Many smartphone users know that free apps sometimes share private information with third parties, but few, if any, are aware of how frequently this occurs.
An experiment at Carnegie Mellon University shows that when people learn exactly how many times these apps share that information they rapidly act to limit further sharing. It means that mobile security isn’t on the highest level. In one phase of a study that evaluated the benefits of app permission managers 23 smartphone users received a daily message, or "privacy nudge," telling them how many times information such as location, contact lists or phone call logs had been shared.
Read moreA lot of Android apps that have been downloaded 6.3 billion times from the Google Play store are still vulnerable to the FREAK bug. Research published Tuesday by the company shows just how vulnerable both Android and iOS apps still are to a FREAK attack.
FREAK is a cryptographic weakness that permits attackers to force data traveling between a vulnerable website or operating system to servers to use weak encryption protocols. If combined with a so-called man-in-the-middle attack, the data could theoretically be intercepted and cracked as the user is unwittingly using a lower level of encryption than believed.
Read moreAt the Mobile World Congress in Barcelona earlier this month, Android smartphone giant, Samsung, released its mobile payments platform.
Samsung Pay has something that Apple Pay does not: Magnetic Secure Transmission that was actually developed by a company called LoopPay. While use of Apple Pay is limited to those merchants who deploy near-field-communication enabled point-of-sale terminals, the inclusion of MST means that Samsung Pay has the capacity to interface with existing mag-stripe reading point-of-sale systems. Magnetic stripe readers, of course, constitute the vast majority of payment terminals.
Read moreThe average large global enterprise has about a lot of unsafe apps installed on the mobile devices in its environment.
The apps in question are publicly available apps popular among users, not enterprise ones. Many users are downloading these apps and installing them on devices, often the same one they are using to access enterprise applications and services. Enterprises have to manage what employees are installing on company-issued mobile devices while also managing employee-owned devices as part of a comprehensive bring-your-own-device program.
Read moreA new Android Trojan uses some clever techniques to silently subscribe victims to premium services. The threat is still under development, but it’s already capable of carrying out a wide range of tasks.
Cybercrooks can use the malware to send SMS messages, set a filter on incoming messages and calls, display ads, delete messages and call records, upload the HTML source code of specified webpages to a remote server, perform DDoS attacks, make outgoing calls, subscribe the victim to paid content, delete security apps, and export incoming messages based on instructions received from the command and control server.
Read moreAndroid 5.1 arrives with HD calling and safeguards for stolen phones. After weeks of teasing, it's here: Google has officially unveiled Android 5.1 Lollipop.
The new release focuses on support for features that usually depend on extra software to work, such as multiple SIM cards and higher-quality HD voice calls on networks. You can control your WiFi networks and Bluetooth devices from the quick settings area, too. However, the biggest deal may be something you'll hopefully never have to use refers to security. Android 5.1 will let you require a Google account sign-in if your device is stolen, even if it's reset to factory settings.
Read moreA newly discovered mobile malware campaign cloaks itself as an Amazon voucher app before using a victim's contact list to spread to new targets. The campaign is touted as "one of the single largest messaging-initiated mobile malware outbreaks" recorded.
The malware sends messages to a victim's contacts laden with malicious links — which when opened, install malware on Android-based mobile devices. It masquerades as an application which offers Amazon discounts and vouchers. Since its original launch in the USA, the campaign has infected thousands of mobile devices in more than 30 countries around the world.
Read moreTech firms are rushing to fix a disastrous security flaw, stemming from the US government’s requirement of lower encryption standards, that for over a decade left millions of users visiting 'secured' websites exposed to potential attacks.
Experts have discovered a massive flaw that allows attackers to decrypt HTTPS-protected traffic passing between millions of websites and users of vulnerable devices, including Android and Apple smartphones and tablets. Researchers found that some websites that use SSL or TLS protocols, including government ones, are vulnerable and could be tricked into setting up a connection through weak encryption keys.
Read moreLast year the Nexus 6 handset arrived with full data encryption enabled out the box. Google also pushed its hardware partners to do the same at first, but now appears to have quietly changed the requirement with a strong recommendation to enable encryption by default.
The performance issues with Google’s Nexus 6 in November, particularly with regards to read and write disk speeds, which it attributed to the encryption. How much of an impact did the tests show? In some cases, the new Google Nexus 6 was slower than the Nexus 5 it was designed to replace, even though the handset had improved internal components. So what’s changed?
Read moreSmartphone users might balk at letting a random app like Candy Crush or Shazam track their every move via GPS, because it is not safe.
But security researchers have found that Android phones reveal information about your location to every app on your device through a different, unlikely data leak: the phone’s power consumption. Researchers have created a technique, which they say can gather information about an Android phone’s geolocation merely by tracking its power use over time. That data, unlike GPS or Wi-Fi location tracking, is freely available to any installed app without a requirement to ask the user’s permission.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland