A zero-day vulnerability in the Linux kernel was disclosed a few days ago, and that usually spells bad news for anything based on Linux. That includes Android, of course. When Perception Point announced the exploit (CVE-2016-0728), it claimed 66% of Android devices were affected. Google's Adrian Ludwig says the real number is much, much smaller. Read More
You might have seen some banter about a way to bypass factory reset protection (FRP) on Nexus devices recently—just like LG and Samsung. It's true that there was a way to get around factory reset protection from the setup wizard, but not anymore. Despite what a certain video seems to claim, Google actually patched FRP in the January security update. Read More
Google runs the Play Store as it sees fit, and sometimes that means it removes apps that we as users might prefer were there. However, a recent decision to pull an app called VTS from the Play Store is particularly baffling. VTS from NowSecure scanned Android devices for known vulnerabilities, but now you can only get it from GitHub and APK Mirror.
If you have more than a dozen friends on Facebook, odds are pretty good that at least one of them has started tagging every person on Earth with suspiciously misspelled advertisements for knockoff Ray-Ban sunglasses. Facebook would really prefer that this not happen, or at least not happen quite so often. To that end the company introduced the Security Checkup feature to the web version of the social network, and now it's available on Android as well. Maybe.
Security Checkup does a few things. First, it examines your password and suggests changing it if it's not strong enough. Second, it sends you alerts if someone logs in to your Facebook account from an unfamiliar or suspicious location. Read More
The web can be a dangerous place filled with imitation websites, pop-ups that lead to malware, and sites that trick you into giving away your credit card information. Many of us know how to navigate these risks well enough, but for those that don't, and for those times that experienced browsers screw up, it's nice to have services like Google Safe Browsing doing their part to keep folks protected.
Safe Browsing provides that notification you get when you venture to a place Google deems unsafe. You can proceed to the webpage if you like, but Google recommends you back away slowly. Read More
Protecting your online accounts is important, and 2-factor authentication is the best way to do that. The default method of getting 2-factor codes for most services is SMS, but authenticator apps can be more convenient. Google's own authenticator has been on the Play Store for years, but it's been very ugly until today. This app has finally gotten a material design makeover and a few new features too.
The Turing phone, advertised as "unhackable," looks and sounds like a handset that would never see the light of day. Call it a work of science fiction, a fanboy's wet dream of a device materialized out of Robotech. But prototypes exist and pre-orders have gone live. Thing is, that promised shipment date of December 18th has been delayed. Read More
The following post was provided by ESET Mobile Security.
Common wisdom and exercising caution is sometimes not enough when it comes to ensuring the security of your Android device. To have to pay attention to every link you click on or to every app you download might prove pretty frustrating.
At ESET, we have been combatting malware for nearly 30 years. Our mission remains to allow you to enjoy safer technology, so you don’t have to be preoccupied with security. In recent years we have analyzed thousands of malware samples − and with more than 1 billion active devices in circulation, we can say with certainty that Android is without a doubt a platform that attracts cybercriminals. Read More
Twitch has been the largest live streaming video platform for quite some time, and now they decided to push out an update that helps users protect their accounts. Two-Factor Authentication is now available on all Twitch accounts.
Enabling this feature adds one more layer of security by requiring something that you have in your possession, with the first layer being something you know (e.g. your password). This thing you have is a code, which can be generated through a Two-Factor Authentication application, or sent to you via a text message. This generated code changes after a brief interval, usually 30 seconds. Due to the nature of Two-Factor Authentication, attackers are unable to access your account without being able to generate one of these secure codes. Twitch has teamed up with Authy to generate a secure code for you. I've been using Authy for a few years now, and I highly recommend it as a way to manage your Two-Factor codes. Read More
The recent Stagefright vulnerability in Android led to new expectations for security patches. Google, Samsung, and LG have all said they will work to get monthly security updates out to users, and now Android newcomer BlackBerry is doing the same. The company says buyers of the Priv can expect to get monthly patches, but there are a few caveats. Read More