Android Pay confirmed to not work with rooted devices


As Google wraps up rolling out updates to their Google Wallet application to transition to their new Android Pay platform, some power users are discovering an unpleasant surprise. Android Pay does not work with devices that have been rooted. This means users who have installed custom ROMs or perhaps other apps that required root access cannot make use of the mobile payment service. In response to comments that users who root their devices are some of the most ardent Android fans and could help build momentum for Android Pay, a Google staff member took to the XDA forums to discuss the security model and why Android Pay will only work on non-rooted devices. Read more

Security hole found in Samsung smart fridges


Some testing recently conducted by Pen Test Partners revealed a man-in-the-middle vulnerability in Samsung smart fridges that could be used to hack into a user’s Gmail account. The Samsung refrigerator that was tested has Wi-Fi capability that among other things, allows a user to display their Gmail calendar on the screen. The Pen Test Partners’ testing showed that although Samsung implemented a Secure Sockets Layer for connections, the fridge was not validating certificates leaving it vulnerable to attack. Read more

OnePlus 2 OTA update includes StageFright patch, gets rolled out to India first


While many OnePlus 2 fans are still waiting to get their hands on an actual device thanks to the slow rollout of invites, OnePlus has been busy with its OxygenOS firmware, announcing its first over-the-air (OTA) update that bumps the firmware to version 2.0.1. The OTA includes security patches, bug fixes and other improvements, and we have the changelog after the break.

Read more

Latest OxygenOS update addresses StageFright exploit for OnePlus One devices


OnePlus recently announced that it is slowing down the rate at which it issues invites for its 2016 flagship killer, the OnePlus 2, which isn’t great news for its fans. But, on the other hand,  it has also just announced that it’s released a firmware update for the OnePlus One to deal with the marauding StageFright exploit. And that is good.

Read more

National Cyber Security Alliance adds BlackBerry to their ranks

National Cyber Security Alliance.  (PRNewsFoto/National Cyber Security Alliance)

BlackBerry got a start in the enterprise sector where security and privacy were major concerns for entities that were looking for mobile communications platforms. Over the years, BlackBerry has earned over 70 different government certifications or approvals which is more than any other mobile vendor. With this strong background in mobile security, BlackBerry seems like a natural fit for the National Cyber Security Alliance (NCSA), but they are only just now joining according to an announcement made today.

NCSA’s executive director Micheal Kaiser says the organization welcomes “the unique perspective that BlackBerry brings to the NCSA, and we look forward to working with BlackBerry to solve  cybersecurity challenges, particularly as they relate to mobility and the Internet of Things.” Meanwhile, BlackBerry’s Edward Hearst, vice president of U.S. Government Business Development, says BlackBerry hopes to share “knowledge and insights to further advance efforts to ensure that the mobile experience is safe and secure for users, no matter what devices they have or information they access.”

source: National Cyber Security Alliance (PR)

Deutsche Telekom disables MMS auto-retrieval until the StageFright exploit is patched


You’ve probably heard about the latest Android vulnerability that apparently affects over 900 million Android devices. It’s called StageFright, and the worry is that malware can be embedded in a video that could then run roughshod in your device without you initiating any action whatsoever. The malware ridden video would be sent by MMS and your device would download it automatically, thanks to the auto retrieve setting being ticked in settings of the messaging app. While most carriers are waiting for phone manufacturers to issue software patches to block the exploit, Germany’s Deutsche Telekom is taking a more pro-active approach by disabling the MMS auto-retrieve function itself.

Read more