John McAfee has had enough of excessive app permissions – introduces Cognizant

John McAfee, U.S. anti-virus software guru, speaks on a mobile phone during a news conference outside the Supreme Court of Justice in Guatemala CityNow that the long running war with Intel is behind him, John McAfee feels like the best thing about it all is that he can finally put his name behind a security product again.

The first of his projects is about to come together in a new product that launches on March 1st.  The product is called Cognizant, a free to download app for Android mobile phones and tablets.  It protects those devices by empowering the user to be fully aware of all the permissions that applications have been granted on a device, knowingly or not.

Think of it as a mobile applications audit.  It’s a problem that has lacked an answer for a long time and that’s a campaign that McAfee has been on for some time – we are walking around with powerful portable computers in our pockets and trusting these applications to do the things they do is bad news.

In a non-descript Montreal office building, McAfee demonstrated how one popular chat application in particular had by default been granted what can only be described as excessive permissions.  The application has access to things like:  all call history, contacts, GPS, camera access, the ability to silently make calls and even turn off notifications of these activities to the user.   I install the app on my own phone to see this and sure enough, it’s pretty shocking.   If you think about it, if one were to describe a program that did all of these things on a PC, it could be called malware.  McAfee states that there are thousands upon thousands of apps out there doing the exact same thing, taking more permissions than are clearly necessary or that you may be comfortable with.

Security, Privacy, Freedom, there’s more that you can do

Privacy watchdogs have long advised the public to be aware of the applications they are installing, be careful with the permissions they request, and be sure you trust the source where they are being gathered from.  Many take this advice to heart, but as it turns out, that’s just not enough and it’s just not reasonably possible for the average phone user to routinely be on top of.  Before long permissions increasingly creep as applications update with new features, app updating begins to happen in the background and people stop paying attention altogether over time; as they switch phones and install apps throughout their digital lives from all over the place.    That’s the cold hard truth and as McAfee and others pointed out in our cybersecurity prediction series over the last few weeks, the human factor will always be the weakest link in any security system.  We’re letting these applications do what they want without giving it all full thought.  After all installing apps is quite easy, tap a few buttons and we trade a place on our devices for whatever functionality that app is selling, but that is increasingly not working out to be a fair trade.  The results could mean a loss of privacy, loss of control of your device or possibly a loss of information that you don’t want to happen.

“When it comes to these portable computing devices, we have these great big steel doors protecting a paper house, that’s why we’ve launched this product.  Endpoint protection, anti-virus, anti-malware, even encryption – all of those mean nothing if you have voluntarily given these applications access to everything”

Control your smartphone, know your apps

Cognizant by John McAfee

Cognizant by John McAfee

Cognizant is aiming to put that control back in people’s hands.  The app functions on the same kernel that is the core of McAfee’s future product D-Central.  D- Central of course is the product that was famously proclaimed as an anti-NSA device for the masses, designed to thwart rampant data collection by decentralizing the connective nature of your client device.   That hardware-based product is still forthcoming scheduled for now for later in the year.  Cognizant is but one piece of the full-on suite that McAfee is building because he sees the threat as far more than addressing these over-reaching apps, there are other threats to privacy and security out there that include the NSA.

 

“Info collection is everywhere and people have just assumed that all these apps are on the up and up – that’s a big problem.  When you ask yourself what a chat app is doing with built-in capabilities to silently make calls and put out other information, it’s a pretty dire picture.  It’s all about taking information, accessing your location, your camera and we’re losing our privacy.  There are many companies doing this, but that’s not the only threat, we’ve talked about the NSA but many governments are doing this as well.  There are persistent rumors and documented concerns about how much information is leaking to countries like China and Russia.  It would be surprising if they weren’t taking data at will at the highest levels possible right now, so why would it be any different for these applications.  There are also cybercriminals out there that live off of information they gather, it’s a big target.  When I launched McAfee Associates 27 years ago, the world of PC security was basically the Wild West and no one was really aware of the threat and the very real dangers we still deal with today.  We are in that exact same spot again.”

The timing of this is rather interesting as people are still reacting to news barely over a week old that had the NSA and GCHQ mining the popular phone apps that were leaking information, such as the incredibly successful and widespread game app Angry Birds.  The agencies have put systems in place to collect this commercial data that was freely given up by the applications.  ‘Leaky’ apps translates on one level to outbound information that is granted by permission apps – a perfect use case scenario for Cognizant it would seem.

McAfee 2.0 – ReLaunch

McAfee 1989

McAfee has done this before – bootstrapping a business that was ultimately acquired for over $7.6 billion.  One thing that is clearly different today is how McAfee is launching a company this time around.  Settled into Montreal, his operation is a global network of conference calls and virtual meetings that is heavily focused right now up to the launch with developers and engineers.  As if the fact that the first product is destined to be a Google Play app weren’t enough evidence, McAfee has picked up the framework of the modern startup quickly and he sees great things for this new venture ahead.   As Cognizant launches and the complete suite of Future Tense products are developed, there will be plenty of attention in this age of privacy concerns.

McAfee Takes To The Crowd – CrowdChat 

John McAfee is scheduled to sit down live on CrowdChat (startup in public beta preview) to take your questions and talk about Cognizant.  https://www.crowdchat.net/McAfee

February 14, 2014 at 3pm EST.

crowdchat

Feature Photo: © STRINGER/Reuters/Corbis

Sign up for invitation for CrowdChat beta preview – beta invite link

 

About John Casaretto

SiliconANGLE's CyberSecurity Editor - Have a story tip or feedback? Please reach out to me! Security is as critical as ever and our mission is to uncover those stories that will help our industry be more secure.