With over 50 million users, Lookout has always been the leader when it comes to protecting our smartphones and tablets. The app has always been free, but if you want the ultimate protection, than look no further than a Lookout Premium Subscription. With Lookout Premium, you don’t have to worry about losing your data in the event that you lose your phone or tablet since it will automatically backup the important things like photos and call history. What happens if a thief steals your phone? You know they will try to remove the SIM card or enable Airplane Mode so you can’t track the device. Lookout will alert you of such actions and capture the last known location. This stuff is only the tip of the iceberg. How many apps do you think you have installed on your device that can track your personal information? Lookout can tell you instantly. Let’s not forget safe Web surfing and the ability to remotely lock or wipe your device.
Blackphone has announced an update to their PrivatOS software that brings in several new features focused on enhancing user security and privacy. The update brings the highly tweaked Android OS fork to version 1.1 and is due out sometime in early 2015.
Today, Google announced new security tools to keep track of the devices attached to an account. The Devices and Activity Dashboard is a hub for connected hardware. It monitors phones, tablets, computers, and Chromebooks to show activity. Where was the device used? When was it used? What browser was used? All of these questions are answered by the Devices and Activity Dashboard. If a user notices something suspicious, he or she can hit the dedicated “Secure your account” button.
A password manager is expected to be secure, right? Just because it is expected does not mean that is necessarily the truth. There are password managers on Android that have a security flaw in which usernames and passwords can be picked up. It happens when the password manager uses the device’s clipboard to enter information. The security flaw was identified in early 2013 and a fix has yet to be issued.
Android 5.0 Lollipop brought a new feature called Smart Lock, which allows you to set certain locations or Bluetooth devices as trusted so that you don’t have to constantly enter your security PIN, Password, or pattern to unlock your phone or tablet. Third party apps such as Delayed Lock, SkipLock and Secure Settings have already been giving users this ability for a couple of years now. Unfortunately, these apps will not work in Lollipop due to the fact that Google has changed the security in that third party apps can no longer unlock the device.
Prior to the launch of the Nexus 6 and Android 5.0, we knew Google was moving to making device encryption mandatory for all new devices shipping with Lollipop. As far as security goes, that’s a great move, but it looks like it’s actually having some negative effects on the Nexus 6.
Early benchmarks seem to show that Lollipop’s full disk encryption (FDE) are having some fairly significant performance impacts on the Nexus 6. This is especially unfortunate since the Nexus 6 encrypts itself on first boot and there’s no way to turn it off, outside of flashing custom boot images. That’s not exactly a user friendly solution.
Motorola introduced Keylink today, which does a variety of things for $24.99. For starters, it’s a keychain that you can connect to your phone via Bluetooth. Using the Motorola Connect app, you will be able to see where your keys are on a map in the event that you misplaced them. If it’s your phone that you misplaced, you can force it to ring.
All good stuff, but probably the coolest feature is that Keylink will bypass your security lock screen as long as it’s connected to your phone. Motorola says this will work with only the Moto X (2014), the DROID Turbo, or any other smartphone running Lollipop. The reason for Lollipop is that it has a built-in function called Smart Lock, allowing you to set any Bluetooth device as trusted in order to bypass your security lock screen. Does that mean that users on KitKat, Jelly Bean or other versions of Android can’t use Keylink? Absolutely not.
The most popular messaging platform is getting better today. The update to the WhatsApp Android app now includes end-to-end encryption. Using open source code from Open Whisper Systems, even WhatsApp won’t have the ability to decrypt your messages.
Only the users will have access to the conversation, which means that law enforcement officials won’t be able to force WhatsApp to share your messages since they won’t have access to it.
Samsung’s Knox security solution is getting some pretty massive improvements today, which is great news for government and enterprise customers looking at Samsung devices. BlackBerry has announced that they are teaming up with Samsung to integrate BB’s end-to-end encryption into the existing Knox software suite. There are also a handful of other new features to better deal with Android’s security, too, so both companies are taking this pretty seriously.
Samsung’s Find My Mobile service has come under fire by NIST and security researcher Mohamed Baset regarding an exploit that allows attackers to remotely lock, ring or wipe Samsung devices. Baset points to a vulnerability in Samsung’s service that doesn’t validate the lock code information it receives, allowing an attacker to flood the device with network traffic and do their bidding. No word from Samsung on a patch, but for now we recommend disabling the service until they address the security issue.
Samsung issued a statement to us and it looks like it only affected the Web interface, not mobile devices. Furthermore, they patched the Web UI on October 13.
The reported issue occurred on the Find My Mobile Web site, and was not a problem on any mobile device. This Web UI was fixed with a patch update on October 13.