Posts tagged with: security
  • by |

    Somewhere during the transition between Android Kit Kat and Lollipop, the Android blogs were awash in the discussion about multiple user accounts for mobile devices. If two (or more) people used the same gadget, they could have their own unique user ID’s and passwords. When logging in, their own customized homescreens and app collections would appear. People seemed really excited about this feature, but now on the cusp of Android N’s consumer facing release, multi-user accounts isn’t something much discussed, especially for phones. This is a metaphor held over from the days of ...

    Share
    Read On
  • by |

    Apple is clearly in the spotlight after the whole iPhone 5c San Bernardino case, and as much as the company fought back and won, the fact that the FBI was able to find purchase a walk around says a lot about the money-driven iOS exploit market. It's clear that it exists, and it does work, so why on earth would Apple make things any easier? Well, here's the thing, iOS 10 beta is confirmed to have launched with an unencrypted kernel, something which is so un like Apple. Not all is lost though as security experts claim that the release does include a security measure that protects Apple's ...

    Share
    Read On
  • by |

    Every so often in a past life of the Pocketnow Weekly Podcast, you might've seen some crazy awkward moments where one of our hosts suddenly dropped out and Google would ask for two-step verification to really make sure that they are who they say they are. Beyond entering your basic credentials, it adds on a secondary, unique factor to your login process. Security comes with inconvenience. Google is cutting down on that inconvenience with a simple prompt. Instead of getting a security key texted to you, your phone will pop up a simple prompt that asks you if you're signing into your ...

    Share
    Read On
  • by |

    In the beta out for iOS 10, there's a change to the platform's operating procedure that may have you scratching your head just a bit. We are closing in on ten years of the whole "Slide to Unlock" paradigm where you would pull a tab across the bottom of the screen to access your home screen or your security measure. Touch ID complicated things with an almost-instant touch-to-sensor unlock. Nowadays on the iOS 10 developer preview, if you pick up your iPhone to check the lockscreen, you're prompted to "Press home to unlock". Furthermore, as BGR points out, if you just place your finger ...

    Share
    Read On
  • by |

    Microsoft is finally going to catch up to the Joneses on the mobile payments frontier with the release of its Wallet 2.0 app for Windows 10 Mobile. There's one big addition that arguably should've been working since 1.0 and that's the ability to Tap to Pay using NFC. Windows Central was able to get an internal build of the app onto a Lumia 950 for trying out the Tap to Pay functionality. As with other mobile payment systems, cards' compatibilities with the system will vary, so it'll be interesting to get a list of those cards. Tap To Pay did work as advertised: the phone will wake from ...

    Share
    Read On
  • by |

    If you're an Android user in a orchard of Apple trees, you may be tired or indifferent to being "the green bubble" of the lot. There's a developer effort firmly in progress called "Pie Message" that hopes to bring the iMessage client over to Android, but it could get overshadowed by a rumored reveal next week at WWDC. According to a source to MacDailyNews, it seems that the company will bring iMessage and its end-to-end communications encryption over to Android. The details of the announcement are still murky as are the keynote preparations, but it is said that the iMessage for Android ...

    Share
    Read On
  • by |

    The microblogging platform is working on damage control after a massive credential leak left about 33 million Twitter accounts' user information out in the open. Michael Coates, Trust & Information Security Officer, stated in a blog post that the company is "confident the information was not obtained from a hack of Twitter's servers." Coates theorizes that the credentials could've been obtained from an amalgamation of data from past breaches of other sites and/or malware that reads browser-stored passwords. The company took action: In each of the recent password disclosures, we ...

    Share
    Read On
  • by |

    Another day, another big passwords leak. LeakedSource, a site that provides users access to possibly compromised records, has received 32,888,300 Twitter account credentials from someone going by "Tessa88@exploit.im". In a sample of 15 users, all of them affirmed that the passwords revealed related to their accounts were theirs. The crack likely didn't occur on Twitter's side, but with malware on the user side that read off passwords saved to browsers — Chrome and Firefox, mainly. Tied email accounts most affected had domains with Mail.ru, Yahoo, Hotmail, Gmail and Yandex. The most ...

    Share
    Read On
  • by |

    Look into your eyes and you may soon see more of Samsung. After launching the Galaxy Tab Iris just a few weeks ago, it looks like another device should be able to scan your iris — and it may be the Note 7. In addition to a passcode or a fingerprint tap, a leaked screenshot from a recent Galaxy device shows an option to use Iris-scanning for security verification. Windows Hello has brought iris scanning to Windows 10 Mobile while one of the few recent iris-scanning smartphones on the Android side only served a limited audience for ZTE. This should bring a new form of security to a mass ...

    Share
    Read On
  • by |

    European football fans, it’s (almost) time to get the highly anticipated show on the road. Unfortunately, instead of worrying about procuring last-minute plane tickets to Paris, booking cheap local accommodation, and somehow finding a way into the UEFA Euro 2016 opening match without paying scalpers an arm and a leg, your primary concern should be steering clear of potential terrorist attacks. Sorry to diminish your excitement, but the threat is real following November 2015 suicide bombings and mass shootings, including near the Stade de France, with tournament security enforced by a ...

    Share
    Read On
  • by |

    The world’s most popular social network (by a landslide) has long stopped being about liking online content and sharing cool stuff with friends. Instant text and voice communication is in fact such an integral part of Facebook’s DNA nowadays that the cross-platform Messenger service is rapidly nearing a billion monthly active users. While these can currently always choose to IM their e-buddies via the Android, iOS and Windows Phone app or the actual FB mobile website, it looks like Mark Zuckerberg & co. intend to soon remove the alternative altogether. Even for basic message ...

    Share
    Read On
  • by |

    You'll soon be able to buy a OnePlus 3 without an invite! Is this the flagship killer you've been waiting for? We finally have confirmation on USA pricing for the Xperia X. Will Sony start supporting North America more consistently? Qualcomm delivers an official statement regarding the TrustZone exploit, but will consumers be able to protect their information if manufacturers have to send updates? These stories and we'll be tackling your questions and comments. Make sure you're charged and ready for episode 203 of the Pocketnow Weekly! Watch the video broadcast from 2:00pm Eastern on June ...

    Share
    Read On
  • by |

    A story slowing gaining a bit more exposure on social media, it seems that an intrepid coder has managed to extract the keys from Qualcomm's TrustZone, the system used to lock bootloaders and encrypt devices powered by Qualcomm chipsets. @laginimaineb, the author of the Bits Please blog, recently announced on twitter extracting the Keymaster Keys from TrustZone. This author recently detailed a vulnerability in Qualcomm's Secure Execution Environment in a previous blog posts. Just managed to extract the Qualcomm KeyMaster keys directly from TrustZone! Writeup coming soon :) (1/2) ...

    Share
    Read On
  • by |

    Digital security company Kaspersky has warned us about many threats. Valid ones, too. Kinda not now. It has posted the 95 Theses against the Church of Charging. First, it attacks third-party chargers. It's true that they've been the cause of explosions, injury and death, especially ones made with the idea of putting 220 volts through a USB port. But even with the charger out of the box, we've seen how badly the phones can handle that juice — though Kaspersky doesn't mention those incidents. And that's just plugging into the grid. The security firm's more concerned about the power you ...

    Share
    Read On
  • by |

    If there's one thing Google can't shame Samsung for, it's the security updates. The company forwarded the May update for the Galaxy Note 4 before the month of April ended. And while we're looking at a limited launch bed for the June update, it's still noteworthy that Samsung has done it again. A subscriber to Spain's Orange got the update early on top of a May 24 build for his Galaxy S7 edge. You're free to head into your settings and refresh for updates. In the "About device" menu, just hit the "Download updates manually" button. No guarantees that you'll get your software before the ...

    Share
    Read On
  • by |

    While it was fairly easy to overlook some of Google’s lower-key I/O 2016 announcements and demos of experimental technologies not yet ready for primetime during the actual jam-packed conference, now that the event is in the past we almost have to talk about things like Project Soli and Abacus. Abacus, as some of you might recall, is the provisional name given to an Android security-modifying initiative that’s both captivating and controversial, getting its first public showing at last year’s I/O, and evolving greatly in the past 12 months. In fact, this “project” is so close to ...

    Share
    Read On
  • by |

    Encryption is a very thorny, controversial issue these days, mostly due to Apple’s lengthy clash with the FBI, but Google couldn’t just sit on the sidelines and leave the newest iteration of Android (dessert name pending) vulnerable to intruders. Instead, Android N picks up file-based rather than block-level encryption, as well as seamless updates downloaded in the background no longer needing approval and bothering you with pesky prompt messages. Essentially, Big G thinks it knows what’s best for your (Nexus) devices, and will work on pushing security patches faster and smoother ...

    Share
    Read On
  • by |

    Eric Kay, Director of Engineering, announced a new messaging app called Allo. It focuses on letting you express yourself in a messaging situation while making it secure and smart with the Google Assistant. You connect with your phone contacts and talk with your friends through texts, lots of custom-made stickers and a little something called "WhisperShout". It's a slider feature that can shrink or grow how your message will appear in the conversation — sorta like how you can hold the Like button to blow up a thumbs up in a Facebook Messenger convo. Google Inbox's Smart Reply feature has ...

    Share
    Read On
  • by |

    It's a little disconcerting that we might be seeing Windows Hello finally working with fingerprint sensors right around the time when Windows 10 Mobile's first product with a fingerprint sensor is scheduled to launch. Of course, Microsoft has had some nastier spills, but when you're talking about a monster the HP Elite x3, you'd wish these things came together a little more in advance. But, according to a presentation at a Windows Hardware Engineering Community (WinHEC) obtained by the /r/windowsphone subreddit, fingerprint reader support is coming for Windows Hello on Windows 10 Mobile ...

    Share
    Read On
  • by |

    When not busy trying to force Apple’s hand to needlessly undermine its own mobile OS encryption and device security, the US government occasionally gets a half-decent idea of actually acting in the service of the people. Case in point, a joint FTC/FCC examination of the way smartphone and tablet manufacturers, as well as wireless operators stateside, look for, identify and ultimately address vulnerabilities in products designed by them or supported on their networks. Though the two independent government agencies are in this together, the Federal Trade Commission aims to “better ...

    Share
    Read On
  • by |

    Chalk another loss up for Apple. And the FBI. Around the same time that the agency ordered the iPhone manufacturer to assist in decrypting an iPhone 5c that belonged to a gunman in the San Bernardino shootings, Los Angeles police were able to source a "forensic cellphone expert" to crack into an iPhone 5s that belonged to the wife of actor Michael Jace. He's accused of murdering her back in May of 2014. In a search warrant obtained and reviewed by The Los Angeles Times, investigators wanted to support their claim that both husband and wife, April, were arguing "about their relationship". ...

    Share
    Read On
  • by |

    We're in the age of big data breaches and we're used to them. Target, T-Mobile and now, a bunch of email accounts. A Russian hacker was said to have been able to rack up the names and credentials of more than 272 million email accounts and would be willing to give it all away to those wanted them for just 50 roubles. That's about $1. Alex Holden, founder and chief information security officer of Hold Security, informed Reuters about the trove. He said that the hacker was prepared to give away a far bigger cache of 1.17 billion credentials. But of the 272 million that Holden was able to ...

    Share
    Read On
  • by |

    The iPhone belonging to a confessed drug dealer in Brooklyn has been cracked into. But it wasn't opened with the zero-day exploit that the FBI purchased supposedly from a gray hat hacker. Someone else just knew the passcode for the iPhone. Prosecutors in the case said that an unidentified person turned in the code. The Justice Department had been requesting for Apple's assistance in opening up the iPhone, running iOS 7, for months. This case pre-dates the San Bernadino debacle that brought the nation face-first into a public debate about privacy, security and encryption. The drug dealer ...

    Share
    Read On
  • by |

    Update: The podcast is up now and will be sent out at 3pm Eastern on Friday. The HTC 10 makes us wonder if any phone can really be perfect. Galaxy Note 6 rumors are building steam. What might we see on Samsung's next phablet? With the flagship phone market maturing, we'll take a look at why people are waiting longer to upgrade their phones? We've been hard at work covering news stories and producing the next generation of phone reviews. We recently started a new series of videos delving deeper into camera performance and phone comparisons, and of course we'll be tackling your questions and ...

    Share
    Read On
  • by |

    For many Android users, 2015 will go down in history as a sad year for the platform’s vulnerability protection, due mostly to a collection of mischievous software bugs known as Stagefright. But that’s all behind us now, and at least according to Google’s second Android security annual report, the remote code execution and privilege escalation troubles may have made the ecosystem stronger than before. Of course, there’s no mention of Stagefright in this latest “overview of new security protections introduced in 2015”, but it can’t be a coincidence the probability of an ...

    Share
    Read On
Mobile Version