Approximately six weeks ago, Google launched a new program it was calling the Patch Reward Program. The program encourages coders to take a proactive approach to improve “third-party” software that Google believes is key to the health of the Internet. According to Google:
“The goal is very simple: to recognize and reward proactive security improvements to third-party open-source projects that are vital to the health of the entire Internet.” Read more
We started seeing facial recognition in devices a few years back. It was a cool idea, but the technology wasn’t really ready yet. This year, fingerprint scanning technology has become more prevalent. Smart-watches are now becoming more mainstream, with Google expected to unveil their own smart-watch relatively soon.
Our society is slowly becoming more and more like the fictitious worlds depicted in many science fiction novels, shows and movies from the past— would it surprise you if I told you that Samsung is working on eye-scanning technology, and it could be featured in the Galaxy S5?
If you’ve been highly concerned or even hesitant to jump on HTC’s One Max or any other device that may use your fingerprint data to access it, be at rest, HTC assures you they have no access to it and the info will not be sent to third party companies. This should reassure many who weren’t positive how HTC was handling their saved fingerprint characteristics. Well, rest assured, as the company was posed the security question by the staff over at Phonearena and this is what the Taiwanese manufacturer had to say:
The fingerprint data is stored in local memory. It is encrypted and stored in the system partition, which can’t be readily accessed or copied. The fingerprint data is not an actual image but fingerprint characteristics that have been identified by a proprietary algorithm. No, HTC does not have access to the information and the fingerprint cannot be used by a third party.
The public perception has always been that Apple’s iPhone is more secure than Google’s Android, but Google executive chairman Eric Schmidt wants to set the record straight. During a Q&A session at the Gartner Symposium/ITxpo, Gartner analyst David Willis said, “When you say Android, people say, wait a minute, Android is not secure.” Schmidt quickly said, “Not secure? It’s more secure than the iPhone.” followed by the audience chuckling.
Unfortunately Schmidt didn’t elaborate other than saying that Android now has one billion users and is a platform that goes through rigorous security testing. He also added that in the distant future security will be implemented on a per app basis since the assumption will be that nothing is secure.
One of the main complaints Apple fanboys will make about Android is that it’s more susceptible to malware, and thereby a more risky choice for a phone, for obvious security reasons.
Google is now making an effort to quell these false claims, and recently released some graphics showing how hard it is to actually have malware damage your device and infiltrate your secure information. Note that their numbers only include devices that have Google Play Services— many phones without Google Play, such as those from China and Russia, are more at risk for malware.
Google’s Android Security chief Adrian Ludwig says that there are many layers of Android security constantly at work, and because of this, only .001% of all malware is even able to attempt to evade security, let alone actually get through.
The numbers get lower and lower as you pass through the multiple layers, as you can see from the graphic above.
This is not to say you should always be careful, especially when sideloading applicatoins, or if you have an untrusted app store on your device, which are the most common ways to get any type of malware on your device.
CyanogenMod’s update to version 10.2 will bring plenty of welcome improvements, and one of them is an updated Privacy Guard app to version 2.0. This app currently allows users to manage app permissions, not only displaying what apps have access to what information, but letting the users control which information they will voluntarily share with their apps.
Privacy Guard 2.0 will integrate “AppOps,” which lets the system remove permissions and return empty data sets when permissions are denied for an app. You will be able to easily switch on/off individual permissions for things such as location, reading contacts, SMS/MMS, etc. A notifications feature has also been added which will let you know when you are using an app that has permissions blocked that it requires to run. It’s definitely a good troubleshooting tool for when your app suddenly doesn’t work anymore after it doesn’t have the ability to use your device’s GPS, for example. The UI has also been changed a bit to make it simpler to navigate the app. It’s definitely a nice addition to CM 10.2 and we’re looking forward to seeing what other goodies are in store from the CM team.
The Android Device Manager has added the new remote lock device option to the desktop version of Google Play, and can be found under the “gear” icon at the rightmost part of the screen. Once in the module, you’ll be given the option to either make your phone ring at full blast (no matter the current volume setting on your device), lock it with a new lock pattern (overriding the current lock pattern/PIN), or doing a complete factory reset— all without touching your device.
This will certainly make users feel a lot more comfortable when misplacing their device, especially if you have important information on your phone, for your eyes only. If your phone is in airplane mode, the changes will take place as soon as the device is connected to a network.
In a move that would certainly boost competition, consumer choice, and overall happiness in the mobile device community, the Obama administration is pushing the FCC to mandate that US carriers must unlock some of their future devices. According to the Washington Post, activists devised a petition to garner support, and they were able to collect 114,000 signatures.
Lawrence Strickling, assistant secretary of the NTIA made a comment regarding the petition:
“Americans should be able to use their mobile devices on whatever networks they choose and have their devices unlocked without hassle.”
However, the move would likely only affect GSM devices, leaving CDMA phones alone in the dark. However, we’ll just have to wait and see.
Source: Washington Post
On the heels of the public’s worries about the NSA and “big brother” checking in on us, Wickr has released its app to Android devices, as it was already available through the iOS App Store.
The application allows users to send encrypted messages anonymously and privately, and users can also select an option which will cause your message to be permanently deleted after a certain time period ends, much like Snapchat’s well-known feature.
Here are some words from Wickr’s co-founder, Robert Statica:
“Wickr not only offers the most secure form of correspondence but also helps protect our users’ contacts as we anonymize this information before it leaves the senders phone. Wickr does not collect any personally identifable information on users nor can we read any messages or contents sent through Wickr, therefore, no criminal or rogue government can take them from us.”
So if you’re truly worried about the government and those “big bad corporations” spying on you, it looks like Wickr is the perfect app for you. Hit the break for a video and the link to the app in the Play Store. Read more
Security is the buzzword these days and passwords are one royal pain in the you know what. Even locking your phone is a pain. That is why I like Apple’s implementation of the fingerprint scanner. However, Google might be headed in a completely different direction. As you know Google has embraced Near Field Communications (NFC) for a few years now, while Apple doesn’t even talk about it.
According to the Wall Street Journal, Google is testing an NFC security token. Hardware tokens aren’t anything new. Most traditional versions generate random numeric passwords, but the user has to retype them each time they want to login. This form, created by Yubico, Inc., could work by simply touching it to your Android phone or tablet using NFC or it could also be used as a USB plugin on your desktop or laptop. Google would use this token to log into Gmail and other Google services. I should note that Yubico already offers the YubiKey (pictured above) and can be used just like what I described. It can actually be used with Gmail’s 2 step verification. How Google will change it, remains to be seen, but WSJ says Google “plans to offer to consumers” next year.