Posts Tagged ‘Android’

No root for you! Google slams door on Symantec certs

Soup Nazi

Google being ‘alarmist’ claims Symantec

The four-month row between Google and Symantec over SSL certificate issuing has just gone nuclear, with the Chocolate Factory making good on its threats and beginning a blockade.

“Over the course of the coming weeks, Google will be moving to distrust the ‘Class 3 Public Primary CA’ root certificate operated by Symantec Corporation, across Chrome, Android, and Google products,” said Google software engineer Ryan Sleevi.

“Symantec has decided that this root will no longer comply with the CA/Browser Forum’s Baseline Requirements. As these requirements reflect industry best practice and are the foundation for publicly trusted certificates, the failure to comply with these represents an unacceptable risk to users of Google products.”

Sleevi said that Symantec had informed Google that the root certificate would be used for purposes other than for publicly trusted connections, but isn’t saying what else they might be used for. As a result, it’s on Google’s naughty list.

“Symantec has indicated that they do not believe their customers, who are the operators of secure websites, will be affected by this removal,” Sleevi said. “Further, Symantec has also indicated that, to the best of their knowledge, they do not believe customers who attempt to access sites secured with Symantec certificates will be affected by this.”

Read More by Iain Thomson

Chinese mobe market suffers pre-pwned Android pandemic

android_toys_648

Amazingly, it might not even be the Chinese government causing it

Security researchers have discovered more examples of pre-installed malware on Android smartphones.

G DATA found that more than two dozen phones from different manufacturers were already compromised straight out of the box.

Kit from manufacturers including Huawei, Lenovo and Xiaomi have pre-installed espionage functions in the firmware. G DATA suspects that middlemen modified the device software to steal user data and inject their own advertising to earn money.

Other possibilities include unintentional infection through compromised dehttp://www.amlltd.co.uk/wp-admin/post-new.phpvices in the supply chain (a problem which affected Vodafone Spain back in 2010) or intentional interference by government spies. Many of the models implicated in the malfeasance sell well in China.

The pre-pwned device issue has become a perennial problem for privacy-conscious smartphone users. Sticking to the Play Store, avoiding dodgy websites and following common-sense security precautions are no help in such cases.

Read More by John Leyden

Google can find your Android smartphone anywhere in the world

Google can find your Android smartphone anywhere in the world

Google has made it easier for Android smartphone owners to seek out the location of their device.

Whether its tucked down the back of the sofa, buried in the garden by the dog or in the pocket of a nasty thief, Google will find it.

All panicked phone owners have to do is sign into Google, type “find my phone” into a Google search and a map will be displayed showing the whereabouts of the misplaced mobile.

Once it has been found, the handset can be called, however it cannot be blocked or wiped to prevent prying eyes from accessing personal data. To do this, users will need to have Android Device Manager installed, and go through the procedure using the app.

However, for those times when a phone has just been “put somewhere safe” (the safest places are always the hardest to find), Google’s method will save minutes, if not hours of frantic searching and fearing the worst.

Apple has a similar ‘Find My iPhone’ service that lets users sign in to iCloud.com to see their missing Mac, iPhone, iPad, or iPod touch on a map.

Read More by Phil Tottman

Social Media Links
Latest Tweets
Archives

Social Widgets powered by AB-WebLog.com.