11-04-2013, 10:29 AM
Security Issues
Moving beyond accounting questions, the Muddy Waters report also attacks NQ’s products, calling its antivirus application “spyware” that’s “unsafe for sale to consumers,” based on analysis of the code and its functioning by software engineers that the report doesn’t name.
The application creates vulnerabilities in users’ phones that make them less secure, sends far more data than necessary to servers in China, doesn’t use basic industry standards to secure the data and creates fake alerts for viruses, according to the report.
An analysis obtained by Bloomberg news of NQ’s Mobile Security & Antivirus application by ViaForensics, a mobile security app and testing company, found that the application has poor security leading to leaked sensitive data. The app does appear to generate fake virus alerts, according to ViaForensics’ analysis, which also found indications that it sends contacts and contents of text messages back to the company, “a serious privacy concern.”
‘Very Poor’
“In terms of the data it collects and sends back to the vendor, that’s not atypical, because antivirus apps need to collect a lot of data to protect the phone,” said Thomas Cannon, director of research and development at Oak Park, Illinois-based ViaForensics. “The concern is the security is very poor. You wouldn’t expect that in a security application.”
NQ Chief Product Officer Gavin Kim denied that NQ sends sensitive private data to China in the Oct. 25 conference call with investors. He also said that the virus alerts mentioned by Muddy Waters are simply a notice to new users of the company’s virus database about the latest virus discoveries.
It doesn't say vault it says mobile security and antivirus application.
When I read this, I thought this was a huge issue. However after digesting it I realized the following things.
A. The 'fake virus generation' Covered by NQ, but i believe it probably really is designed to mislead people, or make it confusing. A little unethical but a minor issue.
B. What they're criticizing isn't how well the software performs but that its own security is poor. Which leads me to ask this question, are antivirus software generally secure?
http://www.klocwork.com/blog/software-se...hers-warn/
Apparently not it looks like.
Moving beyond accounting questions, the Muddy Waters report also attacks NQ’s products, calling its antivirus application “spyware” that’s “unsafe for sale to consumers,” based on analysis of the code and its functioning by software engineers that the report doesn’t name.
The application creates vulnerabilities in users’ phones that make them less secure, sends far more data than necessary to servers in China, doesn’t use basic industry standards to secure the data and creates fake alerts for viruses, according to the report.
An analysis obtained by Bloomberg news of NQ’s Mobile Security & Antivirus application by ViaForensics, a mobile security app and testing company, found that the application has poor security leading to leaked sensitive data. The app does appear to generate fake virus alerts, according to ViaForensics’ analysis, which also found indications that it sends contacts and contents of text messages back to the company, “a serious privacy concern.”
‘Very Poor’
“In terms of the data it collects and sends back to the vendor, that’s not atypical, because antivirus apps need to collect a lot of data to protect the phone,” said Thomas Cannon, director of research and development at Oak Park, Illinois-based ViaForensics. “The concern is the security is very poor. You wouldn’t expect that in a security application.”
NQ Chief Product Officer Gavin Kim denied that NQ sends sensitive private data to China in the Oct. 25 conference call with investors. He also said that the virus alerts mentioned by Muddy Waters are simply a notice to new users of the company’s virus database about the latest virus discoveries.
It doesn't say vault it says mobile security and antivirus application.
When I read this, I thought this was a huge issue. However after digesting it I realized the following things.
A. The 'fake virus generation' Covered by NQ, but i believe it probably really is designed to mislead people, or make it confusing. A little unethical but a minor issue.
B. What they're criticizing isn't how well the software performs but that its own security is poor. Which leads me to ask this question, are antivirus software generally secure?
http://www.klocwork.com/blog/software-se...hers-warn/
Apparently not it looks like.