Category Archives: Mobile

Fragmentation Leads To Android Insecurities

Vendor fragmentation leads to security vulnerabilities and other exploits. This situation is ‘…making the world’s most popular mobile operating system more vulnerable than its rivals to hackers, scam artists and a growing universe of malicious software’ unlike Apple’s iOS which they note has widely available updates several times a year. In light of many companies’ Bring Your Own Device initiatives ‘You have potentially millions of Androids making their way into the work space, accessing confidential documents,’ said Christopher Soghoian, a former Federal Trade Commission technology expert who now works for the American Civil Liberties Union. ‘It’s like a really dry forest, and it’s just waiting for a match.’

In late October, researchers at North Carolina State University alerted Google to a security flaw that could let scam artists send phony text messages to Android phones — a practice called “smishing” that can ensnare consumers in fraud.

Google’s security officials replied in minutes, confirming the flaw and promising to correct it. Within days they had incorporated a fix into the latest version of the Android operating system, Jelly Bean 4.2, and made available a security update for earlier versions.

But for most Android phones, the fix never arrived. For many, it never will.

That is because it is not clear which company — Google, the smartphone maker or the wireless carrier that sells it — bears ultimate responsibility for the costly process of getting security updates to an Android device. Fixes to known security flaws can take many months to reach individual smartphones, if they arrive at all.

The problem, security experts say, has contributed to making the world’s most popular mobile operating system more vulnerable than its rivals to hackers, scam artists and a growing universe of malicious software.

Breaches remain more common on traditional computers than on smartphones, which have been engineered to include security features not found on desktop or laptop machines, experts say.

But outdated software can undermine such protections. If there was a major outbreak of malicious software, the fractured nature of the system for delivering updates could dramatically slow efforts to protect information carried on Android phones — including documents, passwords, contact lists, pictures, videos, location data and credit card numbers.

The risks are particularly serious for businesses and government agencies, whose increasingly popular bring-your-own-device policies have created new potential portals for espionage aimed at secure computer systems.

“You have potentially millions of Androids making their way into the work space, accessing confidential documents,” said Christopher Soghoian, a former Federal Trade Commission technology expert who now works for the American Civil Liberties Union. “It’s like a really dry forest, and it’s just waiting for a match.”

Google engineers designed Android to resist hackers and have continually improved it. The company also has worked to purge malicious software from its app store, Google Play, minimizing the risk from one possible route of infection.

“We’ve built the system from Day One to deal with this kind of world,” said Hiroshi Lockheimer, vice president of Android engineering. “The health of the Android ecosystem is really important to us.”

Yet while each new generation of Android delivers improvements that close off newly discovered avenues of attack, the company has struggled to get updated software to smartphones already in the hands of consumers.

‘Fragmentation’ leaves Android phones vulnerable to hackers, scammers

MocoNews: News Corp. Confirms It’s Trying To Sell Fox Mobile Group

I have just found this article in MocoNews. There they state that:

News Corp has confirmed it’s trying to sell its former Jamba mobile content unit, after announcing it’s writing off some of the value of the group.

COO Chase Carey told investment analysts on Wednesday about Jamba: “We are pursuing a process to potentially sell that. We prefer to build businesses than buying them. It’s been the foundation on which we’ve built this business. It’s certainly what we plan to pursue.”A News Corp spokesperson subsequently confirmed to mocoNews.net: “Jamba is Fox Mobile Group.  So Chase’s comments refers to both.”

For the fourth quarter ending June 30, News Corp says it’s writing off $217 million from the value of its outdoor and mobile businesses, in impairment and restructuring charges; though it’s not clear how much relates to either of the two components.

Read the full article here

Ultilex 10.7 released

Ultilex 10.7 releasedAbout one month ago I wrote about Ultilex, a Live-CD or USB Linux distribution that is actually a meta-distribution. Today I received the announcement, that version 10.7 had been released. Ultilex, the Ultimate Linux Experience, allows you to boot one of the following small distros:

  • Slax: version 6.1.2
  • Puppy Linux: version 5.0.1 (upgraded  from 4.3.1)
  • Tiny Core: version 2.11.6 (upgraded  from 2.4.1)
  • System Rescue CD: version 1.5.8 (upgraded  from 1.3.1)
  • Parted Magic: version 4.11 (upgraded  from 4.5)
  • boot.kernel.org (BKO)

You may notice that:

  • Slax is still version 6.1.2 (customized for better user experience).
  • Dev module was removed from Slax to preserve space.
  • Super GRUB Disk was added as a boot entry.

One interesting feature of ULTILEX is that you can install it with ease on USB flash device and save the changes you’ve made durign the live session on it. You can modify files and even install/remove modules and all your changes are saved on the USB flash.

To install on USB flash device, follow these steps (applied from Slax):

  1. Copy all files and folders from the CD to the root folder of your USB flash device.
  2. Execute “/boot/bootinst.sh” (for Linux), or “bootbootinst.bat” (for Windows).
  3. That’s all. You are ready to boot ULTILEX from your USB flash device! 🙂

Download ULTILEX version 10.7  (683MB) | MD5 checksum