Continuing our trend of appreciating what we have achieved, this month we discuss MoST 2013. Join us as we provide clear hindsight to one of the events that raised awareness for mobile security. A year in our time pretty much equals ten years in the field of mobile security. It was the year 2013 that the world what introduced to the concepts of Augmented Reality (AR), “Checking In”, and many others.
We brought together some of the best researchers and practitioners to further explore new advances in privacy and security for mobile devices, systems, and other applications. For 2013, our keyword speaker was David Molnar, a researcher at Microsoft Research. Molnar holds a PhD from the University of California.
His discussion was entitled: “Security and Privacy Challenges in Mobile Augmented Reality”. For those unfamiliar with the concept, AR is the tech that superimposes a computer generated image (CGI) upon the user’s view which creates an overlay view. This was popularized by the Nintendo 3DS when it had launched in 2011.
Molnar placed emphasis on privacy concerns for its many users. AR was primarily used in consoles like the Microsoft Kinect and certain mobile applications. Today, you would know this to be what is used for the popular mobile app Pokemon GO. Molnar also touched upon the positive security and privacy apps that are now enabled because of AR.
Carrying on from last year’s program, there were different sessions that discussed different facets of mobile security. They touched specifically on location and permission, authentication, and privacy and attacks.
There were papers and studies presented by a number of students and professionals. One presentation entitled “Quantifying the Effects of Removing Permissions from Android Applications” was quite interesting. They developed a system for evaluating the supposed effects of removing individual permissions from applications. They found that not all permissions are created equal.
Another study of note was Salvador Mandujano from Intel Corporation. His discussion was entitled “Privacy in the Mobile Hardware Space: Threats and Design Considerations”. It was a survey of the common privacy threats that would be applicable to the hardware of mobile platforms. The study further clarified what mobile malware was and what it does. This placed much emphasis on the need to up the defense of mobile devices. It also presented that hardware and embedded firmware development must take into consideration the risks that are ever present in the sphere of mobile security.
It was a productive conference in the sense that people got a better understanding of the evolving threats that could pounce at any moment. The researchers and speakers placed a lot of emphasis on the fact that there seems to be an alarming disregard for the privacy of users with regard to app permissions and app functionality.
2013 brought light to an issue that really needed attention: the risks brought on by geo-tagging and app permissions. Mobile devices are here to stay so it would be in everyone’s best interest to find better ways to secure it.