Smartphone theft is on the rise, and as these devices get more and more expensive it gets less and less easy to replace them. On top of that there is the risk of sensitive personal information going into the wrong hands (i.e. a thief). Samsung and other manufacturers recently met with New York Attorney General Erich Schneiderman to discuss the future of smartphone security and how to prevent device theft, reportedly working on a kill switch of sorts. Now, it looks like Samsung will be releasing this new feature as soon as July.
I’m sure by now most of you are familiar with the recent news of the NSA scandal and what we once thought was private data now being accessed by the government. Obviously this doesn’t sit well with most and with smartphones being in most people’s pockets nowadays the threat of your data being exposed is dangerous. Steve Kondik, the founder of the popular 3rd party custom Android ROM CyanogenMod is figuring out a way to give Android an “incognito mode” so that it ensures no personal data can be leaked. Per Kondik:
I’m working on a new feature that will hopefully make it’s way into CM. It’s called “Run in Incognito Mode”. It’s a simple privacy feature designed to help you keep your personal data under control.
This past week the internet has been a buzz with the news of an extensive U.S. Government run data collection operation known as PRISM. It was first revealed to the public when The Guardian released an article shedding light on a secret government order forcing Verizon Wireless to release all its call logs to the NSA. The scope of just how big this program actually is ended up being later revealed as a government run initiative by the name of PRISM that has access to more than just our call logs. There have been U.S. officials that have come out and voiced support and disdain for such a program but what seemed to be missing were the details into what this program actually entailed. However, that’s no longer the case as the U.S. Government released intricate details about what PRISM actually does and what the information collection entails. According to officials, the program “is not an undisclosed collection or data mining program,” but rather something more extensive. According to them:
“It is an internal government computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers under court supervision, as authorized by Section 702 of the Foreign Intelligence Surveillance Act.”
According to the released statement the government doesn’t collect said information unilaterally but rather with very specific permission from the secret courts who oversee these requests as dictated by FISA. According to the fact sheet:
“The government cannot target anyone under the court-approved procedures for Section 702 collection unless there is an appropriate, and documented, foreign intelligence purpose for the acquisition (such as for the prevention of terrorism, hostile cyber activities, or nuclear proliferation) and the foreign target is reasonably believed to be outside the United States. We cannot target even foreign persons overseas without a valid foreign intelligence purpose.”
James R. Clapper, the Director of National Intelligence released a statement defending the program while also suggesting that The Guardian and the Washington Post jumped the gun in their release of this information without understanding the full details of the program. He also went on to say that he couldn’t release the details of how the data is collected as it would give suspicious groups a “playbook” to avoid being detected. You can read the full statement below the break.
The uproar of how extensive this government initiative is has spurred an uproar on the internet, so much so in fact that even Google’s Larry Page weighed in. Even though this program as been around for years, we’re just seeing the implications of what being in an online world entails, it’s hard to believe that this isn’t only the beginning. Will we see more transparency or will we continue to see secret government programs designed only for “our safety” come to light here in the future? Only time will tell.
Remember when we told you that Verizon was handing out call logs of customers to the US Government? Well, surely you didn’t think Verizon was the only one who was handing over data, right? According to the latest report from the Washington Post, Verizon isn’t the only company that’s been leaking information to the FBI and NSA, thanks to a data collection initiative called PRISM, made by the US government.
PRISM supposedly allows access to servers from popular sites, namely Google, Microsoft, Apple, Yahoo, Skype, YouTube, PalTalk, and AOL, with Dropbox access in the pipeline. That pretty much covers most of the top companies that have access to mountains of user data, so that’s a pretty scary thought. This is a great time to remind everyone that no matter how much security you think you have online, any information you put on the internet can always potentially be seen by a third party. If you don’t want that information to ever be seen by anyone else under any circumstances, don’t put it on the internet.
source: Washington Post
If you’re an avid root/modder in the Android community then rooting tool-kits should be nothing new to you. Today an all-in-one root plus recovery installer has been made available for the Verizon Samsung Galaxy S 4. The instructions seems relatively easy (if you’re familiar with this kind of stuff), so just make sure you follow the directions thoroughly.
Earlier today Steve Kondik took to Google+ to
talk about think out loud in regards to an ever popular topic of conversation: mobile security. As we see malware threats come and go, it comes back to just how secure one’s device really is. As more apps try to take advantage of folks and security exploits, people are growing paranoid with their personal data. Some read app permissions carefully, while others, like myself, just blow through them. Earlier builds of CM even developed a way to allow users to pick and choose which app permissions they were comfortable with. This idea of permission picking was short lived however as it caused instabilities and took trust away from app developers. Some have taken to say that the CyanogenMod team really isn’t looking out for its users but as Mr. Kondik replies:
“Proponents of the patches say that CM isn’t looking out for the users. I think these patches are just more security theater and don’t really solve a problem. Why do you want to run malicious applications anyway?”
He raises a good point. Why would we want to install malicious apps? Some people may do so on accident and this permission picking could essentially be a safety net but it wouldn’t solve the bigger issue: mobile security as a whole. So with that, Cyanogen has taken to the community in hopes of hearing ideas of increasing security while avoiding “smoke and mirrors.” So if you think you have a good idea on how to do just that, hit the source link below to voice your idea. While one option would be to split CM and create a secure, martial-law style version of the ROM that only helps a small group. Your ideas may help avoid that while helping everyone.
LoJack, if you’re familiar with their software for computers and laptops, have made the jump into mobile device territory with the Samsung Galaxy S4 as their first supported device. With this software you’ll be able to trace, lock, and of course, remotely wipe your device if you choose to do so. Unlike other soft wares, LoJack stays in your phone no matter what you do to it, such as factory resetting the device. More importantly you’ll get LoJack’s experience with their years of success in the laptop and computer industry, so you know their representatives are highly trained to retrieve your device.
So far no date of the release has been set, but we expect it to be around this summer. Prices have yet to be confirmed but it should range depending on the longevity of your desired subscription. Hit up the break for the full press release!
Today, BlackBerry launched their newest version of BlackBerry Enterprise Service 10.1, and it features full support for Android and iOS. We’ve already heard the announcement that BlackBerry Messenger is going to be hitting other platforms this summer, so it shouldn’t surprise anyone that BB is extending support to other platforms with other services.
BES 10.1 is being offered as a free upgrade and will allow users to consolidate their work and personal devices into one single device. Security has always been their strong suit, so I’d expect this to be a widely adopted, well made update.
As promised, Dan Rosenberg aka djrbliss on the XDA Developers forum released some additional details about his attempts to unlock the Samsung Galaxy S 4. Yesterday he posted a pic showing the unlocked bootloader that seemed to indicate he had recovery capabilities. He confirmed that in his latest post on the subject where he reports his work will allow custom kernels and recoveries.
Rosenberg also confirmed he had achieved the unlocking on an AT&T variant of the Galaxy S 4. However, he is not planning to release any details until Verizon starts to ship their version later this month. If you think you will be interested in unlocking your new Galaxy S 4 using Rosenberg’s tools, he does recommend that you not accept any OTA updates prior to his publishing his release despite the risk of missing out on security updates.
source: XDA Developers forum
Samsung has been stepping up its game for enterprise security. Their latest offering is KNOX, which will be available on the Galaxy S 4 soon. KNOX not only addresses the security needs for enterprise, but it also addresses the concerns for employees personal privacy. In a nutshell, it keeps work stuff separate from personal stuff by creating two different personas on one phone. It appears the U.S. Department of Defense will grant an approval for Samsung Galaxy smartphones (most likely the Galaxy S 4) as well as Apple iPhones and iPads.