- Open Access
- Total Downloads : 12
- Authors : Parul Garg, Mahesh Kumar, Neetu Sharma
- Paper ID : IJERTCONV3IS10018
- Volume & Issue : NCETEMS – 2015 (Volume 3 – Issue 10)
- Published (First Online): 24-04-2018
- ISSN (Online) : 2278-0181
- Publisher Name : IJERT
- License: This work is licensed under a Creative Commons Attribution 4.0 International License
Social Messaging Applications: A Threat to One’s Privacy
Parul Garg1, Mahesh Kumar2 , Neetu Sharma3 1,2,3Department of Computer Science &Engineering, Ganga Institute of Technology and Management, Kablana, Jhajjar, Haryana, India
Abstract We are currently living in the so-called technology age which can be described as an era where most of the activities are mainly based on technology. Technology has given birth to social networking. Social networking is communication of one person with another person in a virtual social space using a computer or mobile. However, this advancement in technology has also raised the concerns over misuse of these machines by anti-social elements and it becomes essential for the security agencies to remain ahead with regularly update about the tools and techniques available to identify and investigate a crime done with the help of Mobile/Computer. Social media gives humans instant connection to communicate with others. Technology has taken over almost every aspect of our lives – be it personal, social or professional.
Keywords Computer forensic, Types of Computer Forensic Technologies, Military Computer Forensic Technology, Scope of Research in Computer Forensic, Computer Forensic Covers, tools used in Forensic System.
Definition of Privacy :
Privacy can be defined as an individual condition of life characterized by exclusion from publicity. The concept follows from the right to be left alone. The right to privacy is protected under private law. Privacy is an important right because it is a necessary condition for other rights such as freedom and personal autonomy. There is thus a relationship between privacy, freedom and human dignity. Respecting a person's privacy is to acknowledge such a person's right to freedom and to recognize that individual as an autonomous human being.
Social networking service:
Social software applications, also known as social apps, include communication tools and interactive tools often based on the Internet. Communication tools typically handle the capturing, storing and presentation of communication, usually written but increasingly including audio and video as well. Interactive tools handle mediated interactions between a pair or group of users. They focus on establishing and maintaining a connection among users, facilitating the mechanics of conversation and talk.
A social networking service is a platform to build social networks or social relations among people who, for example,
share interests, activities, backgrounds, or real-life connections. A social network service consists of a representation of each user (often a profile), his/her social links, and a variety of additional services. Most social network services are web-based and provide means for users to interact over the Internet, such as e-mail and instant messaging. Online community services are sometimes considered as a social network service, though in a broader sense, social network service usually means an individual- centered service whereas online community services are group-centered. Social networking sites allow users to share ideas, pictures, posts, activities, events, and interests with people in their network.
Social mobile applications Take many social forms depending on a particular application. Many social networking mobile applications take the form of self managed social network allowing end users to create personal connection directly while other supports community based groups with aligned interests. Some of these mobile applications are WhatsApp, WeChat, Line, ChatOn, Hike, Viber, IMO, SnapChat, BBM, Hangouts, etc.
How these Applications made?
1). Mobile operating system: A mobile operating system, also referred to as mobile OS, is an operating system that operates a Smartphone, tablet, or other mobile device. operating systems combine the features of a personal computer operating system with other features, including a touch screen, cellular, Bluetooth, Wi-Fi, GPS mobile navigation, camera, video camera, speech recognition, voice recorder, music player, near field communication and infrared blaster.
Mobile devices with mobile communications capabilities (e.g. Smartphone) contain two mobile operating systems – the main user-facing software platform is supplemented by a second low-level proprietary real-time operating system which operates the radio and other hardware. Research has shown that these low- level systems may contain a range of security vulnerabilities permitting malicious base to gain high levels of control over the mobile device.
Common Software Platforms
Android : Android is from Google Inc. Most of the Android is free and open source, but large amount of software on Android devices (such as such as Play Store, Google Search, Google Play Services, Google Music, and so on) are proprietary and licensed. Android's releases prior to
2.0 (1.0, 1.5, 1.6) were used exclusively on mobile phones. Most Android phones and some Android tablets, now use a
2.x release. Android 3.0 was a tablet-oriented release and does not officially run on mobile phones.
Blackberry: It is closed source and proprietary. BlackBerry 10 (previously BlackBerry BBX) was the next generation platform for BlackBerry Smartphones and tablets. One OS was planned for both Blackberry Smartphones and tablets going forward.
iOS: iOS is from Apple Inc. It is closed source and proprietary and built on open source Darwin core OS. The Apple iPhone, iPod Touch, iPad and second- generation Apple TV all use an operating system called iOS, which is derived from Mac OS X. Currently all iOS devices are developed by Apple and manufactured byFoxconn or another of Apple's partners.
Windows Phone: Windows Phone is from Microsoft. It is closed source and proprietary. The mobile OS includes a completely new over-hauled UI inspired by Microsoft's "Metro Design Language". It includes full integration of Microsoft services such as Microsoft Skydive and Office, Xbox Music, Xbox Video, Xbox Livegames and Bing, but also integrates with many other non-Microsoft services such as Facebook and Google accounts.
Lets look at how a mobile application is made from Android Operating System!
What is Android? :
Android specifically refers to a mobile operating system (based on Linux) that is developed by Google. It is open- source software, meaning that anyone can download the source code and use or modify it. Hardware manufacturers often take the base Android code and then add their own proprietary software features to it to run on their own phones. The Android operating system features software components like live wallpapers and widgets, a powerful notification tray to help you keep track of important updates, voice typing, and seamless app integration, which allows users to easily share information via social networking apps or other forms of communication, like NFC.
What languages can I use to write apps for Android?: Android apps are typically written in a programming language called Java. Java is immensely popular, and as an object-oriented language. Google also provides a Native Development Kit (NDK) that allows developers to write important parts of their apps with native languages like C or
Step1: Java Basics for Android Development
Programming languages, like regular languages, are different ways to cmmunicate to a computer how you want it to act. Programming languages allow us to instruct a computer step- by-step how to manipulate data, collect input from users, and display things on a screen, among other things. Java is a statically-typed, object-oriented language. Lets break this down:
1.Statically-typed Programming at its core is really about working with data. Pieces of data are stored as variables, which are basically containers that hold data. Statically-typed languages like Java require us to declare what type of data each variable (or container) will hold..
2.Object-oriented An object-oriented language is one that is built around the concept of objects. In the physical world, take a look around the room and think of each thing as an object.
Step2: Android Setup and the new Project (application to be developed): We uses the Integrated Development Environment (IDE) for Android development, and we'll create a project application. The first time you run an app on the emulator, you will be prompted to select "Yes" or "No" to "Auto Monitor Logcat". Either is fine; just leave "Yes" selected and click OK.
Step3: Initial Layout: Now that we have a project for our application, we'll start by adding a label and a button to the screen layout using a drag-and-drop editor inside Eclipse. On Mountain Lion, you are unable to edit certain properties in the Properties view, like Text Size for the TextView. The workaround is to right-click on the TextView and select Edit TextSize.
Step4: Specifying Features of the App: Features here will specify how we want our application to work and the main functionality of the Messaging application.
Front-end: The "front" or user-facing part of a system that users see and interact with.
Back-end: The "back" or behind-the-scenes part of an app where work is done, data is stored, etc., but in a way that the user cannot see or directly interact with.
Step5: Building a Simple User Interface: The graphical user interface for an Android app is built using a hierarchy of View and ViewGroup objects. View objects are usually UI widgets such as buttons or text fields and ViewGroup objects are invisible view containers that define how the child views are laid out, such as in a grid or a vertical list. Android provides an XML vocabulary that corresponds to the subclasses of View and ViewGroup so you can define your UI in XML using a hierarchy of UI elements.
Step6: Introduction to Methods and Classes
Methods : A method is a section of code that we can call from elsewhere in our code, and the method will perform some action or return some kind of result that we can use. Methods are used to organize our code into reusable chunks that save us a lot of time and energy. A method is a section of code that we can call from elsewhere in our code, and the method will perform some action or return some kind of result that we can use.
Classes and Objects: Java code is typically organized into classes and packages. Classes contain pieces of data (member variables) and methods. Packages are simply groups of related classes.
Step7: Accessing views in codes: : Java code in the MainActivity class that declares a TextView and then gets it from the XML layout file we already edited.
Step8: Adding an OnClickListener to a Button: This is common in Android; listeners like this sit patiently in the background and "listen" for something to happen so they can run some code when the action occurs.
How Does the MESSAGING APPLICATIONS Work?
Messaging Application is an alternative to any Smartphones built-in SMS application. Instead of using your cellular network to send SMS messages to your contacts, it uses the Internet to connect you to anyone whose phone number is registered in your phones address book. You can use these applications for texting, multimedia messages, voice messages and group chats. Because the app uses the Internet, you wont incur international charges when messaging other countries.
Your Phone Book
After installed the Messaging application, the app scans your phone for all of the phone numbers of your contacts and checks the numbers against its massive database. Anyone who uses the application is automatically added to your applications contact list. You cant add or remove contacts manually; Application pairs with your phones contact list and identifies all of its users by phone numbers.
Messaging Application doesnt use traditional cellular networks to send SMS messages between you and your
contacts. Whereas your phone will send SMS on the same airwaves that you make voice calls, Messaging Application uses 3G, 4G, LTE or Wi-Fi Internet connections to send messages. For the application to work, you have to have a valid Internet connection on your phone.
On a cell phone, you need an active 3G or 4G connection to send photos, audio or video through the phones messaging service. With Messaging Application, you can always send multimedia messages because the application is always connected to the Internet. It integrates with your phones photo gallery and camera too, enabling you to select photos to send to your contacts or to capture a photo.
Messaging Application integrates with your phone in more ways than by grabbing your contacts and your photos. The app is always on, like your built-in messaging service, running constantly in the background. You dont need to sign in or out of the program to have access to the application. The app captures time and date information from your phone
— instead of from the carrier, like text messages — to organize messages. If your messages are appearing with the wrong time stamp, adjust your phones settings.
Different features available in these applications which tempting users to install these types of applications:
Video Call: it allows users to make face-to-face video calls by simply press + and select video call icon under the chat window. The process is just like dialing your contact in your cell phones contact book.
Picture sharing: it is easy to share pictures among your contacts. You can also customize who can see your picture by visibility settings.
Voice Chat: voice chat feature is included in almost all the applications. It turns your Smartphone into a walkie-talkie. You can use that feature under the chat window by simply switch send message into hold to talk. When you finish a sentence, simply release the hold to talk button to send your voice chat message.
Cross-platform chatting: This is a new feature allows user to chat with friends between Smartphone and computers start cross-platform chatting.
Emoticons: Customizable emoticon is one of my favorite features in applications. Besides a huge number of emoji collections that provides, users can also add their own emoticons by simply download from Website, or choosing youre your own photo album.
Group Chat: Opening your own group chat by select the wand button start chat and then choose your friends whom you want to join in the group chat. It allows you to add 40 members at maximum in the group chat section.
Shake: Shake your phone and see who are also shaking too at the moment locally and around the world. Shake is an interesting way to discover new users and corporate accounts by just few shake of your Smartphone. It is also an awesome time killer. Just be very careful not to reveal any of your personal information to strangers.
Look Around: Look Around to see who are nearby, and send your greetings by simply one click. You can look around and have a look to see who other people are using the specified application and can send them requests.
Drift Bottle: It allows us to meet with strangers et remains a slightly sense of mystery. The only concerns are who has time to buy a bottle, write a message down, seal it, travel to bayside and then throw it in the sea. Someone from anywhere in the world will pick it! The process is anonymous for both sides unless you decide to make friends with the owner of the drift bottle.
Social Connect: through the different social messaging applications we can also connect our applications with different networking sites like facebook, twitter, or orkut etc.
Share location & Share contacts: with these applications you can share your current location with your friends different contact inside the phonebook can also be shared with these applications.
Live chat: it is also possible to do live chat with more the one person at the same time.
Security and Privacy concern for these applications (Lets take an example as whatsapp messenger):
A security hole was reported which left WhatsApp user accounts open for session hijacking and packet analysis. WhatsApp communications were not encrypted, and data was sent and received in plaintext, meaning messages were easily to be read if packet traces are available. WhatsApp released a new version of the Messenger application for iPhones, closing critical security holes that allowed forged messages to be sent and messages from any WhatsApp user to be read. An unknown hacker published a website (WhatsAppStatus.net) that made it possible to change the status of an arbitrary WhatsApp user, as long as the phone number was known. To make it work, it only required a restart of the app. According to the hacker, it is only one of the many security problems in WhatsApp. WhatsApp was pulled from the iOS App Store, and the reason was not disclosed. The app was added back to the App Store four days later.
A major privacy and security problem has been the subject of a joint Canadian-Dutch government investigation. The primary concern was that WhatsApp required users to upload their entire mobile phone's address book to WhatsApp
servers so that WhatsApp could discover who, among the users' existing contacts, is available via WhatsApp. While this is a fast and convenient way to quickly find and connect the user with contacts who are also using WhatsApp, it means that their address book was then mirrored on the WhatsApp servers, including contact information for contacts who are not using WhatsApp. This information was stored in hashed, though not salted form and without "additional" identifying information such as a name, although the stored identifying information is sufficient to identify every contact. WhatsApp uses a timestamp feature, which gives the ability to view the last time a user was logged-on (or "Last seen"), unless expressly blocked by said user. This feature is considered to be a privacy problem. While iPhone users can choose to disable this feature, Android users cannot. WhatsApp allows you to view the profile picture and current "Status" of every user, as long as that user is enlisted in Contacts.
J. CONS with these messaging applications:
DATABASE ASSOCIATED WITH APPLICATIONS: With
each messaging application there is an association of the connected database which acts as a backend with the application. So multiple activities that have been carried out by the user have been stored within this database and can be easily retrieved. So all the personal stuff that user is sending is preserved by these applications database. Your personal detail, chatting history, private pictures, videos, phonebook contacts etc are been backed up in the database and could be use as a thread. Current location sharing may be some time will get you in trouble. It may or may not be a possibility that someone may keep a check on your daily activities may put you in trouble.
Complaint Filed against SnapChat: A privacy watchdog group is going after Snapchat for deceiving users about self- destructing messages that don't actually self-destruct. The Smartphone app has become popular with young people for sending messages that a few seconds later disappear. That clever disappearing act has made the Los Angeles start-up a hit with users and some prominent investors in Silicon Valley. But it turns out that photos sent over Snapchat have a longer shelf life than people think. They don't vanish at least not entirely and can be retrieved in some cases. The Electronic Privacy Information Center has filed a complaint with the Federal Trade Commission.
Snapchat was hacked. The hack resulted in the disclosure of about 4.6 million usernames and phone numbers. There have been strong public reactions, and Snapchat was compelled to issue an immediate update to the app, which claims to have improved security measures. Forbes reported that Snapchat photos do not actually disappear, and that the images can still be retrieved with minimal technical knowledge after the time limit expires.
The Electronic Privacy Information Center consequently filed a complaint against Snapchat with the Federal Trade Commission, stating that Snapchat deceived its customers by leading them to believe that pictures are destroyed within seconds of viewing.
Another controversy surrounding the rising popularity of Snapchat in the United States relates to a phenomenon known as sexting that involves the exchange of explicit images that often contain some degree of nudity. As many Snapchat users are below the age of eighteen, a question over the technical facilitation of child pornography distribution has been raised. Snapchat's developers continue to insist that the application is not sexting-friendly and that they do not condone any kind of pornographic use.
WECHAT (a Chinese release): Being a Chinese social application, whenever you stumble upon someone or someone stumbles upon you he/she happens to be a Chinese. Rarely do we happen to meet English speaking one. Also, it also surprises you with a ping from unknown people cleverly using this app for inappropriate use and this personally doesn't work for me. But still, being a part of "look around" and "shake", it offers loads of fun for people who love to make new friends .If I have to offer one suggestion for improvement, it will be that there should exist a way to acknowledges this app as relevant to Face Book/Twitter and using them for proper use other than unknown flirting hiding their identity. Being a Chinese company all the database will be send to china, and this will be the worst situation that other country can access your data and can threaten the country by misusing it.
The primary disadvantage of many message-oriented middleware systems is that they require an extra component in the architecture, the message transfer agent (message broker). As with any system, adding another component can lead to reductions in performance and reliability, and can also make the system as a whole more difficult and expensive to maintain.
In addition, many inter-application communications have an intrinsically synchronous aspect, with the sender specifically wanting to wait for a reply to a message before continuing (see real-time computing and near-real-time for extreme cases). Because message based communication inherently functions asynchronously, it may not fit well in such situations. That said, most MOM systems have facilities to group a request and a response as a single pseudo- synchronous transaction.
Snapchat.com Site Info". Alexa, Inc. Retrieved January 20, 2015.
Snapchat and Reggie Brown Resolve Dispute". Retrieved September 11, 2014.
Cell Phones No Safer, Insurance Study Claims | Hands Free Info
Carputer – Engadget
The FLY Fusion Pentop Computer Review | Gear Diary
Tools Overview. Android Developers. July 21, 2009.
IntelliJ Android Development, Retrieved September 19, 2012.
NBAndroid Plugin. Retrieved September 19, 2012.
Westfall, Jon (August 25, 2009). "Backup & Restore Android Apps Using ADB".JonWestfall.com. Retrieved December 7, 2009.