Not long after British Prime Minister David Cameron did the same, President Obama said Friday that he opposes encryption methods that are inaccessible to law enforcement. Rather naively, he advocated that the technology should still exist, but with methods of access for approved entities like police and preferred spy agencies. This is his first clear issue stance on the matter, though it is not necessarily out of step with his previous actions and statements.
Reddit user Ponkers posted an interesting find to /r/Android today, pointing out a significant privacy hole in Skype that essentially allows users to force an Android device to answer a call, making eavesdropping nearly effortless.
Ponkers drew a diagram below, which I feel compelled to include based on its artistic merits, but here's the gist of how the process works.
Assume you have three devices, device 1, device 2, and device 3.
Who better to learn encryption from than the people who have actively tried to build vulnerabilities into encryption? Nobody, says the GCHQ, the British NSA equivalent that has released a free Android app called Cryptoy to teach children the basics of encryption. The app, designed for tablets, focuses on four basic techniques and allows users to create encrypted messages for sharing to friends to decode.
Writing for Android Police from my home office in Virginia, it's not every day that I get to report on something somewhat close to home. But here it is. A Virginia Circuit Court judge has ruled that while police officers cannot compel a person to give up their passcode, they can demand someone use their fingerprint to unlock their phone.
Judge Steven C. Frucci made the ruling this week, saying that giving a police officer your fingerprint is similar to providing a DNA or handwriting sample, something the law permits.
There's a certain permanence to most instant messaging apps. The second you hit send, that's it, the message is out of your hands. You better hope you sent it to the right contact, fixed those embarrassing typos, or spelled their name correctly. Unless you're using the latest version of BBM, in which case you can call take backsies.
Now when you send a message by mistake, you can simply tap the retract button.
Handing over your phone to a friend or acquaintance who "just needs to make a call" can be a little nerve-wracking. Sure, this person probably won't poke around in your email or secretly send your private pictures to their Dropbox account, but you would feel better if you could be certain. Lollipop has just the feature to keep your phone secure in the hands of your friends: Screen Pinning. Now you can lock a single app into the foreground, and nobody will be able to sneak a peek at your web history.
Say it with me now: piracy is bad. There are ways to get free copies of just about everything online, but even setting aside the legal and moral aspects of it, doing so can come with the risk of infecting your computer with something icky or falling victim to a phishing attempt. People who know their way around the woods will continue to be able to take advantage of things, but Google's working on reducing the likelihood that the average user will end up in a place they don't want to be.
At the Google I/O 2014 keynote, Sundar Pichai took to the stage to let us know that the L release of Android is set to make massive improvements in security for the enterprise as well as regular users. The Washington Post has received word from Google that gives us another glimpse of what we should expect in the next version. It seems that devices shipping with Android L will have disk encryption enabled by default.