Categories
Android mobile development mobile news

New wave of Android phones with fingerprint sensors said to arrive early next year

Apple’s introduction of the Touch ID fingerprint sensor on the iPhone 5s has taken the industry of mobile technology to yet another level. While other companies have tried in the past, the attempts have had many issues in maximizing security with such technology. However, they aren’t giving up. An article on The Verge states that “the FIDO Alliance — a stable of 48 companies looking to develop a successor to the notoriously insecure password — says it expects to see similar fingerprint-based security in Android devices within six months or so.” This means maximizing security on mobile devices using fingerprint scanners has the potential to become a standard in the mobile world.

 

http://www.theverge.com/2013/10/3/4798226/new-android-phones-with-fingerprint-sensors-said-to-arrive-early-2014

Categories
Android mobile development mobile news

Androids Using Open Wi-Fi May Be Susceptible to Attacks

The issue is mainly with older Android versions having a vulnerability that would allow attacks over an open network. These weaknesses are the result of the widely used programming interface in a lot of apps known as WebView (allows webpages and content to be opened within apps themselves). A lot of apps don’t properly secure the interaction between the phone’s WebView component and the webpage content being downloaded. So, on the same open network, a device can be targeted and hijacked, in the process having malicious code injected and possibly executed by the phone itself. Apparently, devices with version 4.1 and earlier don’t make proper use of SSL; this can allow a hijacker to potentially gain root access to a devices OS. This vulnerability has far reaching effects and stems from Javascript-based programming interfaces. Now, fundamentally, Android’s overall design does help in making such things very difficult, but it cannot eradicate the possibilities for the common user who may not be aware of some of the system’s and apps’ functioning.

Users of 4.2 and later are better protected because of added security enhancements, but the issue at hand largely depends on app developers maintaining good practices when developing and releasing they’re products. Tim Wyatt, a security director at Lookout, has some input to give one the current situation and what needs to be done. Very interesting article.

 

 

Source: http://arstechnica.com/security/2013/09/attackers-can-slip-malicious-code-into-many-android-apps-via-open-wi-fi/