At Tech Orchard, we’ve spoken with clients and written about the importance of taking precautionary security measures to protect mobile devices. For most users, the first step is setting a password to lock their smartphone or tablet. PINs and thumbprints are options available on devices from various manufacturers, while pattern lock is widely used as a mechanism for authentication and authorization on Android devices. Unfortunately for pattern lock users, this security method may be anything but secure.
Researchers from Lancaster University in the United Kingdom presented findings at The Network and Distributed System Security Symposium 2017 of a study indicating that video and computer vision algorithm software can typically crack a pattern lock in fewer than five attempts. What’s worse, it can do so without even seeing the screen itself. Tests of video-based attacks were successful in reconstructing Android lock patterns from video footage filmed using a mobile phone camera 95% of the time, and 97.5% of the time when more complex patterns were used.
Using footage of a user inputting his or her Android pattern lock, computer vision algorithm then analyzed the fingertip movements to infer a pattern. Researchers tested 120 patterns collected from 215 users and found that more complex patterns are even more vulnerable because they limit the number of working possibilities. A Phys.org article detailing the research indicated that mobile video can produce accurate results from up to 2.5 meters (or just over 8 feet) away, or up to 9 meters (nearly 30 feet) away using SLR footage. Though researchers only discussed these two types of video, the application for security camera footage could indicate the potential for more serious, widespread threats in the future.
The research paper suggests that users consider covering their hands when entering their pattern lock to avoid making their fingertip patterns traceable, or to set the screen brightness to change quickly to throw off any recording.
“Since our threat model is common in day-to-day life, this paper calls for the community to revisit the risks of using Android pattern lock to protect sensitive information,” researchers stated.
Ultimately, Android users may want to consider an alternative form of device lock, or implement two-factor authentication to better protect themselves from potential adversaries. Businesses leveraging enterprise mobility may want to keep these recommendations in mind when developing policies and procedures for employees who are using mobile devices as part of their jobs. If you need help identifying ways to keep your organization’s devices safe regardless of operating system or device type, contact our team for help.
After thorough research performed by our mobile threat prevention (MTP) partner, Check Point, a new and alarming type of malware campaign has been identified. Known as Gooligan, this malware is used to generate ad revenue on the Android platform. Check Point noted that as of the end of November, Gooligan had breached the security of more than one million Google accounts, with an additional 13,000 devices being impacted each day.
For companies with limited IT infrastructure, resources and support, the task of managing mobile devices can be perceived as costly and overly complex. Thanks to continued innovation and leadership in cloud infrastructure and business mobility, VMware has introduced a solution to eliminate these barriers to entry. AirWatch Express is a simple and affordable mobile device management (MDM) solution designed to get mobile devices up and running quickly by minimizing the technical steps typically needed for set-up and management.
As the competition between the top enterprise mobility management platforms heats up, it’s no surprise that a growing number of tech resources and publications are getting a closer look at their features and capabilities. Last month, we shared results of the EMA Radar report, which ranked AirWatch as its 2016 MDM (mobile device management) leader. It also identified MobileIron, MaaS360, Citrix and SOTI as fellow value leaders. Recently, PCMag conducted its own review of AirWatch, giving it an “excellent” editor ranking after thorough evaluation. Below is a snapshot of some of the information covered. Or, read the complete review online.
It’s no small secret that when it comes to company-provided mobile device assets, iOS owns the enterprise. In fact, Good Technology noted in its Q2 2015 Mobility Index Report that iOS retained the top spot for device activation during this period as it has in every Mobility Index Report (dating back to first quarter of 2013). Yet what you might not realize is that as Android innovation continues and BYOD becomes more prevalent, companies should prepare to handle both sides of the house if they aren’t already doing so.