Introduction
This post lists some typical pratical tips about the security in the use of a mobile device. The term “mobile device” is applied indistinctly to a phone, a tablet or a wearable device. Also, it shows some code written in PHP language with vulnerability used at popular Content Management Systems, also know as CMS. CMS is used principally to construct mobile-compatible accessible websites.
Background
Security is one most important things since the mankind is over the earth. Wild animals roam around villages or small cities to consume food or devour the inhabitants. Thieves look for the possibility of entering homes or obtaining the properties or consumable things. More recently, cyber-attacks get access to bank accounts or credit card numbers. These are all examples that security has always been present in the life of mankind. And as the same humanity, security attackers have evolved along with the same life. A theory that naturalists such as Charles Darwin or Wallace always wanted to try.
Some Basic Sample Code
The following is a regular PHP code used by developers to publish a string to the mobile-adapted websites. It is commonly used in Joomla, Drupal, WordPress and related CMS.
$myvar=base64_encode('I am a simple malicious line of code!');
The line above will base64 encodes the string "I am a simple malicious line of code!". So, the following sentence:
echo($myvar);
will list out the encoded ASCII untranslatable string to the browser. Then add the base 64_decode function to a sites pages:
eval(base64_decode('complex_output_string'));
When the page is requested, the code will execute on the server and the malicious sentence will be added to the content that is exposed to the user via the form web. While a site owner would instantly be suspect of
'I am a simple malicious line of code!'
the function of the line of base64 encoded code is not as clear.
PHP code executes on your server and the results of that execution are inserted into the code that is sent to the users browser. If you open a page in a browser and view the source for the page, you will not see the PHP code you will see whatever output is being generated by the script. To find and remove the actual PHP code, you will need to edit the files on your server.
Points of Interest
It is good practice for all to ask the fact of find out the origin and features of an app before to download it in your mobile device:
1. Can I use this application?
It is a simple question, but due to preteens and teens downloading applications because "everyone"used this question becomes relevant, and is a reminder to consider the privacy and security when you download.
2. Who developed this application?
Its app store may include information about the company that developed an application in its description. However, if the application does not have a name of contact, website, or email, you may be not be a reliable application.
3. Who is using this application?
Take a look at the customer reviews in the app store and Google reviews, to see if there have been any complaints. Make sure that the comments are legitimate. Look for bad spelling, or typographical errors which may be an indication of a false comment. No comments? It is not a good sign.
4. What information will I deliver?
Nothing is free. Many applications request access to your contacts, calendar, location, or mobile device number. Be sure to talk to your children to pause and consider each question that is made, no matter how excited they are about the application.
5. The application explains the permissions that I am giving?
Read the section of the application permissions is not the priority in our list of fun, but you can repent for not doing so. Often, we give to a different application information so that the Exchange should be evaluated.
Was Your Mobile Device Invaded ?
A signal that your mobile device has been infected with malware is that it can send texts or emails at random unless you have done it. Some malicious programs will spend your battery, will transfer your data to a third party, or will make your mobile device bill rise exorbitantly.
You can also see applications on your mobile device that you did not download. If malware program can uninstall your applications, it may even be necessary to restore the settings of the mobile device completely.
