of Android devices.

Modern Trojans for Android are mainly designed to display advertisements and install unwanted software on mobile devices that “sponsor” the authors of a malware application. Thus, it is no wonder that adware Trojans are so popular among attackers. In March, Doctor Web security researchers examined a new representative of this type of malware after it had been spotted in the firmware of about 40 popular, low-end smartphones.

Our security researchers never lower their guard!


Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.