Articles by "Android"

Advertisement

Showing posts with label Android. Show all posts

at 0
iTech Dunya is a technology blog that specializes in tech-related topics.Our GOAL is to produce high-quality content for our millions of readers.
Continue reading

at 0
iTech Dunya is a technology blog that specializes in tech-related topics.Our GOAL is to produce high-quality content for our millions of readers.
Protecting Yourself Against the Latest Android Vulnerabilty
Quite possibly the worst vulnerability to ever be discovered in the Android ecosystem was recently announced.  Known as Stagefright, the vulnerability was found in a key component responsible for media playback on Android devices.  The vulnerability allows an attacker to compromise an Android devices simply by sending the device an MMS message or tricking a user into opening a malicious video file via a vulnerable application that uses the Stagefright component. In an estimated 50% of the affected devices, the victim does not even have to open the MMS or the video for the device to be compromised.
Once the device is compromised, the attacker can then execute custom code on the device and possibly access all the device's contents including photos, contacts, documents, and take pictures using the camera or turn on the mic and eavesdrop on the victim. The attacker can then access the device at any time.  The attacker can also then use the device to access the contact list and forward the malicious video file using MMS (or any other means) to the contact list, thus propagating the attack exponentially, leveraging your contacts' trust to further his attack.
The severity of the attack will depend on the Android version the device is running (as older versions ran the media library as an elevated user).
What can you do to protect yourself?
There are a number of things you can do to protect yourself:
  • Disable auto-downloading of MMS (instructions on how to do so can be found here: https://www.twilio.com/blog/2015/07/how-to-protect-your-android-device-from-stagefright-exploit.html)
  • Practice “safe” internet, email and IM techniques (don’t open links or IM messages from unknown sources or contacts) as malicious videos that exploit this vulnerability.  Don’t open strange files from known contacts as well.
  • Be on the lookout for updates to the applications you have install and regularly install these updates.  Unfortunately, although this is rarely mentioned, this might be one of the most useful ways to protect yourself as application developers are releasing patches to protect against Stagefright.  For example, Firefox released version 38 of it’s browser to address this vulnerability.  You can switch to using Firefox as your primary browser until it receives a patch to protect against this vulnerabilty.
  • Install OS updates as soon as they are made available.  This is the ideal solution but unfortunately, due to the fragmentation the Android ecosystem and slow response time by many vendors, this may be months away and some devices may never get this update.
Technical Details
For those interested, TrendMicro recently released details on the exact name of the vulnerability.  The vulnerability lies in how the mediaserver component of Stagefright parses malformed MP4 files.  More details can be found here:(http://blog.trendmicro.com/trendlabs-security-intelligence/mms-not-the-only-attack-vector-for-stagefright/).  Combined with the recent public release of the source code of RCSAndroid (Hacking Team’s Remote Access Trojan), the combination of the two can be exceptionally damaging to Android users.
Continue reading

at 0
iTech Dunya is a technology blog that specializes in tech-related topics.Our GOAL is to produce high-quality content for our millions of readers.
Cell C Mobile App Launch (Andriod)
Cell C is proud to announce the launch of the Cell C Mobile App on 18 December 2015. The Mobile App enables customers with a self-service application to access their account balances, view details such as upgrade date and nearest Cell C store, view Cell C coverage maps and details on all products and services at the convenience of their handset. Thewidget, located on the home screen of the handset, will display a summary of airtime / minutes / data / SMS balances. To ensure the latest balances are displayed; the customer must refresh the App.                                                                                                                                                                                                                      
The Mobile App service is offered for the convenience of Postpaid, Prepaid and Top Up customers. However, the Mobile App is initially only available for customers on Android devices. Customers will be able to access the App via the Google Play Store (search for the Cell C Mobile App).
*Access to the new Cell C App is password protected; you have to sign in using your mobile number

The following services will be available on the Cell C Mobile App:Widget (this will appear on your home screen)
  • User Profile
  • Check Balances
  • Next Upgrade Date
  • Store Locator
  • FAQ’s
  • Send free on-net SMS (limited to 5 a day)
  • Send Please Call Me’s (limited to 5 a day)
  • Recharge history (Prepaid)
  • Amount due (Postpaid and Top Up)
  • Send invoice to registered email address

What does it cost to use the App?
  • Downloading the App from the Play Store will incur normal data charges
  • There is no cost for using the App. In-App usage will be zero rated
  • Any external links will be billed at the customer’s standard tariff plan rates
What will customers be able to do on their profile?
  • Customers will be able to view basic details such as name, address and email.
  • View their balances
  • Check their usage by service
  • View the Cell C store locator
  • Request for their invoices to be sent to their email.
Will the App still work if a different SIM is inserted?
You can only view details of the linked mobile number. The balances of the linked mobile number are automatically populated upon successfully signing on, and are updated on the widget.
If you sign in with a mobile number that is different from the previous sign in or you sign in for the first time, you will be asked to update the widget with the details of the new mobile number. If the new linked mobile number is blocked or not registered on the portal or Mobile App, the details will not be populated. You will receive a One Time Pin when you register for access to the application. You will also receive an SMS confirmation every time you log in to the App.
How will the Widget work?
A Widget, located on the phone home screen, will be linked to the app. The Widget will provide quick balance information. A date and time stamp will indicate when the balances were last updated. You can refresh balances by tapping the Refresh button.
The Mobile App will offer customers the option to view their most recent statements and the option to purchase airtime or bundles in a future feature update. The Mobile App will improve efficiencies through self-service and offers customers convenience and a high quality service. Customers will be prompted to update to the latest version of the software when updates are made to enhance the features of the application.
Where any support is required on the application, Customer Care can be contacted on 140 or 084 140 (if not a Cell C number).
Thank you for your continued support and loyalty
Continue reading

at 0
iTech Dunya is a technology blog that specializes in tech-related topics.Our GOAL is to produce high-quality content for our millions of readers.
Why I love Samsung Pay and how I gave up my rooted phone
For those of you that know me, it is well known that I worship at the temple of Torvalds and Stallman. Linux gave us a kernel and GNU gave us the rest. And by us, I mean humanity. We got the source code, and it allowed us to have the freedom to run, copy, distribute, study, change and improve the software. Running Linux on my desktop and laptop was great, but I didn't really feel free until my phone ran Android.
This is because, as much as I love and respect the lovely iPhone, I found myself needing to jailbreak it to get features and software that were important to me for my daily use. I used Android in the early days, first on a Galaxy S3, then a series of HTC's, before ending up with the second best phone I've ever used, the Galaxy S6 Edge. In those early days, I struggled with underperforming hardware and buggy software, but most of the phones had unlocked bootloaders with root access that let me tinker with the device that I spent most of my day using, allowing me to have the features and capabilities that were important to me. As the quality of hardware and apps improved, I found myself rooting my phone only to block ads using AdAway.
Then, I discovered something called KNOX on my Samung phone. KNOX brings increased security to Android phones, but it has a hardware feature that trips when you root your phone or try and install certain programs that could breach the underlying security features of the platform. Once the KNOX counter has tripped, you can no longer use the phone for certain secure functions. I was initially outraged, until I visited Valley Fair Mall in Santa Clara for a bit of Christmas shopping. I walked by a Samsung booth offering a $50 Best Buy card for installing Samsung Pay on my phone.
Well, my son has Apple Pay on his phone and his watch, and I wasn't convinced of its utility given the limited number of places he could use it. Wait up, said the nice man, Samsung Pay works at any magnetic stripe reader. I decided to take a closer look, and sure enough, I discovered MST technology, originally developed by a Massachusetts based start up called LoopPay. Any mag stripe reader I asked ? Well, almost any, except for certain places
like gas pumps and ATM's where you card has to be inserted into a
slot.
Well, that sounded way to cool to resist, but really why should I
care ? Well, the real reason why I've started caring is that I'm tired
of fraud on my credit and debit card accounts.
Endless number changes and fraudulent charges on my accounts. The banks are asserting that the latest EMV cards will help with that. But these cards have been around in Europe for a long time and while they have reduced simple card cloning fraud, they haven't eliminated fraud.
And to make matters worse, my credit cards issued by Chase and Citi are Chip and Signature, not Chip and PIN. Signature ? Really ? The only real benefit to having an EMV card, it seemed to me, is that I could use it at automated machines in Europe to buy railway tickets and pay for parking at unattended meters and not have grocery checkout staff look at me weirdly when I tried to buy bacon and eggs at the local supermarket in Wales with a swipe card. Now, I felt normal again with an EMV card, but I was never asked for a PIN. How in the world could this be secure ?
Which brings us back to Apple Pay, Android Pay and Samsung Pay. These systems are designed to offer a much higher level of security by never revealing your card number to the merchant and transmitting it securely to the banks for approval. There are a lot more details that I won't go into here, but Apple Pay and Android Pay have limited utility because they need new NFC enabled terminals. They won't work with the older terminals. But Samsung Pay says it will work with almost any mag stripe reader so if it worked, I could always be paying securely.
But of course, my rooting adventure had tripped KNOX, so I was unable to install the Samsung Pay app on my phone. So off I went to the ATT store and ordered a Galaxy S6 Edge Plus (since I had size envy after playing with my wife's very slick iPhone 6S Plus). This is now the best phone I've ever used with the most incredible camera. The 64GB model was not in stock so I waited a few days and eagerly unboxed it the day after Christmas. I installed the app but it wouldn't run, complaining that my system software was not up to date, yet the update check told me that I was.
A quick call to Samsung Pay support redirected me to the nearest Best Buy. There, I discovered a dedicated Samsung staff member who took my phone, updated it to the latest software (apparently the ATT OverTheAir updates have a recent glitch preventing
the latest software from running), installed the Samsung Pay app, and processed my $50 gift card. Hmm, nice, I thought, that was better than visiting the Genius Bar at the Apple Store in Los Gatos because there was no line and I didn't have to make an appointment.
The first place I tried Samsung Pay was at my mechanic. He had an old credit card swipe terminal. My bill was rather large for reasons that I shan't reveal here. I selected my Citi card and touched my
phone. Declined ! A few seconds later, a text message from Citi asked me to call them. Bah humbug. I selected my Chase card. Declined. But this time the text message from Chase offered me a reply "YES" option to validate this a valid transaction. Touched my phone to the terminal and my receipt printed. Roberto looked at me bemusedly and professed that he had never seen such magic before. To cut a long story short, it worked everywhere. Except at Fry's Electronics where i just got a loud beep and an error ! I went to see Hateful Eight in downtown Santa Cruz, and touched my phone to the mag stripe reader at the car park exit and the barrier opened with an Approved message. My middle son squealed with joy...Mom, do you think I can sell my new Apple Watch and iPhone on Craigslist ? I want a Samsung like Dad. That did not go down very well with Mom. Things got quite heated.
Anyway, what about getting rid of ads ? Well, there is a new
capability called AdGuard. Adguard for Android is a remarkable web filter that protects you from annoying advertising, malicious and phishing websites, online tracking and much more. Adguard handles all types of internet ads, speeds up page load, saves bandwidth and increases your device protection against possible threats. I gave them $10 for the premium version, it just works.
And it doesn't require root. So perhaps my days of outrage are over.....
Continue reading

at 0
iTech Dunya is a technology blog that specializes in tech-related topics.Our GOAL is to produce high-quality content for our millions of readers.
Why Do We Pay a Dollar for Fast Food but Not for Mobile Apps?

Why Do We Pay a Dollar for Fast Food but Not for Mobile Apps?


I recently saw an advertisement for a fast food chain's Dollar Menu, and it got me thinking of the difference in consumer habits when paying a dollar for fast food versus paying that same dollar to download a mobile app. Why is it that charging $1 for food has been such a successful driver for fast food's growth and revenues, but charging any amount upfront for a mobile app often results in far fewer downloads--even if the app works incredibly well and has proven immediate and residual value?

I’ll acknowledge this isn’t an apples-to-apples comparison, as food and mobile apps are quite different in terms of need and availability. I need food to survive, yet I don’t always have a wealth of options available; and those options are dictated by how much I can pay for food, how many friends or family members might also need to eat, and how physically far away I am from other possible food sources. However, mobile apps are not essential to my survival (even if using them might make my life much easier), and as far as options, there are over 3 million Apple and Android apps available for me to download to my phone or tablet from almost anywhere, at any time.

The availability of options is the key to understanding why we approach the upfront cost of each product so differently. Fast food might not be our preferred option for abating hunger, but with most of us packing more obligations every day into an already busy schedule, we may have no choice but to consume it on occasion because it’s more convenient, quicker, cheaper, and/or it prevents disruption to our routine. And plenty of us choose it.

Unlike fast food, there are a wealth of free and good-enough alternatives to just about any mobile app for any device, and the need for a mobile app is almost never immediate, so we rarely feel pressured to make a purchase/download decision that costs us money. Most of us also do quick research on an app before downloading, via published reviews online or in the app stores, and this user-generated feedback can heavily influence our decision to download the app regardless of the price.

For mobile app users, the upside to this consumer behavior is that app developers must constantly differentiate themselves from competitors by routinely improving the quality of our apps and offering newer and better functionality with each update. It's also led to some creative ways for developers to monetize apps, from the "freemium" model to in-app purchases popularized mostly by gaming apps.

The short-term downside for app developers is the uphill struggle for non-gaming apps to produce even the smallest amount of revenue that would enable development firms to grow, build, and release more and better apps. Whether it’s fast food or mobile apps, or almost anything, we’re more likely to go with a cheaper option after considering our immediate need for the product against its cost versus adequate, available alternatives.

But in my opinion, these behaviors will change within the next few years, whether it's food or mobile apps. For one, established quick-service restaurants are getting more food-conscious; and as indicated by the rapid growth of the wearables market, vastly improved smartphone technology, and the Internet of Things, consumers rely more on mobile apps with each passing day. Eventually, smarter spending will favor the companies providing more tangible and altruistic value to our lives, allowing the best products to earn more tangible success and longevity than their cheaper competitors that market products based on price alone.

----

Ankur Gopal is an entrepreneur and CEO of Interapt, a high-tech B2B mobile development and mobile strategy firm that builds cutting-edge solutions for smartphones, tablets, Google Glass and wearables. Before Interapt, he studied at the University of Chicago’s Polsky Center for Entrepreneurship and worked at Accenture doing strategy and IT consulting for multiple Fortune 500 clients.

Follow Ankur on Twitter at @AnkG!

Ankur Gopal
Written by

Continue reading

at 0
iTech Dunya is a technology blog that specializes in tech-related topics.Our GOAL is to produce high-quality content for our millions of readers.
Stealing Fingerprints from HTC Phones

Stealing Fingerprints from HTC Phones

Biometrics are generally thought to be very secure, which is why many phones now let you use your fingerprints to authorize things from unlocking phones to making purchases.   Researchers have found, however, that it's pretty easy to get that information from the HTC One Max.

The problem is that the HTC One Max stores fingerprint images as a bitmap: dbgraw.bmp, in a folder with completely open "world readable" permissions.  This means any app or process is able to see the fingerprint file.  One way a hacker could use this is to create a fake lock screen that the user will open using their fingerprint.  Instead of unlocking the phone though, it would really be a way to make them unwittingly authorize a transfer of money.

A thief could also use this vulnerability to hack a phone and upload their fingerprint as the authorized fingerprint, although that's a much less likely scenario, given that they would have to have physical access to the phone, which carries a greater risk than remote hacking.

The best thing to do to avoid this is to make sure you apply updates to your phone as soon as possible, as they will surely want to rectify this security hazard as soon as they can.  You could also switch to a customer operating system like CynaogenMod.
Continue reading

at 0
iTech Dunya is a technology blog that specializes in tech-related topics.Our GOAL is to produce high-quality content for our millions of readers.
Who said hacking and malware/viruses was just for Windows?
Over the years people have advised me that they have bought an Apple MAC, iPhone, Android device (Samsung, HTC, etc) because "they're not prone to viruses like Windows" or techs that liked Linux said "just install Linux and then you don't have to worry about viruses"

The reality is anything that is big enough will be subject to hacking, virus, and malware attempts and efforts. As Apple, Linux, and Android devices grow in their market penetration so does the risk of malware infection.


Here is an extract: 


"Recently, a rather disturbing flaw has been discovered in the Android platform. Joshua Drak, from Zimperium zLabs, reported some serious flaws in the Android platform back in April, 2015. Simply by knowing a user's phone number, someone could send a text to that number and break into the device. The end user doesn't need to open a file, click on a link, or install a third-party piece of software. They only need receive a text." 

Whatever device and operating system you are using, you must not be complacent or careless. Always use a package to protect your device and be vigilant (i.e. don't just go click on anyway) as malware is regularly pushing the boundaries of what commercial protection packages cover.
Guy Rowson
Written by

Continue reading
Subscribe to: Posts (Atom)