Android malware isn't as big of a concern as some mainstream media reports would have you believe, but it is enough of an issue that Google started beefing up its security a few years ago. There's the "Bouncer" server-side scanning that checks apps before they go live, and your device runs app verification as new packages are installed. Now Google is about to patch a hole in the local app scanning by making it run continuously.
Samsung has announced a slew of improvements to its KNOX enterprise security product at this year's Mobile World Congress. For starters, users can now manage two separate secure containers per device, ideal for consultants with multiple clients or people who just want to better separate work data from personal files.
The total list of changes goes much deeper.
- Two separate secure containers per device, for example, for consultants who work for several companies or doctors who work for several clinics.
Remember Piper, the crowdfunded home automation tool we featured almost half a year ago? Well the campaign is over and the gadget is on sale now. Once you get yours in the mail, you'll need to set it up and start using it, which is where the official Android app comes in. Piper Mobile is a free download, compatible with all Android devices running Gingerbread or later.
Piper is a little gadget that combines a wide-angle webcam and microphone with a Z-wave controller.
An international mega-corp like Google buys companies like the rest of us buy coffee. Google's latest latte is SlickLogin, a startup that aims to make authentication simpler and safer by using sonic login codes on phones. The details of the purchase aren't public just yet, but SlickLogin's site confirms that "the [team] is joining Google."
SlickLogin's system is unique: it uses a cell phone as an authentication key with the help of nearly-silent audio codes sent via computer speakers.
Much of the commerce that takes place on the web goes through PayPal, so if you're accessing the service from a mobile device, you should take extra precautions to secure your account. With the latest version, you can now link your phone to your account so that the service can better verify that you are indeed the person trying to access it. The app has a new SMS permission that is necessary to link up your number.
This contest is now over.
The final results are listed below. If you've won, you will be contacted in the near future. Congratulations!
Any decent bank heist movie always has one common hurdle for the would-be thieves: a regularly changing access code to the vault, and only one person knows what it is.
Described by the Wall Street Journal as "a vulnerability that could allow malicious software to track emails and record data communications," a potential vulnerability in Samsung's Knox platform was discovered in late December by researchers at Israel's Ben-Gurion University. The researchers said the vulnerability would allow those with malicious intent to "easily intercept" secure data from Knox users. Samsung's initial response was that the problem may be less serious than researchers implied, and that it would investigate the situation thoroughly.
Even casual observers of the Android ecosystem know that piracy is a big issue for developers. But if a report from mobile security company Arxan is to be believed, app piracy and "hacking" is incredibly prevalent, or at least prevalent enough that most of the popular apps are available in a pirated or cracked form. According to the company's "State of Security in the App Economy" report for 2013 (PDF link), the top 100 paid Android apps have been "hacked."
We used "cracked" in the headline because Arxan doesn't mention the purpose behind these hacks, so we're assuming that in most cases they're free, pirated versions of paid apps.
You probably see that "Display images below" button in Gmail all the time on both mobile and desktop. This is the default behavior because it makes it harder for spammers and advertisers to track you. However, Google says it has prepared a workaround that mitigates the security concern and will allow it to show those images by default.
The CyanogenMod team has been working on a secure messaging component for the popular ROM in recent months, and the time has come for some real world testing. The new encrypted WhisperPush messaging system is being rolled out to CyanogenMod 10.2 nightlies for compatibility and server load testing. If all goes as planned, it will reach the CM11 branch soon.
CyanogenMod's secure messaging is an implementation of TextSecure, a cross-platform encrypted SMS platform maintained by Open WhisperSystems.