A report from the UK’s ICO says that permissions given to mobile apps often far exceed what’s necessary, and that privacy policies are hardly apparent to users downloading apps.
Browsing Category: Mobile Security
Researchers from the University of New Haven have taken to Youtube this week to publicize vulnerabilities in a dozen Android apps, including Instagram, Vine and OKCupid.
Dennis Fisher and Mike Mimoso discuss the Apple iCloud mess, extending its 2FA system to the cloud, and the fallout from the possible Home Depot data breach.
Researchers have discovered a weakness in Android that is likely present in other leading operating systems that can be abused and lead to information leakage.
Mozilla is set to add a feature to its mobile Firefox OS that will give users the ability to revoke any application’s permissions on a granular basis. Firefox OS is the open source operating system that Mozilla built for smartphones. The software runs on a variety of devices from manufacturers such as Alcatel, ZTE and[…]
There’s a remotely exploitable authentication bypass vulnerability in the BlackBerry Z10 phone that affects the service that lets users share files with machines on a wireless network. The bug could allow an attacker to steal users’ personal data or hit them with targeted malware.
Vulnerabilities in the secure Blackphone reported during DEF CON require unusual circumstances to exploit.
Absolute Software’s anti-theft Computrace software is mysteriously installed on brand new machines, nearly impossible to remove, and exploitable.
Officials behind the Square service are reaching out to the security research community for help identifying flaws in its system.
Dennis Fisher, Mike Mimoso and Brian Donohue discuss the news from day one of Black Hat, including the Dan Geer keynote, attacks on mobile broadband modems and carriers’ control of mobile phones. Download: Black-Hat-Day-One-Podcast.mp3 Music by Chris Gonsalves