Xuxian Jiang, along with his research team at North Carolina State University, has cooked up a proof-of-concept "clickjack rootkit" which targets Android. The rootkit is unique not only in that it can function without a device restart, but also in that it targets Android's framework, not requiring deep modifications to the underlying firmware or kernel.
Clickjacking, for those unfamiliar, is a malicious technique typically used on the web to "trick" users into handing over control of their device or confidential information. Read More
We at Android Police take our mobile security pretty seriously. It's in the job description. Entering the realm of mobile security today is yet another contender on the good side of the battle: VirusTotal has released its client for Android. Prior to this, VirusTotal was a simple website where you can upload suspicious files to be scanned by a multitude of antivirus engines. Having provided this desktop OS-oriented service for several years now, VirusTotal has brought its experience and expertise to mobile. Read More
The Google Play Store's "Bouncer," which Google launched back in February to protect Android users from malicious apps, is a service that scans potential Play Store apps by running them in a virtual phone environment, where the app's activities are monitored for any signs of mal-intent.
Taking advantage of that test period, security researchers Charlie Miller and Jon Oberheide have evidently found ways past Bouncer (which they will be presenting at the Summercon conference in New York this week). Read More
Who uses WhatsApp Messenger? From The look of the Play Store listing, a damn lot of people. Considering it's so popular, it's probably a pretty secure app, right? Think again.
WhatsApp actually sends all chats in plaintext, so anyone on the same Wi-Fi network can easily pull your entire conversation - including pictures and videos - straight out of the air. And now, that process is even easier than ever thanks to a new app called WhatsAppSniffer. Read More
While not everyone who owns an Android device roots, the Android modding community is at the very heart of everything we love about our little green buddy. Security researcher Dan Rosenberg recently gave a presentation where he elaborates on root and modding methods, as well as expounding on the security implications of modding Android phones.
Rosenberg also had quite a lot to say about how carriers influence the Android landscape. Read More
Google Authenticator, an important security tool that enables 2-step verification for your Google account, has racked up over 250,000 downloads over its lifetime, which is no small feat for any app in the Play Store. However, a few days ago, that version (previously available here) all of a sudden became obsolete and was consequently silently deleted.
Its replacement, which can be found here, bears version 2 (2.15 to be exact) and offers the following changelog:
- New entry for Google Play, same great app
- Updated look and feel
- "Scan barcode" and "Manually add account" options moved to Menu > Add account.
A flurry of cloud storage apps have hit the Play Store in recent days, with COMODO Security Solutions, Bitdefender, and Genie9 all releasing official cloud solutions. Each of the new apps puts its own twist on cloud storage, offering slightly different features, so it's worth looking at each individually.
Comodo Security Solutions, a respected purveyor of desktop (and Android) security solutions, released COMODO Cloud to the Play Store just a couple of days ago, bringing a practical, thoughtful solution to those seeking an easy cloud syncing option. Read More
The Kyocera Milano - a mid-range phone released on Sprint last September - is receiving an OTA update, bringing the device's software up to version 1.006sp. The update includes several bug fixes, as well as a security patch, "changes" to the phone's roaming guard display, and Mobile Alert System capability. If the update hasn't pushed to your Milano just yet, you can manually check by hitting Settings > About Phone > System Update > Update Firmware. Read More
Avira, a "worldwide leading supplier of self-developed security solutions," has thrown its hat into the Android security ring, releasing Avira Free Android Security to the Market today. The app offers a bevy of familiar anti-theft functions, including remote lock, scream, GPS tracking, and device info monitoring, among others.
Though Avira's solution offers the old standbys as far as anti-theft functionality, the app also has a few unique touches and key features that make it worth checking out. Read More
A few months ago, Liam spent some time with 17 mobile security apps, one of which was an app called Cerberus. He came away quite impressed - so impressed, in fact, that he crowned it the winner (and, as a license is just $4, it was also crowned the best for the budget-minded).
The app is always free to download and comes with a 1 week free trial, but a lifetime license is normally $4. Read More