Skip navigation
Help

Android

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

darthcamaro writes "Last week, Rain Forrest Puppy (aka Jeff Forristal) first disclosed the initial public report about an Android Master Key flaw. Code was released earlier this week for attackers to exploit the flaw — but what about users? Google has claimed that it has patched the issue but how do you know if your phone/carrier is safe? Forristal's company now has an app for that. But even if your phone is not patched, don't be too worried that risks are limited if you still to a 'safe' app store like Google Play. 'The only way an Android user can be attacked via this master key flaw is if they download a vulnerable application.

"It all comes down to where you get your applications from," Forristal said.'"

0
Your rating: None

A man who has won about $1.5 million in poker tournaments has been arrested and charged with running an operation that combined spam, Android malware, and a fake dating website to scam victims out of $3.9 million, according to Symantec.

Symantec worked with investigators from the Chiba Prefectural Police in Japan, who earlier this week "arrested nine individuals for distributing spam that included e-mails with links to download Android.Enesoluty—a malware used to collect contact details stored on the owner’s device," Symantec wrote in its blog.

Android.Enesoluty is a Trojan distributed as an Android application file. It steals information and sends it to computers run by hackers. It was discovered by security researchers in September 2012.

The suspect flagged as the "main player running the operation" is 50-year-old Masaaki Kagawa of Tokyo, president of an IT firm named Koei Planning and a poker player with success in high-stakes tournaments around the world.

Masaaki Kagawa wins a big pot in the Aussie Millions Cash Game Invitational a few years ago.

Kagawa has reportedly won about $1.5 million in tournaments dating back to 2008 (minus entry fees). His most recent score was a third place finish in the 2013 Aussie Millions Poker Championship in February, which netted him $320,000.

Kagawa was already under investigation while playing in that tournament. Symantec explains:

From our observations, the operation began around September 2012 and ended in April 2013 when authorities raided the company office. We confirmed around 150 domains were registered to host the malicious apps during this time span. According to media reports, the group was able to collect approximately 37 million e-mail addresses from around 810,000 Android devices. The company earned over 390 million yen (approximately 3.9 million US dollars) by running a fake online dating service called Sakura in the last five months of the spam operation. Spam used to lure victims to the dating site was sent to the addresses collected by the malware.

The malware allegedly used in this operation appears to share source code with Android.Uracto, a Trojan that steals contacts and sends spam text messages to those contacts. Scammers maintaining Android.Uracto have not yet been identified.

0
Your rating: None

Starting with templates, Android features can be added quickly with a single line of DSL code.

In the first installment of this two-part series on developing Android Apps with Scala and Scaloid, I explained how Scaloid simplifies and reduces the required Android code as much as possible while leveraging type safety. In this article, I explain how to utilize asynchronous task processing, the execution of methods from system services, and specific Scaloid classes and traits.

0
Your rating: None
Original author: 
Florence Ion


What if you could privately use an application and manage its permissions to keep ill-intending apps from accessing your data? That’s exactly what Steve Kondik at CyanogenMod—the aftermarket, community-based firmware for Android devices—hopes to bring to the operating system. It’s called Incognito Mode, and it’s designed to help keep your personal data under control.

Kondik, a lead developer with the CyanogenMod team, published a post on his Google Plus profile last week about Incognito Mode. He offered more details on the feature:

I've added a per-application flag which is exposed via a simple API. This flag can be used by content providers to decide if they should return a full or limited dataset. In the implementation I'm working on, I am using the flag to provide these privacy features in the base system:

  • Return empty lists for contacts, calendar, browser history, and messages.
  • GPS will appear to always be disabled to the running application.
  • When an app is running incognito, a quick panel item is displayed in order to turn it off easily.
  • No fine-grained permissions controls as you saw in CM7. It's a single option available under application details.

The API provides a simple isIncognito() call which will tell you if incognito is enabled for the process (or the calling process). Third party applications can honor the feature using this API, or they can choose to display pictures of cats instead of running normally.

Every time you install a new application on Android, the operating system asks you to review the permissions the app requests before it can install. This approach to user data is certainly precarious because users can't deny individual permissions to pick and choose what an application has access to, even if they still want to use that app. Incognito Mode could potentially fix this conundrum, enabling users to restrict their data to certain applications.

Read 9 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Florence Ion

Sometimes, we're not always satisfied with the experience that Android offers us. However, the beauty of being an Android user is that you can make a choice to do something different. Before you head off into the weekend, check out Everything.me and its unique Home screen experience. Or, if you've been envious of Facebook's Chat Heads and wish they existed for other apps, download Floating Notifications to get a similar experience.

The Google Play store is chock full of applications that allow us to customize our phones, tack on new features, or just check the score for our favorite team. Here are just a few of those apps we discovered this week that can make those things happen.

Everything.me, Free

Read 14 remaining paragraphs | Comments

0
Your rating: None
Original author: 
By THE NEW YORK TIMES

With more people reading the Times on smart phones, you can now experience Lens on the New York Times iPad/iPhone or Android app.

0
Your rating: None
Original author: 
Dan Goodin

greyweed

Recently discovered malware targeting Android smartphones exploits previously unknown vulnerabilities in the Google operating system and borrows highly advanced functionality more typical of malicious Windows applications, making it the world's most sophisticated Android Trojan, a security researcher said.

The infection, named Backdoor.AndroidOS.Obad.a, isn't very widespread at the moment. The malware gives an idea of the types of smartphone malware that are possible, however, according to Kaspersky Lab expert Roman Unuchek in a blog post published Thursday. Sharply contrasting with mostly rudimentary Android malware circulating today, the highly stealthy Obad.a exploits previously unknown Android bugs, uses Bluetooth and Wi-Fi connections to spread to near-by handsets, and allows attackers to issue malicious commands using standard SMS text messages.

"To conclude this review, we would like to add that Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits," Unuchek wrote. "This means that the complexity of Android malware programs is growing rapidly alongside their numbers."

Read 6 remaining paragraphs | Comments

0
Your rating: None
Original author: 
samzenpus

chicksdaddy writes "A new malicious program that runs on Android mobile devices exploits vulnerabilities in Google's mobile operating system to extend the application's permissions on the infected device, and to block attempts to remove the malicious application, The Security Ledger reports. The malware, dubbed Backdoor.AndroidOS.Obad.a, is described as a 'multi function Trojan.' Like most profit-oriented mobile malware, Obad is primarily an SMS Trojan, which surreptitiously sends short message service (SMS) messages to premium numbers. However, it is capable of downloading additional modules and of spreading via Bluetooth connections. Writing on the Securelist blog, malware researcher Roman Unuchek called the newly discovered Trojan the 'most sophisticated' malicious program yet for Android phones. He cited the Trojan's advanced features, including complex code obfuscation techniques that complicated analysis of the code, and the use of a previously unknown vulnerability in Android that allows Obad to elevate its privileges on infected devices and block removal."

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None
Original author: 
GoogleDevelopers


The Modern Workflow for Developing the Mobile Web - Google I/O 2013

Matt Gaunt Building for today's mobile web, getting 60fps across all target devices, while still delivering a fantastic user experience is a huge challenge. ...
From:
GoogleDevelopers
Views:
3483

54
ratings
Time:
30:33
More in
Science & Technology

0
Your rating: None