Android Police

Security

159

Google shuts down Xiaomi access to Assistant following Nest Hub picking up strangers' camera feeds (Update: Fully resolved)

So-called "smart" security cameras have had some pretty dumb security problems recently, but a recent report regarding a Xiaomi camera linked to a Google account is especially disturbing. One Xiaomi Mijia camera owner is getting still images from other random peoples' homes when trying to stream content from his camera to a Google Nest Hub. The images include stills of people sleeping and even an infant in a cradle. In the meantime, Google has entirely disabled Xiaomi integration for Google Home and the Assistant while it works out the issue with Xiaomi.

Read More
17

You can now enroll in Google's Advanced Protection Program using just your phone, no backup key required

The Advanced Protection Program is arguably the best way to secure access to all of your documents and information you've stored in your Google account. Until now, though, you were required to consign two security keys in order to get those extra safety measures and only one of them could be an Android phone. Those requirements seem to have changed today as Google has started allowing iOS devices to act as keys and letting users enroll into the program with just their mobile device, no backup key needed.

Read More
52

Your carrier will let basically any competent criminal hijack your phone number

One of the key pieces to our digital identities, whether we like it or not, is our mobile phone number. You likely use it one way or another in a two-factor authentication login (you shouldn't). Thing is, as it's been demonstrated quite a few times, they can be easily hijacked in a few easy steps by malicious actors ringing up carriers' customer service representatives — many of whom are all too understanding in helping users out of what's supposedly a stressful situation. So, just how easy is it to steal someone's phone number on a prepaid network? Researchers at Princeton University say extremely so in a recently published whitepaper draft.

Read More
37

Ring fired multiple employees over the last four years for accessing customers' videos

According to a report by Vice's Motherboard, Ring has fired a handful of its employees over the last four years for "improperly" accessing customer's recorded videos. This news follows a string of negative press for the Amazon-owned company, including a string of hacks, the revelation that some location and video data was being publicly shared through Ring's Neighbors app, and (justified) accusations that Ring lacked in "basic security features" to protect customer privacy and data.

Read More
8

Mozilla patches zero-day exploit for Firefox desktop and Android browsers (APK Download)

Mozilla has patched a zero-day exploit in late revisions to Firefox 72 and version 68 of the Android web browser. In a security advisory, the company said that it was made aware of "targeted attacks in the wild abusing this flaw."

Read More
18

Yale unveils connected smart storage and delivery boxes

When Amazon launched its smart lock, it had the brilliant idea of coupling it with an option to let delivery people in to drop your packages when you're not home. Although it's a convenient approach, it's not necessarily reassuring to let strangers in. Yale came up with a solution to this problem, with the announcement of its smart delivery boxes. In addition, it also unveiled a connected cabinet lock and a safe, letting you secure items using your phone.

Read More
0

The Arlo Pro 3 two-camera kit is down to $427 ($80 off)

Arlo cameras are amongst the most popular ones thanks to their reliability. Unfortunately, they're not cheap, but with this deal, you'll be able to get a two-camera kit for $427 on Amazon, which is 15% less than the MSRP.

Read More
19

August's new Wi-Fi smart door lock is 45% smaller, doesn't require a hub

Smart locks add a level of convenience, as they let you leave your keys behind and grant access to guests remotely. Unfortunately, many of them are bulky, and often use a Bluetooth connection, which could require a separate hub. With the announcement of the Wi-Fi Smart Lock, August wants to address these issues, with a more compact device that connects directly to the Internet.

Read More
19

Google’s adjusted 90-day Project Zero policy gives developers more time to deploy patches

Google announced Project Zero back in 2014 in a quest to make the internet more secure by researching software exploits and informing affected developers about them. The company soon adopted a 90-days public disclosure deadline in order to speed up the patching process. In 2020, this policy will change just a little bit. Previously, vulnerabilities were published as soon as developers fixed them, but now, Google will always wait the full 90 days until it reports to the public. That's meant to ensure that patches have rolled out to more users before potential bad actors know about the exploits, thus leaving fewer people vulnerable.

Read More