Android Police

Articles Tagged:

security

4

Samsung leaked SmartThings source code and keys used to sign mobile apps

In amidst the Google-y goodness that is the yearly I/O conference, Samsung had to go and try to steal some of the spotlight. You might be wondering how, exactly, the electronics giant is going about this. TechCrunch broke the news this morning that a development lab within the company has actually been leaking important information like the SmartThings source code and app signing keys.

Read More
107

Google will entirely kill the overlay permission in a future Android release

You might remember when Google announced it was cracking down on overlay permissions in Android Q, which have been responsible for plenty of security-related headaches for both users and Google's developers. It turns out, that may just have been the start, as Google revealed yesterday that it is planning on fully deprecating that permission in a future Android release, replacing it entirely with Q's new bubbles-style notifications.

Read More
8

Nest announces new privacy commitments, option to migrate to Google account for added security (Updated)

Nest's business model involves sticking internet-connected HD cameras in people's homes, so naturally, security is essential. Nest has announced a new commitment to privacy and security. Nest promises to be more open about what it does with your data, and you'll have the option of migrating to a Google account.

Read More
7

Google Play Protect now scans more apps every day than there are people on Earth

Google Play Protect is just about two years old, as it was introduced at I/O 2017. The tool scans all applications installed on your phone for identified malware— whether they are from the Play Store or from a sideloaded APK. At Google I/O 2019, it was revealed that Play Protect now scans 50 billion applications each day.

Read More
41

New 'inception bar' phishing method spoofs Chrome's address bar when you scroll

A new type of potential phishing attack has been discovered by developer James Fisher. Called the "inception bar" by its creator. The attack allows for a site to spoof a URL in the mobile version of Chrome when scrolling, subsequently locking them into a false UI. In fact, the site detailing this newly-discovered flaw makes use of it, appearing to show an HSBC URL.

Read More
28

HMD Global investigating easily-fooled Nokia 9 fingerprint sensors

Owners of the Nokia 9 PureView have had a rough go with the in-display fingerprint sensor they've bought their phones — our Ryan Whitwam was not impressed with the fussing around and finger-jambing he had to do in order to achieve authentication. A software update last week was supposed to loosen up and get the sensor working as it should. But manufacturer HMD Global is now investigating a complaint saying that the phone is too loose, producing false positives from unknown fingers and even a packet of gum.

Read More
42

Don't panic: Emails about Samsung Email accessing your Gmail are legit, Samsung is working on a fix

If you own a Samsung phone, you may have been confused by an email Google sent out today regarding the Samsung Email app. Users were told that the app, submitted by an "unverified developer," was granted access to their Google account and was authorized to "read, compose, send, and permanently delete" any message within their Gmail account. The good news is that Samsung is aware of the issue: it is advising its customers to not act on the alert.

Read More
50

Fake Google Wallet is being granted access to Google Accounts

Back in January, Google simplified its payment offering by merging Android Pay and Google Wallet into Google Pay. The new appellation made it simpler for users to manage their payments, thanks to a unified platform allowing them to pay with their phone, but also online using their browser. Despite this move, the defunct service seems to be coming back to life, in a rather intriguing manner. Indeed, several users have reported receiving notifications mentioning Google Wallet was granted access to their Google account.

Read More
21

Google is rolling out a new 2-step verification screen and expanded Bluetooth security key support

The internet is a rough-and-tumble place, full of sketchy characters who would love to dig through your online accounts. The best way to prevent that is with 2-step verification (also called 2-factor authentication), and Google is making it easier to use that on Google G Suite accounts. The browser UI is getting an update, and support for Bluetooth security keys is expanding.

Read More
45

Facebook reportedly stored hundreds of millions of user passwords in plaintext - for years

Today, Krebs on Security has revealed that Facebook was storing between 200 and 600 million Facebook users passwords in plain text, going back to as early as 2012. While Facebook claims to have found no indication that the passwords were abused, an insider speaking to Krebs on Security claims around 2,000 developers made around 9 million queries against the logs, returning data which contained these plain text passwords.

Read More