Android malware is still a huge issue, but that doesn't mean Android is unsafe - Android Central
Android malware is still a huge issue, but that doesn't mean Android is unsafe - Android Central |
- Android malware is still a huge issue, but that doesn't mean Android is unsafe - Android Central
- Apple & Google Reveal Surprise Update To COVID-19 Contact-Tracing: Privacy, More Precise Bluetooth, No Huawei - Forbes
- Google's latest Chromebook seems worth the higher price - NWAOnline
| Posted: 24 Apr 2020 04:34 AM PDT  It seems like every week a group of security researchers finds another exploit that can be used by bad people to do bad things on an Android device. It's a real problem that does exist, and when it comes to mobile device malware, Android is where you'll find most of it.
There's a reason for that. I'm going to ignore plenty of decent phone operating systems and focus on the two that make up the vast majority of what runs on the phones people buy every day — Android and iOS. A quick glance at both shows two systems slowly drifting to a point where they look and act the same, with the same apps, and the same services you can use. But there is a fundamental difference when it comes to installing apps and granting permissions. Unless you want to jailbreak an iPhone, the only way to get apps is from the App Store. To get an app in the App Store, a developer has to follow some very strict rules, submit their work to Apple, then wait for the approval. Only then can the app appear for you to install. Yes, there have been instances of malware slipping through, but they are few and far between. More: Google's App Defense Alliance teams up to fight malware on Android Compare this to Android. With a simple tap of a button, you can install apps from anywhere by sideloading them. Google does police its Play Store, but not every app is pored over by hand during a lengthy approval process — Google has AI that does much of the scanning. When a bad app is found — and plenty are — it's unpublished quickly, and if Google thinks the intent was malicious, the developer's account is suspended. If actual malware that tries to harvest your data is found, Google can also remotely uninstall or disable the app from your phone, which it has done on a few occasions. This open versus closed model isn't ever going to go away and it will always be easier to distribute malware-infested apps on the Android platform. Security researchers will always find new ways that bad actors try to game the system as will Google. Simply put, Android is the target because there are so many Android phones and it's so much easier to get a bad app installed on some of them.
But how many is "a lot?" Some analysts and malware prevention companies will try to sensationalize the issue because that gets clicks. Others will use the malware issue to try and sell you a product or a service. It may be a really great product or service, but developers will still capitalize when news of a new set of apps with malware is found. Others just ignore it or claim it doesn't exist. but they are wrong. The numbers don't lie, though. We see headlines about 50,000 phones downloaded malware before it got caught or 100,000 or even a million. Even one instance is too many for anyone who enjoys using the open platform or for the people who work on securing Android against malware. But most times those big numbers don't tell the whole story. There are over two billion active Android devices in the wild. Let's say a malware developer was crafty enough to get 20,000,000 (twenty million) phones infected. That's never going to happen, but if it did, that's less than one percent of Android devices. A more realistic "major" malware outbreak would have 100,000 infected devices, which amounts to less than 0.0000005% of active Android devices. Here's an even better way of reckoning those last numbers: this is about the same odds as winning at Powerball.
Since you're reading an article about Android malware, your chances are even smaller because you're about to get some friendly advice: only download apps from Google Play and read the permission dialogs before you click the "yes" button. If they sound fishy, don't install anything until you do a quick web search that answers any questions you might have. Malware can't install itself and depends on us to let it work. If you follow these two simple rules, it's impossible for you to install malware on your device. Malware that targets Android is never going to go away, and every single operating system is vulnerable to some form of malware. Android's numbers are higher than average because of the same reason Windows numbers are — bad actors target what's popular. But the issue hasn't reached the hand-wringing point some headlines suggest, and it's doubtful it ever will.  |
| Posted: 24 Apr 2020 09:41 AM PDT  Contact tracing is coming. BELGA MAG/AFP via Getty ImagesApple and Google told journalists today a lot more about the COVID-19 contact tracing mechanism coming to smartphones soon. Apple and Google have combined to create a way for smartphones to tell you if you've been in contact with someone who has COVID-19. Today, the two companies revealed more of what's going on. There was plenty of new information revealed, focusing on how the privacy elements have now been tightened up further, for instance. It was confirmed that Phase 1, where an app is downloaded to an Android or Apple phone, will be available within weeks – Phase 2, where the system is baked into iOS and Android without any download required, will come later. The way it works is that every smartphone, Apple or Android, with the app on board, would be looking out for other smartphones it comes near to. When it's close, the phone sends a beacon by Bluetooth which is picked up by the other phone. It's done in the background, 24 hours a day, and it's all automatic. If one of the people you've been near later contracts COVID-19 and it's confirmed by their health authority, your phone will automatically receive an alert to say you've been in contact with someone with the disease. It doesn't say who, where or when that happened. Here's what's important from today's news. Stronger privacy protections These have come about thanks to conversations with health authorities and governments. The feedback has led to revisions, with privacy protections in the protocol being strengthened. First, something called the tracing key has been removed. It remained on your phone for a period of time and so could be a privacy risk. It's gone, so now random, independent keys are created by the phone itself and are regenerated on a daily basis. What's paramount is that the broadcast keys don't reveal either anyone's identity or their location. Bluetooth metadata is encrypted As the phones broadcast these quickly changing identifiers, there's associated metadata, so now additional encryption to that metadata is applied which will further decrease the risk that someone can be tracked. Reported exposure time capped The exposure time returned to the health authorities application, if there has been a proximity match is now capped at 30 minutes. Longer times did not add value and risked compromising privacy. Easier app-building There have also been changes to design so that it's easier for public health authorities to build apps that work with the system. This is a good thing: hospitals and health authorities are good at getting us well, not at building apps, so they need every bit of help they can get. Bluetooth data change This is really cool: Apple and Google have now included additional information in the Bluetooth payload about transmission power level. Different phones broadcast with different strengths of Bluetooth signal, according to their design and their processors. Adding this data to the receiving device means the public health authorities' applications can better estimate the distance between those two devices and this should lead to higher quality modeling about the risk the user incurred. The app makers can also take advantage of added functions where authorities can specify signal strength and duration of exposure, again so level of risk can be determined. I asked how good the distance estimation is getting and can it go further. I'm told it has been revised and will continue to be revised. Essentially the combination of knowing the transmission power of the device with the received strength of the device doing the local matches will let authorities model the relationship to exposure risks. As more data is received, the models can be improved further. Cryptography algorithm altered Me, I don't deal with cryptography algorithms much, but I'm glad these guys do. The one used before has been swapped from HMAC to one called AES which is supported on more phones around the world. And there's another benefit: it decreases the power usage overall. Battery life I asked how much the new developments will help battery life. After all, if it's going to cane the battery, nobody will install it. I'm told that it will vary according to the device but AES should help. It seems that the experience with Bluetooth that both Google and Apple have will ensure that low power is used whenever possible. No to Huawei This had been presumed before, but it's now confirmed that the app won't work in China on Android phones. Google Mobile Services is needed and that's not available in China. So, that's not just Huawei out of the loop but Xiaomi, Oppo, OnePlus and so on. The iPhone app will work in China, however. _________________________ Follow me on Instagram by clicking here: davidphelantech and Twitter: @davidphelan2009 More on Forbes:  |
| Google's latest Chromebook seems worth the higher price - NWAOnline Posted: 25 Apr 2020 12:06 AM PDT  Our 4-year-old Acer 14 Chromebook started freezing on us, so we shelled out for a new one. A Chromebook is a laptop using Google's operating system, Chrome OS. The best thing about it is its ability to fix itself when you reboot, so it doesn't slow down over time. The freezing we experienced on the Acer 14 was the first problem we'd had in four years. The old Chromebook cost $274. The new one, the Pixelbook Go from Google, costs $649. Before taking the plunge, we asked: "What do you get for an extra $375?" Number one is reliability: Our Acer should have lasted longer than four years. It was Joy's favorite machine until it started freezing up on her. We've had good results with our other Google devices, so we decided to go with the latest version of their Chromebook. The negative side is you can't install programs, only Android apps. Almost everything you work on exists outside your laptop, somewhere in the refrigerated dungeons of Alphabet Inc., Google's parent. In other words, the cloud. Everything you download is encrypted, and getting started requires a password, so if you lose your laptop, no one can get at your stuff. We use the free Google Docs, Google Slides and Google Sheets instead of installing Word, PowerPoint and Excel. But we also use the free versions of those programs on the Microsoft site, Office.com. If you like Photoshop, you can substitute the free Photoshop Express and Photoshop Mix from the Google Play Store. If someone sends you an MP4 file (an audio or video file), drag it into the browser window in Chrome to play it. In short, all the software you need is free when you get a Chromebook. The first thing we noticed about the Pixelbook Go is how light it is -- 2.3 pounds, compared with 3.4 pounds for our old Chromebook. The second thing we noticed is the back-lit keyboard, which glows at night and is heaven to type on. The battery life is excellent at about 12 hours, but the old one was equally good. The sound quality is excellent: The orchestras we listen to on Spotify sound much better on the new laptop. It's also lightning fast, with twice the amount of memory and a better processor, though the old Chromebook seemed fast enough. And it has twice the storage space: 64 gigabytes instead of 32. But what really stands out is the resolution. Even in our bright, sunny living room, it's easy to see the screen on the Pixelbook Go. The only thing we worried about was the display size: It's 13.3 inches instead of 14. Would we have to squint? It seems fine, but we sometimes enlarge the font by holding down the Ctrl key and tapping the plus sign. This also works in Windows and on the Mac. But on the Mac, use Cmd instead of Ctrl. TIME TO BUY A NEW PHONE? A reader wrote to ask if it's OK to keep a phone when it no longer gets security updates after two or three years. Sure. All you need is a security app, such as the free one from Malwarebytes.org. Our phone, a Pixel 2, is 3 years old and we expect to have it for years to come. After starting with the free app from Malwarebytes.org, we bought the premium version for $12 a year. The premium version protects you in advance, while the free version fixes problems after they arise. Techlicious.com has a great article titled "How to Make Your Smartphone Last Longer." Here are four of the seven tips. • Get a new battery as often as every two years to improve performance. • Clean the lint out of the charging port with a toothpick. • Remove the case and wipe the phone with a microfiber cloth that's barely damp, using half vinegar, half water. • If storage is running low, back up files to the cloud and delete them from the phone. BOOST FROM APPLE WATCH A friend loves the activity app on her Apple Watch. "It starts you off each morning with three circles, and you have to move like crazy, all day long, to complete all three rings! My husband laughs when he hears me upstairs walking quickly back and forth to complete the green activity ring. I usually get that one finished in the morning on the treadmill. I might be watching a movie or sitting at my computer, and I'll get a ding and a command to stand up! I just love it. I move all day long and it is really a good thing." The green ring shows how many minutes of brisk exercise you've done. The red one counts active calories. The blue one tells you how many times in a day you've stood and moved for at least one minute. If you want to compete against friends, tap the watch's activity icon, which looks like a multicolored target. Then go to the bottom of the screen and tap "Invite a Friend." Competitions last one week. Earn up to 600 bragging points. INTERNUTS "Watch seven medieval castles digitally restored to their prime." Search on that phrase to find an article from SmithsonianMag.com. The castles are in ruins, but they'll transform to their original glory before your eyes. Examples include Poenari Castle, once the cliff-top fortress of Vlad the Impaler. There's also Chateau Gaillard, built by Richard 1, known as Richard the Lionheart. "Gaillard" has been translated as "saucy," "cheeky" and "defiant," much like Richard. Bob and Joy Schwabach can be reached by email at bobschwab@gmail.com and joy.schwabach@gmail.com. Business on 04/25/2020  |
| You are subscribed to email updates from "android application encryption,what does it mean to encrypt your phone,how do you encrypt your phone" - Google News. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
Comments
Post a Comment