We've all read the horror stories: a new virus is crawling through the third-party stores, aiming to steal your personal information, identity, and first born child. More often than not, this type of malicious app is made possible because of one of the various root vulnerabilities that have been discovered throughout the various versions of Android.
X-Ray is a new app that lets you see exactly how vulnerable your device is by scanning it against several of these exploits, including RageAgainstTheCage, Gingerbreak, Mempodroid, Levitator, and a few more. Read More
While not everyone who owns an Android device roots, the Android modding community is at the very heart of everything we love about our little green buddy. Security researcher Dan Rosenberg recently gave a presentation where he elaborates on root and modding methods, as well as expounding on the security implications of modding Android phones.
Rosenberg also had quite a lot to say about how carriers influence the Android landscape. Read More
At the beginning of the month, we broke the news about a huge security vulnerability in several HTC phones, including the Thunderbolt, EVO 3D, EVO 4G, and possibly more. Not long after word of this issue hit the 'net, HTC issued a response acknowledging it, as well as promising to deliver a patch to correct it. Looks like they are making good on that promise now, as several HTC devices are currently receiving an OTA update to correct this vulnerability. Read More
Regardless of where you sit in the tech world, there is one thing that affects us all: security vulnerabilities. Unfortunately, our little green robot is no exception this rule, and The Register recently dropped a report on a potentially bad exploit.
Apparently, in Android 2.3.3 and below, there is a vulnerability that would allow attackers to collect digital tokens that are stored on the device after users login to Google Calendar, Facebook, Twitter, and "several other accounts."
Here's how it works: when you login to an account, an authToken is stored locally on your device for 14 days, allowing you to re-access the service without hassle. Read More
Well, this is fun. Minutes after I completed and published my post further detailing how to root your EVO, I catch a teaser for ‘unrevoked’ - a ‘painless’ EVO rooting method that’s to be released tomorrow. Unrevoked is the work of Matt Mastracci, who gave us our first sneak peak at a rooted EVO, and one of the developers who contributed to the hack.
As Matt details here, there are several critical security flaws present in the custom Sprint software included on the EVO, and these flaws were the driving force behind releasing an easy ‘anyone can do it’ rooting method for the EVO. Read More