Posts tagged with: security
  • by |

    The task of rooting an Android device has grown tall recently and with Android Nougat, there are now several roadblocks in the way that would prevent developers from getting in to root the upcoming Pixel phones — built on Nougat from the ground up — with ease. The first block is a kernel feature in Nougat called "device-mapper-verity" that checks the /system directory of the device while it is booting to see if all the files that should be there are there and in the way they're supposed to be there. If a single change has been made, your device will not boot. This takes any one-stop ...

    Share
    Read On
  • by |

    Yahoo has announced that "a state-sponsored actor" has gotten hold of a copy of US account details including password hashes, — machine-scrambled passwords that are sent and exclusively accepted by receiving servers — unencrypted and encrypted security questions and answers and vital specs like names, email addresses, phone numbers and dates of birth. The data dates back to late 2014. As of this point, it seems that no unhashed passwords were obtained as well as payment or bank account information. Users are being notified and urged to be vigilant for suspicious emails asking for ...

    Share
    Read On
  • by |

    Chinese manufacturer ZTE has been listening to reviewers and the community about their concerns for the Axon 7 and its second response in the form of a software update has been published is being sent out over the air right now. Among the major updates in this build B27 include easing up on the fingerprint sensing, some battery optimizations, a new "fast battery drain" notification and the September 1 security patch level for Android, thus filling in the last Quadrooter vulnerability. Camera tweaks (specifically on the focus) and group texting have also made the cut. The biggest change ...

    Share
    Read On
  • by |

    The highest-profile battle over privacy and technology has not ended. In fact, it may have only just begun with a lawsuit filed by three news organizations against the FBI. You may recall that the agency wanted Apple to decrypt an iPhone 5c in the possession of Syed Rizwan Farook, one of the perpetrators of a mass shooting in San Bernardino, California, that killed 14 people and wounded 24 others. Farook and co-perpetrator, wife Tashfeen Malik, were killed shortly after their attack. The FBI claimed it wanted to obtain sensitive documents from the phone that might have helped Farook plan ...

    Share
    Read On
  • by |

    Right now, you can open up a Chromebook and the only way you can get access to what's inside it is to put in the password of the owner's Google account. But what if your password changes often? Maybe Chromebooks are a thing at your security-strung company? Well, maybe a PIN option won't be enough. But a fingerprint sensor might be. Chromium Unboxed picked up a baseboard in the Chromium repositories featuring work with a fingerprint sensor: CHROMIUM: arm64: dts: rockchip: specify interrupt line for fingerprint This sets up interrupt line used by the fingerprint sensor on Gru. Note that ...

    Share
    Read On
  • by |

    NSO Group is the reason why you should probably install iOS 9.3.5. Apple released the update today to address three previously unknown vulnerabilities that were exploited two weeks ago when spyware from the Israel-based organization targeted Ahmed Mansoor, a human rights activist hailing from the United Arab Emirates. "New secrets about torture of Emiratis in state prisons," a text read with a URL that may have represented The Emirates Foundation. Mansoor, who's been hacked by government agencies before, decided to put the message to Citizen Lab, a cybersecurity rights project of the ...

    Share
    Read On
  • by |

    Windows 10 allows for a simple PIN input for user authentication. Google thought it might be a good idea to also allow its Chromebooks to do that, just like its Android phones. Whatever the case, PIN unlock capabilities are now available in the latest developer update under the flag #quick-unlock-pin. According to Chromium evangelist François Beaufort, users will have to reboot, then hit up the Material Design settings to set up a PIN for the lock screen. Developers are still trying working with Android apps on Chromebooks. Source: Google+ Via: Engadget

    Share
    Read On
  • by |

    Lookout Security is relaying some new discussion of a vulnerability in the Linux 3.6 and later kernels. An estimated 80 percent of the Android user base (going all the way to KitKat) or 1.4 billion devices are under the gun of this off-path exploit. In other words, this is not Quadrooter. In a joint presentation at the USENIX Security Symposium, researchers at the Univerity of California, Riverside, and the United States Army Research Labratory were concerned about something called the Global Rate Limit. As the center of the Internet Protocol, TCP isn't really meant to be security-focused. ...

    Share
    Read On
  • by |

    BlackBerry's main stake in the mobile industry is security. If it can't tout the hardware it comes out with as a unique selling point, it's got to be security, security, security. And secure it has for its DTEK50 and Priv phones. The company's first Android smartphones that were vulnerable to the last of the unpatched Qualcomm-based Quadrooter vulnerabilities have been patched. The update can be pulled down from the settings menu and will be sent out to users within the week. It will be available on devices bought new from ShopBlackBerry. Google said that it would deliver a patch of its ...

    Share
    Read On
  • by |

    It's finally time for a new MacBook Pro. Well, almost. First, we have to get through an iPhone 7 event. Sources to Bloomberg state that some new MacBook Pro models — more sleek and yet more shrill — will be on the way in the near future. Rumored features include a secondary touchscreen strip above the keyboard to replace a row of hardware-based function keys, a Touch ID sensor, an OLED screen and a new Polaris graphics chip from AMD. All of this supposedly with macOS Sierra at launch. That launch, though, "likely" won't happen, according to Bloomberg, "at an event currently ...

    Share
    Read On
  • by |

    Google already had three vulnerabilities patched of the four publicized by Check Point Security over the weekend. It had them patched since Android 4.2. That's the conclusion we're getting from Google's statement on the Quadrooter vulnerabilities found in Qualcomm-based Android devices, a device group totaling in the neighborhood of 900 million. A spokesperson wrote to Android Central that: Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these. Hit the source link for the full statement. The Verify Apps feature ...

    Share
    Read On
  • by |

    Shortly after security researcher Salvador Mendoza revealed that Samsung Pay authentication tokens could be intercepted and used by fraudsters to make purchases on their victims' dime, Samsung has responded with a blog post and several FAQ answers. First of all, the company addressed the three things that get sent to vendors for each Samsung Pay transaction. The token contains unique, one-time card credentials. It's a surrogate for real card data. A transaction counter that makes sure the token only gets used once and not for multiple purchases. A cryptogram as a verification key to ...

    Share
    Read On
  • by |

    There's more security news in the wake of Def Con 24 and it involves how Samsung Pay handles its mobile payments transactions. One Salvador Mendoza has found a way to steal authentication tokens and use them in a spoofing device to commit fraud. Mendoza details the process in a video: The problem comes down to the tokens, which are created each time someone activates the transaction UI and do not expire until about a day later. These tokens, if collected by a fake reader or something similar, can be used by miscreants to make authentic purchases on the Samsung Pay user's dime. No need ...

    Share
    Read On
  • by |

    Another Def Con convention down and developers have people talking about this year's Stagefright. Security company Check Point is publicizing four major Android vulnerabilities that it is dubbing as a package, "Quadrooter," found in Qualcomm-made chipsets. Snapdragons are estimated to be on about 900 million Android handsets from the Nexus devices to Samsung, HTC to LG, BlackBerry to Blackphone. Any malware presents itself as an app that the user may install, but for the malware to target these four vulnerabilities, it does not have to request for any special permissions. Access through ...

    Share
    Read On
  • by |

    Prospective Galaxy Note 7 buyers are looking at pretty slim pickings when it comes to groundbreaking new technologies and features on the dual-curved phablet, especially compared to the GS7 Edge it more strongly resembles than last year’s Note 5. The S Pen, while arguably smarter and cooler than previous iterations shipped with members of the GNote family, hardly feels innovative at the end of the day. Good thing there’s at least an iris sensor in tow that the S7 Edge and Note 5 lacked, despite “the most secure” biometric authentication system being apparently “over three ...

    Share
    Read On
  • by |

    Samsung's Knox security suite is getting some major add-ons. The company has been incubating its proprietary iris scanning technology for five years. But its applications are many and expedient: Secure Folder can keep certain apps and content away from other users and other people, period. Samsung's internet browser can take in your fingerprint or iris to access sites with your account credentials. Mobile banking security takes the largest step in this announcement with Samsung Pass. It takes eye scans to authenticate transactions at Bank of America, Citi, US Bank, KEB Hana, Shinhan and ...

    Share
    Read On
  • by |

    Lenovo-owned Motorola has dropped its monthly update schedule for its smartphones, favoring a "most efficient" one. When it launched its Moto Z line of handsets last month, a company spokesperson did promise security patches from Android Security Bulletins. Phones "will receive an update shortly after launch with additional patches." The representative did not discuss the frequency of those updates. Fast forward to today and Motorola has responded to Ars Technica's request to address its non-willingness to go monthly as the updates are released. Motorola understands that keeping phones ...

    Share
    Read On
  • by |

    The US, Canada, UK, France, Spain, Italy and the Netherlands are now free to pre-order the DTEK50, BlackBerry's first of two mid-range smartphones for the next year. As rumored, the phone is produced by TCL and is very much similar to the Alcatel Idol 4. We saw a quick hit of specifications earlier today, but we now can bring you some specifics. Here's a full chart: [table] Component,Description Screen size,5.2 inches Resolution,1920 x 1080 Pixel desnity,424 ppi SoC,Qualcomm Snapdragon 617 Type,Octa-core Speed,4 x 1.5GHz / 4 x 1.2GHz GPU,Adreno 405 RAM,3GB Storage,16GB (microSD-expandable ...

    Share
    Read On
  • by |

    Edward Snowden, who's been in exile from the US ever since he published reams of secret NSA documents, has come together with hacker Andrew Huang to design a case for the iPhone 6 that would be able to tell if your device's antennas were off when you actually turn them off. The pair, who have been communicating through Snowden's own messenger app, Signal, showed off the design and discussed the warfare that government wages against journalists in exposing history-changing information at the MIT Media Lab. "One good journalist in the right place at the right time can change history," ...

    Share
    Read On
  • by |

    BlackBerry CEO John Chen took the time at his company's Security Summit this week to once again rip Apple, "the other fruit company" to shreds for defending its encryption against the FBI regarding an iPhone used by a suspect in a mass shooting. "I found that disturbing as a citizen. I think BlackBerry, like any company, should have a basic civil responsibility," Chen said. "If the world is in danger, we should be able to help out." Apple refused to assist the Department of Justice in unlocking Syed Farook's iPhone 5c. He and his wife were the alleged perpetrators of an attack on a San ...

    Share
    Read On
  • by |

    As HP ramps up its export operations for the latest and greatest Windows 10 Mobile phone yet, we're finding out that fans of Microsoft and hunky hardware might have to wait to get their fingerprint fix. As Windows Hello is prepared to support fingerprint-based biometric security, it seems that the manufacturer has jumped the gun a bit by having one on. In an HP QuickSpecs document for the Elite x3, there's an asterisk saying that the fingerprint reader will "not be enabled until OTA coming soon." How soon that will be, we aren't sure. Microsoft is targeting print support for sometime this ...

    Share
    Read On
  • by |

    We aren't too close to a walletless society yet as cash is still king in some territories — like diners right before 5am. But if we're going to need cash at some point in our daily lives, we just might be able to ditch the plastic and use our phones. FIS, a payment technologies company, and Payment Alliance International, the US's largest ATM provider and servicer, have come together to deliver a "Cardless Cash" solution to over 70,000 NYCE network machines across the nation. It comes at a time when more con artists than ever are attaching skimmers to ATM card slots and using near-field ...

    Share
    Read On
  • by |

    Android is a great open source operating platform for mobile, but let's face it: it's not the most secure thing out there. Then again, you want secure? You want BlackPhone's PrivatOS, based off of Android? Be prepared for lockdown. Tinkerer's hell. One or the other. Pick one poison over the other. It's how it has been for a while. But Canada-based Copperhead Security has been trying to seal the deal between security and openness with its own Android-based operating system called — what else? — CopperheadOS. And it's selling modified Nexus 5X and Nexus 6P phones with CopperheadOS on ...

    Share
    Read On
  • by |

    US law enforcement may have inadvertently done the tech industry a favor by fighting Apple so hard on iOS data protection, arousing the consumers’ interest in encryption at previously unprecedented levels. This offered companies like Google and Facebook, in addition to the iPhone makers, great leeway in their efforts to enhance mobile security, and Mark Zuckerberg’s social media giant in particular deserves praise, first for bringing WhatsApp up to Signal standards, and today initiating Messenger’s own “Secret Conversations” rollout. For now, only a tiny fraction of the IM ...

    Share
    Read On
  • by |

    The second iOS 10 beta for developers is out and people have been digging up little changes from feature recalls, new icons and plenty of options. 3D Touch options have been revised in the Control Center. Your organ donation preference is available to toggle in the Health app. Oh, and we have a new home button action: you can now rest your finger to unlock your device. It's a convenience measure that takes away the enforced extra tap of the home button to get away from the lock screen in the first developer beta. It also feels like a better obviation of the whole "slide to unlock" ...

    Share
    Read On
Mobile Version