Over a year ago there was a lot of concern about this piece of malware that had not only a flashy, user-friendly interface, but also the ability to monitor audio and video on Android devices. Even worse, it was able to slip past the automated checking used by Google at the time. Technically, it was really a software toolkit to make it easier to package malware APKs and then do malicious things with them.
At long last, Morgan Culbertson was arrested last month after being charged with creating the software. Tuesday, Culbertson pleaded guilty in federal court, telling the judge "I committed the crime" when asked why he was entering the plea. Read More
In their latest testing releases, Mozilla has launched two ambitious efforts to improve upon two areas where Firefox seeks to set itself apart: privacy and security.
To address privacy, they have changed the way their "private browsing mode," which is akin to incognito on Chrome, protects users. Rather than keep your info away from other people using your computer, which is more or less the intent of the feature, new versions of Firefox will also try to keep you more anonymous to web-based trackers.
In addition to not saving history, the previously-hidden Tracking Protection feature is enabled by default when private browsing. Read More
That information included her home address and zip code, phone number, and email address. After the lawsuit was filed, Google began limiting the data shared with developers. Read More
The Guardian Project, the group behind previous efforts to bring Tor and other privacy-preserving software to Android, is working on a Tor-friendly browser built on the desktop equivalent's codebase. This app, named Orfox, will replace its WebView-based predecessor Orweb.
Just like Orweb, Orfox will require the companion app Orbot to connect to Tor. Orfox sets itself apart by being a fully-featured standalone browser, with the basic trappings even privacy-conscious users would come to expect like bookmarks and tabbed browsing.
Why Orfox? Well, the Tor Browser Bundle for desktop users is built on Firefox 38.0 ESR. The Guardian Project, who is already accustomed to collaborations with The Tor Project, made the few necessary modifications to the desktop version's code to make it suitable for Android. Read More
Google's initiative to put privacy and security back into the hands of users through a revised permission system has received generally positive responses. It's no secret that this approach closely matches the way iOS prompts users for access to things like the contacts or location. Aside from the possibility that permission requests could become annoying with too much frequency, this has proven to be a pretty effective approach. However, since the announcement, one sticking point seems to have emerged around access to the Internet. As it turns out, users will never be asked to grant access to the outside world, and it's not even possible to revoke it, even if they wanted to. Read More
As Googler Andy Bohm notes on G+, Google's Privacy team didn't appear on stage during the I/O keynote this year, but that doesn't mean the team didn't have anything awesome to talk about. Specifically, Google has launched a revitalized account management interface. The new My Account page injects privacy and security settings with simple navigation, easily understood explanations, and tons of awesome illustrations to walk users through checking, changing, and otherwise managing their account/privacy settings.
Chances are your Google account has a lot of information about you, and managing that information is important, so it's nice to see continued efforts from Google to make that process easier to understand and execute (Google's privacy checkup took me <60 seconds before finishing this post). Read More
As we expected, Android M will have a revamped permission system. No longer will apps ask for a bunch of permissions at installation time. Instead, apps will ask for important permissions the first time they need them. You can also change permission settings via an AppOps-like interface.
In the latest update on NSA documents leaked by Edward Snowden, The Intercept is reporting on the surveillance establishment's efforts to use the Google Play Store to distribute spyware. Another fun fact from the data dump is that these agencies found and exploited a security hole in the ultra-popular UC Browser for years until an activist group informed its developers about it just about a month ago.
The information comes from a set of slides distributed to agency specialists in 2012 discussing plans for the use of mobile devices in surveillance. These initiatives were a cooperative between the so-called "Five Eyes" countries: USA, UK, Canada, Australia, and New Zealand. Read More
BitTorrent brought an alpha version of its Bleep private messaging client to Android last year, and today it's officially launching on all major platforms including Android. Bleep doesn't require an account to sign up and all your messages are encrypted with local keys so no one else can access your data.
The Galaxy S6 is the hottest Android phone on the market right now, but it's not perfect. Some owners of this device have started reporting a bug that prevents them from dismissing a Samsung terms and conditions popup. Oh, it goes away at first, but then it takes over the screen again several minutes later.