Android Security Is Still Secure. Seriously.

Share if the site was helpful

Android Security Is Still Secure. Seriously.

There’s been a lot of media hype this past month about Android phones and their lack of security.  Headlines such as “How Android Phones Hide Missed Security Updates From You” have been floating around causing mass panic.

Take a deep breath.  It’s ok.

Despite the plethora of recent articles claiming that Android phones are under attack and that you’re a victim, chances are you’re actually safer than you think.  Yes there was a study earlier this month that found some phones were behind on their security updates.  But that doesn’t mean that all of your data is exposed to whoever wants to take it.  Even with a few security updates missing, you should be alright.  Let’s take a second to discuss some of the other security features that Android architecture has in place to protect you:

Google Play Protect

Google Play Protect is a safeguard to protect Android users from malicious apps.  Even with Google’s screening process to let apps onto the Play Store, chances are some baddies will slip through the cracks and are available for download.  Google Play Protect attempts to stop these apps in their tracks by doing routine scans on your phone for every app even after it’s been installed.  If there’s a cause for concern detected, you’ll be notified. 

This software also applies to apps updates, so the short version of it is that apps can’t just slide by once. As long as you have Play Protect enabled on your phone, apps are continuously exposed to it.  Chances are your phone already has Play Protect, but if you want to be sure (or just see what it’s been up to) you can find it in the Play Store.  Open the store and then tap the 3 horizontal bars menu icon.  Then select “Play Protect” and you’ll be taken to a page showing what apps have been scanned recently and how your device looks.

Sandboxing

Android apps are naturally sandboxed from one another.  What this means is that each apps data and code execution is isolated from others.  So if you happen to download the wrong app it doesn’t mean it will automatically have access to all of the apps already on your phone.  We go into depth about the android security framework in our Android development course over at Phonlab.  Content Providers offer a storage mechanism for apps so that their information has to be requested before it can become accessible to just anyone.

Android Permissions work along with this to make sure that no matter what if you have some common sense you should be safe.  Permissions essentially are requirements that if an app utilizes a certain feature (such as syncing with your contacts) it has to be granted permission by the user.

These permissions are presented to a user when the app attempts to access them, and are only allowed when the user says so.  You retain complete control over what access an app has.  Imagine you downloaded a game and it started asking you for access to your contacts and your saved media files.  Red flags should be going up right away since a game has no reason to use these.  As long as you don’t blindly hit accept to every permission, you retain a ton of control over what an app can actually do.

What are your thoughts on Android’s security measures?  Let us know in the comments below!

Android P Privacy, Personality, and Pistachios

Share if the site was helpful

Android P

It seems like just yesterday Android Oreo began rolling out to devices, and even now only 1% of android phones are running it.  Yet despite Oreo’s youth, the newest release rumors have already begun spreading about what’s up next.   Internally known as “Android Pistachio Ice Cream”, Android P is close on the horizon.

A little leaked info by Bloomberg has provided some insight to Android’s next release, and the changes are both expected, and somewhat out of left field.  Software features such as Google Assistant are being ramped up to become a more integral part of the interface. On the less predictable end it seems Android P will be revolving heavily around a new “notch” similar to that in the iPhone X.  This seems to be a marketing strategy aimed at converting iPhone users to team Android, but without knowing more about notch details it’s hard to say how impactful this design change will be.

Google Assistant

On a much more interesting note for developers and practical users, Google Assistant appears to be one of the primary focuses of growth.  This emphasis will likely open all sorts of new possibilities as Android finds ways to not only build out Assistant as a standalone, but to incorporate it into other apps!

Assistant already has high quality performance for asking questions and managing smart-home devices, but incorporating it into 3rd party apps opens a whole new door for creativity.  By opening Assistant up to third-party developers (like Amazon has with Alexa), we could see some groundbreaking apps come into being with voice commands.  Obviously fun from a development standpoint, and users would be empowered to do a whole lot more than just google something or ask to hear a joke.

Privacy

Another welcome feature being added on is privacy.  As it currently stands, when an app is granted camera/microphone recording permission by the user it can turn these on as it pleases.  Not ideal.  Recent code submissions show that Android P plans to be work through this issue by blocking background apps from accessing a device’s microphone or camera.  Whether or not you’re the type to sticky note your camera, this is most definitely a win for privacy.

Android P (any love for popsicle?) will make its debut in 3 months at Google’s annual I/O developer conference, and even then it will be a long way off from gaining a large market share of devices, but stay tuned and we’ll be sure to dive deeper into what it has to offer for both developers and users.

What are your thoughts about the new features coming to Android P?  Please comment below.

 

Phonlab E-Campus Free Course

Share if the site was helpful

Phonlab E-Campus free Chromebook Support course

I have been working with Phonlab for many months now and we decided to bring everyone a FREE course on Chromebooks to help techs and repair shops trouble shoot and fix customer devices. If you want to get access to this FREE course just head over to Phonlab.Teachable.com and enroll. Once you enroll in the Chromebook Support course you will have access to all the lessons. We hope you enjoy them and if you find them handy you may want to check out Phonlab E-Campus where we cover smartphone repairs and security.  Phonlab has just added our own tool called MotoReaper and it can remove FRP factory reset protection lock on any Motorola device on the market today. It is an amazing tool and all students at Phonlab E-campus get access to this tool. We hope to see you there so join us and be the future of mobile today.

 

RootJunky

 

Anti-Hacking Tools for Android – 2017 Guide

Share if the site was helpful

Anti-Hacking Tools for Android – 2017 Guide

 

Android officially has the largest market share in the smartphone world and there is almost 1.5 billion people who use Android smartphone or tablet. This speaks volumes of the quality and affordability that Android offers to their users, but there are also problems and liabilities that always come with using widely popular brands.

Security is frequently one of the questions that come with using Android and this topic is always a matter of interest, especially if you’re using your Android devices for your work and some form of confidential data manipulation. We’ve decided to talk about anti-hacking tools that can make the breach of your security much more difficult for cybercriminals. In 2017, you can expect that there will be lots of new viruses and malware to look out for, so here are some tools to help you along the way.

AppLock

We all love using apps and while they’re incredibly useful, they can also serve as the back door through which hackers can slither through unnoticed. Too many people are still not careful enough about what they’re installing on their devices and whether those apps come from trusted sources and therein lies the problem. To put a stopper on having this problem (even potentially) is to secure your phone with an app that is specifically designed to lock all other apps. While your lock screen only protects you from the outside attacks, it doesn’t do much more for anything going on inside your phone and this is where AppLock takes center stage.

Once you’ve downloaded it, you are free to lock any app you feel should be protected – anything from Facebook to your email and bank accounts. By using this app, you’re making sure that no one but you will be able to touch your private information plus you will limit the access that apps have in your device, so you’re killing two birds with one stone.

Use High Quality Password Manager

Seeing that practically everything on the internet has to be protected by a password, you need to do your best to keep this aspect of your security in check. This isn’t necessarily easy, because you need strong passwords for every account you have, and that means complex words usually concocted with numbers and special characters. If this sounds like a lot of work, well, it is, but thankfully, you don’t have to keep it all in your head. There are some very good password managers like Zoho, LastPass and RoboForm that will do an excellent job in managing passwords for your numerous accounts. Not only that, but a password manager worth its salt will suggest how to make your passwords more secure and give you additional tips on how to protect your privacy even more. You are also able to keep in check any personal information you have and protect your usernames as well.

Encrypt Everything with a VPN

Privacy when you’re using your Android device is equally important as when you’re using your desktop computer or laptop, though we often forget this. Smartphones are quite vulnerable to security breaches and one of the best ways to prevent that from happening is to encrypt both the data on your phone and your internet connection. Whenever you’re connected to a public network, you’re in danger of catching a virus or having a hacker on your tail, and virtual private networks simply erase this problem. Good VPN providers like Nord VPN can provide you with military level encryption for your Android device, so that hackers can’t harm your privacy in any way. Talking about anti-hacking tools, when you want to encrypt some very important files on your device, there are great encryption apps that you can use and that are also free, so that you don’t have to spend a lot of money on your Android security.

Use Security Software You Know Is Good

Long gone are the times when you could just pick any antivirus and be set when it comes to security. Android devices need to be protected with strong antivirus software because while it’s the most versatile platform, it is also most prone to small, pesky security issues like spyware and viruses. Depending on what kind of an internet user you are and how much sensitive information you’re managing on your device, you need to find antivirus that suits your needs. Sure, there are some great free version like Avira, Avast and Panda, but if you need stronger security that includes anti-spam, antimalware and functioning firewall, then you will have to pay to get all-encompassing protection. You may not pay it gladly, but online security is scarce these days, and paying a couple of bucks a month is more than acceptable for the peace of mind you’re getting in return.

Get Email Encryption Software

Email scams are still very much a thing, even though many of us believe that we wouldn’t fall for that. While you’ve got your security software to protect you against spamming and phishing, it would be wise to encrypt your emails in general. A lot of sensitive details are conveyed via email and chances are you don’t want your mail to get into wrong hands. If hackers get into your email, they can take advantage of your address book and spam all your friends and colleagues, which never ends well. Software like Data Motion and HP Secure Wall have proven their worth over time, which is why it’s worth given them a shot.

Anti-hacking tools for Android abound these days and all you have to do is take your pick. Of course, it’s very important for you to be wary as well and know what not to do when browsing the internet because no anti-hacking tool will help you unless you always remain security aware. What apps and security software do you use? Please comment and share your opinion. – Thomas Milva

 

Thomas Milva is 28, he lives in Baton Rouge and is a dedicated Analyst of Information Security, which is why he moved to Baton Rouge, where he lives now and he loves it.  He’s got Italian ancestry and is very fond of his pets, Reggie the dog and his two goldfish. Thomas mostly works from home, which is why he’s contemplating of adopting another dog.

 

Quadrooter Qualcomm Exploit

Share if the site was helpful

Quadrooter Qualcomm Exploit

Quadrooter-vulnerability-affects-nearly-1-billion-Snapdragon-powered-Android-devices

QuadRooter sounds like another serious Android security exploit. One which can apparently allow a malicious app to gain root access on Qualcomm based Android phones and tablets, enabling the app to then do pretty much what it pleases. According to Check Point, the research group that discovered QuadRooter, up to 900 million Qualcomm Android devices could be affected. This exploit targets the Qualcomm drivers which is why it is specific to this hardware. As of the Augusts 1st security update Google has patched 3 of the 4 vulnerabilities and will patch the last one in the September 1st update. To keep your device safe from these bugs it is always bests to stay on top of your security updates. One of the best ways to protect your phone from malicious software is to only download apps from google play or trusted sources.

quadrooter-scanner

If you want to check and see if your device can possible be vulnerable to this threat then you can download and run QuadRooter Scanner by check pointPersonally I am hoping that a developer can figure out this exploit and use it to get many android users root access. I am sure someone can create a app that gets root then injects supersu and su binary into the device. If you are hoping for the same I recommend not updating to new security patches and give the developers some time to get devices root access. 

I wouldn’t be surprise to see this QuadRooter vulnerability implemented into Kingroot app some time soon, as it would make there app unstoppable on Android devices. What do you think about this bug please comment below and let me know.

RootJunky