The new Nexus phones: beautiful, secure, and a shot across the bow


Dan Gillmor has been playing with Google's new Nexus phones, the humungous 6P phablet and the smaller 5X, and he's written a shrewd and thorough review of what these phones do -- and more importantly, what they mean. Read the rest

New $50 Kindle Fire won't recognize sideloaded ebooks on SD cards


The Kindle Fire comes with a SDXC card slot that outclasses every other tablet in its price range, accommodating storage cards that can hold as much as 128GB of media -- but it won't read ebooks from the slot. Read the rest

Newly disclosed Android bugs affect all devices


The newly released bugs are part of the Stagefright family of vulnerabilities, disclosed by Zimperium Zlabs. Read the rest

Your Android unlock pattern sucks as much as your password did

In Tell Me Who You Are, and I Will Tell You Your Lock Pattern, Marte Løge presented some of her Master's Thesis research on the guessability of Android lock-patterns -- and guess what? Read the rest

WATCH: Why Japan already embraces our android future


VPRO backlight looks at the current state of androids in Japan, including an interesting segment on geminoids, or robot twins made in the likeness of a human counterpart: Read the rest

Amazon Fire Phone for $159, includes one year of Prime


On June 23, I posted that an Amazon Fire Phone (32GB, Unlocked GSM) was selling for $179. I almost bought one, because it includes a year of Amazon Prime, which I pay $100 per year for. That meant the real cost of the phone was $79.

Today, Amazon is offering the same phone for $159, including the same one year of Prime deal. That did it for me. I bought one. I'm going to use it as my international travel phone (my iPhone is locked by AT&T so I can't use another carrier's SIM card) and a replacement phone for when my daughter drops her iPhone in the toilet. Read the rest

Texas Instruments graphic calclulator boots Android

It's only Android 1.6, but still, that's impressive! Naturally, the sourcefiles are on Github. Read the rest

Motorola Moto G (2nd generation) - unlocked Android phone for $140


For the next 8 hours, Amazon is selling the Motorola Moto G (2nd generation) for $140, which is $40 off its regular price. It's got good battery life and a 5-inch HD display. It's only 8gb, so if you buy one, get a 32GB microSD card for about $14.

Motorola Moto G (2nd generation) Unlocked - 8GB White ($140) on Amazon Read the rest

FBI's crypto backdoor plans require them to win the war on general purpose computing

The FBI wants backdoors in all your crypto, and UK Prime Minister David Cameron made backdoors an election promise, but as Stanford lawyer/computer scientist Jonathan Mayer writes, there's no way to effectively backdoor modern platforms without abolishing the whole idea of computers as we know them, replacing them with an imaginary and totalitarian computing ecosystem that does not exist and probably never will. Read the rest

Reconfigurable click-brick characters in Sick Bricks online

I have a boy in grade school, and his whole world comes comes down to a few passions, which include Legos and iPad games. That's why I am vicariously excited for him about this week's release of Sick Bricks, a new mash-up of click brick toy and tablet game. Read the rest

Blackphone announces privacy-oriented app store

Blackphone, the Swiss-based, secure hardware/OS mobile phone from PGP inventor Phil Zimmerman has announced that it will provide a store with privacy-oriented apps that are sandboxed to minimize data-misuse. Read the rest

Darkmatter: a secure Paranoid Android version that hides from attackers

Stock Android phones with the Darkmatter OS use encrypted storage, OS-level app controls, and secure messaging by default, but if the phone thinks it's under attack, it dismounts all the encrypted stuff and reboots as a stock Android phone with no obvious hints that its owner has anything hidden on it. Read the rest

Mobile malware infections race through Hong Kong's Umbrella Revolution

The protesters are dependent on mobile apps to coordinate their huge, seemingly unstoppable uprising, and someone -- maybe the Politburo, maybe a contractor -- has released virulent Ios and Android malware into their cohort, and the pathogens are blazing through their electronic ecosystem. Read the rest

Samsung Galaxy back-door allows for over-the-air filesystem access

Developers from the Replicant project (a free Android offshoot) have documented a serious software back-door in Samsung's Android phones, which "provides remote access to the data stored on the device." They believe it is "likely" that the backdoor could provide "over-the-air remote control" to "access the phone's file system."

At issue is Samsung's proprietary IPC protocol, used in its modems. This protocol implements a set of commands called "RFS commands." The Replicant team says that it can't find "any particular legitimacy nor relevant use-case" for adding these commands, but adds that "it is possible that these were added for legitimate purposes, without the intent of doing harm by providing a back-door. Nevertheless, the result is the same and it allows the modem to access the phone's storage."

The Replicant site includes proof-of-concept sourcecode for a program that will access the file-system over the modem. Replicant has created a replacement for the relevant Samsung software that does not allow for back-door access. Read the rest

Boeing's self-destructing, tamper-resistant spookphone: the Black

Boeing has sought regulatory approval from the FCC for a tamper-resistant phone intended to self-destruct if its case is opened. The phone, called "Black," runs Android, and is intended for use under the DoD Mobile Classified Capabilities guidelines. It will be sold with a nondisclosure agreement prohibiting tampering or service, and opening the case will trigger a system intended to wipe the phone's data.

Interestingly, it has a removable battery (something that's become increasingly scarce in smartphones). Best operational security practice holds that you should remove your phone's battery when you want to be sure that it's off, because any malware that turned your phone into a bug could also cause it to simulate being switched off while it remained running.

It's an intriguing technical problem. I'm intuitively skeptical of the security model. I can believe that this phone will be tamper-evident, but I don't know if it will be all that tamper-resistant. That is, it may be capable of preventing an attacker from surreptitiously opening the case to access the components, but how about an adversary willing to simply smash the screen to get at the components beneath?

The manufacturer could make a phone whose accelerometer tried to detect these events and wipe the device as a precaution, but I suspect there'd be a lot of spooks who'd end up cursing their self-destructing phones every time they butterfingered them while getting them out of a pocket while walking down the street. I'm pretty sure that I can use tools to remove my phone's screen in a way that generates less detectable stress than it receives during everyday knockabout and drops. Read the rest

Woz: Apple should make Android phone

Mat Honan, at Wired, quotes co-founder Steve Wozniak: “The great products really come from secret development,” he said. “You put small teams of great people on them and they aren’t bothered by other people commenting on what they’re doing while they’re doing it. A whole new category of products doesn’t happen very often. It might happen once a decade. Sometimes you have to wait for one of those to come about.” Read the rest

Teach your rooted Android phones to lie to apps about whether it's rooted

There's a funny paradox in rooting your Android phone. Once you take total control over your phone, some apps refuse to run, because they're trying to do something that treats you as untrusted. Now there's a utility called Rootcloak that lets you tell your rooted phone to lie to apps about whether it is rooted. It's both long overdue and a neat demonstration of what it means to be root on a computer. Read the rest

More posts