Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management
    • Mobile

    Cell Phone Spy Program Raises Concerns

    By
    Matt Hines
    -
    March 30, 2006
    Share
    Facebook
    Twitter
    Linkedin

      A program designed to help people spy on their loved ones mobile phone usage is raising concerns among some security experts who say that enterprises need to be on the lookout for the product, which is marketed under the brand name FlexiSpy.

      Researchers at security applications maker F-Secure issued an alert to customers informing them of the product and warning that if it is loaded on their employees mobile devices, the tool could pose a significant threat to businesses.

      Sold by a Bangkok-based vendor known as Vervata for $49.95, FlexiSpy promises the ability for its users to load the spy program onto a handheld and then receive e-mail reports that provide detailed information on how the device has been used.

      The product is specifically marketed as a way for people to keep an eye on their domestic partners or for parents to monitor their childrens mobile phone habits.

      FlexiSpy promises to divulge a range of private information about devices it is loaded on, including what phone numbers a handheld has been used to dial, how long individual conversations lasted, and even what geographical direction the devices owner is heading in.

      In addition, the program promises to provide complete transcripts of any SMS text messages sent or received on a device, along with related mailbox information.

      The product currently works only on Nokia Series 60 phones running Symbians operating system software, but Vervata is promising to offer support for handhelds running on Microsofts Pocket PC platform and Research In Motions BlackBerry devices by the end of April 2006.

      /zimages/2/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

      Each license of the product allows for it to be loaded onto only one device, but the firm also sells a license for tracking multiple handhelds.

      A person must have physical access to a device in order to load FlexiSpy onto the handheld, although it does carry the ability to be loaded wirelessly in close proximity to a device. However, once loaded, FlexiSpy requires that it is also launched manually on a handheld.

      The product works by secretly passing data from a handset carrying the software directly to Vervatas servers, which then generate “alert reports” that are issued to people who have installed the program.

      Company officials didnt immediately return calls seeking comment on the F-Secure report. However, on its Web site, Vervata specifically addresses the notion that FlexiSpy could be viewed by some people as a malicious program, or even a so-called Trojan attack.

      “FlexiSpy requires [that it is] consciously installed and configured by someone, unlike a virus or Trojan which spreads automatically without any action,” reads the disclaimer, which at no time addresses the potential illegality of secretly monitoring other peoples calls. In the United States, federal laws prohibit the unauthorized tapping of phones.

      According to F-Secures report, FlexiSpy is able to hide itself in the Symbian OS to the extent that it is very hard to find, and the program also requires use of Vervatas application management tools to be completely removed from a handset. Its handset-borne user interface can only be accessed via a special code created by whoever installs the program.

      “What makes this interesting is that FlexiSpy is a Trojan spy written by a company for commercial reasons,” Jarno Niemelä, an F-Secure researcher wrote on the companys blog site.

      “The company even claims that FlexiSpy is not a Trojan; however, the application could easily be used by malware installing it as part of its payload, or a hacker could simply send it to a victim over Bluetooth and trust that there are enough curious people to install it.”

      F-Secure added FlexiSpy to its list of malicious programs and said it will distribute a security patch that blocks the product to its customers.

      Other security researchers observed that FlexiSpy straddles the line between what the industry specifically labels as malware, and products that can be used in a malicious way by users.

      Beyond regional laws that govern the legality of gathering the types of data FlexiSpy offers to provide, ultimately the true nature of such programs is determined more by the manner in which people use them, said Graham Cluley, a consultant with U.K.-based security software and appliance maker Sophos.

      “You imagine that it would be used by jealous boyfriends, but it may also be used inside business,” said Cluley. “However, businesses themselves already employ a number of tools to monitor end user behavior on the desktop, so it could also be something that companies potentially use themselves.”

      Much like programs such as WeatherBug, which some experts view as adware and others see as useful applications, companies will have to decide for themselves if FlexiSpy is something they want to prohibit, he said.

      /zimages/2/28571.gifTo read more about do-it-yourself malware kits, click here.

      “This really gets into the grey area of what some people view as acceptable, and others see as a clear risk for malicious abuse,” said Cluley.

      “Enterprises potentially need to put FlexiSpy on the list of things they look out for, but in the end people like us will need to allow customers to decide for themselves.”

      /zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Avatar
      Matt Hines

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×