LifeLock is a company that claims it can protect consumers from identity theft, but it found recently that its own apps might be part of the problem. The company bought Lemon Wallet late last year, gaining control of its mobile wallet apps on iOS and Android. Now those apps have been pulled from their respective app stores after concerns over the safety of data stored in them. Oops.
Google has bought Divide, a startup that secures smartphones to make them enterprise-friendly. It uses containers, a concept that should not sound unfamiliar around these parts thanks to the likes of Samsung KNOX. The approach separates a user's personal data from work-related files, effectively isolating them from one another on the same device. Google's purchase could imply a desire to tighten up Android's security out of the box and better attract the interest of enterprise customers. Read More
Google changed the policy for app refunds from 24 hours to 15 minutes a few years ago, but Android users eventually adjusted to it. There is still a less prominent way to seek a refund after the 15 minute window if you have a legitimate gripe – it's tucked away in the Play Store order history. However, at some point recently, Google changed the way these refund requests worked.
The blog iTechTriad posted this as a PSA and a potentially serious bug on April 8th, and we've spent the last several weeks digging for details, eventually confirming it as a new Google policy. Read More
The Android Device Manager might get the basics taken care of, but Cerberus goes a few steps farther. It's a powerful security suite with features like SIM locking, device alarms, remote lock, remote wipe, remote picture taking, and location tracking. It would usually cost you €2.99 (about $4) for a lifetime license, but it's free for the next day in celebration of the app's third birthday.
Cerberus has robust functionality on standard devices, but it can also take advantage of root access to move to the system partition so it persists between device resets. Read More
A new feature has snuck into the Chrome OS dev channel that, while not yet fully baked (okay, it's still mostly a block of ice), could one day allow users to unlock their Chromebooks automatically just by having their phone in close proximity. This feature is "Easy Unlock." Read More
The Internet has been abuzz over the recently discovered Heartbleed bug. If you're not already familiar, Heartbleed is a vulnerability in the OpenSSL software library that allows an attacker to steal data directly from the memory space of an application and learn the private keys used to keep data securely encrypted as it travels over the Internet. The implications of this kind of leak are certainly severe, and it has everybody rushing to either install updates that fix the bug or implement workarounds to disable it. Read More
Tumblr has rolled out a new two-factor authentication option that, once enabled, decreases the likelihood of someone breaking into your Tumblr account. Rather than just a password, you will also need to type in a key generated by your Android device. We've already seen Google, Facebook, and Twitter implement this functionality, so while it's about time, it's also better late than never.
You can enable the feature through your Tumblr settings page. Read More
Last month Facebook bought WhatsApp for way too much money, making the app's developers very wealthy individuals. This deal, theoretically, gives Facebook access to the data provided by the app's nearly half a billion users. The companies behind the social network and the instant messenger have both promised that WhatsApp will continue to operate autonomously, but this hasn't completely alleviated privacy concerns. Thus WhatsApp CEO Jan Koum has shared a blog post aimed at "setting the record straight."
In it he states:
Respect for your privacy is coded into our DNA, and we built WhatsApp around the goal of knowing as little about you as possible: You don’t have to give us your name and we don’t ask for your email address.
Android malware isn't as big of a concern as some mainstream media reports would have you believe, but it is enough of an issue that Google started beefing up its security a few years ago. There's the "Bouncer" server-side scanning that checks apps before they go live, and your device runs app verification as new packages are installed. Now Google is about to patch a hole in the local app scanning by making it run continuously. Read More