Posts Tagged android

Police Can Trick Phones To Connect To Fake Cell Sites, Google/Apple Working To Prevent It

From EFF:

Apple has also finally taken steps to protect users against cell site simulators after being called on to do so by EFF and the broader privacy and security community. Apple announced that in iOS 17, out September 18, iPhones will not connect to insecure 2G mobile towers if they are placed in Lockdown Mode. As the name implies, Lockdown Mode is a setting originally released in iOS 16 that locks down several features for people who are concerned about being attacked by mercenary spyware or other nation state level attacks. This will be a huge step towards protecting iOS users from fake base station attacks, which have been used as a vector to install spyware such as Pegasus

, , , , , , , , , , , , , , ,

No Comments

ISIS Luring Children With Android App

From Fox Business:

, , , ,

No Comments

Google Backtracks on Default Encryption for Devices

From ArsTechnica:

In short, devices are required to support encryption, but it’s still up to OEMs to actually enable it; this is exactly what Google was doing in KitKat and older versions (PDF, see section 9.9). Full-disk encryption is expected to become a requirement in some future Android version, but it remains optional in Lollipop despite Google’s earlier statements.

 

, , , , ,

No Comments

Password Security Compromised On Andriod

From ArsTechnica:

Clark agreed that any Android-based password manager that uses the OS clipboard is susceptible. He strongly recommends that people stop using any app setup that works this way. Many apps use standalone browsers, browser extensions, or software keyboards to enter credentials into login fields. There is no evidence they are susceptible to sniffing. The reason ClipCaster takes special aim at LastPass, Clark said, is simple. It just happened to be the manager he installed on his phone. There are no reports that password managers running on iOS or Windows Phone are vulnerable. But there can be way to know for sure, since Ars is unaware of the any comprehensive study testing the security of managers on those platforms.

 

, , , ,

No Comments

Law Enforcement Upset Over New Smartphone Security

From Bloomberg:

The dispute is the latest flare-up that pits the federal government against the nation’s leading technology companies since National Security Agency contractor Edward Snowden disclosed last year the extent of U.S. snooping on phone and Internet communications — and how companies cooperated.

U.S. Justice Department and FBI officials are trying to understand how the new Apple and Google Android systems work and how the companies could change the encryption to make it accessible when court ordered. Their requests to the companies may include letters, personal appeals or congressional legislation, said a federal law official who requested anonymity to discuss the sensitive issue.

 

, , , , , , , , , , ,

No Comments

Phone Wiping Fails on Android Phones

From CNET.com:

Avast — known for its security software on Windows, Mac, and Android — purchased 20 Android smartphones from eBay, which has around 80,000 used smartphones for sale at any given time. Among the data that Avast employees recovered from the phones were more than 40,000 photos — including 250 nude male selfies — along with 750 emails and text messages, 250 contacts, the identities of four phones’ previous owners, and one completed loan application.

, , , ,

No Comments

How Governments Spy On You

From Wired:

Newly uncovered components of a digital surveillance tool used by more than 60 governments worldwide provide a rare glimpse at the extensive ways law enforcement and intelligence agencies use the tool to surreptitiously record and steal data from mobile phones.

, , , , , , , ,

No Comments

Revolvr Mobile App Announced

Revolver is currently only available for Android devices.

, , ,

No Comments

Andriod Backup Services May Not Be Secure

If you use an Android device you may want to review how you store your settings and passwords.

From the Electronic Frontier Foundation:

If you have a recent Android phone or tablet, chances are you take advantage of a convenient feature to backup your application settings and wireless network passwords. This feature is enabled by default in Android 2.2 and later, and it can make switching to a new device or replacing a lost phone a quicker process. If you haven’t examined all the settings for your phone, you might not know if this setting is enabled.

, , , , , , , , ,

No Comments

Google Approves an App that Steals All Your Data

From: MIT

Google’s automated “Bouncer” for apps, which should prevent harmful mobile software from appearing in the company’s app store, appears to have serious blind spots. The system repeatedly scanned but let pass an app that stealthily steals personal data such as photos and contacts, reported two researchers from computer security company Trustwave at the Black Hat security conference in Las Vegas yesterday.

Nicolas Percoco and Sean Schulte are members of Trustwave’s “ethical hacking” research group, known as SpiderLabs, and they created the app to probe Google’s ability to vet the software uploaded to its app store. The pair said the results shows that Google needs to improve both its app-scanning system and its Android operating system.

, , ,

No Comments

NSA Creates Secure Call System

Technology Review reports that the NSA has devised a system in which phones with the Android software are able to make encrypted phone calls.

Let’s hope that this tech trickles down to the consumer market.

, , , , ,

No Comments