Android Police

Security

...

Google's reCAPTCHA v3 stops bots without interrupting users

It's a vital tool for stopping bots from spamming websites, but reCAPTCHA can also be a pain in the neck for users. Over the years, it's been simplified and made less conspicuous for innocent humans, to the point where it should be invisible for most. The reCAPTCHA v3 API is now out of beta and ready to be deployed.

Read More
...

Google makes good on its promise and mandates 2 years of security updates for Android OEMs

At Google I/O back in May, the company pledged to work with manufacturers of Android phones to ensure more regular security patches. It's now come to light that Google is mandating at least two years of security updates on Android phones, and enforcing this by writing it directly into OEM contracts.

Read More
...

Google explains how the new Titan M chip makes the Pixel 3 more secure

Google touched on the new Titan M security chip at last week's Pixel unveiling, but hardware czar Rick Osterloh was vague on the details. Now, Google has provided more information about what this new piece of silicon is doing inside the Pixel 3. Not only does it make your lockscreen harder to bypass, it makes the phone's firmware nigh unhackable with so-called "side-channel" attacks like Meltdown and Spectre.

Read More
...

Android Pie cloud backups now encrypted with user's lock screen password

Google automatically backs up some of your phone's data, like SMS messages (Nexus/Pixel only) and call history, to the cloud. That way, if you need to wipe your device or it gets lost/stolen, you're not completely out of luck. Android Pie includes changes to how these backups are stored, so not even Google can read your data.

Read More
...

Google aims to create 'closed loop' for user data with new Titan Security mobile chip

Following a day of bad press regarding an undisclosed security vulnerability, Google pushed the message of strong security during its October 9th hardware reveal event. Among the announcements: the Mountain View-based tech giant has developed a dedicated chip for its mobile devices that integrates Titan Security, the system it built for Google data centers.

Read More
...

Google is putting Google+ out of its misery following data exposure

Google is shutting down the consumer version of its Google+ social network following the discovery of a vulnerability that allowed app developers access to private profile information. While found and patched in March 2018, it was not disclosed until today. According to an internal memo viewed by the Wall Street Journal, Google feared disclosing the issue would be detrimental to its reputation and draw unwanted regulatory attention.

Read More
...

[Update x2: Denials issued] Chinese government snuck secret surveillance chip into servers at Apple, Amazon, and dozens more according to report

Take this with the proverbial grain of salt, but Bloomberg has published a detailed investigative report today alleging that a list of U.S. Companies, including Amazon and Apple, suffered a security intrusion via hardware infiltration. This isn't a hack in the software sense, it's a result of literal physical modification to server motherboards at the time of manufacturing by subcontractors in China, allegedly coerced by operatives working for the Chinese People’s Liberation Army — making this a potentially state-backed attack.

Read More
...

Sikur launches new encrypted phones, this time using Sony hardware

It’s been quite a while since we’ve heard the Sikur name, with the security-focused company last seen in February promoting its “hack proof” SIKURPhone. The company had 20,000 units available for pre-order, but they weren’t scheduled to ship until August. Like all its phones, the device essentially amounted to a very secure messenger and cryptocurrency wallet with few third-party apps. 

Now Sikur is back, this time with Sony-branded hardware. The SIKURPhone XZ1 and the XA2 run SikurOS, which is a beefed up version of Android. Additional security is obviously the main selling point here, with Sikur advertising it as “the safest digital wallet on the market,” but the company can now can boast about the hardware design too.

Read More
...

Yubico launches new YubiKey 5 Series 2FA keys, supports passwordless FIDO2 and NFC

Yubico, one of the more well-known names in two-factor hardware security keys, has just revealed its new YubiKey 5 Series: four new keys that all support FIDO2, and a big USB-A model that does NFC. The new keys look almost exactly like their counterparts in the old YubiKey 4 Series, with the same durable designs for both USB-A and USB-C keys.

Read More
Page 1 of 41234