heartbleed logo

While Google was quick to patch its services to close the security hole caused by the Heartbleed bug in OpenSSL, the same bug may still be hounding millions of Android devices worldwide. Google patched most of its services last week (including Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine). Recently, the search company also updated the list of patched services to include Google AdWords, DoubleClick, Maps, Maps Engine, Earth, Analytics, and Tag Manager — all of which the company claims to have been patched last week but were “inadvertently left out” of the original list. In the same announcement…

Crowd using mobile phones

The ubiquity of mobile devices has prompted government agencies to piggyback on corporate efforts to collect our information all in the name of marketing, says security expert Bruce Schneier. Depending on which study you reference, smartphone penetration in the US reportedly ranges from 62 percent to 71 percent, according to analytics firms like comScore and NPD. Regardless of the actual figures, one thing is for sure: smartphones, tablets and wearable devices like smartwatches and smart glasses are gaining ground among consumers. The convenient fact is that these devices offer an unprecedented level of connectedness among users, that we are plugged…

how-to-check-for-heartbleed-lookout-detector-app-0212

Following this week’s discovery of the serious Heartbleed bug in OpenSSL, mobile security company Lookout released an Android tool that will help users detect the presence of the security vulnerability on their Android devices. The Heartbleed bug allows malicious intruders to exploit a vulnerability in the OpenSSL library, thereby exposing confidential and encrypted data that were normally protected by SSL/TLS encryption. Vulnerability detection Lookout’s detector app can be downloaded for free from the Google Play Store and does nothing else but identify the OpenSSL version being used on the Android device, check for the existence of Heartbleed, and, if it…

Google Logo AA

Google has announced that it has updated the OpenSSL library on its servers (and we presume revoked the certificate keys) for Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine. The search giant says that Google Chrome and Chrome OS are not affected.

Huawei booth

The NSA ran an operation code-named “Shotgiant” which targeted the Chinese telecommunications giant Huawei. One aim of the project was to add back doors to Huawei products. Then, when Huawei sold its equipment to other countries the NSA could easily gain access to their networks and conduct surveillance operations.

nfc-mobile-payments

Visa and MasterCard are pushing mobile payments using HCE. In Europe it is a natural step from the existing contactless payments systems but in the US it is a big jump from the traditional swipe and sign system currently in use. Here is run down of some of the things you should know about Android, NFC and Host Card Emulation.