PETALING JAYA: A tech blogger has rubbished claims that the Prey application is malware, saying that it is a "perfectly legitimate" anti-theft software.
Keith Rozario said that Prey belongs to a category of apps called Mobile-device-Management (MDM) that is typically deployed on corporate devices like smartphones to allow the corporation to control them.
"When you get a corporate iPhone, the phone still belongs to the company even though you're using it. In order to protect the device from an employee or a malicious actor, or even just a disgruntled staff, they typically install an MDM on their devices to do 'things'.
"Things like remotely wipe the device, or disconnect it from the email server, or just prevent jailbreaking. So that if the device is lost, or the employee fired, the corp can protect the data on its intranet," he said in a series of tweets.
He was commenting on reports that the PKR polls at the Julau polling station in Sarawak was suspended because of so-called cyber attacks.
The party's central election committee (JPP) chief Datuk Rashid Din said 10 tablets used for e-voting at the polling station were found to have been "compromised" with the Prey anti-theft software.
Rozario, however, said the presence of Prey on a device is not a sign of a "cyber attack".
"The first question is, how was the app installed? If the elections were so sacred, why were the Android tablets not locked down to begin with," said Rozario.
He also asked if the tablets were integral to the elections, why did they not have an MDM of their own as it would have locked down the tablets, or at least provided a way to detect the installation of unauthorised apps.
He also questioned why iPads were not chosen, as it was much harder to attack an application on iOS.
"Previously the PKR central committee gave assurances that the e-voting wouldn't be 'easily' manipulated. Installing an app on a tablet is pretty easy.
"On what basis was the security of the tablets and overall e-voting system assessed? Who assessed it? And who operates it? Who wrote it? Where's the source code ? So many questions," said Rozario.
He said that PKR should have locked down the device for further forensic analysis instead of deleting the app.
"Aren't we the least bit curious who installed this app and launched the 'cyber' attack? Deleting the app is the equivalent of contaminating a crime scene," he claimed.
Rozario also asked about the back-end systems and whether the servers have "malicious" apps as well.
"I'm not a PKR member, but as an IT practitioner I wouldn't be convinced of the results of such setup. Neither should you," he said.
Rozario created the website sayakenahack.com in November last year to help the public verify if they were part of a data breach that affected some 46.2 million mobile phone subscribers. The website was later taken down.