About these ads

Archive

Archive for the ‘Mobile’ Category

When Angry Birds eat Plankton

June 14, 2011 1 comment
Android Market

Image via Wikipedia

What happens when Angry Birds eat Plankton? Simple: they get Sick Birds, go to the Android Market and infect more devices with a bot-like malware.

The last malware inside the Android Market, dubbed Plankton, has been discovered by the same team which discovered DroidKungFu led by Xuxian Jiang, Assistant Professor at North Carolina State University. Although the brand new malware does not root the device, it has the bad habit to hide itself inside familiar apps related to the popular game Angry Birds. The suspected apps were removed on 6/5/2011, but since the malware leverages a new evasion technique which allowed it to stay in the market for more than 2 months without being detected by current mobile anti-malware software, but being downloaed more than 100.000 times.

Plankton is included in host apps by adding a background service: when the infected app runs, it will bring up the background service which collects information, including the device ID as well as the list of granted permissions to the infected app, and send them back to a remote server discovered by Sophos to be hosted in the Amazon Cloud.

The server replies with a URL that is used to download an additional JAR file with custom code that is loaded by the downloader.

Once the JAR file is downloaded, Plankton uses a technique for loading additional code from non-Market websites demonstrated by Jon Oberheide about a year ago, providing a potential attacker with a method of circumventing checks of application functionality by Google or by another Android Market provider.

The downloaded code launches another connection to the Command server and listens for commands to execute.

Although this malware does not root the phone, its approach of loading additional code does not allow security software on Android to inspect the downloaded file in the usual “on-access” fashion, but only through scheduled and “on-demand” scans. This is the reason why the malware was not discovered before.

As a consequence the pressure on Google is building on two fronts: on one side, users are demanding better security and on the other side security vendors are asking for better operating system interfaces to make security software more effective against the ever-increasing tide of Android malware.

About these ads

Sometimes They Come Back

June 6, 2011 1 comment

Not even a week after the light version of DroidDream, a new nightmare rises from the Android Market to menace the dreams of glory of the Google Mobile OS (which has just confirmed his #1 Rank on the comScore April 2011 U.S. Mobile Subscriber Market Share Report).

Curiously, also the new malware, discovered by F-Secure, and dubbed Android/DroidKungFu.A, “has its roots” on DroidDream since it uses the same exploit, rageagainstthecage, to gain root privilege and install the main malware component.

Once installed, the malware has backdoor capabilities and is able to: execute command to delete a supplied file, execute a command to open a supplied homepage, download and install a supplied APK, open a supplied URL, run or start a supplied application package.

Of course, who is familiar with Android malware may easily imagine the next step of the infection: the malware is in fact capable to obtain some information concerning the device and send them to a remote server: The collected information include: IMEI number, Build version release, SDK version, users’ mobile number, Phone model, Network Operator, Type of Net Connectivity, SD card available memory, Phone available memory.

In few words, the device is turned into a member of a botnet (without realizing it we are closer and closer to Phase 4 of Mobile Malware, consult slide 9 of my presentation for the different phases of Mobile Malware).

Guess where the malware was detected first? Of course from some parallel Markets in China, at least according to some Researchers of the North Carolina University who detected two infected applications in more than eight third-party Android app stores and forums based in China. Nothing new under this sun of June. Luckily the researchers haven’t found infected apps in non-Chinese app stores… At least so far.

As previously stated DroidKungFu takes advantages of the same vulnerabilities than DroidDream, but this time the situation seems to be much worse. As a matter of fact it looks like DroidKungFu is capable of avoiding detection by security software.

The malware makes its best with Android 2.2 and earlier, but the owners of later versions of Android are not entirely safe: the security patches severely limit DroidKungFu, but the malware is still able to collect some user data and send them to a remote site.

Again, follow basic, common-sense guidelines for smartphone security in order to mitigate the risks of infection (here you may find some useful suggestions), even because Google Wallet is at the gates and I dare not even think to the aftermaths of a malware leveraging vulnerabilities on the Secure Element

DroidDream is Back!

May 31, 2011 1 comment

There is a new nightmare on the Android Market, and again many Android devices are not going to have a good awakening.

The last security advice for the Google Mobile OS comes from Lookout, which has discovered a new variant of the infamous DroidDream, the first malware conveyed by the Official Android Market capable of infecting at the beginning  of March, according to Symantec, between 50.000 and 200.000 devices.

This time the brand new version, dubbed DroidDreamLight, was found in 26 repackaged applications from 5 different developers distributed in the Android Market. According to Lookout DroidDreamLight is no less than is “noble” predecessor, since was able to affect between 30.000 and 120.000 users.

According to Lookout, the malicious components of DroidDream Light are invoked on receipt of an android.intent.action.PHONE_STATE intent (e.g. an incoming voice call). As a consequence DroidDream Light does not depend on manual launch of the installed application to trigger its behavior.  The broadcast receiver immediately launches the <package>.lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages. It appears that the DDLight is also capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention.

The list of the infected applications (already removed from Google) is available at the original link. I must confess I could not help noticing the rich amount of “hot” applications, which confirm (unfortunately) to be a lethal weapon for carrying malware.

This event will raise again the concerns about the security policies on the Android Market, and about the apparently unstoppable evolution of the mobile threat landscape which has brought for the Android a brand new malware capable of sending data to a remote server. A further step closer to a mobile botnet even if, at least for this time, with limited capabilities of auto-installing packages,.

I will have to update my presentation, meanwhile do not forget to follow the guidelines for a correct mobile behavior:

  • Avoid “promiscuous” behaviours (perform rooting, sideloading or jaibreaking with caution, most of all in case of a device used for professional purpose);
  • Do not accept virtual candies from unkown virtual individuals, i.e. only install applications from trusted sources, always check the origin and their permissions during installation;
  • Beware of unusual behavior of the phone (DroidDream owes its name to the fact that he used to perform most of its malicious action from 11 P.M to 8 A.M.);
  • Beware of risks hidden behind social Network (see my post of yesterday on mobile phishing);
  • Use security software;
  • Keep the device updated.

If Phishing Goes Mobile…

May 30, 2011 5 comments

One of the most surprising things I noticed concerning the Lockheed Martin Affair, was the affirmation contained in the Reuters Article, made  by Rick Moy, president of NSS Labs, indicating that the initial RSA attack was followed by malware and phishing campaigns seeking specific data to link tokens to end-users (an indirect evidence of the same authors behind the infamous RSA breach and the Lockheed Martin attack.

My initial surprise only lasted few seconds, since, this year is showing us a brand new role for the phishing attacks which are more and more targeted to steal corporate sensitive data, and constitute the first level of attack for Advanced Persistent Threats.

At first sight could be quite difficult to believe that users are still tricked by old-school phishing techniques, but a deeper analysis could show in my opinion, a possible (in part psychological) explanation relying on the fact that the users themselves are still used to think to phishing as something targeted to steal personal information (often with pages crafted with gross errors), and seems to be unprepared to face the new shape of phishing which targets corporate information with cybercrime purposes and industrial methods, which definitively means to perpetrate the attack with plausible and convincing methods, and most of all leveraging arguments the user hardly doubts about (I could doubt of an E-mail from my bank asking me to provide my account and credit card number, maybe, most of all in case I am not an infosec professional, I could feel more comfortable in providing my username to a (fake) provisioning portal of my Company).

But my information security beliefs are falling one after the other, and after reading this really interesting article by Adrienne Porter Felt and David Wagner of the University of California (the marvelous LaTeX layout!)  I can only confirm that mobile devices will be next frontier of phishing.

According to this paper the risk of a success of a phishing attack on mobile devices is dramatically greater than traditional devices due to some intrinsic factors such as the smaller size of the screen, the fact that many applications embed or redirect to web pages (and vice versa some or web pages redirect to applications), the fact that mobile browsers hide the address bar, and most of all the absence of application identity indicators (read the article and discover how easily a fake native application can resemble completely a browser page) which makes very difficult to discover if a certain operation is calling a fake application on the device or it is redirecting the user to a fake application resembling a legitimate login form.

Moreover, the intrinsic factors are worsened by (as usual) the user’s behavior: as a matter of fact (but this is not a peculiarity of mobile devices), users often ignore security indicators, do not check application permissions and are more and more used to legitimate applications continuously asking for passwords with embedded login forms and. Last but not least I would add the fact that they are not still used to think to mobile applications as targets of phishing (Zitmo Docet).

Guess what are the ideal candidates for Mobile Phishing attacks? Easy to say! Facebook and Twitter since they are the most common linked applications used by developers to share their creations (the power of free viral marketing!).

Given the speed with which these devices are spreading in the enterprise (see for instance this GigaOM infographic), there is much to worry about in the near future. An interesting solution could be the operating system to support a trusted password entry mechanism. Will SpoofKiller-like trusted login mechanisms be our salvation as the authors of the paper hope?

Mobile Security: Vulnerabilities and Risks

May 24, 2011 5 comments

Today I took part as speaker to an event organized by my Company concerning Cloud and Mobile security. For this occasion I prepared some slides summarizing some concepts spread all over my blogs.

In my vision (you should know if you follow my blog) mobile vulnerabilties are mainly due to:

  • False security perception by users: they consider their device as a “simple” phone, forgetting they bring a small dual-core in their pockets;
  • “Light” behaviour from users: Sideloading, Jailbreak and Rooting are not good security practices;
  • Consumerization of Devices: well known (partially abused) concept: some mobile devices come from the consumer world and hence do not natively offer enterprise class security or suffer from intrinsic vulnerabilities:
  • Consumerization of Users: many users think they have consumer device so they think they do not deserve enterprise class security measures.

And the risks are:

  • False Security Perception leads to high probabilities of theft or loss of the device, and most of all, of its data;
  • “Light” behaviour from users dramatically increases the probability to directly install malware or surf towards insecure shores…
  • Consumerization of Devices leads to vulnerabilities that may be exploited to access and steal sensitive data or authentication credentials;
  • Consumerization of Users leads the users themselves to adopt imprper habits not appropriate for an enterprise use, which in turn make the device even more vulnerable to malware (i.e. installing non business application, lending it to others, etc.).

How to mitigate the risks?

  • Educate users to avoid “promiscuous” behaviours (no root or sideloading or jaibreak, do not accept virtual candies from unkown virtual persons);
  • At an organizational Level, define security policy for managing (un)predictable events such as device thieft or loss;
  • Beware of risks hidden behind social Network;
  • Use (strong) Data Encryption;
  • Do not forget to use security software;
  • Enforce Strong Authentication;
  • Keep the device update.

This in turn corresponds to enforce a device management policy in which mobile devices are treated like “traditional” endpoints (but they will sone become tradional endpoints).

You may find the slides on SlideShare… They are mainly in Italian but if you want, ask me and I will provide an additional translated version.

Good Reading!

Tweets Of Democracy

May 19, 2011 7 comments
Official presidential portrait of Barack Obama...

Image via Wikipedia

Today President Obama held his speech on the Middle East announcing a new strategy (and new investments) for the Middle East aimed to encourage the process of Democratization in place. I gave a look to the entire speech and noticed some assertions particularly meaningful which implicitly admit the crucial role that new technologies played in the past months (and will probably play into this kind of new Middle East Mashall Plan) as triggers (and drivers) for backing the fights for human rights.

I used the term Mobile Warfare to stress the role that (consumer) mobile technologies and social networks played in the events that changed the social and political landscape in the Mediterranean Africa and more in general in the Middle East, coming to conclusion that the impact of these new technologies is defining a new democracy model which will have to be taken seriously into consideration by all those governments which still put in place severe limitations to human rights.

So, I was definitively not surprised when I noticed this assertion on Mr. Obama’s speech:

… But the events of the past six months show us that strategies of repression and diversion won’t work anymore. Satellite television and the Internet provide a window into the wider world – a world of astonishing progress in places like India, Indonesia and Brazil. Cell phones and social networks allow young people to connect and organize like never before. A new generation has emerged. And their voices tell us that change cannot be denied…

Which implicitly admits the role of Mobile Warfare: strategies of repression and diversion will not work anymore and the weapons to fight repression are just Cell Phones and Social Networks with which young people (usually most involved in the protests) can connect and not only organize life like never before but also realize that there is a world  outside the window…  On the other hand, particularly in case of Egypt, Social Network literally played a primary role in the protest, since one of the leaders was Mr. Wael Ghonim (expressly quoted by Mr. Obama’speech), a young Google Executive.

And the freedom is not only a matter of elections but also of access to new technologies:

In fact, real reform will not come at the ballot box alone. Through our efforts we must support those basic rights to speak your mind and access information. We will support open access to the Internet, and the right of journalists to be heard – whether it’s a big news organization or a blogger. In the 21st century, information is power; the truth cannot be hidden; and the legitimacy of governments will ultimately depend on active and informed citizens.

This implies that the plan that U.S. and E.U. are going to deploy for the Middle East (a comprehensive Trade and Investment Partnership Initiative in the Middle East and North Africa) will also involve funding aimed to promote the access to new technologies for facilitating the sharing of information (and the conseguent hactivism and psyops operations), a factor which the recent events have shown to become synonym of democracy. Also because, according to Cisco predictions, if in 2010 there were 12.5 billion devices connected to the Internet, there will be 25 billion by 2015, and 50 billion by 2020, and consequently it is really hard to think that filters, blocks and any other form of (social, political and technological) repression in the Middle East will stop this tide.

Nine Months Of Living Dangerously

May 18, 2011 3 comments

The title of this post is not a subset of the famous Peter Weir’s MovieThe Year Of Living Dangerously“, featuring Mel Gibson and Sigourney Weaver, but rather refers to the dangerous months which the Android is living, from the second half of 2010 to this first half of 2011, which saw a dramatic increase in Android Malware.

I enjoyed in summarizing in a single picture the mobile malware which affected Google Mobile OS from August 2010 to the present day. As shown the results are not encouraging and seems to confirm, in a qualitative form, the 400% increase in mobile malware (in six months) recently stated by Juniper Networks: un the second half of 2011 we assisted mainly to variants of the first Trojan. In the first half of 2011 the landscape has become much more complicated with mobile malware tailored “for different needs”.

So far the threats are can be divided essentially into two categories:

  • Malware capable of stealing data, sending them to a remote C&C, which in a mobile platform may have worst consequences since it may send remote data to a C&C Server);
  • Malware capable of sending SMS to premium rate numbers without the user permission (and awareness).

In many cases the malware was downloaded by parallel markets (most of all from China and Russia), with often the pornography acting like a decoy for the unfortunates, hence showing the risks connected with sideloading, that is the practice to enable installation of applications downloaded from external markets.

Two examples were particularly meaningful: the example of Geinimi, which showed all the features of a Botnet. And the example of DroidDream which bypassed all the security control of Android Market and infected something between 50.000 and 200.000 users according to Symantec and were remotely removed by Google, thus prefiguring a new security model which remotely manages the security functions of endpoint (and everything suggests that this trend will soon spread to more traditional endpoints: just today I stumbled upon this really interesting article).

By the way… Just today, three German security researchers discovered a serious flaw on the ClientLogin Authentication Protocol affecting almost all the Android powered devices… Ok it is not a malware, but the security concerns for the Google Mobile Operating System are more relevant than ever…

If The Droid Gets The (China’s) Flu

May 14, 2011 1 comment

The thought of this night is dedicated to yet another couple of android malwares detected (as usual) in China.

It was a bit of time that the droid was not sick, however, as the change of season is often fatal to humans, so it is for the Androids which caught two new infections in few days.

On May, the 11th, it was the turn of a new Trojan embedded, once again as in the case of the notorious DroidDream (but I’d rather say that malware is becoming a nightmare for the Google Creature) in official applications inside the Android Market. All the applications were published by the same developer, Zsone, and were suddenly removed by Google.

The Trojan, which affects Chinese users, is characterized by the ability to subscribe users in China to premium rate QQ codes via SMS without their knowledge. QQ codes, used primarily in China, are a form of short code that can subscribe users to SMS update or instant message services. The malware was embedded in 10 apps by the developer named Zsone available on the Android Market and alternative markets.

Once the user starts the app on their phone, the app will silently send an SMS message to subscribe the user to a premium-rate SMS service without their authorization or knowledge. This may result in charges to the affected phone owner’s mobile accounts. Even if the threat affects Chinese Android phone owners who downloaded the app from the Android Market, the total number of downloads attributed to this app in the Android Market has appeared to be under 10,000.  All instances of the threat have been removed from the market.

On May, the 12th, it was the turn of ANDROIDOS_TCENT.A, discovered by Trend Micro. This malware, which only affects China Mobile subscribers (the state-owned service provider  considered the world’s largest mobile phone operator), arrived to users  through a link sent through SMS, whose message invited the China Mobile users to install a patch for their supposedly vulnerable devices by accessing the given link, which actually led to a malicious file (fake AV have landed on mobile devices as well).

The malware is capable to obtain certain information about the affected devices such as IMEI number, phone model, and SDK version and connects to a certain URL to request for an XML configuration file.

Two very different infections, having a common origin from China: the first example emphasizes once again the breaches into the security and reputation model of the Android Market. The second one features a well established infection model who is rapidly gaining credit (and victims) also in the mobile world: the SMS phishing. I think we will often hear speaking about in the next months.

The two malware infections came a couple of days after the Malicious Mobile Threats Report 2010/2011 issued by Juniper Networks which indicated a 400% increase in Android malware since summer 2010 and other key findings, several of which were clearly found in the above mentioned infections:

  • App Store Threats: That is the single greatest distribution point for mobile malware is application download, yet the vast majority of smartphone users are not employing an endpoint security solution on their mobile device to scan for malware;
  • Wi-Fi Threats: Mobile devices are increasingly susceptible to Wi-Fi attacks, including applications that enable an attacker to easily log into victim email and social networking applications
  • 17 percent of all reported infections were due to SMS trojans that sent SMS messages to premium rate numbers, often at irretrievable cost to the user or enterprise
  • Device Loss and Theft: according to the author of the report: 1 in 20 among the Juniper customer devices were lost or stolen, requiring locate, lock or wipe commands to be issued

Will it also be for these reasons that Smartphone security software market is expected to reach $2.99 billion by 2017? Maybe! Meanwhile I recommend to be very careful to install applications from parallel markets and in any case (since we have seen that this is not enough) to always check the application permissions during installation. Moreover, do not forget to install a security software if possible as the 23% of the droid users (among which there is me) does.

Mobile Warfare In Libya Comes True

April 14, 2011 8 comments

An interesting article from The Wall Street Journal confirmed what I have been writing in my posts since a couple of weeks: Mobile Technologies are destined to play a crucial role in modern conflicts (what I defined Mobile Warfare) and the traditional Military Corps of Engineers will necessarily have to be complemented by Corps of Network and Security Engineers dedicated to establish and maintain connectivity in war zones.

This is exactly what happened in Libya where the rebels, with the support of a Libyan-American telecom executive Ousama Abushagur and oil-rich Arab nations, were able to hijack Libyana Phone Network, the cellular network owned by one of the Colonel’s sons, to steal from Libyana a database of phone numbers, and to build from (partial) scratch a new cell network serving 2 million Libyans, renamed “Free Libyana”. This action was aimed to restore internal Cellular communications after Gaddafi shut down the country’s cellular and data networks.

The operation was led from Abu Dhabu by Ousama Abushagur, a 31-year-old Libyan telecom executive. Mr. Abushagur and two childhood friends started fund-raising on Feb. 17 to support the political protests that were emerging in Libya. During one mission to bring humanitarian aid convoys to eastern Libya, they found their cellphones jammed or out of commission, making nearly impossible planning and logistics. This was the reason why Mr.Abushagur decided to draw a plan for hijacking the Libyana Network, divert the signal and establish a new backbone free of Tripoli’s control, also with the intention to provide backing to the rebels forces which were beginning to feel the effects of the loyalist counteroffensive.

In a race against time to solve technical, engineering and legal challenges, U.A.E. and Qatar (whose officials didn’t respond to requests for comment) provided diplomatic (and economical) support to buy the telecommunications equipment needed in Benghazi. A direct support was provided also by Etilsat, Emirates Teleccomunications Corporation, which refused to comment as well). The support of the Gulf nation was necessary also because, meanwhile, it looks like that Huawei Technologies Ltd., the Chinese Company among the original contractors for Libyana’s cellular network backbone, refused to sell equipment for the rebel project, causing Mr. Abushagur and his engineers to implement a hybrid technical solution to match other companies’ hardware with the existing Libyan network.

By March 21, most of the main pieces of equipment had arrived in the U.A.E. and Mr. Abushagur shipped them to Benghazi with a team composed by three Libyan telecom engineers, four Western engineers and a team of bodyguards: the Corps of Network Engineers committed to build the new infrastructure in the war zone.

Since Col. Gaddafi’s forces were bombing the rebel capital, Mr. Abushagur diverted the Corps of Network Engineers and their equipment to an Egyptian air base on the Libyan border (another indirect show of Arab support for rebels). Once in Libya, the Corps paired with Libyana engineers and executives based in Benghazi. Together, they fused the new equipment into the existing cellphone network, creating an independent data and routing system free from Tripoli’s command. To be free from Tripoli was also a security requirement, since Col. Gaddafi had built his telecommunications infrastructure in order to route all calls (and data) through the capital in order to be easily intercepted and eavesdropped.

After implementing the network, the new Telco had to attract “customers”. A war zone is not the ideal place for advertisement, so nothing better than capturing the Tripoli-based database of phone numbers, and inserting Libyana customers and phone numbers into the new system called “Free Libyana.” The last piece of the puzzle was securing a satellite feed, through Etisalat, with which the Free Libyana calls could be routed.

An important detail: all the operation was successfully performed without the support of allied forces, the result is that rebels now can use cellphones to communicate between the front lines and opposition leaders.

If for a moment we forget that we are speaking about cellular networks, we could assimilate this event as part of a civil war operation, in which friendly countries and dissidents from abroad endeavor to provide weapons to rebels in order to turn the tide of a conflict (examples of which the history is full). In this circumstance this operation did not turn the tide of the conflict (at least so far but mobile warfare, while important, has still a smaller weight in a conflict than real warfare), nevertheless, for sure, restored mobile communications are supporting the leaders of the rebellion to better communicate among them and to better organize the resistance against the loyalists: as a matter of fact the March cutoff forced rebels to use flags to communicate on the battlefield. I will never tire of saying that the events in the Mediterranean area do (and did) not rely solely on conventional weapons but also on weapons of communications (the mobile warfare) through which rebels forces provided abroad the information necessary to witness exactly the brutal internal events and rallied international backing.

After so much theory depicted in my posts, finally the first real and meaningful example of the importance of mobile warfare in the events of Northern Africa, and that example! One single event has unleashed the importance of mobile technologies in war zone and the crucial role played by specialized teams dedicated to establish and maintain communications: the Corps of (Network and Security) Engineers.

The Thin Red Line

April 8, 2011 5 comments

There is a thin red line which links the alleged stability of the so called western world, with the instability of the middle east and it consists once again in the opposite role that mobile technologies and social network play in these two different regions of the world. In few words one might say that these technologies contribute to maintain stability (and maturity) in mature countries, and to enhance the level of liberty and awareness in immature countries.

Few posts ago, I just identified one of the reasons for the instability of the Middle East on the role played by mobile technologies and social networks in feeding the protests in Tunisia, Egypt and Syria, essentially contributing to make the younger middle-east generations aware of the discrepancies between their lease of life and that of their occidental peers, and hence acting as a wind capable of propagating at an unprecedented speed the flames of change raised from the Maghreb. In my articles I referred to the effect of these new technologies as Mobile Warfare.

If, for a moment, I turn my head to look at the West I see an opposite situation, unleashing an opposite role for Mobile Technologies and Social Network which, in this context, differently from Middle East, are contributing to maintain social stability, even in a quite complicated economic situation like is the current European situation (and the last events in Greece, Ireland and Portugal are an evident thermometer of the boiling economic situation in the Old Continent). Of course I would not mind to apply the ancient Roman motto “panem et circences” (bread and circuses), luckily for this scope, our society invented football, anyway even if we do not want to bring in football, there are two other factors which, in my opinion, play an important role for our (in)stability: the wish to catch the last tweet or, even better, the last Facebook status update, but also, for most mature generations, the continual rush to the last techno-gadget.

First of all, the rush to tweets or (most of all) status updates is something which affects primarily younger generations (even if the potential of Twitter is pretty much under evaluated in Italy) but, like it or not, it is something which must be kept under serious considerations.

Of course, there are two opposite ways to read this statement: a negative interpretation could lead to think that younger generations are too much addicted to social networks and mobile technologies to the point of neglecting most important problems, on the other hand a positive interpretation could lead to think that social network and mobile technologies allow to share news and information, making them accessible to a greater audience, in formats comprehensible by (and adapted for) different population groups and heterogeneous levels of culture, contributing to create mature citizens. Of course my scope is not to determine which of the two interpretations is the predominant, rather than to highlight, like it or not, the significant role of these media.

Something similar applies if we move to most (im)mature generations, since, also in this case, Social Networks contribute to share information and (in theory) to spread a most mature approach to Society. For this population group an additional factor is involved and it is represented by the rush to the last techno-gadgets which have become a status symbol: nowadays our iPads, iPhones, Android devices, etc. highlight the role of the individual on the society, in a certain manner as a luxury or sport car does, with the difference that the last Android or iPhone is (at least in theory) much more accessible.

If one analyzes this picture from a more global perspective, one finds that mobile technologies and social networks may be assimilated in every way to real weapons: in immature countries they may be used to fight wars for freedom versus authoritarian regimes (as happened in the near past in Maghreb and as happening in Syria or Bahrain), in the same time they may be used in mature countries by wise governments to maintain order and stability, or, unfortunately, also by subtle governments to reduce population to (psychological) servitude.

We know what it means to use “mobile warfare” to fight wars for liberty versus authoritarian regimes: just watch the news and hear the latest events coming from Libya. Very different is the case of mature countries. In these nations, using these (mobile technologies and social networks) weapons to maintain order or stability corresponds to make a wise use of them to keep citizens informed and to create a common mature awareness, using these weapons to reduce population to (psychological) servitude corresponds to use mobile warfare to distract citizens from real social problems and perform large-scale psyops operations. In theory younger population are the most vulnerable to these kind threats even if I must confess, according to my personal experience, that the use of social network is far less wise by the older age ranges that, in turn, seriously risk to be the most vulnerable to an improper use of new technologies by subtle governements.

Follow

Get every new post delivered to your Inbox.

Join 2,705 other followers