With the myriad of ways nefarious types are able to get their hands on passwords these days, often times whether your information gets stolen is completely out of your hands. Rather than changing their sign-in credentials every time another leak or hack happens, many folks trust their online security to password managers such as LastPass. Dashlane is an alternative that can also get the job done, and for the next week, you can snag a premium account free for six months over at sharewareonsale.com. Read More
Did you know Safer Internet Day was a thing? Well, indeed it is, and it's today! Happy Safer Internet Day, everyone! To celebrate, Google is offering 2GB of additional Drive storage for completing a quick security checkup.
Remember how Marriott hotels wanted to block WiFi hotspots and make everyone pay for internet access? It turns out giving Marriott money for lodging is maybe not a good idea in the first place. According to software developer Randy Westergren, it has been possible to access customer information on Marriott's servers without a password since the Android app was released in 2011.
You might have noticed a number of recent stories (like this one) claiming Google was abandoning some huge portion of Android users rather than fixing WebView security holes. It's exactly the kind of thing that makes good clickbait. Google has now issued a statement on the security issues in Android 4.3 and earlier, basically pointing out it's not feasible to update old code forever and offering tips for avoiding potential exploits. Read More
Verizon isn't making many friends when it comes to keeping private information private. Just two days after news broke that Verizon Wireless is collecting and in some cases selling web browsing info, its parent company has been given a black eye for insecure practices associated with the FiOS Internet service. Security researcher Randy Westergren discovered a way to access any FiOS user's Verizon email account by using the mobile API. Read More
Not long after British Prime Minister David Cameron did the same, President Obama said Friday that he opposes encryption methods that are inaccessible to law enforcement. Rather naively, he advocated that the technology should still exist, but with methods of access for approved entities like police and preferred spy agencies. This is his first clear issue stance on the matter, though it is not necessarily out of step with his previous actions and statements. Read More
PasswordBox is a password manager that automatically enters your credentials into various websites and apps, not unlike LastPass. Last month the company was acquired by Intel Security, which is both absorbing the service and leaving it available in its current form for the time being. The PasswordBox team has been hard at work for its new boss, and at this year's CES, Intel Security announced True Key, built on top of the technology made available by the partnership. Read More
Reddit user Ponkers posted an interesting find to /r/Android today, pointing out a significant privacy hole in Skype that essentially allows users to force an Android device to answer a call, making eavesdropping nearly effortless.
Ponkers drew a diagram below, which I feel compelled to include based on its artistic merits, but here's the gist of how the process works.
Assume you have three devices, device 1, device 2, and device 3. Read More