Android Police

Articles Tagged:

security

...

SIM Maker Gemalto Says Intelligence Agency Hack Probably Happened, But Did Not Compromise Security

A recent report based on information from Edward Snowden made a startling accusation regarding the security of the SIM cards lurking in most of our phones. According to the newly leaked documents, Netherlands-based Gemalto was the target of a CIA and GSHQ (UK intelligence) plot to steal SIM card encryption keys. Gemalto is the largest maker of SIM cards in the world, so that would be a substantial security breach. Gemalto has issued a statement after completing its investigation to say that, yes, there was probably an attack.

Read More
...

[It's Dangerous To Go Alone] Google Takes More Proactive Steps To Combat 'Unwanted Software' Spam

Google stands to make the most money if you're online using its search engine and viewing its ads, preferably in Chrome or on an Android device. But sometimes the internet can be a tricky place to navigate safely, and that's just not good for business. So the company is continuing its push to make the web a safer place to browse on PCs and mobile devices alike.

Before you visit a webpage that tries to trick you into downloading unwanted, potentially harmful software, Chrome will now stop you and dish out an intimidating, red warning.

The site ahead contains harmful programs. Attackers ... might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).

Read More
...

Authy 2-Factor Authentication App Updated To v20 With Material Elements And New View Options

Managing 2-factor authentication is a pain, but such is the price we pay for security, right? Authy makes it much less annoying with secure backup, device sync, and offline mode for 2fa. It hasn't been the most attractive app, but the new version is looking much nicer and more material.

2015-02-10 12.44.17 2015-02-10 12.50.25 2015-02-10 12.57.02

Read More
...

[Deal Alert] Get 6 Free Months Of Dashlane Premium Password Manager And Secure Digital Wallet ($20 Savings)

With the myriad of ways nefarious types are able to get their hands on passwords these days, often times whether your information gets stolen is completely out of your hands. Rather than changing their sign-in credentials every time another leak or hack happens, many folks trust their online security to password managers such as LastPass. Dashlane is an alternative that can also get the job done, and for the next week, you can snag a premium account free for six months over at sharewareonsale.com. A yearly subscription currently goes for $39.99.

Dashlane relies on AES-256 encryption to protect your data, which it backs up and automatically syncs across your various devices if you have a premium account.

Read More
...

Get An Extra 2GB Of Google Drive Space For Completing A Security Checkup

Did you know Safer Internet Day was a thing? Well, indeed it is, and it's today! Happy Safer Internet Day, everyone! To celebrate, Google is offering 2GB of additional Drive storage for completing a quick security checkup.

checkup

Read More
...

Verizon Wireless Will Let Customers Opt Out Of 'Supercookie' Tracking After Privacy Backlash

Sorry, class, you don't get any extra credit for predicting this one. After some heated responses from consumers following the reveal of a controversial "supercookie" web traffic monitoring system, Verizon Wireless has announced that it will allow its customers to opt out of the lucrative and potentially dangerous advertising practice. Verizon Wireless spokeswoman Debi Lewis told The New York Times, "We have begun working to expand the opt-out to include the identifier referred to as the UIDH, and expect that to be available soon."

nexus2cee_verizon_header

The system isn't technically using a "cookie" in the conventional browsing sense; UIDH stands for "unique identification header," a customized version of a standard HTTP header, in this case tailored specifically for Verizon.

Read More
...

[Oops] Marriott's Android App Has Probably Been Leaking Credit Card Data For Years

Remember how Marriott hotels wanted to block WiFi hotspots and make everyone pay for internet access? It turns out giving Marriott money for lodging is maybe not a good idea in the first place. According to software developer Randy Westergren, it has been possible to access customer information on Marriott's servers without a password since the Android app was released in 2011.

2015-01-26 10_02_04-Marriott Hotel Reservations and Payment Information Compromised by Web Service V

Read More
...

Google Issues Official Response To Concerns Over Jelly Bean WebView Security

You might have noticed a number of recent stories (like this one) claiming Google was abandoning some huge portion of Android users rather than fixing WebView security holes. It's exactly the kind of thing that makes good clickbait. Google has now issued a statement on the security issues in Android 4.3 and earlier, basically pointing out it's not feasible to update old code forever and offering tips for avoiding potential exploits.

Read More
...

Critical Vulnerability In Verizon FiOS Mobile API Allowed Easy Access To Any User's Email Info

Verizon isn't making many friends when it comes to keeping private information private. Just two days after news broke that Verizon Wireless is collecting and in some cases selling web browsing info, its parent company has been given a black eye for insecure practices associated with the FiOS Internet service. Security researcher Randy Westergren discovered a way to access any FiOS user's Verizon email account by using the mobile API.

unnamed (11)

The message is, "You really shouldn't be using this app. Or the free email we gave you. At all."

Westergren's discovery and his explanation are highly technical, but what it boils down to is that he could substitute the username (and only the username) of a Verizon FIOS email user in a particular API script in order to access that account.

Read More
...

Obama Goes On Record Against Encryption, Says It Should Exist But He Should Be Able To Decrypt It

Not long after British Prime Minister David Cameron did the same, President Obama said Friday that he opposes encryption methods that are inaccessible to law enforcement. Rather naively, he advocated that the technology should still exist, but with methods of access for approved entities like police and preferred spy agencies. This is his first clear issue stance on the matter, though it is not necessarily out of step with his previous actions and statements.

Of course, cybersecurity experts collectively groaned at the President's suggestion of strong encryption that is only accessible to authorities. Taking for granted that law enforcement can be trusted - and, of course, Edward Snowden and countless others have shown us it cannot - there are a host of problems.

Read More
Page 3 of 2312345...10...Last»
Quantcast