Android Police

Articles Tagged:

security

208 articles
...

Google Issues Official Response To Concerns Over Jelly Bean WebView Security

You might have noticed a number of recent stories (like this one) claiming Google was abandoning some huge portion of Android users rather than fixing WebView security holes. It's exactly the kind of thing that makes good clickbait. Google has now issued a statement on the security issues in Android 4.3 and earlier, basically pointing out it's not feasible to update old code forever and offering tips for avoiding potential exploits.

Read More
...

Critical Vulnerability In Verizon FiOS Mobile API Allowed Easy Access To Any User's Email Info

Verizon isn't making many friends when it comes to keeping private information private. Just two days after news broke that Verizon Wireless is collecting and in some cases selling web browsing info, its parent company has been given a black eye for insecure practices associated with the FiOS Internet service. Security researcher Randy Westergren discovered a way to access any FiOS user's Verizon email account by using the mobile API.

Read More
...

Obama Goes On Record Against Encryption, Says It Should Exist But He Should Be Able To Decrypt It

Not long after British Prime Minister David Cameron did the same, President Obama said Friday that he opposes encryption methods that are inaccessible to law enforcement. Rather naively, he advocated that the technology should still exist, but with methods of access for approved entities like police and preferred spy agencies. This is his first clear issue stance on the matter, though it is not necessarily out of step with his previous actions and statements.

Read More
...

Verizon Is Still Using 'Supercookies' To Track Your Browsing Whether You Like It Or Not

If you are using data as a Verizon Wireless customer, Verizon is tracking you. Not only that, but their method to ensure that you can't navigate around it makes your unique identifier visible to every website you visit. The injected data has been called a "supercookie," a term that reflects the fact that it is not removable like a tracking cookie. Now, recent reports show that at least one third-party ad agency has been using Verizon's supercookie to track users after they have deleted cookies or opted out of data collection.

Read More
...

PasswordBox—I Mean, Intel Security—Introduces 'True Key' To Simplify Password Management

PasswordBox is a password manager that automatically enters your credentials into various websites and apps, not unlike LastPass. Last month the company was acquired by Intel Security, which is both absorbing the service and leaving it available in its current form for the time being. The PasswordBox team has been hard at work for its new boss, and at this year's CES, Intel Security announced True Key, built on top of the technology made available by the partnership.

Read More
...

Security Hole In Skype Allows Users To Surreptitiously Connect To Other Users

Reddit user Ponkers posted an interesting find to /r/Android today, pointing out a significant privacy hole in Skype that essentially allows users to force an Android device to answer a call, making eavesdropping nearly effortless.

Ponkers drew a diagram below, which I feel compelled to include based on its artistic merits, but here's the gist of how the process works.

Assume you have three devices, device 1, device 2, and device 3.

Read More
...

Coolpad's Android Devices Have Factory-Installed Backdoor That Impersonates Google Play Services Framework, Says Security Firm

In a report released today, security researchers claim to have identified a vulnerability in as many as 24 Coolpad devices. The backdoor, which the researchers at Palo Alto Networks call "CoolReaper," reportedly installs adware without user consent or notification. More problematic is the fact that Coolpad built the backdoor into the operating systems themselves. The cherry on top is that Coolpad even had the nefarious app impersonate the Google Play Services framework file to avoid alerting users.

Read More
...

British Spy Agency GCHQ Releases App To Teach Kids About Encryption, Still Thinks Encryption Aids Terrorism

Who better to learn encryption from than the people who have actively tried to build vulnerabilities into encryption? Nobody, says the GCHQ, the British NSA equivalent that has released a free Android app called Cryptoy to teach children the basics of encryption. The app, designed for tablets, focuses on four basic techniques and allows users to create encrypted messages for sharing to friends to decode.

Read More
...

Cerberus 3.0 Update Goes Stable With Material Design And Plenty Of New Anti-Theft Features

There are updates, and then there are updates. For Cerberus, version 3.0 is the latter. It gets the app ready for Android 5.0 by covering it with pretty materials. Well, as pretty as this particularly unflattering app is going to get.

Cerberus still consists mostly of menus, but now the action bar is very red, a hamburger icon sits in the top left corner, and a sidebar (redesigned since the last time we took a look at the beta) now pulls out over every other part of the interface.

Read More
...

Intel Security Purchases Password Manager Service PasswordBox

PasswordBox is a system that allows users to keep long and secure passwords to major services, auto-inputting the fields on desktops and mobile platforms and syncing them to a cloud-based system with a single login. It's a popular alternative to the similar LastPass system. Yesterday Intel announced that it had acquired the 44-person company for an undisclosed sum, and intends to integrate it into its Intel Security team (which includes support from McAfee) going forward.

Read More
Page 2 of 2112345...10...Last»
Quantcast