Over the weekend, Android Police received a tip about a serious privacy hole in Facebook Pages Manager for Android that made some privately uploaded photos public. Shortly after I made the details of the issue public, Facebook Security got in touch and let us know that its engineers were looking into the report and trying to get a fix up soon.
At 4:19pm PT today, I received a follow-up email from Facebook Security that confirmed a fix had been rolled out server-side, and no app update was necessary. Read More
Stop me if you've heard this one before: Facebook has a privacy hole that exposes private information to the public. And it's a serious one, this time in Facebook Pages Manager for Android, which has been installed over 5 million times since January of this year. Let me explain.
Update 5/26/13 11:30pm PT: Rory from Facebook Security has informed me that the company is looking into the issue and "will try to get a fix up soon."
Update 5/27/13 06:28pm PT: Facebook patched the issue. Read More
Owners of LG's Verizon-connected Intuition (otherwise known as the Optimus Vu) would be well-advised to avoid an update that began rolling out recently. The short version of this story is that the update is wreaking havoc on handsets –users who have already accepted the update are reporting constant app errors, an inability to connect to the Play Store, camera/gallery failure, and more. You can read users' impassioned responses to the flawed firmware here, here, and here. Read More
Just a month after releasing its new 'durable and splash-proof' Xperia Tablet S, Sony has found that some units have gaps between the screen and the aluminum case, making them particularly vulnerable to water damage.
The issue has been caused by a manufacturing flaw at the Chinese plant where the tablet is produced, and as a result, Sony has chosen to temporarily stop selling the device until the problem can be resolved. Read More
Every year, Defcon brings about some new concepts, hacks, vulnerabilities, and other digital tomfoolery. Sometimes it's all in good fun, but other times it's all too scary, which happens to be the case with a new class of Android malware that could allow for phishing attacks and pop-up ads alike.
Thanks to a design flaw in Android, there is a "feature" that allows an application to steal focus and pull itself into the foreground, bypassing the notification system entirely. Read More
Update #1: Skype is investigating the issue, we've been told.
Update #2: Skype's official first response can be found here.
The safety of our personal information is often a concern of mine - who has my email address, my phone number, my date of birth? How can I keep my private information safe while still enjoying the internet? These concerns have prompted me to take a deeper look at Android apps more than once, and often this can yield some frightening information. Read More
Adobe announced a "critical vulnerability" in the Flash 10.1 platform for all OS's, including Android, yesterday. While this is an extremely common occurrence (I use it to mark the new moon), it is a little troubling to know that Adobe's infamously-insecure plug-in could be giving evil-doers unsolicited access to Android devices running Flash.
While Adobe was not clear on exactly what malicious activity the exploit could allow on Android devices, the typical "control of a user's system" language is used when describing the implications of the problem. Read More