American Airlines’ tablet deployment is one of the larget corporate deployments in the U.S. with 33,000 devices in the fleet. You may be familiar with the decision to deploy iPads to pilots with general aircraft information and navigational charts. You may not be so familiar with American’s decision to deploy Samsung Galaxy Note devices to flight attendants, Galaxy Tab devices to mechanics, and making Galaxy Tab devices available to certain passengers for entertainment purposes. Lisa Canada, American’s Managing Director of Operations Technology recently shared some insight into the decision to deploy 23,000 Android powered devices. Read more
SECLISTS.ORG has recently disclosed a potential security flaw on the Samsung Galaxy S III. According to the report, “It is possible to bypass the lock screen on the GSIII allowing an individual full access to the phones features.” We previously reported a similar screen lock bug relating to the Samsung Galaxy Note II.
It appears that when Samsung messes up with security, they go BIG or go home! Similar to the Note II Security flaw, it takes pressing a combination of buttons in the correct sequence to get it to work. Here’s how to do it on the GSIII: Read more
Koushik Dutta, developer of ClockworkMod’s popular Carbon – App Sync and Backup app, announced via Google+ today support for devices that have full device encryption. The new functionality also means the app can work with “Desktop Backup Password” protection, which is used to protect adb backups. In answering questions posed by fellow Google+ users, Dutta indicates he is planning to add cryptfs support in recovery in an upcoming update. Read more
An over the air software update is available for the AT&T Samsung Galaxy Note II. The update, which became available February 15, serves as a security patch for the Exynos kernel exploit discovered in December. As with most OTA updates, the carrier recommends downloading via WiFi. Make sure you have plenty of battery power as well. There’s no easier way to brick a phone than by losing power mid software install. It will push the firmware version to I317UCAMA4 but leave Android on 4.1.2.
Motorola Solutions has just launched its AME 2000 service for those looking for a secure wireless connection on their devices. AME 2000 essentially:
“Combines a commercial-off-the shelf (COTS) device with general hardware and software to provide end-to-end encrypted voice and data communications through private or public wireless networks to support the missions of federal agencies”.
So basically Motorola’s technology combined with some special VPN networks allows for secure data-in-transit between a mobile device and a customer enterprise through private and public broadband networks, including GSM, 3G, 4G LTE and Wi-Fi. In addition, Motorola’s AME 2000 allows for encryption of microSD cards and specialized secure OTA updates for specialized devices.
You’ll find some additional details in the presser once you hit the break.
Verizon is hoping to add some value for its customers by helping them rate the value of the apps they run on their smartphones. Rather than rating apps based on things like graphics or usability for a certain task, Verizon is looking at qualities that may affect the overall ownership experience. Major areas that are assessed include battery drain and data usage along with some other factors. Verizon makes a couple lists available, one that assesses top Google Play apps and another that highlights apps they find especially worrisome. Read more
Mobile security is a big deal on Android devices. While it’s debatable if malware is as big of a problem on Android as security analysts say it is, it’s still very important to keep your devices protected, just in case. Usually, Google does an excellent job of patching most vulnerabilities in their software, the problem is that carriers take way, way too long to get those security patches onto consumer handsets. Activist Chris Soghoian, known for his work with consumer security and privacy, has recently called out wireless carriers on their poor practices with updating these devices.
He’s saying what we’ve all been thinking, but he definitely brings to light some of the less thought about problems of slow updates. Most people complain about being stuck on old software because it’s slower or lacks cooler features, but that outdated software also lacks the updated protection that current software would provide. The antivirus on your computer wouldn’t do much good if it was looking for malware from 2010, would it? He also talks about the stock Android browser, which is one of the more popular browsers simply because it’s preloaded on the device. Unlike Firefox, Chrome, or any other browser you can download from the Play Store, the stock browser lacks constant updates and new malware protection like updateable apps have.
It’s definitely a good read, and definitely a situation that needs to change. Read on past the source to see what Soghoian has to say.
source: Threat Post
Sony has kicked off a new pilot project to bring a remote security service to market for owners of their Xperia smartphone devices. Sony is calling it “my Xperia” as they pilot the service in the Nordics and target a global release during the second quarter of 2013. One of the individuals behind the service, Sony Experience Planner Marcin Zielinski, described some of the service’s features in a one sentence blurb as helping “you locate your misplaced Sony smartphone and protect your personal data.” Read more
In December we reported on an exploit that had been discovered in Samsung’s Exynos chips. We have not heard of any malicious activity related to the security hole, though it became a popular vector for rooting devices. After looking into the issue, Samsung has started the process of issue a fix for the vulnerability. The devices and networks include:
- Sprint Galaxy S II Epic 4G Touch: Sprint’s update FL24 will push out to customers over the course of the next month and will receive Sprint’s Connections Optimizer as part of the update.
- T-Mobile Galaxy Note II: The T-Mobile version of the Samsung Galaxy Note II is getting an update dubbed T889UVALL4. T-Mobile is pushing this out over-the-air or users can manually update via Kies.
There are other devices on several carriers that have the same chipset and are vulnerable to the exploit. We anticipate seeing patches and updates rolling out for these devices over the next several days as well now that the ball has started rolling.
source: Android Central
Mobile security firm Lookout has posted a security alert on their blog regarding a new threat they have identified for mobile devices. Working with carriers, Lookout has identified SpamSoldier, which they describe as a spammer botnet agent that uses infected phones to send SMS spam messages. They do not indicate which platforms are subject to attack, although the original attack vector is via an SMS message and not through any apps downloaded via app stores. Read more