Because of Android’s “Back up my data” service, Google knows the passwords to all the Wi-Fi networks you access and the NSA can get at that data too. The simplest option right now is to de-activate the service, but how many users will bother?
Google has started encrypting the all the data written to disk via its Google Cloud Storage service, however the keys are automatically managed by Google making it irrelevant if Google was forced by law to hand of the data and keys,
Android 4.3 Jelly Bean includes a variety of internal changes that make it more difficult for hackers (and the NSA) to exploit security vulnerabilities. Plus Google is rolling out its find-my-phone service and has added a malware scanner to the Google Play Services.
The app will take pictures from your mobile device, automatically, and send them to the NSA twitter account. That’s right, all you have to do is download the app and you’re on your way to being a helpful citizen.
Don’t trust the government? Google might have a solution for you. The search giant is reportedly experimenting with server-side file encryption for Drive.
Ricardo Cerqueira has teased a new CyanogenMod build integrated with the SELinux kernel modification, for improved security.
Android contains code written by the NSA, but there’s nothing nefarious about it. NSA’s code contributions are publicly accessible, which makes it hard, if not impossible, to insert a covert vulnerability.
It’s scary to us that the NSA wants phone records. Our natural reaction is to assume they are spying on innocent citizens, or otherwise want the information for nefarious purposes. They might. But is there more to it than that?