As Android has grown from a small hobbyists OS to the mainstream-conquering behemoth it is today, so has the amount of malware directed towards it. A large chunk of the problem comes from malicious apps that make it into the Android Market - often times, duplicates of popular apps with a few strings of code thrown in that allow the app to transmit personal information or hijack the device.
Makers of anti-virus apps claim that there's more malware in the market than ever, painting the picture of a wild west-esque place that's ever-more attractive to the scum of the app universe.
Update: According to the Vopium blog, the app has been updated with a fix for this issue. We'll crack it open in just a bit to ensure everything has indeed been addressed.
Users of the popular VoIP app Vopium (here's the older version with many more installs) may want to put all usage of the app on indefinite hiatus, at least for the time being. It was recently discovered that the app sends basically all of the sensitive information, including username, password, device IMEI, geolocation, and contact list in plaintext.
We know, we told you our holiday giveaway series would feature some of our largest contests to date. And it did - we gave away over a dozen tablets and nearly as many phones to our readers. But we thought we'd start the new year off with our biggest giveaway yet (an international one, to boot) - 10 Samsung Galaxy Nexus smartphones, courtesy of our amazingly generous friends at AVAST Software.
After getting a glimpse of Avast's new mobile security solution a few weeks ago, I just had to dive in and give the app a full review. Avast, the long-awaited marriage of Avast and IT Agents' Theft Aware (see our review), certainly doesn't disappoint. It has an insane number of features, all of which appear to work perfectly, and it sounds like things will only be improving with time.
And did I mention the full-featured, root-enhanced app is completely free with no paid version in sight?
According to Verizon's system update documentation, owners of big red's Samsung Galaxy Tab 10.1 can expect a software update any time now. While it isn't the Ice Cream Sandwich users are undoubtedly craving, the update (bringing system software to I905-EL01) offers quite a few interesting features.
Among these are improvements to Samsung's Touchwiz UX, a new Social Hub widget, built-in photo editing capabilities, and The Daily – a news app that allows users to "access the best of print, web, and broadcast news from around the world."
The update also brings Bluetooth 3.0 compatibility, additional support for more Wi-Fi routers, DivX, security patches, enhancements to TouchWiz's music and video players, and built-in support for "industry standard VPN clients." There's no word yet on just when the update will be available, but we'll be here to keep you updated.
Avast has just launched its Mobile Security app for Android, integrating the pure power of Theft Aware (see our review) with some amazing new features. If you remember, Avast swallowed up ITAgents, the small company behind Theft Aware, back in September and promised to integrate it with its upcoming software. Even in its beta state, Avast's Mobile Security looks to be a very strong contender among the dozens of other security apps floating around in the Android Market.
You might remember mention of a new AT&T service called Toggle last month, a service which promised to allow enterprise users to access corporate email, calendars and contacts securely from whatever Android device they choose to purchase, while separately maintaining their personal data. AT&T's official Toggle app hit the Android Market today, heralding the beginning of the service, and bringing hugely useful functionality to enterprise users concerned with keeping their business and personal activities separate.
Amid the turmoil surrounding Carrier IQ, the company's VP of Marketing, Andrew Coward, has come forward in a series of interviews with a few clarifications.
For those not in the loop, the controversy around Carrier IQ is based on developer Trevor Eckhart's findings which indicated that Carrier IQ's software was indeed collecting a vast array of information, and his demonstration showing that said data could be read using a simple command – one that could be executed by any malicious app with access to logcat.
According to a group of computer scientists at North Carolina State University, a vulnerability exists within many Android devices that would allow hackers (or malicious apps) to bypass the permissions request process and tap into audio and location, wipe apps and data, or send unauthorized SMS messages, all without the user knowing.
This news may sound a bit sensational, but the researchers have created and tested a dummy app which effectively demonstrates the exploit:
Among the eight phones tested with the researchers' diagnostic app (Woodpecker), HTC's Evo 4G seemed to be the most vulnerable, able to "leak" eight different capabilities to their dummy app, which was not explicitly granted appropriate permissions by the user.