Trustlook introduces Sentinel 2.0!

Trustlook is pleased to announce SECUREai Sentinel 2.0, a next-generation security engine that provides privacy protection for Android powered devices. This latest release is the culmination of more than two years of engineering and testing, and encompasses a product with the highest performance and lowest device impact possible.

For Device Makers and End Users
SECUREai Sentinel 2.0 offers powerful privacy features for both Android device makers and end users. Some features include:

  • Real-time detection of malicious behaviors
  • For end users, the ability to know who or what is accessing their privacy information, and a way to deny or approve access
  • For device makers, a premium security feature and quick way for end-users to identify privacy problems, helping device makers comply with GDPR
  • 16 detection points, including detection of the following malicious phone behaviors:
    • Sending SMS when screen is locked
    • Recording audio when screen is locked
    • Accessing device contacts/phone numbers in the background
  • Multi-category privacy coverage for Contacts / SMS / Call Logs / Camera / Microphone / Location / Screen / Telephone Number / Device Account / IP Address / Calendar / Cookies / Clipboard / RFID
  • Based on the latest Android version: 8.1
  • Small 0.2% average performance impact
  • Privacy access logs and analysis reports to identify data leaks
  • Quick implementation and rapid deployment

Alert Options
SECUREai Sentinel 2.0 can be customized to deliver various types of notifications and alerts. For example, the message on the left below is a simple alert stating that audio is being recorded in the background. However, the message on the right adds functionality by giving the user 30 seconds to either approve or deny the behavior.

                  Basic Alert                                               Advanced Alert
2018-05-29_1740                Screenshot_20180601-110138

Below is an Advanced Alert that gives the user 30 seconds to approve or deny the sending of an SMS message.
Screenshot_20180601-105418

Robust Settings
SECUREai Sentinel 2.0 offers end users complete control over their privacy settings. Users can select which behavior categories to have monitored (such as their microphone or location), whether or not to screen System apps, and even the option to have no privacy protection at all.

Screenshot_20180601-113804         Screenshot_20180601-113741        Screenshot_20180601-113748

Need Help with GDPR (General Data Protection Regulation)?
GDPR is everywhere these days. Companies are racing to comply with the new law that went into effect on May 25, 2018. At its core, GDPR is a new set of rules designed to give EU citizens more control over their personal data.

Under the terms of GDPR, not only will organizations have to ensure that personal data is gathered legally and under strict conditions, but those who collect and manage it will be obliged to protect it from misuse and exploitation, as well as to respect the rights of data owners – or face penalties for not doing so.

SECUREai Sentinel 2.0 can help Android device makers comply with GDPR. How? One of the major changes GDPR will bring is providing consumers with a right to know when their data has been leaked or hacked. SECUREai Sentinel 2.0 displays which apps on a device have access to personal information. For instance, a user might have 10 apps on his or her phone. Seven of the 10 apps, such as banking or payment apps, might have access to personal information. Therefore, device makers will be providing more transparency into how a user’s data is accessed, and, in the event of a breach, a user can quickly understand if their data might be exposed.

Implementation
SECUREai Sentinel 2.0 is implemented via a custom ROM and an SDK. The diagram below shows how the SDK interacts with the custom ROM and the Trustlook Cloud Service.

2018-05-29_1730

Dashboard
The information that is collected from SECUREai Sentinel 2.0 is displayed on a custom dashboard. The dashboard provides real-time information of the behaviors detected, the riskiest apps, and much more.

Below is a running log of behaviors that have been detected by SECUREai Sentinel 2.0.
2018-06-01_1413

Below is a list of the riskiest apps, as detected by SECUREai Sentinel 2.0.
2018-06-01_1414

Summary
SECUREai Sentinel 2.0 is a game changer for privacy protection on the Android platform. Device makers and end users both benefit from the vast features and capabilities of the platform. To learn more about SECUREai Sentinel 2.0, or to schedule a demo, please contact bd@trustlook.com.

ZTE Suspected of Espionage in 2016

Are you concerned with the Trump administration lifting sanctions on Chinese telecommunications giant ZTE? In 2016, ZTE was one of 43 companies that cybersecurity company Trustlook identified as possibly engaging in espionage due to ZTE’s work with ADUPS, a firmware-over-the-air (FOTA) company discovered by Kryptowire to be collecting private user information without consent.

The New York Times reported up to 700 million devices may contain the ADUPS software. Trustlook researchers conducted additional investigation and identified 43 phone manufacturers, including ZTE, that utilized the ADUPS’ Firmware-Over-The-Air (FOTA), and whose users might possibly be impacted by this incident. Trustlook also published an infographic with additional details on ADUPS.

The manufacturers with devices that contain ADUPS technology (which may or may not be impacted by the data theft) are as follows:
Aaron Electronics
Aeon Mobile
All Win Tech
Amoi Technology
Archos
AUX
Bird
BLU
Cellon
Coship Mobile
DEWAV Communication Group
DEXP Digital Experience
Eastaeon Technology
Electronic Technology Co.
Gionee
GOSO
Hisense
Hongyu
Huaqin
Huiye
Inventec Corporation
Konka Group Co
Lenovo
Logicom
Longcheer
Malata Mobile
Mediatek Helio
Prestigio
Ragentek
RDA Micro
Reallytek
RUIO
Sanmu
Sprocomm
Tinno
Uniscope
VSUN
Water World Technology Co.
Wind Communication
WingTech
Yifang Digital
Zhuhai Quanzhi
ZTE