Skip to main content
Please wait...

Android security audit: An easy-to-follow annual checklist

3 months 1 week ago

Android security is always a hot topic on these here Nets of Inter — and almost always for the wrong reason.

As we've discussed ad nauseam over the years, most of the missives you read about this-or-that super-scary malware/virus/brain-eating-boogie-monster are overly sensationalized accounts tied to theoretical threats with practically zero chance of actually affecting you in the real world. If you look closely, in fact, you'll start to notice that the vast majority of those stories stem from companies that — gasp! — make their money selling malware protection programs for Android phones. (Pure coincidence, right?)

To read this article in full, please click here

JR Raphael

Android security audit: An easy-to-follow annual checklist

3 months 1 week ago

Android security is always a hot topic on these here Nets of Inter — and almost always for the wrong reason.

As we've discussed ad nauseam over the years, most of the missives you read about this-or-that super-scary malware/virus/brain-eating-boogie-monster are overly sensationalized accounts tied to theoretical threats with practically zero chance of actually affecting you in the real world. If you look closely, in fact, you'll start to notice that the vast majority of those stories stem from companies that — gasp! — make their money selling malware protection programs for Android phones. (Pure coincidence, right?)

To read this article in full, please click here

JR Raphael

Android security: Analysis, advice, and next-level knowledge

3 months 1 week ago

It's tough to talk about Android security without venturing into sensational terrain.

A large part of that is due to the simple fact that the forces driving most Android security coverage are companies that make their money by selling Android security software — and thus companies with strong interests in pushing the narrative that every Android phone is on the perpetual brink of grave, unfathomable danger. Plus, let's face it: A headline about 70 gazillion Android phones being vulnerable to the MegaMonsterSkullCrusher Virus is far more enticing than one explaining the nuanced realities of Android security.

In actuality, though, Android security is a complex beast — one with multiple layers in place to protect you and one that almost never warrants an alarmist attitude. I've been covering Android security closely since the platform's earliest days, and I've busted more myths and called out more shameless publicity stunts than I can even count at this point.

To read this article in full, please click here

JR Raphael

Google Smart Lock: The complete guide

3 months 1 week ago

Think fast: How many times a day do you pick up your phone to look at something? Unless you live in the tundra or have far more self-control than most, the answer probably falls somewhere between "quite a few" and "more than any sane person could count." Assuming you keep your device properly secured, that means you're doing an awful lot of unlocking — be it with your face, your fingerprint, or the code you tap or swipe onto your screen.

And that's to say nothing of the number of times you type your password into your laptop or enter your credentials into an app or website during the day. Security's important, but goodness gracious, it can be a real hassle.

To read this article in full, please click here

JR Raphael

And that was actually the CLEAN version!

3 months 1 week ago

It's more than a few years back, and this oilfield services company is implementing a new email filter, says a pilot fish working there.

"It was part of an email security product," fish says. "The filter could identify emails containing language that was not considered business appropriate.

"We'd had HR incidents involving inappropriate language in the past, especially from field hands emailing to office staff -- it gave a new meaning to 'crude oil workers' -- so it was decided we should enable the feature with its default settings and give it a run.

"Only a few hours later we received an alert that a message had been identified with inappropriate language.

To read this article in full, please click here

Sharky

Innovative anti-phishing app comes to iPhones

3 months 1 week ago

We’re always told never to click on a link we receive in an email in case doing so takes us to some dodgy phishing site where our account details are violated. But what if our email app warned us before we clicked malicious links?

Can this app protect against phishing attempts?

MetaCert isn’t fully available yet, but it does seem to be a promising solution that provides email users in enterprise and consumer markets an additional line of defense against clicking on malicious links received in email messages.

The solution emerged from the developer’s earlier work building an API to help app developers add a layer of security to WebView.

To read this article in full, please click here

Jonny Evans

Forbidden names, revisited

3 months 1 week ago

Flashback a few decades to the glory days of online service CompuServe, when anyone could get an account -- but not everyone could use their real names, according to a pilot fish in the know.

"You logged in with your account number, but to join a forum -- a chatroom focused on a specific topic -- you had to give a real name," fish says. "The name on your billing record was the default.

"Of course there were fraudsters who used an official-sounding name to phish people for personal info and credit card data. So users were not allowed to have words like 'billing' as any part of their in-forum real name. This could only be overridden by the forum sysop. I was one.

To read this article in full, please click here

Sharky

5 handy Google Fi features you shouldn't forget

3 months 1 week ago

Got Fi? Google's unusual wireless service may have shifted its name from Project Fi to Google Fi this fall, but its core proposition remains the same: Pay only for the data you use, and avoid all the traditional carrier gotchas and nonsense.

For the right kind of person, especially among those of us on Android, Fi can be a real cost- and hassle-saver. And aside from its most prominently promoted perks — the seamless network-switching, the public Wi-Fi use, the fee-free roaming and hotspot capabilities, and so on — Fi has some pretty interesting out-of-the-way options that can really elevate your experience.

To read this article in full, please click here

JR Raphael

5 handy Google Fi features you shouldn't forget

3 months 1 week ago

Got Fi? Google's unusual wireless service may have shifted its name from Project Fi to Google Fi this fall, but its core proposition remains the same: Pay only for the data you use, and avoid all the traditional carrier gotchas and nonsense.

For the right kind of person, especially among those of us on Android, Fi can be a real cost- and hassle-saver. And aside from its most prominently promoted perks — the seamless network-switching, the public Wi-Fi use, the fee-free roaming and hotspot capabilities, and so on — Fi has some pretty interesting out-of-the-way options that can really elevate your experience.

To read this article in full, please click here

JR Raphael

Will Apple’s iPhone replace your password?

3 months 1 week ago

Imagine using Face ID on your iPhone alongside a password and Touch ID on your computer in order to access highly secure websites, such as online banks, enterprise intranets and confidential online data services.

That’s a possibility as Apple begins testing a new security standard called WebAuthn.

[ Related: Apple's place is in the enterprise ] What is WebAuthn?

Apple has begun beta-testing support for the standard in Safari Technology Preview Release 71, though it does warn this support is an “experimental feature,” so it may go no further than that.

To read this article in full, please click here

Jonny Evans

Blockchain: What’s it good for? Absolutely nothing, report finds

3 months 2 weeks ago

In a joint report for the Monitoring, Evaluation, Research and Learning (MERL) Technology conference this fall, researchers who studied 43 blockchain use cases came to the conclusion that all underdelivered on claims.

And, when they reached out to several blockchain providers about project results, the silence was deafening. "Not one was willing to share data," the researchers said in their blog post.

To read this article in full, please click here

Lucas Mearian

Amazon launches patient data-mining service to assist docs

3 months 2 weeks ago

Amazon this week announced its latest data analytics product, one aimed at scouring unstructured data within electronic medical records (EMRs) to offer up insights that physicians can use to better treat patients.

Amazon's new Comprehend Medical AWS cloud service is a natural-language processing engine that purports to be able to read physician notes, patient prescriptions, audio interview transcripts, and pathology and radiology reports – and use machine learning algorithms to spit out relevant medical information to healthcare providers.

[ Further reading: A.I. and speech advances bring virtual assistants to work ]

Amazon's Comprehend Medical software service is one of 13 new machine learning software products the company announced on Tuesday.

To read this article in full, please click here

Lucas Mearian

FAQ: Windows 10 LTSB explained

3 months 2 weeks ago

Windows 10 powered to its third anniversary this year, but one branch, identified by the initials L-T-S-B, remained an enigma to most corporate users.

LTSB, which stands for "Long-term Servicing Branch," was among the pillars of Windows 10 in the months leading up to, and for months after, the mid-2015 roll-out of the operating system. For a time, it seemed that it had a shot at becoming the Windows 10 for enterprise because it was seen as a calm port in a storm of radical change.

[ Related: Fix Windows 10 problems with these free Microsoft tools ]

That hasn't happened, in part because Microsoft has steered customers away from LTSB.

To read this article in full, please click here

Gregg Keizer

Microsoft Patch Alert: After months of bad news, November’s patching seems positively serene

3 months 2 weeks ago

By far the most important reason for this month’s relative patching calm: Microsoft decided to wait and get the Windows 10 (version 1809) patch right instead of throwing offal against a wall and seeing what sticks.

[ Related: Windows 7 to Windows 10 migration guide ]

What remains is a hodge-podge of Windows patches, some mis-identified .NET patches, a new Servicing Stack Update slowly taking form, a bunch of Office fixes – including two buggy patches that have been pulled and one that’s been fixed – the usual array of Flash excuses and Preview patches.

To read this article in full, please click here

Woody Leonhard
Checked
31 minutes 40 seconds ago
Computer World Security
Subscribe to Computer World Security feed

About SecurityFeeds

SecurityFeeds Logo

Tim Weil is a Security Architect/IT Security Manager with over twenty five years of IT management, consulting and engineering experience in the U.S. Government and Communications Industry.  Mr. Weil's technical areas of expertise include IT Security Management, Enterprise Security Architecture, FISMA Compliance, Identity Management, and Network Engineering. Mr. Weil is a Senior Member of the IEEE and has served in several IEEE positions.