Archive for Android

« Older Entries
Newer Entries »

Wiping Your Android Phone Will NOT Erase Data: AVAST

Posted in Commentary with tags , on July 9, 2014 by itnerd

Security company AVAST decided to do a research experiment. They bought 20 phones from eBay that had been wiped. Here’s what they found:

  • More than 40,000 stored photos
  • More than 1,500 family photos of children
  • More than 750 photos of women in various stages of undress
  • More than 250 selfies of what appear to be the previous owner’s manhood
  • More than 1,000 Google searches
  • More than 750 emails and text messages
  • More than 250 contact names and email addresses
  • Four previous owners’ identities
  • One completed loan application

One phone even had a competitor’s security software installed, but unfortunately it did not help the former owner as it revealed the most personal information out of all the phones we analyzed. 

Translation: Wiping your phone doesn’t erase the data if you know how to get it back. Now the company does of course suggest that you use their software to wipe the contents of the phone. But you don’t have to do go that route. Instead, you can follow these instructions from Lifehacker that are not only for Android, but for iOS as well. Either way, you now have proof positive that you need to take additional steps to wipe your data clean from the phone that you plan to sell.

Leave a comment »

Android, Windows 7 & OS X “Leak” Location Data

Posted in Commentary with tags , , , on July 4, 2014 by itnerd

If you have an Android phone and you are interested in your privacy, then you should read this story. According to the Electronic Frontier Foundation, the Preferred Network Offload feature in the Android OS extends battery life which is good. But it also leaks location data which is very very bad:

The preferred network offload (PNO) feature, found in Android versions from Honeycomb (Android 3.1) onwards, allows devices to connect to wi-fi networks while in low power in order to extend battery life. The feature prioritises less power-hungry wi-fi connections over cellular connections.

But the feature is broadcasting a list of the 15 most recent wi-fi networks the device was connected to even while the device is in sleep mode, the EFF found, meaning anyone within wi-fi range of the device is able to access the connection history and map the user’s recent physical location.

“Wi-fi devices that are not actively connected to a network can send out messages that contain the names of networks they’ve joined in the past in an effort to speed up the connection process,” the EFF found.

The good news is that this is in the process of being fixed:

The offending code is the open source wpa_supplicant application which is used by Android to manage wi-fi, the EFF said. It said Google yesterday submitted a patch to the application which fixed the issue, ahead of Google integrating the fix into the downstream Android code.

“We take the security of our users’ location data very seriously and we’re always happy to be made aware of potential issues ahead of time. Since changes to this behavior would potentially affect user connectivity to hidden access points, we are still investigating what changes are appropriate for a future release,” Google told the EFF.

The bad news is that other OSes have this issue. Namely OS X from Apple and Windows 7 from Microsoft. Those will have to be fixed at some point. But to protect yourself, the EFF suggests that you either turn off “keep wi-fi on during sleep” in device’s wi-fi settings (assuming the device has such a feature) or manually clear the network history to remain secure.

 

Leave a comment »

One Reason To Update To Android 4.4.4: SSL Hack Fixed

Posted in Commentary with tags on June 22, 2014 by itnerd

If you’re an Android user (Specifically Nexus users, but other phone users may apply), you might have noticed that over the last few days the Android 4.4.4 update is being pushed to your phone. Take it from me and download it now because it will make you way safer than you are right now. Specifically, it will make you safer when it comes to SSL. Here’s what PC World had to say:

Sascha Prueter, an Android program manager at Google, shed some light on the changes in the new version when answering a question received from a user on his Google+ page.

The update is “primarily addressing CVE-2014-0224,” he said.

CVE-2014-0224 is the tracking number in the Common Vulnerabilities and Exposures (CVE) database for a serious security flaw found recently in OpenSSL, one of the most popular libraries for supporting the SSL (Secure Sockets Layer) and TLS (Transport Layer Security) secure communications protocols.

The CVE-2014-0224 vulnerability can be exploited by a man-in-the-middle attacker todecrypt and modify traffic between a client and a server that both use OpenSSL, if the server uses OpenSSL 1.0.1 or a newer version. The flaw was patched in OpenSSL 1.0.1h released on June 5.

So, if you are prompted to update to this version of Android, do it. If not, I would say annoy your phone manufacturer and/or carrier to see when you’ll be able to get your hands on it.

Leave a comment »

Getting iCloud To Work On An Android Device

Posted in Tips with tags , on April 22, 2014 by itnerd

I got an interesting call from a new customer recently. She got a new Windows 8 PC running Microsoft Office 2013, an iPad Mini, and a Samsung Galaxy S4. She was already using the Windows 8 PC with Outlook 2013 and she wanted the contacts and calendar entries from that to replicate to the other devices. This on the surface wasn’t easy as we’re talking about three different ecosystems here. Windows, iOS, and Android. Now getting the Windows PC and iPad Mini to speak to each other was easy. I could simply install the iCloud Control Panel For Windows and have it replicate the calendar and contacts from the Windows 8 PC to the iPad Mini. The question was, how do I do the same thing with the Galaxy S4?

I did some research and came across some apps made by Marten Gajda on Google Play that would do what I wanted. Specifically these:

Because She was running a Galaxy S4, she also needed two additional pieces of software. That’s because of this bug:

“The bug causes accounts of paid apps to be removed when Android boots up. To work around this issue this app pretends to provide the same account type that SmoothSync for Cloud Calendar provides. That’s enough to convince Jelly Bean to keep the account.”

So after installing everything and setting up her iCloud accounts, everything worked as expected. All the devices were able to data and update data to and from iCloud. Thus proving that it is possible for an Android device to sync to iCloud, strange as that may seem. If you have the need to sync an Android device to iCloud, feel free to try this method and let us know what happens. The apps are ones you have to pay for, but the total price is under $10 for all of them and the results indicate that it’s well worth it.

 

 

Leave a comment »

Google SVP Says “Android Is Not Designed To Be Safe”

Posted in Commentary with tags on February 27, 2014 by itnerd

From the “he really said that” department comes this. Google’s Senior Vice President Sundar Pichai has said that Android is not designed to be a safe mobile operating platform.

Really. He said that. Here’s the proof which was an answer to a question at the Mobile World Congress:

We cannot guarantee that Android is designed to be safe, the format was designed to give more freedom. When people talk about 90% of malware for Android, they must of course take into account the fact that it is the most popular operating system in the world. If I had a company dedicated to malware, I would also be addressing my attacks on Android.

That’s a really lame answer. After all At least Microsoft makes attempts at combating threats to Windows with updates and the like. Plus you don’t see Bill Gates, Steve Ballmer, or anyone else there saying “oh well, sorry but we aren’t going to bother.”

As far as I am concerned, this is a total #fail and I fully expect him to be fired shortly.

Leave a comment »

Nokia Releases Android Phones… No That’s Not A Misprint

Posted in Commentary with tags , on February 24, 2014 by itnerd

Nokia CEO Stephen Elop, who we thought had hitched his wagon to the Windows Phone OS, seeing as they’re owned by Microsoft, showcased three Nokia Android-powered devices today which likely shocked more than a few people. Here’s a snippet from the Nokia blog on the Nokia X, Nokia X+ and Nokia XL:

The Nokia X family offers terrific value with acclaimed Nokia and Microsoft services and experiences. HERE Maps with turn-by-turn navigation and offline maps are included. Nokia MixRadio offers hundreds of free streaming and offline playlists. Free cloud storage from Microsoft OneDrive with 7GB of space for free is included out of the box. There’s also access to Outlook.com as your email service. And there’s Skype with a month’s free calls to international landlines in selected markets.

All three of the devices are powered by a Qualcomm Snapdragon Dual Core processor and are Dual SIM. A range of third-party apps comes preinstalled, including BBM, Plants vs. Zombies 2, Viber, Vine and Twitter. As many more as you can fit can be obtained from the Nokia Store, third-party app stores and sideloaded.

Interesting. It seems that Microsoft still managed to get something onto these phones. Now to the part that everyone cares about, the specs:

The Nokia X is the entry level member of the family, with 4-inch IPS LCD screen, 512MB RAM and a 3-megapixel camera. It will be available in green, black, white, yellow, cyan and red.

The Nokia X+ offers you a little more, as the name suggests: there’s 768MB RAM and a 4GB MicroSD card is included in the box. It comes in the same colours as the Nokia X.

Lastly, the clue is in the name for the Nokia XL, as well, with its 5-inch screen. The Nokia XL also boasts 768MB RAM, the free MicroSD card and it has both a 2-megapixel front-facing camera for Skype calls, as well as a 5-megapixel rear camera with autofocus and flash. The same colours are available as for the Nokia X and X+, except bright orange replaces the red with this model.

As for availability, all these will be available “globally.” Whatever that means.

Leave a comment »

Eric Schmidt Posts Guide On Converting To Android From iPhone

Posted in Commentary with tags , on November 26, 2013 by itnerd

Well, clearly Google feels it can steal market share when Google chairman Eric Schmidt posts a guide on converting to Android from the iPhone:

Many of my iPhone friends are converting to Android. The latest high-end phones from Samsung (Galaxy S4), Motorola (Verizon Droid Ultra) and the Nexus 5 (for AT&T, Sprint, T-Mobile) have better screens, are faster, and have a much more intuitive interface. They are a great Christmas present to an iPhone user! 

Here are the steps I recommend to make this switch. Like the people who moved from PCs to Macs and never switched back, you will switch from iPhone to Android and never switch back as everything will be in the cloud, backed up, and there are so many choices for you. 80% of the world, in the latest surveys, agrees on Android.

I’ll admit that a lot of the Android phones that I’ve reviewed lately have been really nice. But I am not sure if I would make the jump to another platform. Still, one has to wonder how many people do make that jump. If you’ve got thoughts on that, please leave a comment and let us know what your view is.

Leave a comment »

Google Nexus 5 Announced [UPDATED x2]

Posted in Commentary with tags , on October 31, 2013 by itnerd

If you take a walk over to Google Play now, you’ll see that Google’s next flagship phone the Nexus 5 has been announced. It will ship with these specs:

  • 5-inch 1920×1080 display
  • 2.3GHz quad-core processor
  • 2GB of RAM
  • Your choice of 16GB or 32GB of storage
  • LTE
  • 802.11 a/b/g/n/ac
  • NFC
  • 8MP rear camera
  • 1.3MP front-facing camera
  • Android OS 4.4 KitKat

It looks sweet. It appears to be shipping today. So, will you be getting one? Post a comment and share your thoughts.

UPDATE: Rogers just tweeted this:

UPDATE #2: Telus just tweeted this:

Leave a comment »

Schmidt Says Android More Secure Than iOS…. Laughter Ensues

Posted in Commentary with tags , , on October 8, 2013 by itnerd

Google’s Eric Schmidt went to the Gartner Symposium/ITxpo and had a question-and-answer session with attendees. At the end of it, this happened:

Summarizing what he had heard during the 45-minute session, [Gartner analyst David] Willis said to Schimdt, “What I heard was Android is more secure than the iPhone,” to which Schmidt replied, “Android is very secure.”

The audience again gave a hearty chuckle. Schmidt paused and said, “You will be happier with Gmail, Chrome and Android more than you can possibly imagine.”

The audience chuckled again, and Willis, chuckling himself, responded, “…that makes it a wrap.”

Clearly the crowd wasn’t convinced. It may have something to do with the fact that Android isn’t seen as being secure by many including the US Government. That’s a problem if you want to push your phone platform into the enterprise as those users really, really care about that.

It looks like Google has some work to do to change the perception that they’re not secure.

 

Leave a comment »

Android Phone Users Can Now Remote Lock Their Phones

Posted in Commentary with tags on September 24, 2013 by itnerd

If you have an Android phone, you need to pay attention to this. Google has had a service called Android Device Manager which allowed you to see the location of a lost or stolen phone. You can also remotely tell the device to ring as well as erase all of its data. But starting today, you can now do remote password locking. That way if you lose your phone and  you want to prevent others from accessing your missing device, you’re covered.

This works with Android smartphones running version 2.2 of the operating system and above. Keep it in mind if you lose your phone.

Leave a comment »

« Older Entries
Newer Entries »