Posts tagged with: security
  • by |

    NSO Group is the reason why you should probably install iOS 9.3.5. Apple released the update today to address three previously unknown vulnerabilities that were exploited two weeks ago when spyware from the Israel-based organization targeted Ahmed Mansoor, a human rights activist hailing from the United Arab Emirates. "New secrets about torture of Emiratis in state prisons," a text read with a URL that may have represented The Emirates Foundation. Mansoor, who's been hacked by government agencies before, decided to put the message to Citizen Lab, a cybersecurity rights project of the ...

    Share
    Read On
  • by |

    Windows 10 allows for a simple PIN input for user authentication. Google thought it might be a good idea to also allow its Chromebooks to do that, just like its Android phones. Whatever the case, PIN unlock capabilities are now available in the latest developer update under the flag #quick-unlock-pin. According to Chromium evangelist François Beaufort, users will have to reboot, then hit up the Material Design settings to set up a PIN for the lock screen. Developers are still trying working with Android apps on Chromebooks. Source: Google+ Via: Engadget

    Share
    Read On
  • by |

    Lookout Security is relaying some new discussion of a vulnerability in the Linux 3.6 and later kernels. An estimated 80 percent of the Android user base (going all the way to KitKat) or 1.4 billion devices are under the gun of this off-path exploit. In other words, this is not Quadrooter. In a joint presentation at the USENIX Security Symposium, researchers at the Univerity of California, Riverside, and the United States Army Research Labratory were concerned about something called the Global Rate Limit. As the center of the Internet Protocol, TCP isn't really meant to be security-focused. ...

    Share
    Read On
  • by |

    BlackBerry's main stake in the mobile industry is security. If it can't tout the hardware it comes out with as a unique selling point, it's got to be security, security, security. And secure it has for its DTEK50 and Priv phones. The company's first Android smartphones that were vulnerable to the last of the unpatched Qualcomm-based Quadrooter vulnerabilities have been patched. The update can be pulled down from the settings menu and will be sent out to users within the week. It will be available on devices bought new from ShopBlackBerry. Google said that it would deliver a patch of its ...

    Share
    Read On
  • by |

    It's finally time for a new MacBook Pro. Well, almost. First, we have to get through an iPhone 7 event. Sources to Bloomberg state that some new MacBook Pro models — more sleek and yet more shrill — will be on the way in the near future. Rumored features include a secondary touchscreen strip above the keyboard to replace a row of hardware-based function keys, a Touch ID sensor, an OLED screen and a new Polaris graphics chip from AMD. All of this supposedly with macOS Sierra at launch. That launch, though, "likely" won't happen, according to Bloomberg, "at an event currently ...

    Share
    Read On
  • by |

    Google already had three vulnerabilities patched of the four publicized by Check Point Security over the weekend. It had them patched since Android 4.2. That's the conclusion we're getting from Google's statement on the Quadrooter vulnerabilities found in Qualcomm-based Android devices, a device group totaling in the neighborhood of 900 million. A spokesperson wrote to Android Central that: Our Verify Apps and SafetyNet protections help identify, block, and remove applications that exploit vulnerabilities like these. Hit the source link for the full statement. The Verify Apps feature ...

    Share
    Read On
  • by |

    Shortly after security researcher Salvador Mendoza revealed that Samsung Pay authentication tokens could be intercepted and used by fraudsters to make purchases on their victims' dime, Samsung has responded with a blog post and several FAQ answers. First of all, the company addressed the three things that get sent to vendors for each Samsung Pay transaction. The token contains unique, one-time card credentials. It's a surrogate for real card data. A transaction counter that makes sure the token only gets used once and not for multiple purchases. A cryptogram as a verification key to ...

    Share
    Read On
  • by |

    There's more security news in the wake of Def Con 24 and it involves how Samsung Pay handles its mobile payments transactions. One Salvador Mendoza has found a way to steal authentication tokens and use them in a spoofing device to commit fraud. Mendoza details the process in a video: The problem comes down to the tokens, which are created each time someone activates the transaction UI and do not expire until about a day later. These tokens, if collected by a fake reader or something similar, can be used by miscreants to make authentic purchases on the Samsung Pay user's dime. No need ...

    Share
    Read On
  • by |

    Another Def Con convention down and developers have people talking about this year's Stagefright. Security company Check Point is publicizing four major Android vulnerabilities that it is dubbing as a package, "Quadrooter," found in Qualcomm-made chipsets. Snapdragons are estimated to be on about 900 million Android handsets from the Nexus devices to Samsung, HTC to LG, BlackBerry to Blackphone. Any malware presents itself as an app that the user may install, but for the malware to target these four vulnerabilities, it does not have to request for any special permissions. Access through ...

    Share
    Read On
  • by |

    Prospective Galaxy Note 7 buyers are looking at pretty slim pickings when it comes to groundbreaking new technologies and features on the dual-curved phablet, especially compared to the GS7 Edge it more strongly resembles than last year’s Note 5. The S Pen, while arguably smarter and cooler than previous iterations shipped with members of the GNote family, hardly feels innovative at the end of the day. Good thing there’s at least an iris sensor in tow that the S7 Edge and Note 5 lacked, despite “the most secure” biometric authentication system being apparently “over three ...

    Share
    Read On
  • by |

    Samsung's Knox security suite is getting some major add-ons. The company has been incubating its proprietary iris scanning technology for five years. But its applications are many and expedient: Secure Folder can keep certain apps and content away from other users and other people, period. Samsung's internet browser can take in your fingerprint or iris to access sites with your account credentials. Mobile banking security takes the largest step in this announcement with Samsung Pass. It takes eye scans to authenticate transactions at Bank of America, Citi, US Bank, KEB Hana, Shinhan and ...

    Share
    Read On
  • by |

    Lenovo-owned Motorola has dropped its monthly update schedule for its smartphones, favoring a "most efficient" one. When it launched its Moto Z line of handsets last month, a company spokesperson did promise security patches from Android Security Bulletins. Phones "will receive an update shortly after launch with additional patches." The representative did not discuss the frequency of those updates. Fast forward to today and Motorola has responded to Ars Technica's request to address its non-willingness to go monthly as the updates are released. Motorola understands that keeping phones ...

    Share
    Read On
  • by |

    The US, Canada, UK, France, Spain, Italy and the Netherlands are now free to pre-order the DTEK50, BlackBerry's first of two mid-range smartphones for the next year. As rumored, the phone is produced by TCL and is very much similar to the Alcatel Idol 4. We saw a quick hit of specifications earlier today, but we now can bring you some specifics. Here's a full chart: [table] Component,Description Screen size,5.2 inches Resolution,1920 x 1080 Pixel desnity,424 ppi SoC,Qualcomm Snapdragon 617 Type,Octa-core Speed,4 x 1.5GHz / 4 x 1.2GHz GPU,Adreno 405 RAM,3GB Storage,16GB (microSD-expandable ...

    Share
    Read On
  • by |

    Edward Snowden, who's been in exile from the US ever since he published reams of secret NSA documents, has come together with hacker Andrew Huang to design a case for the iPhone 6 that would be able to tell if your device's antennas were off when you actually turn them off. The pair, who have been communicating through Snowden's own messenger app, Signal, showed off the design and discussed the warfare that government wages against journalists in exposing history-changing information at the MIT Media Lab. "One good journalist in the right place at the right time can change history," ...

    Share
    Read On
  • by |

    BlackBerry CEO John Chen took the time at his company's Security Summit this week to once again rip Apple, "the other fruit company" to shreds for defending its encryption against the FBI regarding an iPhone used by a suspect in a mass shooting. "I found that disturbing as a citizen. I think BlackBerry, like any company, should have a basic civil responsibility," Chen said. "If the world is in danger, we should be able to help out." Apple refused to assist the Department of Justice in unlocking Syed Farook's iPhone 5c. He and his wife were the alleged perpetrators of an attack on a San ...

    Share
    Read On
  • by |

    As HP ramps up its export operations for the latest and greatest Windows 10 Mobile phone yet, we're finding out that fans of Microsoft and hunky hardware might have to wait to get their fingerprint fix. As Windows Hello is prepared to support fingerprint-based biometric security, it seems that the manufacturer has jumped the gun a bit by having one on. In an HP QuickSpecs document for the Elite x3, there's an asterisk saying that the fingerprint reader will "not be enabled until OTA coming soon." How soon that will be, we aren't sure. Microsoft is targeting print support for sometime this ...

    Share
    Read On
  • by |

    We aren't too close to a walletless society yet as cash is still king in some territories — like diners right before 5am. But if we're going to need cash at some point in our daily lives, we just might be able to ditch the plastic and use our phones. FIS, a payment technologies company, and Payment Alliance International, the US's largest ATM provider and servicer, have come together to deliver a "Cardless Cash" solution to over 70,000 NYCE network machines across the nation. It comes at a time when more con artists than ever are attaching skimmers to ATM card slots and using near-field ...

    Share
    Read On
  • by |

    Android is a great open source operating platform for mobile, but let's face it: it's not the most secure thing out there. Then again, you want secure? You want BlackPhone's PrivatOS, based off of Android? Be prepared for lockdown. Tinkerer's hell. One or the other. Pick one poison over the other. It's how it has been for a while. But Canada-based Copperhead Security has been trying to seal the deal between security and openness with its own Android-based operating system called — what else? — CopperheadOS. And it's selling modified Nexus 5X and Nexus 6P phones with CopperheadOS on ...

    Share
    Read On
  • by |

    US law enforcement may have inadvertently done the tech industry a favor by fighting Apple so hard on iOS data protection, arousing the consumers’ interest in encryption at previously unprecedented levels. This offered companies like Google and Facebook, in addition to the iPhone makers, great leeway in their efforts to enhance mobile security, and Mark Zuckerberg’s social media giant in particular deserves praise, first for bringing WhatsApp up to Signal standards, and today initiating Messenger’s own “Secret Conversations” rollout. For now, only a tiny fraction of the IM ...

    Share
    Read On
  • by |

    The second iOS 10 beta for developers is out and people have been digging up little changes from feature recalls, new icons and plenty of options. 3D Touch options have been revised in the Control Center. Your organ donation preference is available to toggle in the Health app. Oh, and we have a new home button action: you can now rest your finger to unlock your device. It's a convenience measure that takes away the enforced extra tap of the home button to get away from the lock screen in the first developer beta. It also feels like a better obviation of the whole "slide to unlock" ...

    Share
    Read On
  • by |

    Somewhere during the transition between Android Kit Kat and Lollipop, the Android blogs were awash in the discussion about multiple user accounts for mobile devices. If two (or more) people used the same gadget, they could have their own unique user ID’s and passwords. When logging in, their own customized homescreens and app collections would appear. People seemed really excited about this feature, but now on the cusp of Android N’s consumer facing release, multi-user accounts isn’t something much discussed, especially for phones. This is a metaphor held over from the days of ...

    Share
    Read On
  • by |

    Apple is clearly in the spotlight after the whole iPhone 5c San Bernardino case, and as much as the company fought back and won, the fact that the FBI was able to find purchase a walk around says a lot about the money-driven iOS exploit market. It's clear that it exists, and it does work, so why on earth would Apple make things any easier? Well, here's the thing, iOS 10 beta is confirmed to have launched with an unencrypted kernel, something which is so un like Apple. Not all is lost though as security experts claim that the release does include a security measure that protects Apple's ...

    Share
    Read On
  • by |

    Every so often in a past life of the Pocketnow Weekly Podcast, you might've seen some crazy awkward moments where one of our hosts suddenly dropped out and Google would ask for two-step verification to really make sure that they are who they say they are. Beyond entering your basic credentials, it adds on a secondary, unique factor to your login process. Security comes with inconvenience. Google is cutting down on that inconvenience with a simple prompt. Instead of getting a security key texted to you, your phone will pop up a simple prompt that asks you if you're signing into your ...

    Share
    Read On
  • by |

    In the beta out for iOS 10, there's a change to the platform's operating procedure that may have you scratching your head just a bit. We are closing in on ten years of the whole "Slide to Unlock" paradigm where you would pull a tab across the bottom of the screen to access your home screen or your security measure. Touch ID complicated things with an almost-instant touch-to-sensor unlock. Nowadays on the iOS 10 developer preview, if you pick up your iPhone to check the lockscreen, you're prompted to "Press home to unlock". Furthermore, as BGR points out, if you just place your finger ...

    Share
    Read On
  • by |

    Microsoft is finally going to catch up to the Joneses on the mobile payments frontier with the release of its Wallet 2.0 app for Windows 10 Mobile. There's one big addition that arguably should've been working since 1.0 and that's the ability to Tap to Pay using NFC. Windows Central was able to get an internal build of the app onto a Lumia 950 for trying out the Tap to Pay functionality. As with other mobile payment systems, cards' compatibilities with the system will vary, so it'll be interesting to get a list of those cards. Tap To Pay did work as advertised: the phone will wake from ...

    Share
    Read On
Mobile Version