Maintenance OTA Update Rolling Out for Samsung Galaxy Tab 10.1

by Jack Holt on
tagged , , ,

I have some good and bad news for you owners of the US Wifi Galaxy Tab 10.1. Good news is you should be seeing an OTA update from Samsung but the bad news is it’s not Ice Cream Sandwich. It’s Android 3.2 and it pushes the build up to HTJ85B.UEKMP P7510UEKMP. While it’s not being pushed out in full effect there are enough folk out there receiving it that suggests that everyone will be seeing it sooner rather than later. The bug fixes include:

- Fixes for email attachment issues,
- Rotation issues,
- Wifi Reconnect issues,
- System file Force close fixes,
- Improved Power Consumption,
- Android Market updated to 3.4.4.

While it may not be ICS just yet, it will certainly add some milage and stability to your 10.1 inch Galaxy Tab. You can check for the update by going to Settings> About device> Software update. Otherwise you can head to this XDA forum to download it now. Let us know in the comments section if you’ve received this yet. Enjoy!

source: Android Central

Google Wallet Issues Second Statement On Hacks

by Roy Alugbue on
tagged , , , ,

 

Back and forth we go with the precarious Google Wallet situation. First we saw the original security flaw, which immediately prompted Google to respond to users and highlight there are no known vulnerabilities while also encouraging users to install Google Wallet on non-rooted devices. In a mere few hours, a second method to hack Google Wallet was revealed, this time on non-rooted devices.

Naturally, the consecutive security breaches of Google Wallet has everyone on edge. That’s why many users have reached out to Google and question whether its Google Wallet service is safe enough for the masses to use in order to make mobile payments. Google offered its formal response and simply put it that yes, it is safe to make mobile payments using Google Wallet. Here’s Google Wallet VP Osama Bedier offering a formal statement: » Read the rest

Google Wallet Hacked… Again, This Time No Root Needed

by Roy Alugbue on
tagged , , , ,

 

Google Wallet is in the news again and not for the right reasons. We just saw earlier how a hack was revealed for rooted phones using Google Wallet. While Google issued an immediate response on the initial findings, mobile blog TheSmartphoneChamp discovered and posted a second way of hacking into Google Wallet— this time highlighting the newfound hack will work on non-rooted phones and doesn’t even need special hacking skills. Basically all individuals have to do to access a user’s funds is clear the data in the app settings— which forces Google Wallet to prompt them to enter a new PIN. After the new PIN is entered, it’s as simple as adding a Google Prepaid Card tied to the device and then there the ability to access any available funds. It has been tested by several sources and it is indeed true. Google has confirmed the findings and even issued the following statement:

We strongly encourage anyone who loses or wants to sell their phone to call Google Wallet support toll-free at 855-492-5538 to disable the prepaid card. We are currently working on an automated fix as well that will be available soon. We also advise all Wallet users to set up a screen lock as an additional layer of protection for their phone.

As always everyone— take immediate precautions to ensure the safety of your device which includes having a lock screen or even installing some tracking software for your device. You can check out the video below which highlights the vulnerability.

 

YouTube Preview Image

source: Androidandme

Google Responds to Google Wallet Security Flaw

by Emily Aquin on
tagged , ,

 

Google’s NFC chip that can turn your phone into a wallet has a major security issue.  The security firm Zvelo has found that Google Wallet can be hacked by an app that can be easily found online.  Our own Ed Caggiani gave you a detailed outline of the security flaw earlier today.  Keep in mind, though, that this security breach can only affect rooted phones.  Also, the rooted phone can only be hacked in person (for example, if you lost your phone), and using a PIN lock screen will keep criminals from accessing your phone.

The Next Web contacted Google for a statement on the issue, and received the following response:

The zvelo study was conducted on their own phone on which they disabled the security mechanisms that protect Google Wallet by rooting the device. To date, there is no known vulnerability that enables someone to take a consumer phone and gain root access while preserving any Wallet information such as the PIN.

We strongly encourage people to not install Google Wallet on rooted devices and to always set up a screen lock as an additional layer of security for their phone.

Google is simply encouraging people who have rooted phones to not use Google Wallet.  If they are working on a fix to this issue, they are not mentioning it. While it’s true that rooting a phone will disable the security features that Google has in place, Google also openly encourages people to root their phones and make it their own.  The easiest fix may be to have the PIN number stored by your bank, and not Google, but that would open a whole new can of worms, including changing Google’s terms of service.  We hope that Google will tackle this issue and come out with a security fix in the near future.

source: The Next Web

Google Wallet PIN Cracked by Brute Force Attack

by Ed Caggiani on
tagged , , ,

First, the sky is not falling and chances are you are safe, but if you use Google Wallet, you should know that the PIN security has been cracked. Who is affected? You are vulnerable if:

  1. You have a phone with Google Wallet set up
  2. Your phone is rooted
  3. You don’t use lock screen security (PIN, pattern, face unlock, etc)
  4. You lose your phone

Basically, you need either a Nexus S or Galaxy Nexus that has been rooted. Everyone else can stop reading now.

» Read the rest

New, Evolved Android Malware Shows That Google’s Bouncer Service Can Possibly Be Sidestepped

by Jack Holt on
tagged , ,

Google’s new bouncer-service that was announced last week is supposed to have dropped the number of malware apps in the Android Market by about 40% already. While that is a great number the Bouncer service isn’t perfect and it probably is the beginning to one of many back and forth battles between the Search Giant and malicious hackers in the making.

However, it appears that hackers may have already found a work around to this service. According to North Carolina State University professor Xuxian Jiang, he and his team have discovered a new malware variant that pulls off a pretty sneaky maneuver. The malware contains no malicious code when it’s first installed on a device. By doing this it evades scans or permission requests that could pick up on its intentions in the first place. Here’s the trick. After it’s downloaded the app is then able to download new code from a remote server and it can hide this in the data transfer from the phone’s communications.   » Read the rest

Further Clarification Offered for CDMA Galaxy Nexus “Official” Status Drop

by Jack Holt on
tagged , , ,

For those of you who don’t know Google dropped official “developer device” support for the CDMA (Verizon) version of the Galaxy Nexus last week. While a statement was released explaining why, it apparently required further explanation as it wasn’t officially explained in full as to what this drop actually meant. So without futher hesitation here is what the official Google Group’s post has to say: » Read the rest

High security Android phones headed to US government and military officials

by Chris Stewart on
tagged , ,

This project has been a bit of a slow burner for Google. We reported early in 2011 that the US Military was looking into Android and a Dell Android 2.2 build gained military approval late in 2011. This recent news  is a clear indication of the progress being made in what has long been a market dominated by RIM devices and software

The specially modified version of Android has been designed to run on commercially available smartphones, a move that will keep costs down whilst allowing the government to upgrade to that shiny new Galaxy SIII when it finally arrives!

US soldiers will be the first to receive these devices, having been involved in the project from the early stages. Federal agencies will then receive the second batch of phones for sending and receiving confidential government informations whilst on the move.

Currently, US Government and Military workers are not permitted to use smartphones for sending classified information as (up until now) there has been no devices that have met the high security certifications. There’s hardly a week that goes by without a high profile, blue chip organization finding their data compromised by the likes of wikileaks or some other anonymous source. With this in mind, it’s absolutely imperative that the Government is more vigilant than ever before.

Michael McCarthy, director for the Army’s Brigade Modernization Command has been overseeing the testing of touchscreen devices for over 2 years now. He confirmed that his division shipped over 40 phones to overseas fighters last year with another 50 phones and 75 tablets due to be shipped in March of this year.

Source : CNN

Google’s Bouncer service decreased malware occurrences by 40%

by Robert Nazarian on
tagged

I won’t say that malware isn’t a problem for Android, but certainly not as big as the press would like you to believe. Even a little is still a problem, and thankfully Google feels the same way. Today Google revealed a new service called Bouncer, which automatically scans the Android Market for potential malicious software. It happens behind the scenes and developers won’t have to go through any application approval process.

When an application us uploaded, Bouncer will immediately start scanning it for known malware, spyware, and trojans. This goes beyond a scan because Bouncer will run every application on Google’s cloud infrastructure and simulate how it will run on an Android device in an attempt to look for any hidden or malicious behavior. New developer accounts will be analyzed further and more often to prevent repeat offenders.

» Read the rest

HTC Admits Security Exploit Affects Specific Handsets, Says Fix is Already Out for Most Affected Devices

by Jack Holt on
tagged , , , , , , , , , ,

It seems that HTC is always in the news for one security scare or another. Well you can add this to the pile as HTC has acknowledged that a bug/exploit can expose security credentials on wifi networks when their devices handle specific Android requests.

It was found that applications on affected HTC devices with the android.permission.ACCESS_WIFI_STATE permission would be able to exploit the .toString() command via the WifiConfiguration class to view all of a wifi network’s credentials. Combine this with the android.permission.INTERNET permission and hackers could have a field day in harvesting these details and sending them off to a remote server. These exploits happened to be found by researchers Chris Hessing and Bret Jordan.  » Read the rest