security

HTC plans Heartbleed fix over top legacy Android risk

HTC plans Heartbleed fix over top legacy Android risk

Half of the top ten Android smartphones susceptible to Heartbleed hacks are made by HTC, security research firm Lookout claims, with phones like the HTC One X+ and Desire X still running older versions of Google's OS that are unpatched. Lookout describes the issues as "a curse of these phones' own success," with popular hardware unable to support the latest, safer Android versions. However, HTC tells SlashGear that it has a fix in the works.

Continue Reading...

Apple, Google and more commit to smartphone kill switch

Apple, Google and more commit to smartphone kill switch

Apple, Google, HTC, Motorola, Nokia, Samsung, and the main US carriers have committed to implementing a cellphone "kill switch" on every new device made after July 2015, allowing owners to remotely wipe, lock, or brick their smartphone if lost or stolen. The agreement, dubbed the "Smartphone Anti-Theft Voluntary Commitment", will mean every participating vendor and carrier will offer an app for managing remote device security, and is intended to challenge the market for stolen phones.

Continue Reading...

Google patches Android icon permissions flaw

Google patches Android icon permissions flaw

Security vendor FireEye has announced that Google has issued a patch for a security flaw that left Android users vulnerable to attacks that could lead them to phishing sites. The security firm says that it has recently spotted a malicious app that had the ability to modify icons of other applications. The purpose of modifying the icons of other apps was to lure users into clicking them, where they would be sent to a phishing website.

Continue Reading...

Obama: NSA to expose not exploit bugs like Heartbleed

Obama: NSA to expose not exploit bugs like Heartbleed

Potentially catastrophic internet security exploits like Heartbleed should be publicized rather than covertly used for surveillance, President Obama has reportedly told the NSA and other intelligence divisions, although exceptions to the rule will still see the US rely on loopholes for its spying and monitoring. Heartbleed pitched the National Security Agency back into the headlines on Friday, after anonymous sources claimed it had discovered the OpenSSL flaw at least two years ago, but opted to keep it secret so as to use it for stealing passwords and other data.

Continue Reading...

NSA denies Heartbleed knowledge and exploitation

NSA denies Heartbleed knowledge and exploitation

The NSA has denied knowledge of the Heartbleed bug, following allegations that not only did the security agency discover the exploit two years ago, but that it opted to keep it secret so as to use it in its spy tool arsenal. Anonymous insiders claimed earlier that the National Security Agency had identified Heartbleed - which left as many as two-thirds of websites vulnerable to password and data theft - as part of its regular efforts at hunting down potentially useful bugs and hacks.

Continue Reading...

Condoleezza Rice “fully supports” cloud privacy Dropbox insists

Condoleezza Rice “fully supports” cloud privacy Dropbox insists

Dropbox has responded to calls for a boycott over Dr. Condoleezza Rice joining the cloud company's board, insisting that the former US Secretary of State "fully supports" its commitment to privacy. The controversial appointment earlier this week sparked fury and shock among Dropbox users, suggesting Dr. Rice's background with NSA wiretaps and other surveillance behaviors made her role at the company "tone deaf" given heightened awareness of privacy intrusion.

Continue Reading...

1 2 3 4 5 Next