MobileSecurity
Latest
Great, now there's 'responsible encryption'
Trump's Department of Justice is trying to get a do-over with its campaign to get backdoors onto iPhones and into secure messaging services. The policy rebrand even has its own made-up buzzword. They're calling it "responsible encryption." After Deputy Attorney General Rod J. Rosenstein introduced the term in his speech to the U.S. Naval Academy, most everyone who read the transcript was doing spit-takes at their computer monitors. From hackers and infosec professionals to attorneys and tech journalists, "responsible encryption" sounded like a marketing plan to sell unsweetened sugar to diabetics.
The connected person’s guide to surviving an alt-right protest
On Wednesday, alt-right group Patriot Prayer got its permit for a weekend rally on federal land inside San Francisco. It was issued despite strong opposition from Mayor Ed Lee and city officials, state lawmakers and House Democratic leader Nancy Pelosi. This hate group circumvented the city and state because it chose a location on federal land -- a situation of concern to every community that doesn't want a Charlottesville on its doorstep. And because we don't have a choice, we're getting ready. That doesn't just mean counterprotests, but our entire police force will be on guard -- and because we're a city of technophiles and hackers, citizens will be paying particular attention to our phones and networks.
Engadget giveaway: win a Samsung Galaxy Note 5 courtesy of Bitdefender!
As major corporations continue to succumb to hacks and the government's prying eyes are still relatively unchecked, it's always a good idea to bulk up your personal security. Bitdefender has been in the business of just that for years and now its new Mobile Security and Antivirus is available to secure your mobile Android devices. The app stays lean by using in-the-cloud antivirus services which are continually updated. On your device, it offers malware scanning, device tracking in the case of possible theft, App Lock to secure individual apps with a pin and Privacy Advisor to help keep your private data safe from snooping apps. There's even Android Wear integration to alert you if you step too far away from your smartphone. If you enter this week, that handset could be a new Samsung Galaxy Note 5 (32GB, Black Sapphire), along with a year's subscription to Bitdefender's service. Just head down to the Rafflecopter widget below for up to three chances at winning this security app and Android smartphone package. Winner: Congratulations to Vincent T. of Los Angeles, CA!
Android app learns from your phone to fend off malicious attacks
The last time we heard from Itzhak 'zuk' Avraham, he was at Defcon 2011 showing off an Android app that let even inexperienced users poke around networks for weak links and vulnerable computers. Now his company, Zimperium, is rolling out a new mobile intrusion protection app (or zIPS, for short) to help users figure out when their phones are subject to sneak attacks. There's no shortage of mobile antivirus apps out there, but according to MIT Technology Review Avraham doesn't think the prevailing approaches are up to snuff. Many of them check downloaded files for known malware signatures, but zIPS' machine learning system helps it figure out how your smartphone normally works and detects changes that may be symptomatic of something sketchy. That includes detecting seemingly benign apps that later download malicious payloads, man-in-the-middle-attacks and still more mobile nastiness. Currently zIPS is enterprise-only, but a consumer version is in the works and the team hopes to hit iOS devices and a slew of connected home gadgets in short order.
Carbonite Mobile backs up the contents of your phone, Android version supports remote wipes
Before today, Carbonite had a few mobile apps, but the backup process was something of a one-way street: you could access content on your handset, but you couldn't back up the contents of your phone. That changes today with Carbonite Mobile, a free app for iOS and Android that allows you to upload photos and other files to Carbonite.com. In addition to backup, though, the Android version offers some features typically reserved for standalone mobile security apps -- things like remote wiping and the ability to reset the phone to factory settings if it falls into the wrong hands. Additionally, you can use the app to locate your lost device on a map, and you can also set off the ringer, even if you had set the phone to vibrate. In the case of the Android app, the software will run in the background; due to Apple's different set of APIs, it won't run 24/7. However, all you iPhone owners out there can program the application so that it backs up the device automatically when you get home. Curious? We've got screenshots below along with download links in Google Play and the App Store.
Verizon intros Mobile Security app for Android, wants to keep you safe
McAfee's been offering mobile protection services on Android for a while now, but Verizon's taking it a step further and bringing an application tailored specifically for its own customers with help from the Intel-owned outfit. The Mobile Security app -- which is also powered by Asurion -- aims to assist the Big Red crowd by protecting their devices from many "digital and physical threats," giving Android (2.1 or later) users the ability to lock, set up alarms, wipe data and locate handsets remotely. As it stands, Verizon's splitting the Mobile Security utility into three different setups, including a free-of-charge Basic, the Premium for $2 per month and, for those who want to be extra careful, a Premium with Total Equipment Coverage that adds a $1 monthly charge to the current TEC fees. We'll let your levels of paranoia decide whether or not you actually need any of these -- but alas, the link is down below for folks interested in checking out the shielding app.
Gavin Kim's on the move again, joins NQ Mobile after leaving Windows Phone
That was quick. A mere five days after saying goodbye to his cohorts at Microsoft, former Windows Phone GM Gavin Kim has landed at Mobile NQ as its Chief Product Officer. By joining the mobile privacy and security firm, Kim will be working with a couple of former Samsung colleagues at Mobile NQ -- co-CEO Omar Khan and PR maven Kim Titus. The real question is, with this being Gavin's third career stop in a year, how long will the reunion last?
Panasonic and Red Bend Software announce Android security partnership at MWC
Panasonic wants you to feel secure in its gentle embrace, which is why it's paired up with Massachusetts-based Red Bend Software to secure your cellphone's personal data. Pointing to the open nature of Android as a weakness when it comes to device security, the partnership created a safe folder isolated from the operating system that is only accessible by password or smart card. The clever part is Red Bend were able to get vLogix Mobile Linux to work as an independently virtualized OS yet run at the same time as Android runs cleanly -- with your personal data encrypted inside the ROM to prevent software reverse-engineering. The company isn't saying how it's planning to implement the feature or if it'll be generally available, but if you're looking for a safe place to store those confidential emails you should read all the gory details after the break.
Symantec report on mobile security concludes iOS and Android both vulnerable to attacks
In Symantec's bleak, dystopian world, it doesn't matter whether you choose Android or iOS -- you'll be making yourself vulnerable to attacks regardless of the camp you're in. The company just concluded a study pitting iOS's security against Android's -- an undertaking intended mainly for corporate IT staffs trying to figure out which devices they can safely issue to employees. (Curiously, despite the enterprise focus, you won't find a single comparison against BlackBerrys.) Although iOS won higher marks when it came to thwarting traditional malware and showed a more modest advantage in terms of data loss, data integrity, and service attacks, the two platforms proved equally adept at preventing web-based attacks -- and equally powerless to catch socially engineered ones. And when it came to implementing certain security measures, such as permissions-based controls, Android pulled ahead. Ultimately, Symantec (which sells mobile security software of its own, by the by) concluded that both "are still vulnerable to many existing categories of attacks," not least because both platforms allow users to sync with third-party apps or web services that may or may not be secure themselves. Indeed, Symantec's thesis is that Apple's App Store approval process helps explain its lead in the malware-blocking department. Also, in shocking news, Symantec adds that people using jailbroken are especially attractive targets for attackers, and that these devices are as vulnerable as computers. Don't say no one warned you. Head past the break for a press release with a summary of the findings or, if you're curious, hit the source link for a PDF version of the full report.
Nokia submits patent application for mobile firewall
As we race toward the mobile utopia that includes full Internet access -- including HTML mail and full web browsing -- the growing fear that viruses, trojans, and all other manner of Internet baddies may soon interrupt our mobile joy may well have prompted Nokia to file this patent application. Unlike the firewalls found in PCs, Nokia's tool will live on the carrier's network and do its thing by setting up "secure pinholes" where data blessed as legitimate can pass through the front line and all else gets dumped. Hopefully if we ever see this type of tech put in place, users will be able to configure what they deem legitimate, and not what the provider sees fit to set for them.[Via New Scientist Tech]
Targus iPod Lock sacrifices real security for aesthetics
Security expert Marc Weber Tobias has a column over at Engadget called The Lockdown. His most recent column is all about the Targus iPod Lock, which you may recall us mentioning here a few months ago. Turns out that the Targus mobile security lock is not only toothless, but could cause significant damage to your iPod's dock connector if you're not really careful. But wait - as far as Targus is concerned, the iPod damage potential is a feature, not a bug. Marc's analysis - complete with pictures and video demonstration - along with Targus' own responses to his evaluation is well worth the read. The bottom line, however, can be summarized with this statement: "...the key phrase is 'a modicum of security.' For those readers that are not familiar with this term, the definition for modicum includes small amount, little, bit, scrap, or ounce. This would be an accurate definition of the protection afforded by this product."What's worse is that Targus doesn't seem to actually care that their $30 product isn't such a great investment and is counting specifically on the average consumer being gullible enough to think this lock will genuinely protect them from the casual thief. Sad. Very sad.If any TUAW readers have used the Targus iPod lock, let us know what you think.
