latest
Google Maps is ditching cloud-based location history for a more private solution
Your location history will be stored locally on your device going forward, but you can still opt for an end-to-end-encrypted backup
It's no secret that Google Maps keeps tabs on your every move with its Timeline feature, which logs all your pit stops and the routes you take. As long as you're signed in to your Google account with Location History enabled (it's off by default), Google collects all this juicy information and secures it in the cloud, promising it's encrypted. But if you're the paranoid type, the company will soon give you the option to stash your trips directly on your device.
Nothing's iMessage solution might not be as secure as we thought
New report may contradict the company's encryption claims
Apple's iMessage has such a deathgrip on the messaging situation in the United States that companies like Nothing feel like they need to take drastic measures in order to assuage green bubble concerns from potential customers. Earlier this week, the tech world collectively gasped when the design-focused smartphone brand announced it would be bringing iMessage to its Android devices using a service called Sunbird that forwards messages from Apple's servers to a client app called Nothing Chat. We had seen similar third-party hacks before, but an OEM offering this functionality for free almost sounded too good to be true. Now it seems like there may be a serious security problem with Nothing's iMessage implementation.
Gmail will soon let you send client-side encrypted messages from your phone
Encrypted mail can be accessed within Gmail, no external portal necessary
Encryption is essential to protect the exchange of sensitive information, especially when that exchange is taking place via email. If you work while on the go, you already know the importance of keeping business matters private. However, it can be difficult to do so when you’re relying on resources like a public internet connection. Now, Google is introducing client-side encryption to Gmail for mobile devices, which may give you more peace of mind when sending emails.
The internet doesn't have a filter, so anyone can get your data if you're not careful. This also means the information you send could get into the wrong hands. Plus, there may be times when you have to send sensitive files and messages, whether it's an email containing an attachment of a company's financial assets or a contract that holds a client's personal information. You're required to take all the precautions to protect this type of information.
Google throws its weight behind yet another messaging standard
'E2EE everywhere' could be another RCS-like pie in the sky
Security is critical wherever sensitive data is involved, like cloud storage, password management, and communication. The best encrypted messaging apps today don’t shy away from their responsibility towards the consumer’s privacy, but breaches and loopholes like WhatsApp’s flawed account deactivation system serve as constant reminders we can make more headway. Google believes the answer lies in an industry-wide interoperable standard for messaging that’s platform and app-agnostic. However, recent examples suggest this is but another pipe dream.
From the moment you open your Android device to access the online world, your data is tracked by several parties. From relatively benign entities that keep track of your online presence to sell you ads and services to hackers who want to steal your personal data, your data is under constant attack. The best Android phones offer several layers of protection to secure your data on the device, but they can't do anything about the data passed on the internet.
Beijing's app for Olympic athletes and visitors looks like a free data buffet for hackers
Thousands at risk of having personal data exposed
There are privacy concerns for the thousands of foreigners in Beijing for the 2022 Winter Olympics after Canadian research group Citizen Lab revealed vulnerabilities in an app that handles sensitive health information and is required by the Chinese government for anyone involved with the games.
Facebook Messenger groups now have end-to-end encryption for calls and chats
One small step for E2EE, but one giant wait until Meta makes it the norm
Meta isn't hurrying to encrypt the communications of Facebook and Instagram users from end to end by default. But it will continue to make baby steps on providing E2EE to them, including to groups on Facebook Messenger starting today.
WhatsApp encrypted backups are finally available in the latest beta
Keep your data private before uploading to the cloud
WhatsApp has been working on encrypted backups for some time now, with early mumblings first appearing way back in March. Last month, Facebook detailed its plans to add two unique options offering extra protection for your account. The latest WhatsApp has great news for any privacy-minded person, as the app is finally implementing end-to-end encryption for backups.
WhatsApp encrypted backups will let users balance their own privacy and security priorities
If you want to remember a 64-digit encryption key, that's totally up to you
There's no shortage of reasons for why WhatsApp is as popular as it is, but the service's focus on user privacy has got to be one of the big ones. With end-to-end encrypted messages, people using the app can feel secure that their messages are headed right to the eyes of their intended recipient, without the risk of any looky-loos peeking along the way. Now Facebook's talking about its plans for taking that kind of protection to its next logical step, as end-to-end encryption expands to cover WhatsApp backups.
Facebook's slow roll on encryption has made it to video and voice calls on Messenger
But not by default
Facebook has been slow to implement end-to-end encryption for its messaging apps, but the baby steps continue to happen nevertheless. Today, it announced the introduction of opt-in E2EE for voice and video calls in Messenger.
Ring brings its users a welcome dose of privacy as end-to-end video encryption goes global
Plus authenticator support and no-hassle product transfers
Amazon-owned subsidiary Ring is putting more security into its security, so to speak. The company is expanding availability of video end-to-end encryption worldwide, launching support for authenticator apps as a second step to verify logins, and making ownership transfer of Ring products easier.
Watch out for these FBI honeypot phones if you like to do crimes
This modified Pixel 4a is a narc phone. An Android policeman, you might say
Criminals use cell phones. And because police agencies know this, they tend to be a little more cautious about said phones than regular users. Cautious enough to, say, buy a special fully-encrypted phone that purports to be 100% untraceable, and use the completely hack-proof messaging app contained within. Some of those criminals came to regret it as they discovered their super-secret phones and messaging service were, in fact, provided by the United States Federal Bureau of Investigation and other police forces around the world.
You can now log into Twitter on Android with your 2FA key alone
It can now be your only two-factor authentication method
Read update
Twitter has had two-factor security based on physical keys, like the Yubikey or Google's Titan keys, for a long time. You've been able to log in with said keys on your phone (assuming your key works with your phone) for a few months. But what if you have to manage your company's PR Twitter account while on the go? Or more typically, what if you have a USB-A key for your desktop and an NFC key for mobile usage?
Google Messages end-to-end encryption for RCS Chat is rolling out to everyone
For one-on-one conversations, not group chats
As part of today's big announcements from Google, the company snuck in a bit of a surprise: Separate from the embargo details we were provided, Google is also announcing that end-to-end encryption for Chat/RCS messages in Google Messages is now out of beta — at least, for one-on-one conversations.
Don't expect Facebook Messenger or Instagram Direct to add end-to-end encryption anytime soon
The company refers to it as a "long-term project"
End-to-end encrypted conversations aren't just for whistleblowers and government officials. These days, more users than ever before are aware of how vital it is to keep conversations away from prying eyes. Apps like Signal and Telegram gained huge new followings earlier this year after WhatsApp botched a privacy policy update, calling attention to the importance of implementing extra security for communication tools. Today, Facebook recommitted to bringing end-to-end encryption to both Messenger and Instagram Direct, but it could take longer than some users are willing to wait.
Your next Pixel phone might also be your car keys
The Android SE Alliance wants secure elements to work as car keys and ID cards
Google likes to make capital-A Alliances. Rather infamously so. But the latest one might actually mean something, as it's trying to gather software and hardware partners in cooperation for a lot of emerging security technologies, enabling hardware-based encryption for things like digital keys, secure documents, and wallets. Google is calling it the Android Ready SE Alliance.
India is demanding WhatsApp build a way to trace user messages
The government proposes a hash system that circumvents the decryption question
The Indian government has specified a proposal to Facebook-owned WhatsApp that would involve tying an alpha-numeric hash to every message sent on its platform without decrypting the message itself. The push for the app to follow new cyber crime rules comes as it struggles with a major hit to its reputation over a privacy policy change in the country.
Bitwarden password manager adds encrypted text and file sharing
Users can share text on Bitwarden Send for free, but file sharing will cost you
Bitwarden is something of a rising star in the app world, quickly gaining users and favor after LastPass crippled its non-paying tier. The free, encrypted password protector has emerged as the most feature-rich option for free users. The Android app and the platform at large are getting a new option: Send, an ability to send text info with the same encryption tools as the password keeper.
WhatsApp is still working on password-protected Google Drive backups
The encrypted backups have been coming for a long time
It's been almost exactly a year since the last time we saw leaked screenshots of an encrypted cloud backup feature for WhatsApp. Today we see a more fleshed-out version of that tool, offering a password protected backup of your messages that uploads to Google Drive on Android and iCloud on iOS. Unfortunately, there's still no indication of when it's actually going to go live.