27
Jan
2012-01-27 13h57_37

[Updated: Here Are The Winners!] Book Giveaway #13: Kick Your Developing Game Up A Notch: We're Giving Away 5 Copies Of "Application Security For The Android Platform"

Posted by in Contests / Giveaways, Development
Last Updated: February 5th, 2012

Thanks to our two-dozen (or so) previous book giveaways, you probably now know how to develop for Android. If so, it's probably time to kick your game up to the next level by mastering application security. Luckily for you, O'Reilly Media recently published a new book on the topic, titled "Application Security for the Android Platform: Processes, Permissions, and Other Safeguards." Written by Jeff Six, the book is a concise (112 page) treatise on the subject.

This contest is now over. Here are our winners, selected at random:
  1. hectormoi
  2. Gracjan
  3. James Ebby
  4. rolltidedad
  5. Antonio Chillaron Barahona

Congratulations, guys - all of you will be contacted for your information in the near future!

27
Jan
unnamed

[Updated] Privacy Advisory: VoIP App Vopium Sends Login Credentials, IMEI, Geolocation, And Contact List In Plaintext

Posted by in Applications, News

Update: According to the Vopium blog, the app has been updated with a fix for this issue.  We'll crack it open in just a bit to ensure everything has indeed been addressed.

Users of the popular VoIP app Vopium (here's the older version with many more installs) may want to put all usage of the app on indefinite hiatus, at least for the time being. It was recently discovered that the app sends basically all of the sensitive information, including username, password, device IMEI, geolocation, and contact list in plaintext.

After doing some of our own analysis, we discovered that the password is stored in the app's settings using plaintext as well (as opposed to at least basic encryption or an auth token - thanks for doing the leg work here, jcase).

02
Jan
2011-10-21-17h07_013

[Updated: Here Are The 10 Winners!] Nexus New Year's International Ultimate Giveaway: Win One Of Ten (Yes, Ten) Galaxy Nexuses From AVAST And Android Police

Posted by in Applications, Contests / Giveaways, Galaxy Nexus
Last Updated: March 6th, 2012

We know, we told you our holiday giveaway series would feature some of our largest contests to date. And it did - we gave away over a dozen tablets and nearly as many phones to our readers. But we thought we'd start the new year off with our biggest giveaway yet (an international one, to boot) - 10 Samsung Galaxy Nexus smartphones, courtesy of our amazingly generous friends at AVAST Software.

This contest is now over. There were over 13,500 entries, making it our largest contest ever by a huge margin (unsurprisingly). Apologies for the long wait - it takes a long time to finalize these giveaways, and with CES I had a whole lot of stuff going on at once.

02
Jan
unnamed

[Review] Avast! Mobile Security For Android

Posted by in App Reviews, Applications, Mobile Security App Shootout

After getting a glimpse of Avast's new mobile security solution a few weeks ago, I just had to dive in and give the app a full review. Avast, the long-awaited marriage of Avast and IT Agents' Theft Aware (see our review), certainly doesn't disappoint. It has an insane number of features, all of which appear to work perfectly, and it sounds like things will only be improving with time.

And did I mention the full-featured, root-enhanced app is completely free with no paid version in sight? As in, even the previously paid (Theft-Aware used to cost 10EUR) features.

Check out this handy feature matrix:

image

And this video, which provides us with a quick overview of just a few of Avast's capabilities:

At A Glance

Avast Mobile Security is stunning not only in terms of functionality, but also in its design and usability.

28
Dec
sam_galaxy_tab_10

Software Update Coming Soon To Verizon's Samsung Galaxy Tab 10.1 – I905.EL01 Brings TouchWiz Enhancements, Photo Editing, And More

Posted by in Android OS, Galaxy Tab 10.1, News, Tablets, Verizon Wireless

According to Verizon's system update documentation, owners of big red's Samsung Galaxy Tab 10.1 can expect a software update any time now. While it isn't the Ice Cream Sandwich users are undoubtedly craving, the update (bringing system software to I905-EL01) offers quite a few interesting features.

Among these are improvements to Samsung's Touchwiz UX, a new Social Hub widget, built-in photo editing capabilities, and The Daily – a news app that allows users to "access the best of print, web, and broadcast news from around the world."

image image

The update also brings Bluetooth 3.0 compatibility, additional support for more Wi-Fi routers, DivX, security patches, enhancements to TouchWiz's music and video players, and built-in support for "industry standard VPN clients." There's no word yet on just when the update will be available, but we'll be here to keep you updated.

07
Dec
unnamed

Avast Launches Mobile Security App With Root Functions, Firewall, Free Theft Aware Integration, And More - A Strong Contender For The Best Overall Security App On Android

Posted by in Android OS, Applications, News

Avast has just launched its Mobile Security app for Android, integrating the pure power of Theft Aware (see our review) with some amazing new features. If you remember, Avast swallowed up ITAgents, the small company behind Theft Aware, back in September and promised to integrate it with its upcoming software. Even in its beta state, Avast's Mobile Security looks to be a very strong contender among the dozens of other security apps floating around in the Android Market. I dare say it has the potential to overshadow just about all of the apps in our Mobile Security App Shootout.

06
Dec
unnamed

AT&T Toggle Hits The Android Market – Keep Business And Pleasure Separate With The Click Of A Button

Posted by in Android OS, Applications, AT&T, News

You might remember mention of a new AT&T service called Toggle last month, a service which promised to allow enterprise users to access corporate email, calendars and contacts securely from whatever Android device they choose to purchase, while separately maintaining their personal data. AT&T's official Toggle app hit the Android Market today, heralding the beginning of the service, and bringing hugely useful functionality to enterprise users concerned with keeping their business and personal activities separate.

unnamed (1) unnamed

AT&T Toggle essentially allows users to operate in two different modes on a single device: a personal mode, which acts just like your stock device, and a business mode, which allows access to corporate email, calendars etc.

03
Dec
image

Carrier IQ Explains How Its Software Works, Implicitly Blames HTC For Insecure Log Files, Data Leak Exposed By Trevor Eckhart

Posted by in Android OS, AT&T, HTC, Motorola, News, Samsung, Sprint, T-Mobile

Amid the turmoil surrounding Carrier IQ, the company's VP of Marketing, Andrew Coward, has come forward in a series of interviews with a few clarifications.

For those not in the loop, the controversy around Carrier IQ is based on developer Trevor Eckhart's findings which indicated that Carrier IQ's software was indeed collecting a vast array of information, and his demonstration showing that said data could be read using a simple command – one that could be executed by any malicious app with access to logcat. This data includes location information, SMS messages, and key taps.

Before we dive into Coward's remarks on the issue of security (and why he says CIQ is not to be blamed for insecure logs), it's important to look at how CIQ actually functions on a device.

30
Nov
image

Report: Security Vulnerability In Many Android Phones Allows Malicious Apps To Record Audio, Track Location, And More Without User Permission

Posted by in Android OS, News
Last Updated: August 2nd, 2012

According to a group of computer scientists at North Carolina State University, a vulnerability exists within many Android devices that would allow hackers (or malicious apps) to bypass the permissions request process and tap into audio and location, wipe apps and data, or send unauthorized SMS messages, all without the user knowing.

This news may sound a bit sensational, but the researchers have created and tested a dummy app which effectively demonstrates the exploit:

Among the eight phones tested with the researchers' diagnostic app (Woodpecker), HTC's Evo 4G seemed to be the most vulnerable, able to "leak" eight different capabilities to their dummy app, which was not explicitly granted appropriate permissions by the user.

23
Nov
image

Carrier IQ Drops Legal Threats, Apologizes To Developer Trevor Eckhart

Posted by in Legal, News

Trevor Eckhart, a developer involved in uncovering a huge security vulnerability that affected several HTC devices, was recently threatened by Carrier IQ (CIQ), a company involved in gathering various forms of user data and sending it to carriers or manufacturers for analysis. For those who haven't  been following the story, here's what happened:

Trevor Eckhart found several training manuals on CIQ's website. These were publicly available. Trevor shared them with the community, explaining just how far-reaching CIQ's data collection practices are. At this point, CIQ became aware of the fact that sensitive information had been exposed, and pulled the files from their website.

Page 5 of 11«First...34567...10...Last»