While Google was quick to patch its services to close the security hole caused by the Heartbleed bug in OpenSSL, the same bug may still be hounding millions of Android devices worldwide. Google patched most of its services last week (including Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine). Recently, the search company also updated the list of patched services to include Google AdWords, DoubleClick, Maps, Maps Engine, Earth, Analytics, and Tag Manager — all of which the company claims to have been patched last week but were “inadvertently left out” of the original list. In the same announcement…
The ubiquity of mobile devices has prompted government agencies to piggyback on corporate efforts to collect our information all in the name of marketing, says security expert Bruce Schneier. Depending on which study you reference, smartphone penetration in the US reportedly ranges from 62 percent to 71 percent, according to analytics firms like comScore and NPD. Regardless of the actual figures, one thing is for sure: smartphones, tablets and wearable devices like smartwatches and smart glasses are gaining ground among consumers. The convenient fact is that these devices offer an unprecedented level of connectedness among users, that we are plugged…
Following this week’s discovery of the serious Heartbleed bug in OpenSSL, mobile security company Lookout released an Android tool that will help users detect the presence of the security vulnerability on their Android devices. The Heartbleed bug allows malicious intruders to exploit a vulnerability in the OpenSSL library, thereby exposing confidential and encrypted data that were normally protected by SSL/TLS encryption. Vulnerability detection Lookout’s detector app can be downloaded for free from the Google Play Store and does nothing else but identify the OpenSSL version being used on the Android device, check for the existence of Heartbleed, and, if it…
Google has announced that it has updated the OpenSSL library on its servers (and we presume revoked the certificate keys) for Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine. The search giant says that Google Chrome and Chrome OS are not affected.
The NSA ran an operation code-named “Shotgiant” which targeted the Chinese telecommunications giant Huawei. One aim of the project was to add back doors to Huawei products. Then, when Huawei sold its equipment to other countries the NSA could easily gain access to their networks and conduct surveillance operations.
Samsung has announced that its new security platform, Samsung KNOX, will support Microsoft’s security minded enterprise software Workplace Join, Windows Intune, Windows Azure and cloud printing of Microsoft Office documents.
The Blackphone, which places “privacy and control directly in the hands of its users”, has been officially announced at MWC 2014 and is now available for pre-order at $629.
Visa and MasterCard are pushing mobile payments using HCE. In Europe it is a natural step from the existing contactless payments systems but in the US it is a big jump from the traditional swipe and sign system currently in use. Here is run down of some of the things you should know about Android, NFC and Host Card Emulation.
A security vulnerability in Android which allows attackers to execute arbitrary code (i.e. their own code) has been tested on Google Glass and found present.
Facebook Engineering has released a new open source encryption library, Conceal, for Android which is designed to encrypt data quickly without using too much system memory or processor power.