We met with Marc Rivero, the Research Principal of the Security to Kaspersky, a picture of the situation and the threats affecting mobile devices, an issue that has always been in the order of the day, and it is constantly in development. The interview, which began with a terrible mistake. The phone, the young man who was being tested, I sit, I want to record the interview, open the ‘Recorder’, and since it was the first time I used it – quickly, give the number and variety required by the application, without paying a lot of attention. .
To begin the interview, I started from that point.
One of the problems is that as a user, have a lot of warnings, safety and security, but often ignore them
“Yes, it is something common if you do remember, it has already happened at the time of the installation of the software on a PC, on which you then neglect the terms and conditions of use by clicking on “OK”, just because it's in that moment you really care to use it. he is the software as soon as possible. Today, the application is exactly the same. The problem is that in today's applications, it sometimes may not understand what is meant by some of the permits that are required of you, and what have been the effects of the potential problems. For example, if an application requires you to have access to your contacts, or your calendar, it means that he will be taking them out of the data throughout the book to your phone or all of your appointments, and will move to somewhere in the cloud. And so, my number, and your number ends in any of the server to which you may not have wanted it never to end up.”
In the end, human beings have always been the point of the weak security
“Yes, the human is always the link of the poor of the food chain, and that's why we've made a lot of effort, communication, and education, in order to help the people to have a good understanding of the topic. End users are often less experienced in the whole chain, and it's important to make them realize that how things are, well, because, on the one hand, the guilty, the cyber't know very well what to do”.
What are the threats are the most critical to the safety and security of currently?
“Some of the threats to the will of the us to be with him forever and ever. We can say that the threats are ever quite the same, and they are so cyclical, perhaps in different ways, or in a form to be developed. Even today, in fact, some of the threats, they are quite similar to that of the past. Let us take the case of phishing, a time, a dozen years ago, it was just an e-mail that you require a user name and a password. These emails are still to this day, but the technique has also evolved in different directions. Today, the threats are not much of a fake as they spend themselves, as well as the applications of the most popular and familiar: the problem, in this case, it is in part for this is the fact that users can download and install the app from the markets and the informal, perhaps with a very low confidence”.
“And then there is the question of the great exhibition of the credentials. It is our digital is more and more a great many entities collect the credentials of our own, and maybe they end up in a library that is exposed or compromised, and this information can then be used for the attacks. The attacks based on the engineering of social is in a position to make use of the data in the seemingly safe, to create the threats very seriously. In summary, there are three themes to be great: privacy, exposing the credentials and phishing. The theme of the ramsomware is evolving constantly, and then there is a discussion of the “deepfake” on the voice, and video, For this topic, there is a search of the major, to find a way to get to know the contents of the newly created artificially by those of the real: there is a method to go to the root, and to figure out where they receive it this time.”
“To move, to be sure the equipment is mobile, has some of the best practices. The first one is to use a code, be sure the transfer, so you will need to remember only one password and it does not need to keep in mind too, with the chance that maybe it will review it. the multiple services , creating a dangerous situation. The second is the creation of a verification to two-factor wherever it is possible. Then there is the question of the update: the maintenance of your device is up-to-date, it is essential. Sometimes, the updates bring new features, and sometimes they are just security updates: this does not need to be nënvlerësohen, even if they don't bring their ‘news’ to the user, it is very important for maintaining the safety terminals.
Where to place safety and security today?
“On the phone, the server to use the services you use, we want to protect the people in 360°, it is necessary to be present in a solution in all of these respects. But we want to go further, we have developed an operating system from scratch, in order to be sure of ‘by design’, is unlikely to be hakuar. We have years that we're working on it, for the time being it is not a product that's launched to the public at large, but now it is available for phones and intelligent industrial as well as in a pilot project.
Discussion about this post