Slatedroid info

Everything about android tablet pc [slatedroid]

Help a stranger return your lost Android device, place contact info on your lock screen

Posted by wicked November - 23 - 2014 - Sunday Comments Off

Android Security Lost device Owner Info Lock Screen

If you’ve ever lost something, something important like a wallet or, say, a smartphone, there is nothing better than that feeling when a stranger calls you up and returns your lost property. In terms of a lost Android device, seeing your gear returned safely is much more likely if you help that stranger out a little bit. One of the best ways to do that is to place your contact info on your lock screen.

Now, we’re not suggesting you place anything critical on your lock screen, the purpose of which, after all, is to keep your data secure. But perhaps your name and a home phone number would be acceptable.

The process is actually pretty simple, fire up your system Settings, head on into the Security section and tap on Owner Info.

Now, tap the checkbox to turn on ‘Show owner info on lock screen‘ and fill in what you would like it to say. Myself, I choose not to put my name, inserting only the text “If found, please call ###-###-####” – with my real home phone number, of course.

Android Security Lost device Owner Info

Go ahead and back out of your settings and go about your day. The next time your Android device turns on, and lands on the lock screen, of course, you will be greeted with your message.

There you have it, if ever you misplace your device, anyone that picks it up will be presented with a straightforward method of contacting you, making it all that much easier, and more likely, that a stranger shall return your beloved, but misplaced, Android device.

Does anyone have any great stories to share of lost phones returned to their owners? Maybe you just want to thank a stranger that did you good, perhaps you met the love of your life this way… OK, that was a stretch, but hey, if it happened to you, we want to hear about it in the comments below.

Password managers on Android are not as secure as one would think

Posted by wicked November - 22 - 2014 - Saturday Comments Off

android_security

A password manager is expected to be secure, right? Just because it is expected does not mean that is necessarily the truth. There are password managers on Android that have a security flaw in which usernames and passwords can be picked up. It happens when the password manager uses the device’s clipboard to enter information. The security flaw was identified in early 2013 and a fix has yet to be issued.

The blame is not on individual password managers but rather Android itself. Other applications, such as proof of concept ClipCaster, can swoop in and snag usernames and passwords with ease. They do not require any permissions when installing, so it is not like there is anything to be weary of. An app like ClipCaster silently takes what was attached to the clipboard.

One password manager known to be affected is LastPass. There are others, but CEO Joe Siegrist has stepped forward to make it clear that this is a problem within Android: This is an OS-level issue that impacts everything running on Android. If you use the clipboard to copy any data, a malicious app could obtain it—like installing a clipboard monitoring software on Windows or a keylogger on Windows. You can compromise your security by installing bad software.” Siegrist follows by advising users of password managers to only install apps they trust.

Google does have measures in place to scan apps for authenticity, but that can only go so far. If you are feeling uneasy about how secure your device is, go ahead and install a mobile security app. One of the best out there is Lookout, but there are other options such as Avast or AVG.

Source: Ars Technica

Come comment on this article: Password managers on Android are not as secure as one would think

Oops AppLock – Indie app of the day

Posted by wicked November - 22 - 2014 - Saturday Comments Off

What is Oops AppLock?

Oops AppLock is a security application that allows you to lock applications and unlock them using a pattern code using your volume keys. It’s useful for those who may want to keep the kids or other people out of personal apps and adds a layer of security to your apps. It’s currently free in the Google Play Store with no in app purchases.

This is one clever application. It shows up in your app drawer as K Note and when you open it, acts like a simple note taking app. However, you can set a password using your volume keys (the default is hitting the volume up key three times) to bypass the charade and get to the actual security app. From there you can manage which apps get locked and which apps do not. Each app can be assigned a key unlock which consists of up to four entries and uses your volume keys exclusively. Thus, you can lock your gallery app with volume down, up, down, up and then lock your messaging app with up, up, down, up.

To add to the trickery, you can have apps open to a fake splash screen if you so choose. This gives the app the appearance of being “stuck” when really it’s just waiting for you to unlock it. Thus, people who are trying to pry may think the phone just froze on them and stop attempting rather than try to crack a password they don’t know is there. You can customize the splash screen to other things to mess with people if you want.

oops applock review

Hilariously brilliant and effective.

PROS
  • The app is very clever and hides itself brilliantly.
  • Locks apps and requires the use of a password to unlock. Passwords are created by using the volume keys.
  • Tricks potential nosy people by fooling them into thinking the app is frozen when it’s really just waiting for a password.
  • Simple interface and controls are easy to learn once you navigate through the myriad of misdirects.
CONS
  • Thanks to its clever nature, this app may be downright confusing for some people.
  • Oops AppLock will likely drastically reduce the life expectancy of your volume rocker.
  • It’s a newer app so there are a few small bugs and issues here and there that still need to be resolved.
7.5

Overall, this app is both brilliant and hilariously effective. There are so many misdirects that it has managed to confuse some people who have downloaded it and installed it so make sure you read the FAQ on the Google Play Store description page. That way you know what’s going on. It’s free to use also and that’s always a plus.

google play

Check out the previous indie app of the day: Jet Run: City Defender
Join us in the Apps and Games section of the Android Authority forums! Just don’t forget to read the rules first!

Lock_Screen_HTC_DROID_DNA_TA

Android 5.0 Lollipop brought a new feature called Smart Lock, which allows you to set certain locations or Bluetooth devices as trusted so that you don’t have to constantly enter your security PIN, Password, or pattern to unlock your phone or tablet. Third party apps such as Delayed Lock, SkipLock and Secure Settings have already been giving users this ability for a couple of years now. Unfortunately, these apps will not work in Lollipop due to the fact that Google has changed the security in that third party apps can no longer unlock the device.

Now you might say these apps are no longer necessary since Lollipop already offers Smart Lock, but at present, they do offer more functionality such as setting trusted WiFi networks. Let’s also not forget that the developers could continue to develop these apps with more features.

This is a tough pill to swallow for these developers, but the good news is that the majority of people will be on KitKat and lower for a while. If you fall into that category, then check out my full guide on how to bring the same Lollipop Smart Lock features (and then some) to your device. It will be the best thing you do today, trust me.

 

Come comment on this article: PSA: 3rd party apps that bypass the security lock screen (ie Delayed Lock, SkipLock) no longer work in Lollipop

The U.S. government continues to claim that encryption will lead to deaths

Posted by wicked November - 20 - 2014 - Thursday Comments Off

NSAPrismFBI Gawker

Several weeks ago, I wrote about how some people in the United Kingdom believe that the only way to stop terrorism is to limit people’s “free speech” rights and allow government agencies to have unlimited access to everyone’s tech devices. The U.S. Justice Department even got into the argument by having a high ranking official claim that new encryption technology on smartphones would “lead to tragedy” as a “child would die….because police wouldn’t be able to scour a suspect’s phone.”

As the Wall Street Journal wrote about yesterday, law enforcement agencies are continuing to push their theory of how evil new technology will be for the country’s safety. The main issue is that companies such as Apple and Google are putting in place improved technology on smartphones and tablets which make their devices more secure.

“But law-enforcement officials see it as a move in the wrong direction. The new encryption will make it much harder for the police, even with a court order, to look into a phone for messages, photos, appointments or contact lists, they say.” - Wall Street Journal

When the U.S. government met with Apple last month to discuss their issues with the new encryption, they actually tried to use the “dead-child” scenario which Apple found “inflammatory.” As Apple pointed out in the meeting with the U.S. government, there are a number of other outlets for the government to find the information that they want.

But whether the U.S. government likes it or not, more companies are now switching to encrypting technology. Just this week, WhatsApp revealed that they will now be encrypting text messages sent from one Android phone to another.

google io 2014 keynote (37 of 41)

As I wrote about yesterday, in one of the biggest shocks, AT&T is now even standing up to the U.S. government by supporting new rules on what data the government can take without a probable cause warrant.

“Look, if law enforcement wants something, they should go to the user and get it. It’s not for me to do that.” - Tim Cook, Apple

Both Google and Apple are now installing encryption schemes with their latest software which prevent others from accessing user data stored on the phone when locked. They are not alone either in fighting back against the government as both Microsoft and Twitter have filed relatively recent and separate lawsuits against the U.S. government in which both companies ask the courts to decide what information must be handed over to the government.

WhatsApp now has end-to-end encryption, at least on Android

Posted by wicked November - 18 - 2014 - Tuesday Comments Off

whatsapp_app_icon

The most popular messaging platform is getting better today. The update to the WhatsApp Android app now includes end-to-end encryption. Using open source code from Open Whisper Systems, even WhatsApp won’t have the ability to decrypt your messages.

Only the users will have access to the conversation, which means that law enforcement officials won’t be able to force WhatsApp to share your messages since they won’t have access to it.

This is by far the most secure form of encryption we have seen on a messaging platform of this caliber. It’s launching on Android first, with no specific time table on when iOS will get the update.

qr code
Play Store Download Link

source: The Verge

Come comment on this article: WhatsApp now has end-to-end encryption, at least on Android

Do US tech companies create tools for terrorists?

Posted by wicked November - 5 - 2014 - Wednesday Comments Off
Image credit:

Shutterstock Image credit:

Yesterday, Robert Hannigan, head of the United Kingdom’s Government Communications Headquarters (GCHQ), wrote in the Financial Times that terrorists are using tools created by U.S. technology firms as their “command-and-control networks of choice.”

According to Hannigan, the only way to fix this issue to allow more investigations by security and law-enforcement agencies. Hannigan specifically took issue with social media sites and messaging apps along with the “West’s free-speech spirit.” Whether it is terrorists using trending topics like #Ebola or #WorldCup to insert messages or terrorists using violent videos that don’t violate social media rules, the GCHQ and MI5 need more help from the private sector, Hannigan said.

One of the more controversial comments from Hannigan came when he bluntly stated that “privacy has never been an absolute right.”

“Today’s would-be jihadists do not have to search for hidden with secret passwords – which may simply Posts by young people from Syria Track. Without any spam control the daily 40,000 Tweets can send their attacks on Mosul.” - Robert Hannigan

RobertHanniganPrivacyUK WorldCrunch

Others were not convinced that the way to move forward is to simply strip away everyone’s privacy. Eva Galperin of the Electronic Frontier Foundation spoke to BBC radio and noted that the intelligence agencies’ “powers are already immense. I think that asking for more is really quite disingenuous.”

Ben Wizner, who works for the US Civil Liberties Union NGO, and is one of Edward Snowden’s lawyers, warned that mass-scale spying posed a long-term threat to free society and democracy. As the article notes, the speech by Hannigan highlighted how much Snowden’s revelations have affected the security industry. Both Apple’s iOS 8 and Android’s OS Lollipop will now come with encryption enabled by default.

After reading Hannigan’s statements, I am still left wondering why the government has not provided more evidence that internet companies are actively obstructing investigations. Based on transparency reports from the social media companies, they do in fact provide information and take down select content.

It is hard to look at his comments and wonder if citizens will have any privacy whatsoever if these government officials have their way.

Google sells Android 5.0 Lollipop as one tough candy

Posted by wicked October - 29 - 2014 - Wednesday Comments Off

All the sweetness and prettiness won’t be enough to console you if your smartphone or tablet gets stolen, which is why Google has toughened up the latest Android 5.0 to meet the needs of the increasingly insecure mobile device world. Google now highlights the key achievements it made in coating Android Lollipop with a sheet of armor, but the question always is whether it’s enough. As always, the answer depends on the user, but Google is at least pushing them in the right direction.

The first line of the defense, at least from physical, external forces, is the lockscreen and, unfortunately, that is also the easiest to break through, at least from an external, physical perspective. It doesn’t help that the default is simply a swiping gesture so users are more often than not unaware of less convenient but more secure options, like PIN codes, patterns, or the sometimes inaccurate face shot. To make things even easier, for users, that is, Google is introducing some new screen locking and unlocking mechanisms, using Bluetooth devices or NFC. In, other words, wearables. Usually these methods that rely on another device fall back to PIN or pattern codes, so security is still covered. Except, of course, you’d need to have a smartwatch or something similar for that to make sense.

Android 5.0 is also the first time that Google will be enabling device encryption by default. At least for totally new devices. This will keep your data safe from digital intrusion. As the encryption keys are stored on the device itself (don’t worry, not in an easily accessible way), Google has no access to them and, as a consequence, neither will any government agency. Only problem is that it will only be implemented in new devices and older devices, which are far more than new ones, remain unencrypted by default. Encryption also presents a stumbling block for power users who want to get more access to their device.

Google has also stepped up its SELinux implementation, the security framework that it adopted back in Android Jelly Bean. This time around, it is enforcing it across all apps. End users need not mind this feature other than the fact that, in theory, their apps are running in a secure manner. Unfortunately and rather ironically, this hardened security is also the biggest obstacle to gaining root, which is the gateway to all other power user mods. The situation isn’t totally bleak and even SuperSU developer Chainfire is a bit optimistic, but it has become harder than it should, considering Android is a Linux-based platform.

These are just some of the changes coming our way in Android 5.0 Lollipop, and probably not the most exciting to end users, but also subtly the most important. Security has become a core concern for many mobile users these days and it is reassuring to see Google giving due emphasis to it. Of course, in the end, the onus isn’t just on Google alone but on everyone who wields a smartphone in their hand.

SOURCE: Google

Security expert finds vulnerability in Samsung’s Find My Mobile service

Posted by wicked October - 28 - 2014 - Tuesday Comments Off

Samsung_Logo_02_TA_CES_2014

Samsung’s Find My Mobile service has come under fire by NIST and security researcher Mohamed Baset regarding an exploit that allows attackers to remotely lock, ring or wipe Samsung devices. Baset points to a vulnerability in Samsung’s service that doesn’t validate the lock code information it receives, allowing an attacker to flood the device with network traffic and do their bidding. No word from Samsung on a patch, but for now we recommend disabling the service until they address the security issue.

Source: Engadget

Come comment on this article: Security expert finds vulnerability in Samsung’s Find My Mobile service

Google details more new security features in Android Lollipop

Posted by wicked October - 28 - 2014 - Tuesday Comments Off

Android_Lollipop_Smart_Lock_Trusted_Devices_TA

Security is one of Google’s major focus points with the latest version of Android, and in a blog post they’ve detailed exactly what goes into making your Android more secure once it’s updated to Lollipop. 

The post talks about a few of the new security features in Lollipop, including the revamped smart lock settings for your device. It’s a great idea to put a pin or password on your phone’s lock screen, but it’s inconvenient to have to put that code in every time you unlock your phone. Fortunately, the smart lock stuff will let you automatically unlock your device when it’s connected to a trusted Bluetooth device like a smartwatch.  Plus, there are also options for NFC and an improved facial recognition unlock.

Device encryption is another bullet point, and as we all know, all phones with Lollipop will be encrypted by default. Google is also pushing SELinux, which is great for app security. The SELinux Enforcing Mode is required for all apps on Android 5.0, which really helps more on the enterprise side of things.

source: Official Android Blog

Come comment on this article: Google details more new security features in Android Lollipop