Thursday, August 6, 2015

Tell me who are your friends and I'll tell you if Facebook will loan money to you

Facebook has just patented a system that will determine the creditworthiness of a person based on their circle of friends in this social network. Lenders will receive from Facebook various lists (gray, black and white) which indicate the average social environment creditworthiness of the one who have requested the credit. Today we'll also explain that Google will update Android more frequently, how can an app  find our phone number and an attack that appears to come from the Land of Lollipops: Man on the Cloud.

Esther Vargas

Facebook's new patent is related to a system of authorization and authentication based on the network of a person who may have many uses, such as filtering your spam and offensive content or improve your searches. Facebook suggests only one of them, as new as disturbing: an application which automatically determines whether a person is worthy of a credit, considering the economic capacity of their network of friends. Welcome to the future.

Android security

We leave this information that, for now, is just a curiosity, to get into the real news of the day: Google announce that Android will improve its security with more regular updates, in addition to agreeing with manufacturers that "perform" Android. Samsung has announced that it will make monthly updates. This move comes after the discovery of a serious failure, Stagefright, which allows attackers full control over Android. We cross our fingers in order to really get this update.

What's your number?

We do not leave the world of phone safety to recommend you an article where is explained how to know if an application could know our phone number on Android. This information is important to prepare against various attacks, including the mentioned Stagefright, which can reach us through a malicious MMS.

Man in the cloud

We finish with a new kind of attack, integrated into the new category of Man in the Cloud Attacks, which abuse of popular cloud services. In this case, Hacker Intelligence Initiative experts of the company Imperva have focused on services like Dropbox, Google Drive, Box and One Drive, by Microsoft, to show how it is possible to operate services file synchronization and thus gain remote access system, without needing to know the credentials of the victim, "simply" sending a malicious file.

We can see how the cybercrime and insecurity progress and how it is possible today to have phones without regular updates. Congratulations to the manufacturers which, little by little, are getting upgraded.  


Post a Comment