Under the deal, vendors using Qualcomm’s chips will get special terms to offer Kaspersky’s software preloaded on their devices. In that sense, we expect to see both Kaspersky Mobile Security and Kaspersky Tablet Security solutions installed on many of the future smartphones and tablets.

Qualcomm Snapdragon processors power-up more than 770 commercially available or announced products, with another 550 product designs in the pipeline, from 70+ device customers…

It’s kinda nice to see two pretty different companies agreeing to make Android more secure. One of the downsides of an open platform like Android is security and deals like these are struck to address that problem. Kudos to both companies for taking this route.

Even the ATF is having trouble, with CNET’s report saying that an ATF agent spent three months last summer trying to find a local, state or federal law enforcement agency with the skills needed to decrypt an iPhone 4S before calling on Apple.

Brute force password attacks are possible on iPhones, and can be cracked fairly easily if the pin is only four or five digits. Passwords that are nine or ten digits long however can take years to crack. Apple has the ability to crack passwords with ease, a method that the Cupertino company is keeping close to their chests.

Unlocking mobile phones by law enforcement is increasing in popularity, and raises privacy concerns. If done without a warrant, the process raises Fourth Amendment concerns.

Google has a process for helping law enforcement crack Android devices, by resetting the password of the device and then handing it over to authorities. If this process is initiated, Google also notifies the user that their device has been compromised.

[Via: Gizmodo , CNET] [Image: ArsTechnica]

Of course, this doesn’t mean “pure” Android smartphones are good to go. Rather, a special software like Samsung Knox is required to crypt and protect key information. Sammy’s solution creates a separate, secured environment on a smartphone for business use, keeping personal and business data separate. And while this may drain resources, users shouldn’t notice any lag considering the horse-power Galaxy S4 packs under the hood — whether we’re talking about Galaxy S4 with Samsung Exynos 5 Octa or Qualcomm Snapdragon 600 processor.

On the other hand, this could be a blow for BlackBerry which has thus far ruled this space. We’ll see whether DoD’s decision will impact their sales figures…

[Via: TheVerge]

While 7.1 million smartphones were irreparably damaged, lost, or stolen and not recovered last year – 69% of smartphone users hadn’t backed up their data, and just 22% had installed software that could locate their lost device.

The report revealed that most smartphone users haven’t suffered serious losses because of their phone, but there are mobile threats that merit concern, like the malicious software. Last year, 5.6 million smartphone users experienced undesired behavior on their phones such as the sending of unauthorized SMS or accessing of accounts without their permission.

The location tracking feature that all smartphones have can also leave users vulnerable to threats — 1% of users told Consumer Reports that they or a person in their household had been harassed or harmed after someone used such location tracking to pinpoint their phone.

CR also projects that at least 5.1 million preteens use their own smartphones, and they may unwittingly disclose personal information or risk their safety…

Before we all start panicking, let me just assure you that this app, dubbed PlaneSploit, is by no means in the public realm. Teso has been keeping his code close to his person, and has only been tested on flight simulators thus far. The software exploits the Aircraft Communications Addressing and Reporting System (ACARS), which facilitates controls between the aircraft and ground control. The code also exploits the Automatic Dependence Surveillance Broadcast (ADS-B), which functions as the aircraft’s radar system. Thankfully, the code cannot be used on actual planes, and can be de-activated simply by turning off the plane’s auto-pilot feature.

“You can use this system to modify approximately everything related to the navigation of the plane, that includes a lot of nasty things.”-Teso to Forbes

Teso developed this app over a period of three years, gobbling up old computer hardware that is commonly used on airplanes across the globe via eBay to develop his framework of code called Simon. Teso revealed his app in Amsterdam, at the Hack in the Box security conference. Teso has reached out to aircraft manufacturers and software developers in an attempt to ensure that they close the security gaps that he has exploited. Here’s a list of some of the apps features:

• Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane’s course.
• Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
• Visit ground: Crash the airplane.
• Kiss off: Remove itself from the system.
• Be punckish: A theatrical way of alerting the pilots that something is seriously wrong – lights start flashing and alarms start buzzing.

Thankfully, this White-Hat hacker has developed this software to showcase exploits, not actually enable them. With the increasing move from traditional warfare and terrorism tactics to the virtual world, finding exploits such as these are critical to the ensuring the safety of aircraft passengers the world over.

[Via: Android Pit, CNN]

• collect and share personal information
• spend real money even if the app is free (via in-app purchases)
• have ads
• link to social media

The best way to check out apps for your kids is to try them out yourself. First, visit the app store your kid is using to find out more about the application and if you have to – install it on your phone or tablet to determine whether it’s safe enough.

Alternatively, you can tweak security settings to prevent your kid from installing certain apps, password-protect apps and even turn off Wi-Fi and data services. Here’s the infographic with additional information.

This infographic is also available in Spanish – you can see it from here.

It turns out that according to a study conducted by SourceFire, Apple’s iPhone actually takes the cake for the most vulnerabilities out of any smartphone. The study analyzed information from Common Vulnerabilities and Exposures data and National Vulnerability Database data and found that the iOS operating system has 210 vulnerabilities, which accounts for 81 percent of the mobile vulnerability market share. Android has just 9 percent, Windows Phone has 6 percent, and Blackberry OS has 4 percent.

The main reason for the iPhone being more vulnerable is of course its popularity. Since hackers can easily attack Android via its open app marketplace, when preying on iOS they are much more likely to look for holes within the operating system itself rather than trying to break through the gates of the App Store.

With the iPhone dominating the enterprise market as well, senior research engineer at SourceFire’s Vulnerabilities Research Team Yves Younan warns to maintain a plan of action. “[Enterprises] should also plan for potential compromises including how they will rebuild and ensure the integrity of the data,” he explains.

Since Windows Phone hasn’t gone mainstream in the same way iOS and Android have, it’s ultimately less vulnerable. Cybercriminals won’t waste time targeting a platform used by a small minority. Should the OS grow in popularity, it’s possible security might become more of a threat. For now, it’s at a major advantage.

[via WMPoweruser]

Under the deal, Intrepidus will evaluate the security mechanisms of ZTE-made smartphones, including identifying potential vulnerabilities; conducting penetration testing of ZTE device management interfaces and ZTE device features; and performing reverse engineering and source code review. As a result, ZTE should be able to deliver a wide range of “smart, stylish choices” for smartphone users with the added peace of mind that their device is secure.

The press release goes on suggesting that this is just a first step in a series of actions the Chinese company plans to take regarding smartphone security. In other words, ZTE is preparing to enter the enterprise market and offer products that come with a “great dose of security” out of box. We’ll see how that goes…

For that group PassBan unveiled its wearable verification device in the form of a smart wristband. By wearing it, users will be able to unlock their mobile apps to gain access to the data they need. Here’s how it works:

PassBan’s wearable verification devices work with any smartphone or tablet running the PassBan mobile user authentication client (currently supported on Android and iOS based devices). The service is free for sandbox (developer) use, and the encrypted and dynamic certificate exchange mechanism used by PassBan makes the wearable device highly secure. Once users have a smart wristband within the vicinity of their smartphones, PassBan pairs the smartphone with the wristband, users can then start mobile applications they’ve secured using wearable verification, either by a gestures (movement) or by tapping on the smart-wristband.

Of course, this doesn’t have to be the only layer of security, with PassBan allowing you to combine it with other methods like biometric verification (face, voice), location check, phone-factor (call), motion, token or Pass Color verification… Sounds pretty secure to me. Here’s how to set up PassBan, and you can get additional information from here.

The news comes from Appthority’s February 2013 App Report that examined the top 50 free apps in both the iOS App Store and Google Play for the use of potentially harmful use of personal information. There are six main types in the study: sending/receiving data without encryption, ad networks and/or analytics, location tracking, single sign-on support, contacts/addresses, and other.

Every single app (100 percent) in the App Store top 50 sent/received information without encryption, while 92 percent did in the Google Play top 50. Ad networks/analytics were present in 60 percent of iOS apps and 50 percent of Android, location tracking in 60 percent of iOS and 42 percent of Android… you see the trend.

It seems like this is something Apple may need to tackle in the future if it truly does become controversial, although there’s no calling whether that will happen or not. Some of the categories, though, like single sign-on support aren’t dangerous in and of themselves. They just provide gateways to possibly dangerous behavior for personal data within the apps.

[via AppleInsider]

• A majority of consumers in the UK and Germany stick with the first PIN they were ever given. In contrast, French and American respondents are more likely to opt for their lucky number.
• More than one in ten use the same PIN across multiple devices and accounts.
• Over half (55%) of all respondents admit that they have shared their PINs or passwords with others. This number is higher for tablets (61% have shared their PIN) than it is for mobiles (49% have shared their PIN).
• Only one in five respondents have backed up the data on their phone and tablet in case it’s stolen. In addition, 15% save password information on their phone, most commonly in the “notes” section.
• Almost half of respondents allow their children access to their mobile or tablet, while one in six admit that their child knows their PIN or password. 10% are even happy to share their password to iTunes or other app purchasing sites to enable their kids to buy apps.

And here’s infographic with these and few other details. The full report, titled “Mobile Security: McAfee Consumer Trends” is available from here.