The security of our mobile apps and private data is a very serious matter. This is particularly true for high value targets like web browsers, which often store login credentials that can be used to access many of the websites we use on a regular basis. Unfortunately, browsers are also very complicated applications with an extensive set of features that are difficult to lock down completely. Sebastián Guerrero Selma of viaForensics recently posted a video demonstrating a newly discovered vulnerability in Firefox for Android which would allow hackers to access both the contents of the SD card and the browser's private data.
In an effort to keep all your passwords both safe and convenient, while also protecting your web surfing experience, Symantec has created Norton Identity Safe Beta, an app that allows users to store their login information on their computer and mobile device, while enjoying a safe browsing experience on both.
Many of you may be aware that there are several apps that perform this function already. SplashID Safe, Keeper Password & Data Vault, and others provide a very similar service, but Norton ID Safe brings a couple of key differences to the table.
A serious vulnerability that affected the way some popular HTC Android phones handle 802.1x usernames, passwords, and SSIDs was disclosed publicly today by engineers Chris Hessing and Bret Jordan. The bug allowed applications with only an ACCESS_WIFI_STATE permission to read your Wi-Fi SSIDs, usernames, and, most importantly, passwords on at least the following devices:
- Desire HD (both "ace" and "spade" board revisions) - Versions FRG83D, GRI40
- Glacier - Version FRG83
- Droid Incredible - Version FRF91
- Thunderbolt 4G - Version FRG83D
- Sensation Z710e - Version GRI40
- Sensation 4G - Version GRI40
- Desire S - Version GRI40
- EVO 3D - Version GRI40
- EVO 4G - Version GRI40
Of course, if a malicious application also happens to have access to the Internet, SMS, or other means of sending out information, credentials could leak out from a vulnerable device to a remote location.
Have you ever been in a situation where you needed to remotely access an account but couldn’t remember its password? I know that I have done so all too many times, so I started looking for a secure solution to this quandary. Although there are several good options, I chose KeePass - read on to discover how you can too.
Before we begin, there are a few things you will need:
- KeePass on your computer (I use the “Professional Edition”)
- KeePassDroid on your Android Phone
- A Dropbox Account
- Dropbox for Android
- OI File Manager (required by KeePass)
On the Desktop
The first thing that you will need to do is install Dropbox, if you haven’t already.