At the heart of every smartphone there is a baseband processor which contains a general purpose ARM processor and runs its own operating system. These operating systems are closed source and vulnerable to hackers.
One of the new security features in Android 4.4 KitKat is verified boot which is designed to detect persistent rootkits that can hold onto root privileges and compromise a device’s security. However it as a side effect, it could stop the installation of custom ROMs.
Are biometrics a valid way to perform authentication? One response is that the use of biometric information for security is dubious at best because once your biometric data has been compromised you can’t change it, ever!
A recently published paper by the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) has outlined the security concerns the two government agencies have about the use of Android by emergency service personnel including the police and the fire department.
Google has started encrypting the all the data written to disk via its Google Cloud Storage service, however the keys are automatically managed by Google making it irrelevant if Google was forced by law to hand of the data and keys,
Android 4.3 Jelly Bean includes a variety of internal changes that make it more difficult for hackers (and the NSA) to exploit security vulnerabilities. Plus Google is rolling out its find-my-phone service and has added a malware scanner to the Google Play Services.
Don’t trust the government? Google might have a solution for you. The search giant is reportedly experimenting with server-side file encryption for Drive.
The developers behind CyanogenMod, bless their hearts, have committed code to prevent exploitation of a second, recently discovered “master key” security bug.
With the help of a number of software researchers, the details of the Android exploit Bluebox reported earlier this week have been uncovered.
In light of the PRISM scandal, we know that Big Brother is watching, and our connected nature makes it easy to spy upon us. How much should we be willing to spend to protect our privacy?