Apps & Personal Data

http://www.egeniq.com [email protected] @egeniq APC 2012, October 8 2012 Ivo Jansch
Apps & Personal Data

About Me @ijansch Entreprenerd Mobile & Web Developer Author &
Speaker 2

About Egeniq Mobile Development Knowledge Distributed 3

Trust The Device? 4

Your phone knows things your friends don’t 5

What your phone knows: 6 Where you are Time &
Date Orientation & Position Who you call

What your phone knows: 7 Where you are Time &
Date Orientation & Position Who you are Who your wife is Your sister’s birthday Where your wife is Where you work Who you call Who emails you Who your friends are What you like Contact details

Privacy Policies 8

PlaceRaider 9 Source: http://www.technologyreview.com/view/429394/placeraider-the-military-smartphone-malware/

Smartphone as an eavesdropping device 10 Source: http://www.switched.com/2011/01/20/ralf-philipp-weinmann-turns-smartphone-hack-eavesdropping-device/

Banks use advanced privacy protection 11 Picture taken from: http://systemato.com/2012/08/my-6-favourite-android-apps/

... but is app protection sufficient? 12 Source: http://www.zdnet.com/mind-hackers-could-get-secrets-from-your-brainwaves-7000003267/

Actual Incidents 13

Incidents ‣ iPhone Location Tracking (2011) • http://www.nytimes.com/2011/04/28/technology/28apple.html? _r=2& •
Accident ‣ Path Address Book Upload Controversy (2012) • http://www.theverge.com/2012/2/8/2785217/path-ios-address- book-upload-ceo-apology • Naivety, good intentions ‣ Google Play Malware ‘grand theft auto’ (2012) • http://www.informationweek.com/security/attacks/more-android- malware-pulled-from-google/240003514?itc=edit_in_body_cross • Bad intentions 14

Potential Threat: Free Apps 15

“WAKE UP LITTLE PIGGIES!!” 16 Source: http://geekandpoke.typepad.com / http://www.l-i-n-k-e-d.com/no-free-lunch-except-for-bacon/

Potential Threat: Single Sign On 17

Apps often prefer Social Login 18

SSO means: 3 way relationships 19 Some Game Identity Provider

SSO means: 3 way relationships 20 Some Game Identity Provider
Access to your facebook, twitter data Access to your game data - and your friends’ data - and other app data Easier login, Access to your friends

Thank you! Questions? http://www.egeniq.com [email protected] @egeniq http://www.egeniq.com [email protected] @ijansch

Apps & Personal Data

Apps & Personal Data

Ivo Jansch

More Decks by Ivo Jansch

Other Decks in Technology

Featured

Transcript

http://www.egeniq.com [email protected] @egeniq APC 2012, October 8 2012 Ivo Jansch

About Me @ijansch Entreprenerd Mobile & Web Developer Author &

About Egeniq Mobile Development Knowledge Distributed 3

Trust The Device? 4

Your phone knows things your friends don’t 5

What your phone knows: 6 Where you are Time &

What your phone knows: 7 Where you are Time &

Privacy Policies 8

PlaceRaider 9 Source: http://www.technologyreview.com/view/429394/placeraider-the-military-smartphone-malware/

Smartphone as an eavesdropping device 10 Source: http://www.switched.com/2011/01/20/ralf-philipp-weinmann-turns-smartphone-hack-eavesdropping-device/

Banks use advanced privacy protection 11 Picture taken from: http://systemato.com/2012/08/my-6-favourite-android-apps/

... but is app protection sufficient? 12 Source: http://www.zdnet.com/mind-hackers-could-get-secrets-from-your-brainwaves-7000003267/

Actual Incidents 13

Incidents ‣ iPhone Location Tracking (2011) • http://www.nytimes.com/2011/04/28/technology/28apple.html? _r=2& •

Potential Threat: Free Apps 15

“WAKE UP LITTLE PIGGIES!!” 16 Source: http://geekandpoke.typepad.com / http://www.l-i-n-k-e-d.com/no-free-lunch-except-for-bacon/

Potential Threat: Single Sign On 17

Apps often prefer Social Login 18

SSO means: 3 way relationships 19 Some Game Identity Provider

SSO means: 3 way relationships 20 Some Game Identity Provider

Thank you! Questions? http://www.egeniq.com [email protected] @egeniq http://www.egeniq.com [email protected] @ijansch