Android Thoughts - Opinions, News, Advice & Reviews on Android Devices

Subscribe to Us Using RSS - Really Simple, Really Awesome


Apple Thoughts

Loading feed...

Laptop Thoughts

Loading feed...

Digital Home Thoughts

Loading feed...





All posts tagged "security"


Tuesday, July 17, 2012

Google Improves Android Security with Jelly Bean

Posted by Craig Horlacher in "Android News" @ 09:30 AM

http://arstechnica.com/security/201...ard-to-exploit/

"In an analysis published Monday, security researcher Jon Oberheide said Android version 4.1, aka Jelly Bean, is the first version of the Google-developed OS to properly implement a protection known as address space layout randomization."

Diagram showing attacker overwriting a return address with a pointer to the stack that contains attacker-supplied dataWikipedia

It's great to know that Google is taking mobile security seriously and working to improve it. This sounds like a large step in the right direction. I was also surprised this was the first I had heard of this change being in Android 4.1, Jelly Bean. Another feature new in Jelly Bean I heard of recently is a "Safe Mode" to make sure a problem you're having is not app related.

What's your favorite new feature in Jelly Bean?


Monday, February 6, 2012

Google Talks About Android App Security

Posted by Craig Horlacher in "Android Talk" @ 11:30 AM

http://googlemobile.blogspot.com/20...d-security.html

"The last year has been a phenomenal one for the Android ecosystem. Device activations grew 250% year-on-year, and the total number of app downloads from Android Market topped 11 billion. As the platform continues to grow, we’re focused on bringing you the best new features and innovations - including in security."

I've never had a problem with a bad app doing serious damage. The worst problem I had was an app that was giving me advertisements as notifications. It wasn't hard to find the app and after I removed it the notifications stopped. This blog post explains some of the safeguards that are in place to protect your Android phone. One thing they highlight is the "Bouncer" service that Google developed to scan the Android Market and look for bad apps. It's good to know that however bad this problem is on Android Google is taking it seriously.

Have you ever had a problem on your Android device caused by a virus or malware?


Friday, October 28, 2011

Forget Your Android Passcode? LifeHacker has some great tips for you!

Posted by Craig Horlacher in "Windows Phone Talk" @ 10:00 AM

http://lifehacker.com/5852941/what-...phones-passcode

"Whether you made a mistake when setting it or you've been mind-wiped by aliens sometimes you just can't remember the PIN number or unlock pattern for your phone. Here are your options for getting back into your device."

LifeHacker has great tips that anyone who uses a lock code in Android may find helpful. I can be a little forgetful sometimes. I need to be careful when I create or change a password. If I don't use it enough, or use it again soon enough, I can easily forget it.


Tuesday, October 4, 2011

DroidSheep is a Good Reminder to Browse Safely

Posted by Craig Horlacher in "Android Software" @ 11:00 AM

http://lifehacker.com/5844632/droid...android-devices

"...people running DroidSheep can use victims' accounts, gaining access to sites that don't use a secured and encrypted SSL connection..."

DroidSheep is a freely available app that allows you to steal session information for web sites that are not well secured. Using DroidSheep you can make your phone look like the network router so all external network requests pass through it. DroidSheep will then identify different web sessions and show you which ones are most likely to be exploitable. You can check out the source link to see a video of how it works.

This app makes stealing information look easy. Keep that in mind the next time you enter sensitive information on a web site. Make sure your session is encrypted. You can look for the "HTTPS" at the beginning of a URL to make sure at least basic security is in place. Most browsers also have an indicator that will let you know when a connection is secure. Google actually removed DroidSheep from the Android Market but it's still available on the developers web site. If you use it, you're responsible for your actions.


Tuesday, June 14, 2011

Save Time While Staying Secure with Delayed Lock

Posted by Craig Horlacher in "Android Software" @ 04:00 AM

http://lifehacker.com/5810818/delay...tly-re+enter-it

"Adding a PIN, password, or pattern to your phone's lock screen can be great for security, but really annoying if you unlock your phone frequently. Delayed Lock turns off your pattern for a few minutes, so you don't have to swipe it every time you check your phone."

This app could be a great little time saver. If you use a secure lock screen and find it annoying when you need to unlock often you should really check out Delayed Lock by J4velin. It is very configurable and will let you set an amount of time that it will wait after the screen is locked before requiring your password or pattern to be entered. It has other options too, even letting you delay the password/pattern based on your location. Their is a free trial available but the full version is only $1.45. If you have an HTC device with Sense you already have some of its features. It apparently has a check box for you if you have Sense so it can extend your built in features. If this app helps you please let us know!


Sunday, June 5, 2011

Using 2-step Verification and Application Specific Passwords to Protect Your Gmail Accounts

Posted by Nelson Ocampo in "Windows Phone Talk" @ 10:00 PM

http://www.wpcentral.com/applicatio...rts+(wpcentral)

"Security is always a cause for concern, whether it be with online banking or simply ordering a Domino's pizza. Passwords used online for applications or services are no different, especially with the amount of cyber crime occuring since the boom of the world wide web. Google have published an article on their blog outlining recent attacks being made on Gmail accounts and how users can protect themselves further."

While the video only mentions a few mobile OS's by name, you should also be able to use this on other OS's like Windows Phone. You just won't have the ability to use the Google Authenticator App at this time.


Thursday, April 21, 2011

How Safe is Your Data With Android?

Posted by Kevin Jackson in "Android Talk" @ 11:00 AM

http://lifehacker.com/#!5791977/wha...hout-encryption

"Start capturing traffic from Android phones, and you'll learn something about security."

Lifehacker points to an article which highlights some of the security shortcomings of Android. What isn't clear from the article is if this capture was done over Wi-Fi or the cellular network. To my limited knowledge, there isn't an easy way to sniff 3G data, so this should only be a concern if you are on Wi-Fi. In other words, if you're concerned about who may be able to see your data, stick with your wireless data plan when using apps that may compromise your security.


Wednesday, April 20, 2011

NCSU Modifies Android To Include Privacy Mode

Posted by Jason Lee in "Android Articles, Resources & Developer" @ 11:00 AM

http://news.ncsu.edu/releases/wms-jiang-tissa/

"Researchers at North Carolina State University have developed software that helps Android smartphone users prevent their personal information from being stolen by hackers."

While it isn't an app you can download something like this should have really been in Android from the start. Researchers at North Carolina State University have managed to create a "privacy mode" for Android that would allow users to specify exactly how much and what information apps can get on a case by case basis. Who knows if we will ever see something like this included in Android by default or if custom ROMs will ever become available with this feature but I think something like this is desperately needed for Android. How careful are you with watching/controlling what data your apps have access to?


Tuesday, March 8, 2011

Google Gives Us An Update On Android Market Secrity

Posted by Jason Lee in "Android News" @ 07:00 PM

http://googlemobile.blogspot.com/20...t-security.html

"On Tuesday evening, the Android team was made aware of a number of malicious applications published to Android Market. Within minutes of becoming aware, we identified and removed the malicious applications."

It is very reassuring to see Google taking these steps after their little Market security oopsie the other day. My biggest concern wasn't removing the malware from the phones so much as cleaning up the rooting and other bad things the malware did to your device while it was installed. I'm glad they pushed out this security update and even more impressed that they are actually contacting affected users. It still doesn't excuse the fact that something like this should have never happened in the first place but definitely a good step in righting their wrong.


Wednesday, March 2, 2011

Sprint's New App Finds Your Phone and Wipes Your Data

Posted by Kevin Jackson in "Android Mobile Operators" @ 06:00 AM

http://www.engadget.com/2011/02/28/...ut-lost-androi/

"With the TEP app, you'll be able to track your phone via a web interface, force it to sound an alarm even if muted, lock it, and finally wipe your contacts (which can later be restored once you get your handset back)."

This looks like a nice perk if you're already paying the $7 a month for the equipment protection plan, but I doubt that it's enough of a benefit to get people to sign up for the program, especially with so many solutions out there which are either free or have a one-time fee associated with them that do so much more. If you're with Sprint, is this something you're inclined to sign up for? What do you do to keep your phone safe and your data secure? Let us know in the forums.


Monday, October 4, 2010

Is Your Android Phone Tainted?

Posted by David Tucker in "Android Software" @ 05:30 AM

http://gizmodo.com/5651534/find-out.../full+(Gizmodo)

"Many apps beam usage information-some of it enough to personally identify your phone-to marketers, behind your back. Programmers at Penn State cooked up TaintDroid (ew) to reveal the offenders and help you protect yourself from prying data miners."

I certainly don't have a problem if an app tells me upfront that they'll be accessing certain data for marketing. There is a line I think we all have as far as what is too much but I don't mind the collection of basic demographic information. If the app has built in ads, I suspect that is what the data is needed for: to drive those.

Then there's the other apps out there. The ones that break your trust and don't inform you of the data you're giving up. I think I'm going to install this and see if there are any apps on my phone that are collecting data without my permission. If there are, it may be time to clean my phone up a bit.

I disagree with Engadget though...I like the name!


Wednesday, September 15, 2010

Beware - Security Warning Issued for Android Adobe Flash Player

Posted by Karey Westfall in "Android News" @ 11:30 AM

http://www.adobe.com/support/securi.../apsa10-03.html

"A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh."

Watch out! Adobe issued a security warning for the Android Flash Player 10.1.92.10 as well as Flash Player on other operating systems that may allow an attacker to take control of your systems. According to Adobe's security bulletin, they should have an update for Android out the week of September 27, 2010. Hopefully it will be sooner, but in the meantime check out Adobe's security bulletin on the issue!


Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...

Reviews & Articles

Loading feed...

News

Loading feed...

Sponsored links