July 29, 2011
Lookout Super User: Maria Bernstein
Location: San Francisco, California
Lookout User Since: February 2011
Device Type: Samsung Galaxy
Favorite Lookout Feature: Find My Phone
What do you use your phone for?
“I am always on the go and I am completely reliant on my phone for everything: GPS, calendar, contacts…you name it!”
How Maria found Lookout
“I was browsing apps and saw Lookout. It was such a great find!”
What Maria Loves About Lookout
Maria is a big fan of Lookout’s Locate and Scream features. As an attorney and a mother of two, Maria’s time is very valuable. She used to spend numerous hours frantically searching for her phone when it went missing—now she uses Lookout to map the location and sound the alarm. With Lookout, “the search for my phone ends before it begins.”
Moral of the Story
“Lookout is wonderful. I only wish your product existed for keys, remotes and wallets.”
How Lookout Saved the Day
Maria is an attorney who juggles her life between two cities: San Francisco and Albuquerque and travels constantly. To keep her life organized, she relies on her Samsung Galaxy. Maria admits, “the travel, my ADD, two kids and too many commitments make it tough.” One consequence is that she loses things–including her phone–which contains all of her important information (her schedule, contacts, text messages and emails). Maria explained that, “when it’s gone, it could be anywhere – I’ve left it the fridge, on the car, in the gutter, at the bar, under my mattress.”
Maria learned the hard way what happens when you lose your phone multiple times (for good)…“The phone insurance companies WILL cut you off!” After losing three phones in one year, the phone insurance companies refused to insure Maria’s next phone. Not only did she have to pay the price of a replacement phone, she learned that the data on her phone was equally valuable and irreplaceable: “New phones are not equipped with old information nor necessarily backed-up.”
And Maria found that she was wasting precious time every week searching for hours when her phone went missing. She remembers that the regular searches for her phone would constantly make her tardy or absent for important functions. In an effort to locate her phone, Maria even resulted to purchasing a landline telephone—solely to use to call her cell phone to find it in her house!
After Maria discovered Lookout, her days of spending stressful hours searching for her phone were over. Maria told us that Lookout helps her locate her phone “even when buried in the most creative of places!” Since downloading the app, Maria has located her phone with Lookout dozens of times. Maria’s only complaint: “I wish Lookout existed for keys, remotes and wallets!”
Do you have a story to share?
Do you have a super story to share about Lookout? If so, we would love to hear from you. Send your mobile memoirs to: superusers@lookout[dot]com. If we select your story, you will get featured on our blog. We look forward to hearing how Lookout Mobile Security saved the day for you!
July 27, 2011
100 Android apps
10 CNET editors and writers
16 days of voting
… only 10 winners
From July 11 to July 22, 10 CNET editors and writers each took turns at listing their 10 favorite Android apps, resulting in the CNET 100. Up until July 26th, users were able to vote for their favorite apps in the Top 100, which were narrowed down to a final Top 10. We found out today that, thanks to our amazing fans, Lookout was selected as one of the Top 10 apps! This is a great honor for us, being in the company of apps like Google Maps, Dolphin Browser HD, SoundHound and Fruit Ninja. We have been recognized before by websites like CNET, PCWorld, and TechCrunch, but it means even more when the award comes from our users.
So thanks to everyone who voted! We certainly appreciate your support and feedback—we’re very proud to offer a product that users consider a favorite!
July 27, 2011
Are you ready for the largest technical security conference in the world? We are. In one week, thousands of security thought leaders from around the globe will meet in Las Vegas, Nevada for Black Hat 2011, a series of technical conferences featuring the latest and greatest in security research. Our team is gearing up to give a presentation, and we’re excited—once again—to be part of this event.
Over the years, Lookout’s co-founders, John Hering and Kevin Mahaffey, have become Black Hat regulars: presenting on an array of mobile security topics. Last year, John and Kevin demonstrated how apps access private information on mobile devices.
This year, Lookout’s security team’s Anthony Lineberry, Tim Strazzere, and Tim Wyatt will present: Don’t Hate the Player, Hate the Game: Inside the Android Security Patch Lifecycle. The team will demonstrate what it takes to push a security update in the Android ecosystem, show prominent vulnerabilities that have affected the platform, and examine the patch history and current state of prominent devices. Anthony will also be discussing the mobile risks enterprises will face and what organizations can do to protect themselves in: Owning Your Phone at Every Layer – A Mobile Security Panel.
And just as Black Hat comes to a close, DEF CON 19 will begin! We are excited to see what will come out of both of these great events this year.
We hope to see you in Vegas!
July 26, 2011
While your bank can’t travel around in your back pocket, your mobile phone can. In fact, it is probably always with you. Today, more people are recognizing the growing number of features banks and other financial institutions offer their customers in the form of mobile banking apps and the mobile web. Take a look at how fast mobile banking is growing and learn what you can do to stay safe while mobile banking.
Note: Infographic was corrected to fix an error.
(click image to enlarge)
July 20, 2011
Do you ever wonder how we provide such great protection for our users? Today, we are excited to unveil how we keep our users safe with the Mobile Threat Network, and introduce how we are extending this protection to our partners in the mobile ecosystem.
The Mobile Threat Network is a platform that automates the threat detection and analysis process to stay ahead of growing mobile threats and protect users as quickly as possible. The beauty of the Mobile Threat Network is that, despite its power and technical sophistication, our users don’t need to know it is running silently in the background.
The Mobile Threat Network is powered by a database of over 700,000 apps that grows steadily as more and more applications are added to app stores around the world. Every new app that is added to our network is scanned for suspicious anomalies that could indicate malware and compared to the apps that are already in our system. If malware is detected, protection is automatically sent to our 10 million users.
In addition to providing protection to our users, we are taking the Mobile Threat Network a step further. Starting today, we are extending the automatic protection that is already available to our users to app stores and download sites through the Lookout API. Verizon’s V CAST Apps Store is the the first app store to adopt the Lookout API, enabling Verizon Wireless customers to download and use apps knowing they have been thoroughly checked for threats.
If you’d like to learn more about the Mobile Threat Network and the Lookout API, you can watch a live presentation today, given by Lookout co-founder and CEO, John Hering, at Fortune Brainstorm at 3:20 p.m. PDT.
July 19, 2011
Once a year, the world’s top technology and media leaders, influencers, entrepreneurs and innovators meet in Aspen, Colorado for the much anticipated Fortune Brainstorm TECH. This year, we’re excited to announce that Lookout’s CEO and co-founder, John Hering, was invited to speak at the event and announce some exciting Lookout news. Fortune Brainstorm kicks off today July 19, at 3:00pm Mountain Time, and will focus on how technology companies are utilizing the latest and greatest products and services to thrive in this economy.
The 2011 agenda will include one-on-one interviews with Dick Costolo, (CEO, Twitter), Patrick Pichette, (CFO, Google), and Lowell McAdam, (President, Verizon). Panels and roundtables will cover an array of topics ranging from mobile payments and the future of e-commerce, to business vs. government, and advertising for mobile/tablets.
At 4:20pm Mountain Time (3:20pm PST) tomorrow, Lookout’s CEO, John Hering, will take the stage to announce some exciting news! Be sure to tune in to Fortune Brainstorm’s virtual conference to see all of the ongoing talks at Fortune Brainstorm and watch John’s live presentation tomorrow.
July 13, 2011
In the past week, investigations into the British hacking scandal reported that News of the World journalists may have hacked into as many as 4,000 mobile phones. These attacks have raised serious concerns and even spurred three US Senators to lobby for investigations here in the United States. This news has left many mobile users wondering how it was that hackers were able to gain access to mobile devices and what steps they can take to protect themselves from such attacks?
There are multiple techniques that News of the World newspapers might have used to hack into phones. One method takes advantage of poorly password protected voicemail accounts. Many people choose very simplistic voicemail codes (1111) or never even take the time to change the factory default voicemail PIN number on their devices, making it very easy for hackers to listen to voicemail messages that are stored on cell phone carrier’s servers. If a hacker called a victim’s phone, another hacker could call the line at the same time and be sent directly to voicemail. The hacker could then enter the default codes and be granted access to the account without the victim’s knowledge.
Attackers might also use social engineering to impersonate a user or otherwise trick a third party (for example, carrier support personnel) into resetting access codes and thus granting them access to an account.
Hackers may also have gained access to accounts by spoofing the victim’s caller ID. Hackers can use a Voice-Over-IP (VOIP) service that allows them to select a different outbound caller ID. They then only need to call a victim’s cell phone number, and unless they encounter a PIN gating the voicemail box, the hacker will gain access to the victim’s voicemail account.
While these hackers used a variety of tricks to access accounts, there are steps that users can take to protect their phones. First, make sure to set a password on your voicemail. You should not rely solely on the voicemail system to detect that the call comes from your number. Second, it is important to set a strong password on your voicemail account. Avoid simplistic passwords: such as the last four digits of your phone number, or public information (birthday). As a general rule of thumb, if the passcode information may be available on Facebook—don’t use it for your code. For added protection, you may also be able to ask your mobile carrier to set a password on your account to prevent people from modifying it without your knowledge. By following these basic steps, users can keep their phones—and privacy—better protected.
July 12, 2011
Our phone has become such a fixture in our day-to-day activities that we can sometimes feel naked without it. Here at Lookout, we’ve heard stories from users who have lost their phones everywhere – from at a bar, in a mall, and even in a taxi cab in a foreign country! Whether you can’t seem to find it in your purse or you forgot it at home when you left for work, being without your phone can be a stressful experience.
If you have ever lost your phone or had it stolen, you know how horrible it feels. You not only feel disconnected, you quickly start to think about all the valuable information on your phone that you can’t live without – pictures, text messages, contacts, notes and more. In a new infographic, we took a closer look at how people lose their phones and how much it costs to get it back. And don’t worry, if you are one of those people who always seems to lose their phone, Lookout includes a cool feature to find your lost phone on a map or have it sound a loud alarm – even if it’s on silent! Read more about how Lookout has helped people find their phones.
(click image to enlarge)
July 8, 2011
Looking for more information on mobile threats like DroidDreamLight? Check out Lookout’s Top Threats resource.
The Lookout Security Team has identified a new variant of DroidDream Light found in the Android Market, which Google already removed from the Android Market. Fortunately the malware was available in the Android Market for a short period of time so the number of downloads was limited to 1000 – 5000. This is the third iteration of malware likely created by the authors of DroidDream; the first was discovered in early March (the original DroidDream) and the second in early June (DroidDream Light).
Four applications in the Android Market published by a developer named “Mobnet” were found to contain malware that is nearly identical to DroidDream Light. Though our analysis is still underway, these applications are likely published by the same author as the original DroidDream malware.
All Lookout Free and Premium users are automatically protected from this malware and the applications have been removed from the Android Market.
Infected applications include:
- Quick FallDown
- Scientific Calculator
- Bubble Buster
- Best Compass & Leveler Note: There is legitimate application that has a package name similar to that of Best Compass & Leveler. The Trojanized application capitalizes the package name (i.e. com.gb.CompassLeveler), while the legitimate application does not (i.e. com.gb.compassleveler).
Who is affected?
Apps containing DroidDreamLight were available for download from the official Android Market. Anyone who has downloaded the apps listed above published by the developer “MobNet” may be affected.
How DroidDream Light Works
Similar to the first samples of DroidDream Light found, these samples are not reliant on the manual launch of the infected application to start. Upon initiation it appears that the malware has the capability to:
- Change next connection time
- Change C&C server (feedproxy) in use
- Initiate an application download
- Create several app install-related prompts on the notification bar directing the victim to:
- Download other apps from the Android Market
- Visit a specific URL (likely malicious)
- Download an application from an HTTP server showing a notification with progress bar, and on completion fire an intent to prompt an install (parameters: description, title, packagename, url, filename)
- Download an updated APK for the infected application which would in turn download an updated version of the malware.
How to Stay Safe
Lookout Free and Lookout Premium users are currently protected against this malware. With the discovery of this new malware, it is more important than ever to pay attention to what you’re downloading. Stay alert and ensure that you trust every app you download. As we uncover more details about DroidDream Light and related malware we’ll keep you updated.
- Only download applications from trusted sources, such as reputable application markets. Remember to look at the developer name, reviews, and star ratings.
- Always check the permissions an app requests. Use common sense to ensure that the permissions an app requests match the features the app provides.
- Be aware that unusual behavior on your phone could be a sign that your phone is infected. Unusual behaviors include: unknown applications being installed without your knowledge, SMS messages being automatically sent to unknown recipients, or phone calls automatically being placed without you initiating them.
- Download a mobile security app for your phone that scans every app you download. Lookout users automatically receive protection against this Trojan.
July 1, 2011
Calling all Lookout users: we want to hear from you! Lookout’s running a contest to find the best user stories.
Has Lookout helped save the day by backing-up photos that you thought you lost forever? Maybe Lookout helped you find your phone in an unlikely place, or caught a thief who stole your mobile device? Perhaps Lookout stopped a Trojan, virus, malware or spyware from infecting your phone? If you have Lookout Premium, maybe you were able to lock your device or wipe your data from your phone when it was lost?
If you have a great story to share, send it to us…we’ll be choosing 4 winning stories! Three (3) winners will receive a $50 Amazon Gift Certificate, and a year of Lookout Premium for FREE. And the #1 winning story will receive a free Android Tablet!
We’re accepting stories in all forms (email, snail mail and video!):
Snail mail: (Attn: Super User Story) 500 Third Street, Suite 455, San Francisco, CA 94107
Video: upload your video to YouTube and email us the link. The top videos will be featured on our Youtube Lookout Channel.
***Please be sure to include your name, email, and name of the city you live in with your submission.
The deadline for submitting your story is FRIDAY, JULY 15. Feel free to take a look at past Lookout Super User’s stories here: John Mueller and Sara Dellabella, and in some instances you may even be featured in major publications like this BBC story: Mobiles and tablets: A new threat to the business world? If you have any questions, email us: feedback[at]lookout.com. We look forward to hearing how Lookout has helped save the day for you!