vulnerable – PSafe Blog https://www.psafe.com/en/blog Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general. Thu, 19 Jan 2023 14:49:21 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 https://www.psafe.com/en/blog/wp-content/uploads/2018/05/cropped-psafe_blog_purple-shield-32x32.png vulnerable – PSafe Blog https://www.psafe.com/en/blog 32 32 <![CDATA[Using a OnePlus? Be Aware of These Security Vulnerabilities]]> https://www.psafe.com/en/blog/oneplus-security-problems/ Mon, 19 Jun 2017 12:50:43 +0000 https://www.psafe.com/en/blog/?p=11923 While OnePlus fans eagerly await the Chinese phone’s release, they might want to take a look at a few of the phone’s flaws as well. Recently, security experts have uncovered major vulnerabilities in the OnePlus One, X, 2, 3 and 3T that pose a major risk to OnePlus users. If you’re interested in buying a OnePlus, be sure to download DFNDR on your new phone and to run Full Virus Scans regularly to keep your device secure against hackers that are taking advantage of the recently discovered vulnerabilities. In the meantime, don’t neglect the security of your current smartphone. Click here to run a scan now:

run-security-scan
As consumers anticipate the arrival of the OnePlus 5 on June 20th, speculation about the newest smartphone’s updated features abound. Similar to its smartphone predecessors, the OnePlus 5 is anticipated to share a 5.5-inch AMOLED display with curved sides. The phone will rely on the Snapdragon 835 processor and it is rumored to have a 3,600mAH battery with faster charging.

Read More: Here Are the 5 Safest Apps for Live Streaming

OnePlus Updates

OnePlus manufacturers are still sending smartphone users operating system updates and security patches over unencrypted channels. When these updates are sent through insecure channels, remote hackers are able to perform man-in-the-middle (MitM) attacks. This flaw alone is not enough to allow malicious updates to reach phones. However, when combined with other security loopholes, it allows cyber attacks to override the digital signature associated with legitimate updates.

OnePlus Downgrade Attacks

Unlike Android devices which contain code that prohibits smartphone users from downgrading their operating system, the OnePlus contains no such checks. Due to this oversight, hackers are able to remotely downgrade the phone’s operating system to an earlier version which contains vulnerabilities addressed by later OS upgrades.

OxygenOS and Hydrogen OS Attack

The firmware of OxygenOS and Hydrogen OS for the OnePlus both rely on the same over-the-air verification keys. Due to this oversight, remote hackers are able to replace any version of the Oxygen operating system with any version of the Hydrogen operating system, according to security experts Roee Hay and Sagi Kedmi, who uncovered the security loopholes.

OnePlus One and OnePlus X OTA

Similar to the two flaws above, this crossover attack targets only the OnePlus X and the OnePlus One. In the case of this particular flaw, an MitM attacker can go a step further and replace the Hydrogen or Oxygen OS designed specifically for the OnePlus X phone with the version intended for OnePlus One phones. This attack is made possible because both versions share the same over-the-air verification keys as well as the same ro.build.product system property. The seriousness of this particular vulnerability should not be taken lightly, as it may render the device unusable until the phone has gone through a factory reset.

]]>
<![CDATA[Does the Internet of Things Make Your Home More Vulnerable?]]> https://www.psafe.com/en/blog/internet-things-make-home-vulnerable/ Tue, 11 Apr 2017 16:00:24 +0000 https://www.psafe.com/en/blog/?p=9841 You may have watched those shows on how to keep your home safe: you don’t leave ladders hanging out in your yard, you keep your doors and windows locked, you store cash and valuables in a hidden safe. But if you’ve also jumped into the Internet of Things world by adding Wi-Fi-connected appliances to your home, you may be doing the online equivalent of leaving your home’s back door wide open.

Read More: Hackers Attack with Invasive New Mobile Virus

The Danger of the Internet of Things

Household appliances — and even plant pots — can now connect to the Internet. Our phones, TVs, and security cameras connect to the Internet. That’s a lot of connectivity. It can also create a lot of problems. You can run a quick Internet search about the security of your Internet of Things devices. Common issues or vulnerabilities will appear — something thieves and hackers will want to take advantage of.

With our constantly changing technology, it might be too much for the Internet of Things to keep up with breaches. Dyn, the world’s biggest DNS provider, was attacked back in October 2016. The DDoS (distributed denial of service) attack was formed by a botnet of millions of Internet of Things devices. The goal? To get onto the pages of Dyn users and collapse several sites like Twitter, Amazon, Netflix, and Spotify, leaving them dark.

How to Protect Your Home

Feeling worried? You should be. Fortunately, you can do things to better protect yourself. Look into the manufacturer of the Internet of Things products you buy. There should be frequent security updates, bug fixes, and stellar support.

Further, change default usernames and passwords. It doesn’t take long, and it will significantly cut down on your vulnerability. Purchase a firewall device to help block any would-be attackers. It’s one more way to make your house too difficult to mess with. It is worth the bit of extra effort, don’t you think?

]]>
<![CDATA[How Secure are Your Text Messages Really?]]> https://www.psafe.com/en/blog/secure-text-messages-really/ Mon, 09 Jan 2017 21:35:53 +0000 https://www.psafe.com/en/blog/?p=6845 ook at the 10 most recent text messages you have sent and received. How would you feel if they were broadcasted to the entire world? You would likely feel threatened if you had this information exposed. Unfortunately, you might already be at risk. Here are a few reasons why your SMS text messaging is vulnerable to hacking.

First of all, texts are not encrypted. This means that your text message is sent as is to the recipient. To elucidate, say you send a text message to a friend: “Hey, how’s it going?” This message is sent through the network exactly as shown. However, if it were encrypted, it could read something like “rjhnc sjsdg rl dsdd#.”

Read More: What Information Does Facebook Collect About Its Users?

While SMS lacks this encryption, WhatsApp has recently implemented an end-to-end encryption policy that makes texting much safer. Even if law enforcement interrogates WhatsApp about a certain message, they won’t be able to assist because they have no access to the decryption code.

This end-to-end encryption is proliferating in popularity throughout social media networks. Apple’s FaceTime and iMessage have recently added end-to-end encryption. A third party app called Signal has also added this protection by default to their app.

While regular text messaging isn’t encrypted at all, there are some messengers that only offer “in-transit” encryption, leaving them vulnerable to third party hacking. Skype, Yahoo messenger, Snapchat, Kik, Skype, and Facebook Messenger are just a few of the apps that offer this protection. While in-transit encryption is safer than SMS texting, it is not as secure as end-to-end encryption.

In order to assure maximum safety for messaging, ensure that you and your texting partner are both using the same end-to-end encrypted messaging service such as WhatsApp. This will allow both sent and received texts to have maximum encrypted security.

Despite the advanced coding on end-to-end encryption, hackers can still pick up bits and pieces of your messages in some cases. For instance, just by monitoring the data of the encryption, some hackers can tell if someone is cheating on their spouse, selling illicit substances, or is a member of an organization.

]]>