This past April WhatsApp added automatic end-to-end encryption for messages moving through the service. This was done as a way to help protect users and improve security of the communications platform. According to some recent claims by media outlets, John McAfee, the creator of the well-known anti-virus software package, tried to trick reporters into thinking he had managed to hack WhatsApp in order to get around this new encryption scheme. McAfee has fired back claiming he was only demonstrating a security flaw in Android.
According to the information shared by sources, McAfee tried to send some reporters some smartphones to demonstrate how he could read WhatsApp messages from a remote location. After some checking though, it appears McAfee was sending phones that were pre-cooked with malware that included a keylogger. These pre-configured phones would allegedly be opened by “experts” sent by McAfee to meet with the press representatives.
Sources indicate McAfee shopped this “story” to both the International Business Times and Russia Today and possibly to Business Insider. Things apparently unraveled for McAfee when some of the reporters contacted a security expert, Dan Guido, for guidance. Guido suggested to them that they buy their own phones for the test, a move that clearly would have thwarted McAfee’s plot.
For his part, McAfee says he never claimed to be able to hack WhatsApp or break their encryption. Instead, McAfee is saying that the reporters and others who were contacted missed the point of his claim that he was able to identify a “serious flaw in the Android architecture” that allowed him to install malware on the devices.
The monthly security update produced by Google is rolling out now.
The Enpass password manager app gets a new feature in the latest update that is rolling out, support for time-based one-time password (TOTP) authentication. This was a feature the developers included previously in the iOS and Mac versions of the app. In addition to including it in the Android version, Enpass is also adding it to the Linux and Windows desktop clients. Read more
Last year Google stepped up its game when it comes to security. This was done by initiating scans of apps in the Play Store. Google hoped this would reduce the number of apps containing harmful threats like viruses and malware.
On Monday afternoon, Google posted the monthly Nexus Security Bulletin that says what the company is doing to protect Android devices worldwide.
Oppo keeps teasing new hardware for the F1 Plus, which is expected to be a bigger, better version of the Oppo F1 that was announced earlier this year. The latest teaser from the company seems to suggest that we’re going to see a fingerprint scanner on the device, which wasn’t present on the F1. Read more
Late this week, Google’s security team announced several new features they are expanding or making available to Gmail users to help enhance email security. The updates include enhancements to email encryption, improvements to Google’s safe browsing warnings to help Gmail users, and additional alerts regarding state-sponsored attacks directed at Gmail users. Read more
In a strange twist of fate, Verizon Enterprise Solutions finds itself the victim of a data breach that has exposed 1.5 million customer accounts to hackers. Normally Verizon Enterprise is leading the way in helping businesses, many on the Fortune 500 list, avoid this kind of situation, so finding themselves victims is particularly painful. Read more
Smartphone owners are on alert after Google issued a warning that an Android vulnerability could give intruders access to devices they don’t own. Read more
BlackBerry has always been known for their security expertise, and when the Priv was announced that expertise was listed as a great selling point. Now that the Priv has had some time in the wild and new security issues have cropped up, BlackBerry wants the world to know how well they’ve handled getting those issues patched and how poorly everyone else is doing. Read more