Showing posts with label Android security. Show all posts

Android Poised To Take Over The Enterprise



Despite its diminishing influence, Blackberry remains the “gold standard” in enterprise solutions. With data encryption features that prompt entire governments and nations to ban the smartphone brand because its sophisticated encryption technology deters their monitoring systems, the level of security that it has developed is the very reason why it is still the top smartphone choice for businesses.

However, because employees’ personal preferences for smartphones have become a consideration for a growing number of Fortune 500 corporations, the enterprise market is gradually shifting to accommodate the iPhone and the Android. And yet, most companies are still not keen on adapting the Android for corporate use.

The main concern that companies have in saying “Nay,” to the Android for now is centered in one main thing: Security. Thus, up and coming security solutions company 3LM (Three Laws Mobility) seeks to remedy this Android handicap by creating solutions that will close the gap between Android and the enterprise market.

Three Laws Mobility was founded and owned by former Google/Android Security Team employees Tom Moss and Gaurav Mather. After they founded 3LM, Motorola Mobility acquired their company. As of August 15, 2011, Google acquired Motorola Mobility.

The security company identified these Enterprise needs that they seek to address on the Android:

  • Give the company’s IT department the ability to remotely install corporate applications.
  • Allow the IT department to remotely wipe the device, should theft occur.
  • Provide a selective encryption of corporate applications.
  • Allow the user to access company resources remotely, via VPN protocol.
  • Give the company access to “breadcrumb tracking,” a function that allows certain documents or programs to track the phone’s (ergo the user’s) location. So if you call in sick and your company tracks you in Boracay, blame it on the breadcrumb tracking technology. For the truant, be thankful you’re in the Philippines.
  • Provide encryption for the SD Card.
  • Functions to check device health.

These are the security concerns that 3LM, in partnership with the Android, seeks to remedy. With Android, Google, Motorola, and the other Android partner companies aggressively courting a growing market from the casual consumers to the corporates, trust that Android and security solutions companies like 3LM will be on the move in developing security solutions to address the markets’ needs. As for the smartphone wars, “It ain’t over till it’s over.”

***
Photo Credits: CNet Asia
Android Developers
Share:

Hot Android News For The First Monday Of October!

 
With the smartphone wars escalating, no self-respecting tech company should allow their product to be left standing in the wake of another company’s progress. Thus, we see the smartphone wars getting bitter by the day.

Today’s update is about two things:
The iPhone 5 will be released on October 4. Thus, the rabid Apple fanatics will be camping out on the Apple Stores by midnight of October 4, US Time. That means around noon our time for the East Coast residents, or around late afternoon for us, if we’re talking about the West Coast. Either way, the Apple universe is already waiting with bated breath.

That being said, we came across a piece of news putting the iPhone/iOS in a good light, while disparaging the Android’s flaws.

In a nutshell, the post is saying that the Android’s stats are bloated, and the numbers are not really significant; they don’t necessarily mean that the Android is ahead of the iOS. They are saying that the 550,000 activations a day for the Android do not necessarily mean more market share, as other activations could also mean that users have either upgraded or rooted their OS, among other things.

Here’s what we can say about this note: We’re betting that less than 2% of that 550,000 are actually power users and would dare to root their Androids. At that generous rate, it means only 11,000 people dare to root their devices in a day. And we are being generous at that. Most likely, only 1% of that 550,000 are actually daring – or knowledgeable enough to root or upgrade their devices. And no sane user would update his device every day for the whole week. A user may update or upgrade once after buying the device. With the speed (or slowness) of the release of the next versions of the Android, it’s highly unlikely that a user will be upgrading his device every month. Every 6 months, if his hardware can handle it, probably. But every month? Every week? Every day?! Not impossible, but very improbable.

***

There’s another sad news for Android users, especially for the HTC owners: HTC recently pushed out a system app that collected data fromtheir Android users’ handsets. The purpose of the app is not clear to the users, but it gathers data, ostensibly for HTC’s benefit. What makes the security breach worse is that it exposes this data to basically any other app that needs to collect data. This means almost ALL the free apps available on the Android Market. Free apps need to collect some user data because of the ads they will be pushing on the user. However, these apps are generally secure if the HTC app is not in the system, because their access is limited only to what they need and what are declared safe and allowable by the Android Market’s standards. With the HTC app in place, however, they will gain access to data they previously have no access to.

So what is a security-conscious user to do? First is to check your system for “HtcLoggers.apk” via the Settings/Applications/Manage Applications/Running menu. If you do, uninstall all free apps, especially those with permissions to collect data. (We’re sad to see your free games go.) Then either use the premium, no-ads applications for now, or put up with a Spartan (sort of bare) Android for now.

And to keep abreast with the updates, call HTC support and ask them about when they plan to remove the app and if it’s possible to downgrade to the HTC Android version without the HTC app that contains the HtcLoggers.apk package.

Alternatively, you can sell your HTC and get a Samsung or a Cherry Mobile instead.

These are two of the hottest news for the Android today. Come back for more tomorrow!

***
Photo Credits: INeedBob
Android Industry News
Share:

Android App Review: Lookout Anti-Virus



Yesterday, we mentioned that the Android should be very secure because it's based on the Linux kernel. Today, we're reviewing an app from an up-and-coming software security company that focuses on mobile operating systems: Lookout Security & Anti-Virus.

We came across Lookout from this article regarding Android malware threats from CNN Tech. When the time came to add an Anti-Virus to our Android test unit, we chose Lookout because of dissatisfaction with AVG in our use of AVG on Windows systems. Plus, given the fact that Lookout seems to be an emerging expert in the field of Android security, we took a shot at installing and using the software.

Overview:

The app is very straightforward, with 5 buttons which serve as simple choices for controls:

  • Security -- Where you can perform a complete scan of your system, or activate the app to secure your system in the background.
  • Privacy Advisor -- A Premium function, this will let you scan for apps that send personal, private data to servers.
  • Safe Browsing -- Protects your system from phishing sites.
  • Backup -- A function to backup your data regularly.
  • Missing Device -- Allows you to Locate, Lock, Wipe your device when it's lost or stolen, and even Scream so you can find it if the loss is recent and you believe you're still within the area of the device.

Great Things About The App:

What we love about this Anti-Virus app is that it scans the device thoroughly, and covers all the bases of mobile device security, including an actual loss. When it's been turned on, it also scans any and every download that comes from the Android Market before it gets installed on your device. It also comes with a 14-day trial of the Premium features, so you'll get to see if it's worth buying the Premium version or not.

The Privacy Advisor alone seems to be a feature worthy of a Premium License purchase, so trying it out could be both a good and a bad thing: a good thing because you'll have an extra measure of protection, a bad thing because you'll be shelling out money for an extra feature. Either way, if you value your data and privacy, this function seems to be worth $2.99 a month or $29.99 a year. For PayPal users, sadly, Lookout accepts only credit cards for now.

Bad Things About The App:

If you're on a low-spec Android, you may find that it slows down other processes, like games. We ran Lookout at a time when we were reinstalling apps on the Android after an upgrade from Eclair to Froyo, so the added load on the processes slowed the phone down. If you're running Android on specs higher than 256MB RAM/600MHz CPU/512MB ROM, then we guess you'll have a smoother time with Lookout in the background. Otherwise, if you're running a resource-hog app like a game, you may want to disable Lookout during that time.

Verdict:

We have yet to try the Android version of AVG, but on the whole, we're very happy with Lookout. We especially love that you can scan for data-mining apps and how it scans every single app you download and install from the Android Market. Perfect for protecting yourself against them exploitative Badware!

Rating:

5/5 Stars.


Photo Credits: Lookout Premium Page
Android App Reviews
Share:

Android Is Linux-Based. Therefore, It Should Be Secure.

It seems to be a little-known fact that the Android is actually a Linux OS with proprietary code built on top of it. Thus, more than the principle of offering the Android as an Open-Source Operating System, it has more in common with Linux than most think: the code itself.

That being said, it is a technological advantage to put any gadget on a Unix-based framework. Linux, OS X, among other Operating System spin-offs are based on Unix. For one, Unix has been engineered to be resistant to malware. More than that, Unix locks the kernel that it takes root (superuser) administrator access to be able to make changes to the kernel. For a definition of "Kernel," please click the link.

Unlike Windows, especially the earlier versions like Windows XP, any program can make changes to the kernel, even malware.That is why a certain class of malware, which embeds itself into the kernel of an OS, is called a "rootkit" virus: it can bypass detection by a system's administrators/root users. While rootkits are rare on Unix systems, these are very common on Windows-based systems.

The parallel to Windows systems on the mobile platform is the Windows CE, Windows Mobile, Pocket PC and the other Microsoft mobile platforms. There's also the Symbian OS. On the other hand, Unix parallels on the mobile front are the Android, the Linux-based mobile OS' you can find on China Phones, and possibly even iOS and the Blackberry OS.

The reason why we at Android Alliance lumped the iOS and the Blackberry OS as parallels to the Unix-based platforms is that they are very secure systems. Unlike the earlier versions of the Symbian OS and the Windows CE mobiles, the BB OS and the iOS are far more resistant to malware breakouts than Symbian or Windows-based mobiles.

The worst effect of a malware breakout on a Windows CE or Symbian OS mobile is that it transmits copies of the malware to other phones, especially those with open Bluetooth connections. Another is that eventually, the whole system gets corrupted completely.

Suffice it to say that since the Android is built on a Linux kernel, it should be resistant to malware. Despite the fact that malware-infected apps are present in the Android Market, we have yet to hear of units transmitting and being fed malware via bluetooth, or entire Android systems being corrupted by these malware. The only major problem is that the malware mines your data and you could lose money from the apps subscribing your line to premium services. As long as you keep monitoring your plan or your load, you shouldn't have a problem. The Smart Netphone keeps a running balance of your load, by the way. Also, it even lets you access SmartNet features, including the social networking services for free. So if the Smart Netphone is the Android you get, you may never get problems like malware eating up your load or racking up a huge bill on your plan.

As we mentioned before, just install a reliable Antivirus app like Lookout, and your unit should be secure. And if you still can't sleep at night, remember, Google has a kill switch. So whenever they find numbers of malware, they could actually uninstall these infected apps from your system without you knowing. Rest easy. The Android is secure.


Tomorrow: A review of Lookout Anti-Virus Software.

Photo Credits: TechCrunch

Note: Google pulls out malware from the Android Market as soon as they discover it. They have a monitoring system for malware apps. Also, Lookout Anti-Virus Software scans an app you download from the Android Market before it gets installed. Having Lookout on your system will keep your Android safe. More details tomorrow.
Android Industry News
Share:

The Android Kill Switch -- Big Brother In The House?

Image by GSM Dome


The public is divided as to its opinion on what Google is. Is it a benign tech giant, looking out for its customers' welfare? Is it this wolf in sheep's clothing -- a malignant Big Brother waiting for the right time to pounce on billions of users dependent on its data and services? Or is it just another indifferent moneymaking machine, only out to make a buck out of its excellence?

Some tech pundits are wary of Google as an information behemoth. As a Silicon Valley insider once commented, "Google knows too much; it has too much of our data. We really should be wary about it." While you could shrug the comment off, when you think about it, Google DOES know too much: your search history, your email, and if you use it to power your other accounts, it will know everything about those, too. And now with the Android maturing into a very lucrative, burgeoning field, and Google Plus Project exploding even before it officially launched, Google may well know too much about one user.

Instead of appeasing your paranoia, however, we'd like to stoke it even further -- by introducing the Android "Kill Switch."

Way back in 2010, the Android developers had already discussed the presence of such a function: a remote admin capability of Google by which they can remotely uninstall renegade apps on Android users' phones. They had initially developed it after an app that was built for research purposes was deployed improperly and had to be cleaned up. Recently, they exercised it over downright malicious software, a.k.a. malware, which came from an old program that was traded around and used by malicious companies to mine data from users' Android units.

Google exercised its totalitarian Android powers for the good, in order to keep its Android community a safe tech network, in spite of the onslaught of malicious developers.

Google seems to demonstrate the capacity to exercise restraint and good judgment in the use of potentially powerful, even totalitarian functionality. However, for how long?

Let's just hope they will uphold the interests of the everyday consumer before letting power as potentially all-encompassing as their "Kill Switch" take over and call the shots. As the wise men warned, "Absolute power corrupts absolutely."

Crossing our fingers.
Android security
Share:

News Flash: You Still Need Antivirus Software On Your Android!

Image by PocketNow


It's slick, it's Unix, it's based on Linux, it's made by Google. It's the Android.

It's more than cool. It's top of the line. Bleeding Edge technology. Kicks royal Nokia Symbian Anna butt, that's for sure.

So when you use your Android, you flash it. You show the people around you exactly what they're missing.

And you happily add and approve new Android Apps every hour, on the hour. You're on an Android! It's VERY secure!

Think again.

Just last July, Google had to remove 26 apps from the Android Marketplace and suspended six developer accounts because the apps contained the "DroidDream Light" which is a data-mining software: it collects the Android user's personal data and uploads them to a remote server.

While there aren't any statistics of identity theft from Android users yet, there are cases of people being unwittingly signed onto premium services, thereby sapping their credits or increasing their mobile service bills. Thus, it seems that the malware is used more for consumer targeting rather than identity theft.

So what's a hapless Droid user ought to do, with this security vulnerabilities that the Android has? Tear his hair, toss the Android and switch back to a Blackberry or iPhone and wear a surly face?

Well, you can start running antivirus apps on your Android, that's one.

What?! Antivirus on my Android?!

Stuff the pride. You need the anti-virus. Malicious programmers, or to put it bluntly, hackers, know the potential of the growing Android consumer base, that is why they're targeting the platform. It is relatively easier to get a foot in the door at the moment, because the Android Market is a free-for-all for developers. Unlike the Apple Store's closed system, the Android Market allows too much freedom, too much ease for renegade apps to worm their way in, pun intended. Thus, to protect yourself as an Android user, better work on these practices:

1. Find and install a reliable Android Antivirus. Lookout is an up and coming company that's working hard to ensure Android users' safety. AVG is a trusted Windows antivirus. If you must try the others, go by the star rating below the apps.

2. Research and look for reviews for apps before you install them. This is a good way to check whether the app could be malware in disguise.

3. If the app prompts for access to premium services or anything that may cause your mobile provider to charge you for data transmitted, skip it and delete the app.

4. Be wary of PDF attachments that you didn't request. Both Android and the iOS have reported vulnerabilities with PDF attachments.

Watch out for your battery draining too fast compared to when you first bought it, or for unidentified or strange text messages from out of nowhere. The battery drain may be caused by the malware running batt-draining processes in the background, and the text messages are a clue that you may have signed up for a premium service unwittingly.

No platform is totally secure from malware attacks. Even Apple routinely issues patches for the iOS because of security loopholes. However, as we mentioned, the iOS and the Blackberry are closed-system, therefore quality control and malware checks are more tightly imposed.

Since the Android ecosystem is as wild and free as it is yet, better practice safe mobile computing.

You've been warned.
Android Antivirus
Share:
Subscribe to: Posts (Atom)