mobile security
Latest
How did Google get Pixel 4 face unlock this wrong?
Like many tech writers, I've been struggling to wrap my head around the brand-new Pixel 4's face unlock security #fail. Before the phone was even released, BBC technology reporter Chris Fox discovered that his review unit had a deeply disturbing security flaw: The phone's only biometric security option, facial recognition, worked just fine if the subject's eyes were closed.
Engadget giveaway: win a Sony Xperia Z3 Tablet Compact courtesy of F-Secure!
You lock your door, cover your PIN at the ATM and have your homescreen password protected, but what about that data connection? The coffee shop WiFi could be a data-skimmers hangout and you may not have noticed that card game app you've been playing is malware. F-Secure's Freedome helps take care those mobile security issues and has a few other tricks up its sleeve, too. Freedome can mask your IP address to keep it safe from snoops and if you're a world traveler, you can select a virtual location, so your House of Cards binge session won't be interrupted by unsupported regions. F-Secure has provided us with a Sony Xperia Z3 Tablet Compact and a one-year, three-device subscription to Freedome so one lucky Engadget reader will be able to surf in style and safety. Just head down to the Rafflecopter widget below and you'll get up to three chances at winning this tablet and mobile security software combo. Winner: congratulations to Noah A. of London, ONT.
Carbonite Mobile backs up the contents of your phone, Android version supports remote wipes
Before today, Carbonite had a few mobile apps, but the backup process was something of a one-way street: you could access content on your handset, but you couldn't back up the contents of your phone. That changes today with Carbonite Mobile, a free app for iOS and Android that allows you to upload photos and other files to Carbonite.com. In addition to backup, though, the Android version offers some features typically reserved for standalone mobile security apps -- things like remote wiping and the ability to reset the phone to factory settings if it falls into the wrong hands. Additionally, you can use the app to locate your lost device on a map, and you can also set off the ringer, even if you had set the phone to vibrate. In the case of the Android app, the software will run in the background; due to Apple's different set of APIs, it won't run 24/7. However, all you iPhone owners out there can program the application so that it backs up the device automatically when you get home. Curious? We've got screenshots below along with download links in Google Play and the App Store.
Verizon intros Mobile Security app for Android, wants to keep you safe
McAfee's been offering mobile protection services on Android for a while now, but Verizon's taking it a step further and bringing an application tailored specifically for its own customers with help from the Intel-owned outfit. The Mobile Security app -- which is also powered by Asurion -- aims to assist the Big Red crowd by protecting their devices from many "digital and physical threats," giving Android (2.1 or later) users the ability to lock, set up alarms, wipe data and locate handsets remotely. As it stands, Verizon's splitting the Mobile Security utility into three different setups, including a free-of-charge Basic, the Premium for $2 per month and, for those who want to be extra careful, a Premium with Total Equipment Coverage that adds a $1 monthly charge to the current TEC fees. We'll let your levels of paranoia decide whether or not you actually need any of these -- but alas, the link is down below for folks interested in checking out the shielding app.
Gavin Kim's on the move again, joins NQ Mobile after leaving Windows Phone
That was quick. A mere five days after saying goodbye to his cohorts at Microsoft, former Windows Phone GM Gavin Kim has landed at Mobile NQ as its Chief Product Officer. By joining the mobile privacy and security firm, Kim will be working with a couple of former Samsung colleagues at Mobile NQ -- co-CEO Omar Khan and PR maven Kim Titus. The real question is, with this being Gavin's third career stop in a year, how long will the reunion last?
Panasonic and Red Bend Software announce Android security partnership at MWC
Panasonic wants you to feel secure in its gentle embrace, which is why it's paired up with Massachusetts-based Red Bend Software to secure your cellphone's personal data. Pointing to the open nature of Android as a weakness when it comes to device security, the partnership created a safe folder isolated from the operating system that is only accessible by password or smart card. The clever part is Red Bend were able to get vLogix Mobile Linux to work as an independently virtualized OS yet run at the same time as Android runs cleanly -- with your personal data encrypted inside the ROM to prevent software reverse-engineering. The company isn't saying how it's planning to implement the feature or if it'll be generally available, but if you're looking for a safe place to store those confidential emails you should read all the gory details after the break.
Symantec report on mobile security concludes iOS and Android both vulnerable to attacks
In Symantec's bleak, dystopian world, it doesn't matter whether you choose Android or iOS -- you'll be making yourself vulnerable to attacks regardless of the camp you're in. The company just concluded a study pitting iOS's security against Android's -- an undertaking intended mainly for corporate IT staffs trying to figure out which devices they can safely issue to employees. (Curiously, despite the enterprise focus, you won't find a single comparison against BlackBerrys.) Although iOS won higher marks when it came to thwarting traditional malware and showed a more modest advantage in terms of data loss, data integrity, and service attacks, the two platforms proved equally adept at preventing web-based attacks -- and equally powerless to catch socially engineered ones. And when it came to implementing certain security measures, such as permissions-based controls, Android pulled ahead. Ultimately, Symantec (which sells mobile security software of its own, by the by) concluded that both "are still vulnerable to many existing categories of attacks," not least because both platforms allow users to sync with third-party apps or web services that may or may not be secure themselves. Indeed, Symantec's thesis is that Apple's App Store approval process helps explain its lead in the malware-blocking department. Also, in shocking news, Symantec adds that people using jailbroken are especially attractive targets for attackers, and that these devices are as vulnerable as computers. Don't say no one warned you. Head past the break for a press release with a summary of the findings or, if you're curious, hit the source link for a PDF version of the full report.
Nokia submits patent application for mobile firewall
As we race toward the mobile utopia that includes full Internet access -- including HTML mail and full web browsing -- the growing fear that viruses, trojans, and all other manner of Internet baddies may soon interrupt our mobile joy may well have prompted Nokia to file this patent application. Unlike the firewalls found in PCs, Nokia's tool will live on the carrier's network and do its thing by setting up "secure pinholes" where data blessed as legitimate can pass through the front line and all else gets dumped. Hopefully if we ever see this type of tech put in place, users will be able to configure what they deem legitimate, and not what the provider sees fit to set for them.[Via New Scientist Tech]
Targus iPod Lock sacrifices real security for aesthetics
Security expert Marc Weber Tobias has a column over at Engadget called The Lockdown. His most recent column is all about the Targus iPod Lock, which you may recall us mentioning here a few months ago. Turns out that the Targus mobile security lock is not only toothless, but could cause significant damage to your iPod's dock connector if you're not really careful. But wait - as far as Targus is concerned, the iPod damage potential is a feature, not a bug. Marc's analysis - complete with pictures and video demonstration - along with Targus' own responses to his evaluation is well worth the read. The bottom line, however, can be summarized with this statement: "...the key phrase is 'a modicum of security.' For those readers that are not familiar with this term, the definition for modicum includes small amount, little, bit, scrap, or ounce. This would be an accurate definition of the protection afforded by this product."What's worse is that Targus doesn't seem to actually care that their $30 product isn't such a great investment and is counting specifically on the average consumer being gullible enough to think this lock will genuinely protect them from the casual thief. Sad. Very sad.If any TUAW readers have used the Targus iPod lock, let us know what you think.
