Our hard battle against data leakage

Fight of David and Goliath for re-establishing privacy.

 

girl-with-smart-phone-1616794-1279x852We live in a world full of tech gadgets: smartphones, smartwatches, smart TVs – everything is smart around us.  They are with us from early morning till late night; they help us to wake up, assist us to work efficiently, entertain us and help us getting organized. When was the last time when you spent an entire day without even looking at them…?

Your memories, photos, notes, messages are all available on your smart devices – so you can consider them your allies… But what if they are not? What if they are nothing but well-crafted tracking devices?  What if you put every single piece of sensitive information to a high risk whenever you open your business mails on your phone, whenever you send a message containing specific words, whenever you take a photo of a document or send accounting papers via email?

It doesn’t matter what it is – it can be the secret ingredient of your new invention, weak points in your business that your competitors would love to see; personal information about your habits, interests, who you slept with and where you would pick your children up after school. There is a hidden danger which threatens your personal or corporate data; hidden – because you don’t know when and what is happening; you don’t know who is associated with it, what will happen next. This threat is called data leakage.

 

The facts

Potencypaper-6

There’s an entire industry built only for using data collected by tracking what you say and what you do. In some cases, you give consent to this when you accept those Terms and Conditions you never read; in other cases, it happens without your consent, without your knowledge and therefore without limits.  You’ll shortly know how we discovered that.

Just imagine a flashlight application which records entire conversations by turning on your microphone instantly. Or imagine your favourite sport tracking app knowing everything about you and about what you like, where you shop and what you like to do. Or imagine your beloved games creating a complete profile out of you and your interests and activities. These are issues we discovered after examining 10,000 popular applications like the ones you probably use day by day.

So what to do if this is happening all the time and without borders?  Fighting against it may seem hopeless – of course you cannot turn off everything, unplug them, remove batteries and isolate yourself completely. However, what you can do is to better know what’s happening on your phone and other devices  – and here comes App-Ray.

At App-Ray, we are committed heavily to regain control over your devices and get your privacy back. We believe people should live and work free of surveillance, control and influence.

Privacy is what allows us to act appropriately in whatever setting we find ourselves. In the privacy of our home or bedroom, we can relax in a way that we can’t when someone else is around.
Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.

(Bruce Schneier: Data and Goliath)

What we do

Our mission is to push the whole smart device- and IoT-industry to a safer direction. We all need a tool which shows whenever there’s a threat to our personal or corporate data, so we can make a rational decision whether to use or not to use that particular app or tool.

If you or your company has own apps, own environment, maybe an entire app store, this problem can be extremely painful. A testing tool like App-Ray helps you to identify vulnerabilities, see bad practices and discover how to fix them.

We scan apps by putting them into a sandbox environment, where they go through a high-depth security check procedure. It usually takes a few minutes only, and after that you will have a fully detailed report of what kind of issues that particular app have.

The process is highly automated, therefore less prone to human errors, and it is greatly efficient in terms if time costs and financial expenses. Besides, you don’t even need the source code for that.

 

…and we’ve got a lot of things to do

App-Ray realized that at least 8 out of 10 apps should implement better practices in communication, data management and other areas of security. Many apps have backdoors and maintain hidden communication with 3rd party services for a reason; while others have unintentional problems, which, of course, needs to be fixed, too.

As more and more studies and scandals arouse in recent years about privacy breaches, we became more aware of the problem, but the solution is still far from now.

 

We decided to share details about critical privacy issues with popular applications – messaging apps, news apps, educational, recreational and entertainment apps and games. Several reports will be published every week. Stay tuned and subscribe for newsletter; you’ll hear from us.

 

(data source: own research / McAffee – IBM Mobile Security report)