Users of newer versions of Windows or just about any Microsoft web service might be familiar with the company's rudimentary two-factor authentication system. If it's been a while since you've logged in or you're setting up a new Windows device, it might ask you for a verification code, accessible from a backup email account. Of course that can be a pain if you don't remember the password for that account, or simply don't want to dig it out.
Let's face it, as the world becomes more dependent on computers and the Internet for the functions of day-to-day life, security will become ever more important. Clearly encouraged by employee Neel Mehta's discovery of Heartbleed, Google has decided to do more in the area of Internet security. To help combat this ever increasing problem, they're offering up Project Zero. Essentially, Google will begin hiring "the best practically-minded security researchers and contributing 100% of their time toward improving security across the Internet." Their work will not be limited to just Google products, but will instead be focused on "any software depended upon by large numbers of people." The idea is that researchers will find the threats, then inform only the software developer.
We've heard that Google intended to really make a push for greater corporate adoption with the L release, and the company touched on some of its plans in today's keynote. It confirmed that Android will empower companies to separate personal data from work data using containers without outside companies having to apply additional code to their devices. Interestingly, this comes thanks in part to Samsung, which has contributed some of its KNOX code to the next version of Android.
It seems like everyone is making smartphone screens more useful when they're off, and LG's attempt is called Knock Code. This feature lets you securely wake and unlock the device with a series of taps on the screen while the phone is asleep. No need to buy a new phone, though. Knock Code is rolling out the the AT&T LG G2 via an OTA update right now.
The latest version of the Play Store hit the scene a little over a week ago and introduced a tweak to the way permissions are displayed at install time, and it left some people feeling a little...uncertain. Gone is the ugly wall of poorly spaced, semi-specific permissions. The replacement is a short set of simplified categories, each with crisp-looking icons and buttons that reveal a brief description when tapped. Google filtered through roughly 145 permissions and narrowed them down to a dozen groups, plus one bucket for anything that remains.
Update: Excuse me, this isn't actually AgileBit's first swing at the whole 1Password for Android thing. The team previously released a version that it allowed to grow so out of date that it chose to develop and release a new one built from the ground up. The Play Store link for the previous release has been taken down.
1Password keeps all of your login credentials encrypted and safely tucked away under the protection of a single master key, and now the cross-platform service has extended out from Windows, Mac, and iOS to make itself available to Android users.
Ask anybody that spends time in the security circles and they'll tell you that every large software project is bound to have a few long-standing vulnerabilities in the code. Fortunately, there are usually a few people who are paid to close up those holes so you, the customer, don't find yourself the victim of nefarious evildoers someday. Like so many before it, the latest update to Android came with a boatload of changes, at least one of which fixes a potentially dangerous vulnerability that can be used for numerous attacks, including a way to acquire root.
Over the years, Google has been shoring up security on Android in a bid to make the operating system more attractive to governments and businesses, and to reduce the threat of malware for regular users. Unfortunately, these changes often come at the expense of flexibility in our beloved platform. As we close in on the next major release of Android, due to be announced next month, SuperSU developer Chainfire has discovered a set of commits to the Android Open Source Project (AOSP) that may seriously impact some of the functionality currently enjoyed by many root users.
An update is rolling out to the Lookout security app with a new feature tucked away exclusively for premium account holders. This feature is theft alerts. After the alerts have been enabled, Lookout will send phone owners an email automatically when the phone starts engaging in behavior that indicates it could have been stolen. This way you get notified as soon as shenanigans begin, rather than having to manually check for the device's location yourself.
LifeLock is a company that claims it can protect consumers from identity theft, but it found recently that its own apps might be part of the problem. The company bought Lemon Wallet late last year, gaining control of its mobile wallet apps on iOS and Android. Now those apps have been pulled from their respective app stores after concerns over the safety of data stored in them. Oops.