While going hands-on with the Nexus 5X and 6P a bit earlier, I noticed something interesting in the "about" screen of both devices: a new field. It's called "Android security patch level," and what it appears to do is display the date of your phone's most recent security patch.
We know Google has been taking significant flack for Android security updates post-Stagefright, so it seems this feature may be in response to those criticisms. I didn't learn anything else about it, but it was definitely on the 5X and 6P units I used, and speaking to a Google rep, they suggested this feature would ship on the devices. Read More
Silent Circle released the original Blackphone in 2014 with a raft of security features and no Google Play Services. That was sort of the point—to sell an encrypted phone that didn't have any third-party trackers or services. It turns out people don't like that, so the Blackphone 2 will have Google apps. This device has just been announced for a whopping $799, and you can order it now. Read More
Android Pay has turned out to be much more than a simple rebranding of Google Wallet. Google is working with banks to support cards natively and doing away with those virtual MasterCards altogether. However, the lack of support for rooted or ROM'd devices has irked power users. A Google engineer popped up on XDA to explain the reasoning and calm the mob. Read More
Most Android smartphones mix and match the same basic feature set. They might be better at one thing or another, but there's a lot of overlap. The Turing Phone is trying something different. This device is designed from the ground up around security, and pre-orders are going live today at 3PM Eastern, but only if you've got an invitation. Read More
This week the latest batch of over-the-air security updates started rolling out to Nexus devices, most going under version LMY48M. Google also posted the goods online in the form of factory images. The company then went on to provide a list of the security fixes.
Eight make the list, with one having actually been exploited in the wild. Though whether this was used maliciously or just someone rooting their own device is unclear. None of the vulnerabilities are newly disclosed. Read More
Over a year ago there was a lot of concern about this piece of malware that had not only a flashy, user-friendly interface, but also the ability to monitor audio and video on Android devices. Even worse, it was able to slip past the automated checking used by Google at the time. Technically, it was really a software toolkit to make it easier to package malware APKs and then do malicious things with them.
At long last, Morgan Culbertson was arrested last month after being charged with creating the software. Tuesday, Culbertson pleaded guilty in federal court, telling the judge "I committed the crime" when asked why he was entering the plea. Read More
If you're in the market for the Turing Phone, you already know who you are. This is an Android phone designed around the idea of being completely unhackable. It doesn't even have a USB port or headphone jack that could be used to manipulate the software in some fashion. Niche products like this often have the feel of vaporware, but the company has posted a release and order timeline for the Turing Phone. So they're at least trying to make it happen. Read More
Cerberus is one of the more full-featured device security apps available on Android. It has more features than Android Device Manager, and more importantly it existed years before Google's solution. The developer has occasionally offered free lifetime licenses for the app, but now users are seeing that their "lifetime" licenses are set to expire in a few days. What gives?
Wuala, an extra secure cloud storage service that we first talked about back in 2011, has announced its imminent shutdown. Originally created by Swiss researchers, Wuala was acquired by French hardware maker LaCie in 2009 as a means to take advantage of the growing interest in cloud solutions. After LaCie was acquired by Seagate, Wuala too fell under that corporate umbrella.
No explicit reasoning has been given for the shutdown, but it isn't hard to see that Wuala just hasn't taken off and may well have lost users in recent years. Not only do existing users have to move their data elsewhere, they need to do it quickly. Read More
Verizon has begun rolling out an update for the Galaxy Note Edge that should address the vulnerability in Stagefright, one of Android's media libraries, that could potentially compromise a user's device. This is the first Stagefright-related fix we're aware of Verizon rolling out.
Of course, the changelog doesn't specifically mention Stagefright... but it's really obvious that's what it's for, given the timing of the update and terseness of the document. You can probably expect a slew of Samsung Stagefright fixes (as well as other OEMs, of course) on Verizon to follow, if this is any sign. Read More