NFC could be the next big security exploit

Everyone is looking for something to put fear into people and the latest is NFC. Security researcher Charlie Miller recently showed flaws in the way Android (and MeeGo) handles NFC. He designed an NFC tag that was able to execute malicious code on a device. Obviously this tag could be place anywhere like a point-of-sale terminal.

The issue is not NFC in general, but more of the software implementation. The Android Beam specification allows NFC to automatically launch the web browser which allows for a wide range of web-based exploits. A lot of the browser bugs that were in older versions of Android have been fixed, but early Ice Cream Sandwich builds still have a lot of security holes related to the WebKit-based stock browser. A simple fix to this would be a pop up notifying the user that NFC is trying to open the browser and to either give or deny permission.

Older Android phones are still an issue in that Miller was able to hijack the application daemon that controls NFC functions in Android 2.3, in a sense bypassing the browser. Thankfully there really isn’t too many devices on Android 2.3 that have NFC. Miller used a Nexus S to demonstrate.

So there you have it folks. Is this the next big scare? I would assume Google will make software fixes accordingly, but the bottomline is that for anyone to exploit your phone (or tablet) with this method, they have to be really close to you.

source: theverge

Android Will Be More Secure With Jelly Bean

Ever heard of ASLR? It’s a security feature that is used in many different opearting systems such as Windows XP or iOS6. For quite a while Android has been avoiding it and then used a little bit of it in Android 4.0. Now with the release of Jelly Bean it is being used to its fullest, but this implementation of ASLR still lags behind the security of the soon to be released, iOS 6.

Wikipedia defines ASLR quite well:

Read more

Samsung Removes Universal Search From Sprint Galaxy S III

Yesterday the Sprint Galaxy S III began receiving a security update OTA, but little information was given as to what the update addressed. Users have reported that the update has removed the universal search feature from the device, meaning only web results are given from the search bar. The removal of local search is undoubtedly in response to the recent Apple lawsuit against the Samsung Galaxy Nexus for the very same ability. Google and Samsung are working together to fight that case and this move is a preemptive strike in case Apple decides to take on Samsung’s latest star.

Read more

Sprint Samsung Galaxy S III Receives Security Update

Sprint just released an OTA update for their Samsung Galaxy S III. The software version is L710VPLG2 and according to Sprint, it provides a “Google security update.” The user should feel nothing relatively new with this update, it seems as if Sprint is just enhancing the security of the phone. Nonetheless, it’s always good to give your phone any beneficial update. Hit up the source link for more information!

source: Sprint

Sprint Guardian helps parents keep teens and children safe

If you are a parent of a teenager – someone between 12 and 17 years old –  the odds are pretty good that they have a cell phone or smartphone.  Ensuring safe and responsible use of those mobile devices is a challenge for any parent. Sprint hopes to help with that with the availability of the previously announced Sprint Guardian solution. According to Fared Adib, vice president – Product Development, Sprint, “With Sprint Guardian, Sprint is giving families and individuals tools and information to better manage their wireless experience.”  Sprint Guardian is a collection of bundles of services – a Family Safety Bundle and a Mobile Security Bundle.  Sprint Guardian should now be available to customers with many Android powered devices via the Sprint Zone application on their smartphone.

The Family Safety Bundle is a set of services to manage family members’ wireless experience. The bundle  includes Mobile Controls, Drive First and Family Locator.  These services enable parents to oversee and control phone use, limiting texting while driving, and locate a child on an interactive map.

The Mobile Security Bundle helps manage phone security by backing up certain data so it can be restored to a new phone, locating lost phones, and even locking and wiping phones. These tools can help protect against identity theft, fraud, and the loss of other data.

The services do come at a cost though. The Family Safety Bundle runs $9.99 per month and the Mobile Security Bundle runs $4.99 per month (also available for $49.99 per year). For parents trying to keep their kids safe and using their mobile devices in a responsible manner, the cost may be well worth it.

More details about pricing and specific services are included in the Sprint press release. Hit the break to read it.

Read more

Contest: Win 1 of 20 Tickets to Lookout’s “Party Your Apps Off” Bash at Google I/O June 26th in San Francisco

Our friends at Lookout are doing it again. They are throwing their “Party Your Apps Off” bash the night before Google I/O kicks off, and trust me you don’t want to miss it because there will be plenty of food, drink, and some nice gifts for those that show up early. We have 20 tickets to giveaway and you can also bring a guest. You don’t have to be attending Google I/O to go to the party, but you do need to be in San Francisco for this event. We don’t know the specific location, but we’re sure Lookout has something special planned. Here’s the full details:

  • When: Tuesday, June 26 @ 8PM
  • Where: This part is a secret :)
  • What: Lookout’s big party in San Francisco on the first night of Google I/O. Drinks will start flowing at 8PM at a hot secret location in downtown SF & one of the city’s best Food Trucks will be there serving snacks. There will be some goodies for the first folks who show up at the door. *Please note, this event is 21 and over.
To enter this contest, all you have to do is head over to our forum thread and tell us what you’re most looking forward to at this year’s Google I/O. It’s a simple as that. You have until 11:59pm Sunday June 17th. We will randomly pick 20 winners, announce them on the 18th, and email them with instructions to the account associated with their username.

Click here to enter

Duo Security Uploads Malicious App Test, Appears Benign To Google Bouncer (Video)

Recall back in February that Google released “Bouncer” for the Play Store in an attempt to catch malicious applications being uploaded.  The service scans potential malicious apps by running them in a virtual environment where Bouncer monitors and surveys them for possible security issues and more.  Researchers Charlie Miller and John Oberheide have announced several ways they’ve been able to maneuver Bouncer.  One such way, which this and more will be announced at the Summercon conference in New York this week, is to allow the app to “know” when it is being run in a virtual environment and not on a physical device or system, thus allowing it to cease any and all malicious activity until it knows it’s on an actual system.  According to Oberheide, though Bouncer should be mimicking a real system “a lot of tricks can be played by malware to learn that it’s being monitored.”  Check out the video below of Oberheide and Miller’s test involving an application being uploaded to the Play Store, allowing them to “go inside” Bouncer, catalog fingerprints and allow other malware to know when it’s not running in an actual system environment.  Feel free to leave your thoughts in the comments below.

YouTube Preview Image

source: Duo Security





Android Malware Genome Project aims to understand Android Malware in order to develop effective solutions

Android Malware is the craze these days. Everyone’s talking about it like it’s the biggest things since sliced bread yet I’m yet to run into anyone who was infected by any of them. Everyone’s trying to make a name for themselves so throw in the Android Malware Genome Project. It was started by researchers at North Carolina State University and they say the biggest problem is that we don’t really understand the malware.

They were able to collect more than 1,200 malware samples from August 2010 to October 2011. They found that malware is getting better at preventing detection from mobile security software. They tested four different mobile security apps with over 1200 malware samples that were gathered from August 2010 to October 2011. The four apps included Lookout Mobile, AVG, Norton, and Trend Micro. Lookout led the way by detecting 79.6% of the malware. Next was Trend Micro, which detected 76.7%. In third was AVG, which detected 54.7%, and lastly Norton was only able to detect 20.2%.

Read more

Android Sees Its First Taste of Drive-By Malware Sites

Given that as we’re moving away from Desktop computers to a mobile web browsing experience it’s only a logical step that malware should do the same. Well Lookout Mobile Security has found this to be the case as they have recently discovered new sites that act as a drive-by malware node. What this means is that if an Android device that isn’t fully patched visits one of these sites, the site would download and install malware without your knowing. This Trojan could then pose as a system update file which in turn acts like a proxy redirect. This could cause problems for IT and Network folk should that device be connected to their network as once secure information could be now accessible.

The Trojan, known as “NotCompatible” shouldn’t be a problem if you have your devices updated and any one of the various virus scanners out there, like AVG or Lookout for example. Like I said, the risk is low as these sites are few and far between. However, while the risk is low now, the risk is out there and it could potentially grow. But if you make sure to have the “Install from Unknown Sources” unchecked combined with a virus scanner, you should be more than alright as Lookout is working on an update as you read this. They say:

Read more