Reuters TV is Now Free

Reuters TV is now free. “Reuters TV is aimed at mobile consumers who don’t have time or interest in traditional appointment viewing, will cover general interest stories targeted at a U.S. and British audience. The content is produced specifically for Reuters TV.”

Android Lock Patterns Suffer from Similarity Problem

We’ve been warned ten thousand times about common passwords. But what about common Android Lock Patterns (ALPs)? “The Tic-Tac-Toe-style patterns, it turns out, frequently adhere to their own sets of predictable rules and often possess only a fraction of the complexity they’re capable of. The research is in its infancy since Android lock Patterns (ALPs) are so new and the number of collected real-world-patterns is comparatively miniscule. Still, the predictability suggests the patterns could one day be subject to the same sorts of intensive attacks that regularly visit passwords.”

Google’s “Stagefright” Security Flaw Has Its Own Issues

Remember Android’s Stagefright security flaw? Apparently Google’s patch has its own issues. “On August 5, Google started releasing over-the-air (OTA) security updates for Nexus 4,5,6,7,9,10 and Nexus Player devices to address most of these flaws. However, shortly after the search giant started distributing the patches, researchers at Exodus Intel confirmed their suspicion that the fix for an integer overflow triggered in libstagefright during MPEG4 tx3g data processing (CVE-2015-3824) was flawed.”

HTC Stored Fingerprint Images in Unencrypted Image File

Is there anything worse to store in plain text than passwords? Like, say fingerprint images? “Researchers from FireEye have found that data that could be used to clone a user’s fingerprint was stored as an unencrypted “world readable” image file on HTC smartphones. Four security researchers discovered that the image file, which is clear replica of a user’s fingerprint, could be stolen by rogue apps or hackers.”

Another Big Ol’ Android Vulnerability — Certifi-Gate

Another day, another Android vulnerability. Maybe it is as bad as Flash. “Dubbed Certifi-gate, the researchers say that vulnerabilities in the OEM (manufacturers of Android devices like Samsung, LG and Sony) implementation of Remote Support allows a third party app’s plugins to access a device’s screens and actions using an OEMs own signed certificates. That means a nefarious individual could see what you’re doing and control your phone or tablet. And according to the researchers, there’s no reasonable way to revoke the certificates as an end user.”

Google, Samsung to do Monthly Android Security Updates

Samsung and Google will release Android security patches every month. “Alongside the new frequent security updates, Google has finally released a patch for Stagefright for its own Nexus line of phones, which it sells directly to customers. The company argues that the majority of users weren’t at risk, however, with application sandboxing limiting the amount of damage an attacker could do.”

“Android is the new Flash”

If I were Google these would be fightin’ words: “Android is the new Flash”. “Several years ago, Steve Jobs called out Adobe Flash as a trainwreck of security and performance problems, garnering him contempt from industry players deeply invested in the software platform. Today, Google’s Android platform is getting same brutal appraisal, but it’s coming from Android’s own fans.”

Yet Another Android Security Bug

Yet another Android security bug can render your phone silent. “By either installing a malicious app on an Android device, or directing users to a nefarious website, hackers can cause an Android device to become ‘apparently dead — silent, unable to make calls, with a lifeless screen,’ Trend Micro explained. If the exploit is installed through an app, it can auto-start whenever the device boots, causing Android to crash every time the device is powered on.” From what I’m reading on other sites, if the bug is activated by just visiting a malicious site, you can reboot the phone and you’ll be fine. I’m reading a lot of different takes, though – I think this is still developing.

Android Has Nasty Little Security Bug

Ewww. There is a really nasty Android bug out there. “It’s like something from a bad movie: eager to learn the details of the bad guy’s dastardly plot, the good guys hack his phone armed with little more than knowledge of his phone number. No physical access to the phone, no tricking him into opening some shady application; just a quick message sent to his phone, and bam — they’re in. Alas, that’s essentially how a new Android hack works, according to researchers… and the vast majority of Android devices are vulnerable.”

Google Photo Keeps Backin’ Up After You Delete the App

Google Photo apparently keeps backing up your pictures even after you delete the app. ZOMBIE APP! Well, not really. “It turns out that when you turn the ‘back up & sync’ setting on for Photos in your Android phone, you’re not actually accessing the setting in the app, but in the phone itself. If you delete the app, the setting remains, so all your photos will continue to be backed up to Google Photos even though you no longer use it. Since most people probably don’t make a deep dive on their phone settings on a regular basis, it’s pretty much a set it and forget it thing, it’s very possible that many users have photos in the cloud they don’t know about.”