1. Everything Android is a community forum that makes it easy to ask questions about anything and everything Android. It's 100% free and no registration required (though we think it would be awesome if you joined our community). Our community of experts are here to help.
    Dismiss Notice

MotoX - Could Be A Security Nightmare.....

Discussion in 'Android Questions' started by stevetaz, Aug 5, 2013.

  1. stevetaz

    Moderator

    Sep 23, 2008
    87

    Sponsored Ad

    Security professionals are warning enterprise executives to be wary of a BYOD scare regarding the newly released MotoX made by Google-owned Motorola. Here is an excerpt:
    "It's engineers gone wild," said Roger Entner, principal analyst for Recon Analytics. "The engineers are [saying], 'Oh, wouldn't this be a really cool idea,' but don't think through the repercussions."

    The ease-of-use features in the Moto X, designed and built by Google-owned Motorola, are likely to tickle consumers while haunting IT security pros. First is the always-on microphone, which a person can use to activate the device using trigger words, such as "OK Google Now," to make phone calls or access services and features. The feature is possible through a special, low-power chip developed by Motorola that keeps the microphone on without draining the battery.

    The always-ready microphone, coupled with the massive amount of data collection, makes the Moto X a valuable target for cybercriminals and cyberspies, who are already heavily focused on developing malware to take control of Android devices.

    Security researchers say tools for building and distributing Android malware are getting progressively better in the criminal underground. In 2012, the number of Android malware rose more than 2,500% and accounted for 95% of mobile threats on the Internet, according to Cisco's 2013 Annual Security Report.

    Malware exists today that can take control of an Android device, if a user can be tricked into installing in infected app from an online store or clicking a malicious link on a text message.

    "Once that happens, all bets are off, and all these lovely sensors become a continuous sound and video information-gathering tool on your designated target," said Kurt Stammberger, vice president of market development for mobile security vendor Mocana.


    The full article can be found here.

    What do you think?
     
  2. n99hockey

    Moderator

    Feb 7, 2007
    111
    There is a training for the device that you say 'Ok, Google Now' three times and it learns your voice/how you say it and (that feature) will only be able to be turned on by you.

    Lets face it, your device already knows a lot about you. It knows even more if you use Chrome on your PC and on your Android device and sync them together.

    I have never had Malware on my phone, I am not worried. If cyber criminals want to know about the new pitching wedge I am looking up to replace my current one, then I am target #1. :)
     
  3. Sponsored Advertisement

  4. stevetaz

    Moderator

    Sep 23, 2008
    87
    Agreed Scott. However, that is why the article is directed at employees bringing their devices (the latest Droid is also included) onto corporate networks (BYOD). It cautions about access to data and connections to those potential hacker targets.

    I for one would be interested in your selection of a new pitching wedge......:)
     
  5. n99hockey

    Moderator

    Feb 7, 2007
    111
    I still think its making way too much out of not that much. I don't know the figures, but with a company that has super sensative data do they actually let you BYOD? Wouldn't they make them use a company approved device? I don't know...I don't think its that big of a deal if you just pay attention to what you are doing.

    I prefer Titliest wedges, however for a pitching wedge, probably a new Callaway to with my set.
     
  6. EQBob

    Gold

    Sep 24, 2007
    30
    Chiming in late, but the quoted person is obviously skewed towards a corporate environment, which is fine, but suspect the vast majority of phones never see a 'corporate network'. They may see WiFi in the office, etc., but anything sensitive should require a login, VPN, etc. Insinuating that engineers are running amok simply because they come up with functions that help the vast majority is irresponsible trade reporting. Agencies that have a true need for a corporate use for a smartphone would probably just disable this aspect anyhow. Mountain. Molehill. My opinion.
     
  7. stevetaz

    Moderator

    Sep 23, 2008
    87
    Bob, if you look at the publication, the title of the article and the first sentence yes, it is skewed toward the corporate environment. Heck, my first sentence paraphrasing the article, "...warning enterprise executives to be wary of a BYOD..." certainly should make it clear it was all about the corporate world.

    With the proliferation of employees bringing their own devices there is a real risk to the corporate networks and the article is simply making sure those of us in the corporate security world are aware. If not addressed a potential Mountain to enterprise professionals. Molehill to anyone not on an enterprise system.

    Corporate security is what I do for a living.....
     

Share This Page