Bible apps are EVIL says John McAfee as he phishes legal sysadmins in real time If there's a difference between John McAfee and Eugene Kaspersky in their public speaking behaviour, it's more in their tones of voice than in the paranoia of the message. Perhaps because he's 70 years old (or perhaps because he's practicing a presidential bearing), McAfee speaks more slowly and more quietly than Kaspersky. …
"http://apps.evozi.com/apk-downloader/"
Er, no. First, somewhere along the line I got that fake bluescreen strongly encouraging me to call the number thoughtfully supplied, when I tried again, when I click 'generate link', it didn't, but it did strongly encourage me to sign up to adf.ly.
I'm not their bitches either.
This post has been deleted by its author
"If you have an android, you are already Google's bitch."
Or maybe not. Google apparently doesn't charge a licence fee for Android, but does make their money from ads. But since I don't see ads, they're not making any money from me.
However. Rumour has it that Microsoft charges $5 a pop for sections of code, so, if anything at all, I'm actually Microsoft's bitch.
That doesn't make me feel any better, but at least I'm accurate. Sigh.
Stick with iOS BYODs. That's the simple message from my POV.
Reservations:
1) iOS devices have to be verified as non-jailbroken at the place of business.
2) Apple has STILL not adequately addressed Wirelurker exploits whereby stolen enterprise developer security certificates can be used to sign malware that fakes itself as another existing application, overwriting the real applications and PWNing the device when the fake app is run by the user. Just this week a new Wirelurker related exploit was made public. It abuses an AirDrop setting to send malware pretending to be a 'photo' to a victim. That malware is automatically installed upon reboot of the device. When the resulting faked app is run, the device is PWNed. Fix this Apple!
[Note: The AirDrop exploit has been 'mitigated' but not yet patched in iOS 9.]
['PWN' = 'Own' = The device is now under the control of a malware rat.]
This is not about exploits, but about excessive rights claimed by legitimate, vetted Apps, which can be abused by the less scrupulous. The flavor of your OS/device has preciously little to do with that.
So if you think your fruity device would be safe, you're prime meat for that particular market...
Again, there is a difference with iOS. If your app needs some permission, you need to convince Apple that you need it. And the choice is between app on the app store, and app not on the app store, so Apple is in a strong position to enforce what's good for its customers. Without that kind of aggressive filtering, the user downloads an app, it asks for permissions that it shouldn't really need, and the user's choice is between using the app and having to go without it. So careful customers have less choice than careless ones.
Seems a little harsh. I mean he's right, after all. Another interesting one from his blog that didn't make it into the article above is a conversation he had with a US bank about their app for customers. He asked a spokesperson for the bank why such an app needed permissions to use the microphone and camera and the spokesperson replied quite openly that they get a lot of claims that a money transfer wasn't really done by the account holder when the account holder later regrets what they've done. The bank spokesperson said "if we have a picture of the person using their phone at the time of the transfer or a recording of them joking with friends about how much they're about to spend, then we've got them".
McAfee is an interesting guy. He'd make a better president than any other current candidate. I wonder how many of the disaffected it's not worth voting crowd could actually get up and vote for him if they wanted to upset things.
This post has been deleted by its author
Yes, some of us still use cheques. They work very well for the purpose they were written for.
Which one: delaying a payment, giving the appearance of having paid or giving a huge wodge of cash for banks to use for three days?
(I once worked as an account clerk for a small company, whenever we paid suppliers I was told to make sure that the cheque was folded smartly in half, because that meant it couldn't be machine processed and so the money stayed an extra day in our account..)
Meh, if you track many electronic transactions you'll see that they usually take a few days to fully process as well. The caveat is that not all banks show both the transaction and posting dates. I've even seen a few that took a week. Don't kid yourself into thinking the banks aren't taking a free loan from you for a few days regardless of how it gets handled. Hell, I closed a bank account many years ago when I was told my deposit would take a few days to clear - yes it was a cash deposit.
"(I once worked as an account clerk for a small company, whenever we paid suppliers I was told to make sure that the cheque was folded smartly in half, because that meant it couldn't be machine processed and so the money stayed an extra day in our account..)"
You'll find today's check readers can easily handle creases. As for who uses them, mainly firms too small to shoulder the additional burden of electronic bookkeeping (which normally only rates better with volume) or those who are mandated for one reason or another to keep a strong paper trail, complete with physical signatures and carbon copies.
Seems to me that "locking down corporate systems" was fairly easy when office work was kept at the office.
The entire "24/7 mobile office" concept has always been a security nightmare, and always will be. I have never known an actual security bod to sign-off on the cluster-fuck.
But manglement will have their way anyway, usually so they feel "modern". Data will continue to be lost, stolen or strayed, and whoever is nominally in charge of security will be blamed ... for manglement's lack of clue.
When global commerce became the norm, the 9-5 workday disappeared. After all, events that happen literally halfway around the world may have a major (and more importantly, immediate) effect on things back home, and if you're asleep at the wheel, your competition won't, and by the time you wake up it's already too late: Bed is for the Dead.
"When global commerce became the norm"
How long ago was it not the norm? Long before computers existed, Shirley?
"Bed is for the Dead."
And dumbasses aren't into long-term investments, rather they twitch at any sign of the market changing, thus contributing to those changes. Me, I sleep quite soundly, quite content that my finances are healthy and have been for about thirty years.
"And dumbasses aren't into long-term investments, rather they twitch at any sign of the market changing, thus contributing to those changes. Me, I sleep quite soundly, quite content that my finances are healthy and have been for about thirty years."
And these are the kind of people who suffer the most when things disappear overnight. Once upon a time, aluminum was considered a precious metal. Then electrical smelting was invented and POOF! Base metal in the 19th-century version of overnight.
"And these are the kind of people who suffer the most when things disappear overnight."
I have an acquaintance who is a so-called "day trader". It's the only "job" he has. He made around $45,000US over the last year or so. In the recent global financial issues, he lost nearly $200,000US, selling as the bottom dropped out of the market. Me, I held tight. He's down nearly 80%. I'm only down 5%, as of today, and climbing. He spends a minimum of ten hours a day staring at his investments. I take an over-view once a week or so, and a more close look monthly. Twitch, puppies, twitch!
"Once upon a time, aluminum was considered a precious metal. Then electrical smelting was invented and POOF! Base metal in the 19th-century version of overnight."
Bad example. Aluminum (Aluminium to you Brits) was an expensive curiosity, not a serious investment metal ... until the Hall-Héroult process, that is. Alcoa made a fortune on it AFTER it became cheap and easy to produce. Kind of an inverse of Holland and tulips in the mid-1630s, when you think about it ;-)
There's definitely a need for better security. I can't realistically see mass market consumer phones of any description filling this need though. There's just too much contradiction between "convenience" and "security". That pretty much rules out Apple, standard Android, and Microsoft (if they want to be more than just a minor niche player).
It really needs a specialist who will be satisfied with a small single digit market share, but who will sell a handset built for security and also offer a server and management system with end to end security. If it runs most of the common serious apps but not the games or "crap apps" (e..g. a million and one flash lights), then that's fine.
Oh wait, there's already someone who does that, and their name is Blackberry. They just need to bin the QNX OS and sell handsets based on a customised version of Android. They can sandbox apps so that they don't get unnecessary permissions, or they can give them access to "fake" ones like dummy e-mail boxes.
Then sysadmins can just buy phones off the shelf which come already "locked down" instead of sweating over how to do it themselves (and doing it wrong). Forget the BYOD, business only goes through the business phone.
If not Blackberry, then someone else. However, it would need to be a small to mid-size company who focusses on this and only this. Larger companies wouldn't keep focus since they would need a larger market share to justify their overheads. It needs to be a security specialist who focuses on the business market and who has no ambition to sell to the general consumer market. They need to be big enough to have global presence, but small enough to not lose focus. They also have to be willing to license out their server back-end software to larger customers so that there's no single central "cloud" infrastructure for the NSA (or GCHQ or whoever) to get their grubby little fingers into.
I can't really see any other solution working.
"If not Blackberry, then someone else. However, it would need to be a small to mid-size company who focusses on this and only this. Larger companies wouldn't keep focus since they would need a larger market share to justify their overheads. It needs to be a security specialist who focuses on the business market and who has no ambition to sell to the general consumer market. They need to be big enough to have global presence, but small enough to not lose focus. They also have to be willing to license out their server back-end software to larger customers so that there's no single central "cloud" infrastructure for the NSA (or GCHQ or whoever) to get their grubby little fingers into."
The problem is that the moment you TOUCH these countries, the TLAs and FLAs will want to get their hands on you, and the only countries big enough to withstand such a push will themselves have a vested interest in the information. So basically, no matter where you go you're screwed if you want to deal with any companies worth pursuing.
And in any event, these do nothing for apps that can do "side business" with the apps they have to use anyway (like with the camera bit for, say, a barcode scanner or a chat app). Android M is unfortunately going the wrong direction with regards to this new permission model: simplifying rather than adding more specific permissions so that, say, the front camera is a different permission from the back camera.
Same here - Nicky Gumbel's Bible in a Year app is updated daily so needs network access. That's pretty much it - network access for updates (not to the text I hope - just the app!)
I sense a man who is envious of Focus on the Family's 220 million audience. He's picked an easy target - probably to draw attention away from himself. Perhaps he should consider a career as a spy?
Hairy Airey muses: "(not to the text I hope - just the app!)"
Out of curiosity, why do you think that your favorite variation of an Xtian cult's version of biblical text is the correct one? I can think of at least a dozen variations off the top of my head, and that's just the English translations!
Organized religion is a virus all by itself, IMO.
That's pretty off topic - I suggest you do some actual research you'll find that the New Testament is the most accurately copied book in history because of the number of available manuscripts. Homer's Iliad has 643 and I think the figure for the New Testament is over 30,000. If you're taken in by the media stories that the truth of the Bible hangs on a single bit of evidence then you truly are a mug. I recommend Josh McDowell's books. He was a skeptic who set out to disprove Christianity and couldn't.
Thing is, what we read is still a translation (the Old Testament IIRC was originally written in Hebrew and the New Testament in Greek), and things can get lost in translation. Like that thing in Leviticus concerning...now was it homosexuality or pederasty? How can we be so sure things didn't get lost in translation?
"the Old Testament IIRC was originally written in Hebrew"
And Aramaic, with a little Koine Greek, in modern variations of "Old Testament".
"and the New Testament in Greek"
Koine Greek, to be specific, with a little Aramaic thrown in for spice.
Absolutely zero percent of modern Xtians can read the book that they claim to be "holy" in the language that it was initially written in. There is a reason that early Xtian leaders referred to their congregations as "flocks" ... Sheeple, the lot of them.
"...with a little Koine Greek, in modern variations of "Old Testament"."
I think that refers to the Septuagint, which when put together with the New Testament basically gives you your earliest combined Bible in a unified language. Thus it's AKA "Biblical" Greek: the language of tradition for the Greek Orthodox Church.
That's very cute. Hope you don't work in IT, do CAD, or manage anything else where having the correct copy is essential.
"Accurately copied" vs "30,000 versions of manuscripts"? (Your words.)
Because that's called "amalgamation" and is a long, dangerous way from version control.
"That's pretty off topic "
You brought the subject up, Hairy Airey
."I suggest you do some actual research you'll find that the New Testament is the most accurately copied book in history because of the number of available manuscripts."
You are wrong, Hairy Airey. Compare and contrast any four "mainstream" variations. (As a side-note, I take it that you don't believe in the Old Testament?)
"If you're taken in by the media stories that the truth of the Bible hangs on a single bit of evidence then you truly are a mug."
Which of the Gospels truly reported the last words of Christ? Matthew, Luke, and John each record a different story. They can't all be correct. Mark was silent on the subject.
"He was a skeptic who set out to disprove Christianity and couldn't."
You can't disprove a belief. All you can do is point out the illogic behind the myth.
"Even if you can demonstrate the belief is paradoxical?"
Doesn't work with faith/belief. Consider that most religious systems insist on the belief that gawd/ess/es is/are all-powerful.
Now consider the late, great George Carlin's simple question: "If god is all-powerful, can he make a rock so big that he, himself, can't move it?" Thus, logically, the very concept of an omnipotent being is pure bullshit. Hasn't shifted the opinion of any of the faithful, now has it?
Near as I can tell, religions were invented by, and are perpetuated by, the ruling class to keep the rubes in their place.
"Now consider the late, great George Carlin's simple question: "If god is all-powerful, can he make a rock so big that he, himself, can't move it?" Thus, logically, the very concept of an omnipotent being is pure bullshit. Hasn't shifted the opinion of any of the faithful, now has it?"
As I recall, he wasn't the one who came up with the question, which is just a single-entity variant on the "contradiction" question: What happens when the irresistible force meets the immovable object? or What happens when a spear that can break any shield meets a shield that can block any spear?. The only answer anyone's been able to come up with is, "Who the ____ knows?" So its not so much a test of faith but rather a conundrum of logic that has no simple answer. A better question to ask is, "If God is both all-good and all-powerful, why does evil exist?" The logical reasoning leads to the idea that God cannot be BOTH all-good AND all-powerful: one or the other cannot be true if evil exists (yes, even if you argue that God LETS evil exist, then he's not ALL good).
Hello,
It is kind of Mr. McAfee to raise awareness of the problems that occur with excessive app permissions, as well as offer a solution to the problem he has described.
While I have no doubt that his programs work as advertised, it is important for enterprises to keep in mind when developing (or updating) their BYOD policy that first and foremost policies have to be ones that users will follow. If not, users will look for ways to bypass it.
Keeping unwanted and insecure apps off of smartphones is the proper role of a mobile device management (MDM) policy. All manufacturers and carriers provide some level of MDM functionality today whether it be over-the-air or on-prem.
There are also plenty of MDM tools available for Android, Blackberry, iOS and even Windows Phone, sometimes for free from the OS vendor and sometimes as part of existing third-party management tools.
Mobile device management also provides additional benefits beyond securing at the app perimeter, such as encryption, being able to remotely wipe corporate data and apps while leaving the user's personal data and apps intact and so forth.
While it is becoming more and more important to keep insecure apps off of smartphones, it is also important to remember that for enterprises, a smartphone's to provide rich access to corporate data can also benefit attackers as it does end users. Given their inherent portability and increased likelihood that an attacker may have access for an extended period, it makes sense for each organization to assess their own levels of risk and provide properly-nuanced management tools to ensure their smartphones are business productivity tools, not Trojan Horses.
Kind regards,
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
