Wuala, an extra secure cloud storage service that we first talked about back in 2011, has announced its imminent shutdown. Originally created by Swiss researchers, Wuala was acquired by French hardware maker LaCie in 2009 as a means to take advantage of the growing interest in cloud solutions. After LaCie was acquired by Seagate, Wuala too fell under that corporate umbrella.
No explicit reasoning has been given for the shutdown, but it isn't hard to see that Wuala just hasn't taken off and may well have lost users in recent years. Read More
Verizon has begun rolling out an update for the Galaxy Note Edge that should address the vulnerability in Stagefright, one of Android's media libraries, that could potentially compromise a user's device. This is the first Stagefright-related fix we're aware of Verizon rolling out.
Of course, the changelog doesn't specifically mention Stagefright... but it's really obvious that's what it's for, given the timing of the update and terseness of the document. Read More
The news of the Stagefright exploit appears to have precipitated a much needed update commitment from Google and various Android OEMs. After Samsung announced its new Android security update process and Google revealed the details of a new Nexus update policy, LG is following suit and promising similar monthly security patch updates.
Although it hasn't been officially announced by the company, the news comes from a couple of reliable sources. First, speaking at the security conference Black Hat 2015, Googler Adrian Ludwig revealed that LG has made the same commitment to send the monthly security patches that it receives from Google to end users. This, supposedly, should last for three years after a handset is announced, the same as Nexus phones. Read More
Google is rolling out the Stagefright patch to Nexus devices as promised, but the bigger news alongside that announcement is a new update policy for Nexus devices. Going forward Google will release security patches for Nexus phones and tablets about once per month, which mirrors Samsung's recently announced Galaxy update program. Google is also making official the length of time you can expect to get Nexus updates. Read More
The Samsung Galaxy Note 4 is getting an OTA update today, and it takes the device from 5.0 up to 5.1.1. That means a few small tweaks to the system, but there are also some important bug fixes, including one for the Stagefright vulnerability. Read More
In a blog post published today by the researchers at Zimperium Mobile Security, the group divulged an extremely widespread security vulnerability that can be exploited with nothing more than a targeted MMS message. The hole exists in the part of the Android operating system called Stagefright, which handles the processing of certain types of multimedia.
How it works
If targeted, the hypothetical hacker needs only to send an MMS message, which in many cases doesn't even need to be read before the attacker gains access to the victim's microphone and camera. Read More
Google has just added an interesting page to the Nexus support site that lists new operating system safety warnings. According to the page, this is a boot verification system that checks the integrity of your device software during each startup. You probably haven't seen this on any devices yet, but Android M is right around the corner. Read More
Everyone is trying to come up with a better, more secure way to do passwords, but not Medium. Nope, Medium is just getting rid of them. You can now create and sign into a Medium account using only your email. This works on the web and iOS right now, and will be added to the Android app soon.
Google pays people to find and close the flaws in its systems. This is pretty common throughout the tech industry, largely because it motivates people to approach from different backgrounds and with contrasting ways of thinking, something you can't get from internal employees. With Google products getting into the hands of billions of people and serving mission critical roles, it's crucial that services and information are safe.
Over the past five years, Google says it has paid over 1.5 million dollars to people that discovered vulnerabilities in Chrome and other products through its Security Rewards program. Now it will expand this program to cover Android. Read More