Over at Google Code a new application has shed its covert cover and made its way into the lime light. Secrets For Android is a new way to store and manage sensitive information such as password, social security numbers and, well, secrets. Apart from offering Android users all of the above, the application servers another function too; all of the source code is available on the Apache 2.0 licence, so you can examine the code yourself, or modify it to your needs. Specifically, the source code illustrates how “applications can perform file I/O, use the crypto APIs, and do some…

ReadWriteWeb’s Sarah Perez points out a Forbes story about a security hole in the Android OS platform that is so severe, multiple security experts are claiming that the Android web browser had best be avoided until a fix is sent out to users. A fix that, Sarah Perez claims, has been available for some time, sitting in Google’s source tree repository since February 7th. According to the original Forbes piece, the security flaw is supposedly found in code that Packet Video contributed to the Android project’s web browser.  The flaw would allow a malicious website and hacker to take over…

Mocana, one of the top 100 privately-held technology companies in North America, have released NanoPhone suite for the Android. NanoPhone is the “most comprehensive open standards-based security suite for developers building to the Open Handset Alliance’s Android specifications”. In short, this product tightens Androids loose skin, especially in and around the area of Internet connectivity. A secure browser and malware/virus protection are just two of the features included in the suite for Android. However, perhaps the most important aspect of the product (especially for enterprise consumers) is the inclusion of a VPN client. Mocana state that Android has lacked a…

Apparently, a bunch of users at Android Community are experiencing a hack that redirects them from the Yahoo! homepage to a site that sells anti-virus software.  Are you experiencing this as well?  Leave a comment below! One of the main concerns of Android being open-source is the security.  In the future, we hope that Google will be able to identify and deal with these issues before these exploits become widespread and cause any real damage. [via Android Community]

A team of security researchers that includes former NSA computer security specialist Charles A. Miller have found a flaw in the Android platform’s Webkit based web browser. The security flaw would allow a malicious website to install an application within the browser that could do things such as monitor keyboard input for login IDs and passwords when the user visits other websites. Google was quick to point out that all applications in Android operate inside a security sandbox that keeps a breach in one app from providing access to other parts of the phone. As such, the browser flaw could…