Android Police

Articles Tagged:

security

45

Facebook reportedly stored hundreds of millions of user passwords in plaintext - for years

Today, Krebs on Security has revealed that Facebook was storing between 200 and 600 million Facebook users passwords in plain text, going back to as early as 2012. While Facebook claims to have found no indication that the passwords were abused, an insider speaking to Krebs on Security claims around 2,000 developers made around 9 million queries against the logs, returning data which contained these plain text passwords.

Read More
128

Android Q won't let apps turn Wi-Fi on and off, potentially crippling apps like Tasker

Android is known and loved for the extensive amount of automation and customization that can be achieved through its APIs. One of those is giving apps the ability to turn on and off Wi-Fi without user input. Tasker and IFTTT are major beneficiaries of this capability, but there is always malware that could abuse access to that system feature. To prevent that, Android Q will cut off apps' access to Wi-Fi settings.

Read More
31

Android Q steps up the fight against overlay-based malware

One of the bigger developer-facing changes we've spotted in Android Q is a mild deprecation of the SYSTEM_ALERT_WINDOW permission which controls overlays. (Think Facebook's chat heads or those Pokémon Go stats apps and you should get the idea.) Sideloaded apps on Android Q will see that permission revoked after 30 seconds, Play Store apps on Q will see it revoked on reboot, and the permission is being taken away entirely on the "Go" version of Android Q.

Read More
51

[Update: Gearbest responds] Gearbest reportedly left its main database unsecured, payment information and other customer data easily accessible

Gearbest is a massive online store, primarily specializing in Chinese products. In the Android community, Gearbest is known as one of the easiest ways to purchase devices from Xiaomi and other Chinese brands in the United States. If you've purchased something from Gearbest in the past, you might want to start changing your credit cards the company's main database was found to be completely unsecured.

Read More
21

Rogue adware SimBad found in the Play Store, over 200 affected apps with 150+ million downloads removed

Another day, another security problem. This time, we have what's been dubbed SimBad by the Check Point research team, a rogue adware campaign found to affect over 200 now-removed apps in the Play Store — these apps together accounted for over 150 million downloads. It shows out-of-context ads, exposes users to other malicious apps, and can even open a URL in the browser without the user's consent.

Read More
143

Samsung Galaxy S10 face unlock can be fooled by a photo, video, or even your sister

Samsung's latest Galaxy S10 might be our favorite phone right now, but you might want to be a little bit careful when it comes to setting up lockscreen security on it. Right now, you can fool it with a video of yourself played back on another phone, or even just a photo. In at least one case, even siblings have been able to trick it.

Read More
41

Update your browser right now: Google releases fix for zero-day exploit in Chrome

Another day, another major security hole is found in a widely used piece of software. This time around, a flaw in Chrome's implementation of the FileReader API allowed sites to break out of their sandbox and execute native code. To make matters worse, Google said the exploit was being actively used before the company fixed it.

Read More
23

Android's FIDO2 certification could mean less password-entry for websites and apps

IT Security is an ever-evolving field – or a game of cat-and-mouse, if you'd rather –  with either new or improved standards to make sure we keep our data safe. One of the more recent developments has been the FIDO2 initiative, which promises secure access to websites and applications without the strict need for passwords. And one of the announcements coming out of MWC this year is that Android is now FIDO2-certified.

Read More
13

August Smart Lock drops to $94 ($56 off) on Amazon

Sometimes, I wish that I wouldn't have to get out of bed every night to make doubly sure that I locked the front door. Sometimes, I just wish I could roll over, pick up my phone, and check. Luckily for all of you like me, there are several options for smart locks on the market. And if you're looking for one, Amazon has a great deal on a third-gen August Smart Lock: $94, a very nice $55.99 off the MSRP.

Read More
8

Amazon's deals for Valentine's include the cheap $20 Echo Input, $70 2nd gen Echo, and $100 Spot

Just a few days after Google's "Dump your valentine" discount, Amazon has come up with its own deals, in time for February 14. These offers are more relevant, though, and are worth considering if you're short of gift ideas. Most of the giant's connected home devices are on sale, including Echo speakers and smart displays, Fire TVs, cameras, and even Kindles.

Read More