19
Mar
o3Rmp2

HTC Thunderbolt Bootloader Unlocked, ClockworkMod Recovery Loaded, ROM Floodgates Opened

Posted by in Development, HTC, News, Thunderbolt (Mecha)

That didn't take long. A collaborative effort between numerous Android hackers just managed to crack the Thunderbolt's bootloader wide open, successfully booting a custom recovery image. They also incidentally discovered a new root method in the process. Credit goes to jcase, jamezelle, and scotty2 (and all of andirc) for working out the details, and ProTekk and Trident for putting their shiny new Thunderbolts on the line. Here's the visual proof:

o3Rmp2 s-off22

Image credit: Trident, ProTekk

We'll keep you apprised on the situation with instructions on how to go about unlocking your own Thunderbolt as we get more information.

09
Mar
android_market

PSA: Infected "Android Market Security Tool March 2011" App Floating Around

Posted by in Applications, News

It seems evil-doers' depravity knows no bounds: we've just heard word from Symantec that an infected version of Google's Android Market Security Tool March 2011 is floating around the "black markets" - meaning it's not in the Android Market, but it is floating around the 'net in APK form. Luckily, it's not nearly as bad as DroidDream (the malware it was designed to remove), but it's malware nonetheless.

Specifically, Justin says it's closely related to (or possibly the same as) "Fake 10086" malware. Asian users seem to be getting the brunt of it, and it collects information such as IMEI, phone number, and other minor tidbits, which it then uploads to this site.

23
Feb
image

Lookout Launches Lookout Labs And Its First Android App - The Ingenious "Plan B" [Hands-On Review]

Posted by in App Reviews, Applications, News, Reviews
Last Updated: July 24th, 2011

Lookout Labs

Lookout Inc's Lookout Mobile Security app is one of the most popular and trusted security apps on the Market, and while the company is going to continue active development of its flagship product, today it is launching Lookout Labs - a separate Android Market developer account dedicated to "pushing the bounds of mobile apps."

Plan B

Introduction

The first fruit of Lookout Labs' labor is a brilliantly simple yet very useful app called Plan B. Plan B was only made possible recently, after the release of the official Android web Market. The app is designed to be the last resort for finding a lost (or maybe even stolen - more on that later) phone and getting its latest position emailed to the account associated with the Android Market.

22
Feb
image

Kaspersky Mobile Security Comes To Android

Posted by in Applications, News

Anti-virus and anti-malware products by Kaspersky Lab are known as some of the best computer protection solutions for your desktop and notebook, and today the company announced availability of Kaspersky Mobile Security for Android.

The features of Mobile Security include:

  • anti-theft protection (including SMS Find, Remote Block and Delete, and SIM Watch)
  • anti-spam protection
  • privacy protection
  • anti-virus protection and firewall

The app can be downloaded from Kaspersky's servers and isn't available directly from the Android Market. The cost is rather high - $29.95 per year, although it is still comparable to products like Lookout Premium.

Official press release follows:

Feb 22, 2011 10:36 ET Kaspersky Mobile Security Expands to Support Android and BlackBerry

WOBURN, MA--(Marketwire - February 22, 2011) - Kaspersky Lab, a leading developer of Internet security solutions that defend against computer viruses, spyware and all forms of malicious software, now offers protection and peace-of-mind for BlackBerry and Android smartphone owners, in addition to Windows Mobile and Symbian devices.

03
Feb
honeycomb-encrypt1

Honeycomb Will Come With An "Encrypt Tablet" Feature - Business Users And Spies Rejoice

Posted by in Honeycomb 3.0/3.1/3.2, News, XOOM

Earlier yesterday, Google demoed some of Honeycomb's most impressive features, however one of its best features seems to have slipped under the radar. While playing around with the Motorola XOOM, Engadget noticed an "Encrypt Tablet" option in the settings page.

honeycomb-encrypt1

At this time little is known about the encryption standard that will be used or whether the encryption process will affect the tablet's other features in any way. All that is known is that your accounts, settings, downloaded applications, media, and other files will be encrypted, and you will require a numeric PIN or password to decrypt the data. Additionally, it will take an hour (or more) to encrypt all your data.

29
Jan
image

Yet Another Android Data-Stealing Vulnerability Uncovered, Affects All Versions Of The OS

Posted by in Android OS, Gingerbread 2.3, News

Last year, we reported on a serious vulnerability in all versions of Android, found by a security researcher Thomas Cannon. It allowed a remote attacker to download files off a user's SD card upon visiting a webpage with malicious JavaScript code embedded in it. Google's response was swift, and the fix was rolled out in the public release of Gingerbread at the end of 2010.

A new report from eWeek came out today stating that another researcher, Xuxian Jiang, this time from North Carolina State University, stepped forward with a tweak to the very same vulnerability Google reportedly patched. The new method circumvents protection put in place and allows an attacker, yet again, to access a user's SD card as well as the /system directory and directories that are open for reading in the Android sandbox.

29
Nov
image

Theft Aware 2.0 – The Most Ingenious Android Security Solution With The Best Root Integration We’ve Seen To Date. Really [Hands-On Review]

Posted by in App Reviews, Applications, News, Reviews
Last Updated: July 24th, 2011

For the last 2 weeks, I've been testing a pre-release version of Theft Aware 2.0 - an app that occupies a spot in the familiar Android Security category, alongside WaveSecure, Lookout, and others. And yet, Theft Aware stands so much taller compared to them that they become small, almost invisible, dots. I could hardly contain my excitement and fascination with Theft Aware, but first, I needed to get answers to all of my questions and pass the info to all of you.

The main reason I'm fascinated with Theft Aware is its superb integration with rooted phones. The benefits of Theft Aware's elevated security features on rooted phones are so great that, in my opinion, rooting is worth it (if you've haven't done so yet) just to get the full TA experience.

23
Nov
image

New Vulnerability Affecting All Versions Of Android Allows Unauthorized Remote SD Card Access

Posted by in News

A new vulnerability that affects every Android device currently on the market was discovered and published today by Thomas Cannon, an information and security researcher. The hole in the way the Android browser treats Javascript allows a remote attacker to lure an unsuspecting victim to a malicious web page, which then downloads and executes rogue Javascript with access to the local SD card's file system. While the locations of files on the SD card needs to be known by the attacker in advance, it still represents a clear problem due to many popular applications storing data in the same location. Additionally, photo files tend to use similar naming schemes, and the attacker would be easily able to harvest some of your private pictures.

20
Sep
image

Total Equipment Coverage/Insurance For Verizon Customers Now Includes Free Mobile Recovery Software

Posted by in Applications, News, Verizon Wireless

Good news for those of you with Verizon phones and a 'Total Equipment Coverage' insurance plan. VZW have just let us know that they are partnering with Asurion to provide some useful security functions for Android owners. The free Mobile Recovery application includes the ability to remotely:

  • Sound an alarm on the phone, even when on silent
  • Locate the phone using GPS, with maps and directions to the handset
  • Lock or wipe the phone, if it is irretrievable

Sounds pretty great for a free service (if you have the qualifying insurance, obviously), and may help to soothe any envious pangs you felt following the demonstration of HTCSense.com’s new security features.

14
Sep
thumb_300_adobe-flash

Critical Security Vulnerability In Flash For Android (And Every Other OS) - In Other News: Sky Still Blue, Grass Still Green

Posted by in Applications, News

Adobe announced a "critical vulnerability" in the Flash 10.1 platform for all OS's, including Android, yesterday. While this is an extremely common occurrence (I use it to mark the new moon), it is a little troubling to know that Adobe's infamously-insecure plug-in could be giving evil-doers unsolicited access to Android devices running Flash.

While Adobe was not clear on exactly what malicious activity the exploit could allow on Android devices, the typical "control of a user's system" language is used when describing the implications of the problem. Here's Adobe's full release on the issue, which they hope to resolve by September 27th:

Security Advisory for Flash Player

Release date: September 13, 2010

Vulnerability identifier: APSA10-03

CVE number: CVE-2010-2884

Platform: All

SUMMARY

A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android.

Page 10 of 11«First...7891011