Woz: Apple should make Android phone

Mat Honan, at Wired, quotes co-founder Steve Wozniak: “The great products really come from secret development,” he said. “You put small teams of great people on them and they aren’t bothered by other people commenting on what they’re doing while they’re doing it. A whole new category of products doesn’t happen very often. It might happen once a decade. Sometimes you have to wait for one of those to come about.” Read the rest

Teach your rooted Android phones to lie to apps about whether it's rooted

There's a funny paradox in rooting your Android phone. Once you take total control over your phone, some apps refuse to run, because they're trying to do something that treats you as untrusted. Now there's a utility called Rootcloak that lets you tell your rooted phone to lie to apps about whether it is rooted. It's both long overdue and a neat demonstration of what it means to be root on a computer. Read the rest

Blackphone: a privacy-oriented, high-end, unlocked phone

Blackphone is a secure, privacy-oriented mobile phone company co-founded by PGP inventor Phil Zimmerman. It integrates a lot of the privacy functionality of Zimmerman's Silent Circle, which makes Android-based privacy tools (secure calls, messaging, storage and proxies). Blackphone also runs Android, with a skin that switches on all the security stuff by default. The company is based in Switzerland, whose government privacy rules are better than most. The phone itself is a high-end, unlocked GSM handset. No info on pricing yet, but pre-orders open in late February. I'm interested in whether the sourcecode for the Blackphone stack will be free, open, auditable and transparent. If it is, I will certainly order one of these for myself and report here on its performance. Read the rest

HOWTO delete your smartphone's fine-grained log of everywhere you've been

If you have an Android or Ios smartphone, it defaults to storing the history of all the places you go, at a very fine resolution, for a very long time, and mirrors that data on remote servers from which it might be leaked or subpoenaed. Lifehacker has a great tutorial on deleting your Location History and turning off future logging of your location. They cover both Ios and Android. I just did my devices, and it was very easy. Read the rest

Audio game app for blind people

Bob Smolenski says: "I've released a new audio game app for blind and visually impaired. Open Field Echo Sounder uses GPS on your iPhone or Android. Walk to the center of an open field and six virtual targets will be arranged around you. Echo locate them using headphones to determine direction. Sighted folks can play it also ;)"

Open Field Echo Sounder: $2 on iOS and Google Play Read the rest

Google yanks vital Android privacy feature

Well, that didn't take long: shortly after Google added a new Android feature that let you deny apps access to your sensitive personal data, they have revoked it. This is frankly terrible, and the Electronic Frontier Foundation's Peter Eckersley has some very pointed commentary, recommendations for Android customers, and advice for Google: Read the rest

Android gives you the ability to deny your sensitive data to apps

Android privacy just got a lot better. The 4.3 version of Google's mobile operating system now has hooks that allow you to override the permissions requested by the apps you install. So if you download a flashlight app that wants to harvest your location and phone ID, you can install it, and then use an app like AppOps Launcher to tell Android to withhold the information.

Peter Ecklersley, a staff technologist at the Electronic Frontier Foundation, has written up a good explanation of how this works, and he attributes the decision to competitive pressure from Ios, which allows users to deny location data to apps, even if they "require" it during the installation process.

I think that's right, but not the whole story: Android has also always labored under competitive pressure from its free/open forks, like Cyanogenmod. Read the rest

Cyanogenmod adds encrypted SMS from WhisperSystems

The latest (unstable) build of Cyanogenmod (a free/open version of Android) incorporates a secure, encrypted SMS program called TextSecure, which was created by Open WhisperSystems. Open WhisperSystems's chief engineer is the respected cryptographer and privacy advocate Moxie Marlinspike, and the source for the Cyanogenmod integration is open and available for inspection and scrutiny. The new encrypted SMS is designed to be integrated with whatever SMS app you use on your phone, and allows for extremely private, interception- and surveillance-resistant messaging over the normally insecure SMS. It requires that both parties be using TextSecure, of course -- if you send a TextSecure message to someone without secure messaging, the message will fall back to unencrypted text. Read the rest

Cyanogenmod installer removed from Google Play store

Two weeks ago, the one-click Cyanogenmod installer hit the Google Play store, making it possible to switch from the stock Android operating system to a more free, more open version without any special expertise. Yesterday, Google asked Cyanogenmod to remove the installer, because using it voids your device's warranty. I've downloaded other apps from the Play Store that root your device and void the warranty, so this seems like a very selective enforcement to me.

In any event, Cyanogenmod's installer can be "sideloaded" into your device without having to go through the Play Store (one of the advantages of Android is that it doesn't attempt to prevent you from installing unapproved software). Hundreds of thousands of people used the Play Store version, and we can hope that it remains in use, even without Google's official support. Read the rest

One-click Cyanogenmod installer in the Play store

Cyanogenmod Installer is a one-click Android app that unlocks your bootloader, roots your device, and flashes Cyanogenmod's OS onto it. Cyanogenmod is a free/open fork of Android, where much of the proprietary Google elements have been replaced by open equivalents, giving you lots more customizability and privacy in your device. For example, the Cyanogenmod device locating feature lets you find your phone, but makes it much harder for third parties to track you using the same feature. The company raised $7M in venture capital in September, and this is the first serious change the the OS since then, and it's a huge improvement. Previously, installing Cyanogenmod was pretty tricky and arcane, and was a huge barrier to adoption. Now you can download an app from the Play Store, and install with one click. Read the rest

Apps for Kids 46: Nimble Quest

Apps for Kids is sponsored by HuluPlus. HuluPlus lets you binge on thousands of hit shows – anytime, anywhere on your TV, PC, smart phone or tablet. Click here to support Apps for Kids and get an extended free trial of Hulu Plus.

Your browser does not support the audio tag.

Apps for Kids is Boing Boing's podcast about cool smartphone apps for kids and parents. My co-host is my 10-year-old daughter, Jane.

In this episode, we review Nimble Quest. It's $2.99 in the iTunes store and free in Google Play.

Our Minecraft contest deadline has been extended to October 11 at noon PT! email us a screenshot or YouTube link of your Minecraft creation and we'll pick a winner to join us on an upcoming episode of Apps for Kids!

If you're an app developer and would like to have Jane and me try one of your apps for possible review, email a redeem code to appsforkids@boingboing.net.

Jane and I love to get your emails with questions about game, gear, and tech. What's your question?

Listen to past episodes of Apps for Kids here.

To get a weekly email to notify you when a new episode of Apps for Kids is up, sign up here.

APPS FOR KIDS: RSS | iTunes | Download this episode | Stitcher

Read the rest

Android vs malware: how to run a secure, open ecosystem

A presentation by Android Security chief Adrian Ludwig at Berlin's Virus Bulletin conference lays out a fascinating picture of the security dynamic in the open Android ecosystem, through which Android users are able to install apps from the official, Google-operated Play Store, as well as from anywhere else they fancy. Ludwig describes a "defense-in-depth" strategy that is based on continuous monitoring of the overall Android world to come up with responses to malicious software. According to Ludwig, only 0.12 percent of Android apps have characteristics that Google thinks of as "potentially harmful" and there are lots of good apps that share these characteristics, so that number doesn't represent the number of infections. There's also a lot of material on the kind of badware they find on mobile handsets, from commercial spyware that looks at users' browser history and location data to snoopware that covertly spies through the camera and mic to fraudware that sends out premium-rate SMSes in the background. Read the rest

Cyanogenmod goes commercial

The hoopy froods of Cyanogenmod -- a free/open replacement for Android, with lots of privacy- and security-oriented features -- have raised capital and are going commercial. They're going to productize Cyanogen with the motto "available on everything, to everyone." This is great news. Cyanogen isn't just a great OS -- it's also a huge force pushing Google into adding more features, even when the carriers hate them (for example, the addition of a tethering service to Android, which followed on from Cyanogen). Read the rest

Apps for Kids 45: Bean's Quest (Plus a Minecraft contest!)

Your browser does not support the audio tag.

Apps for Kids is Boing Boing's podcast about cool smartphone apps for kids and parents. My co-host is my 10-year-old daughter, Jane.

In this episode, we review Bean's Quest. It's $2.99 in the iTunes store and Google Play.

We also announced our first contest! email us a screenshot or YouTube link of your Minecraft creation and we'll pick a winner to join us on an upcoming episode of Apps for Kids!

If you're an app developer and would like to have Jane and me try one of your apps for possible review, email a redeem code to appsforkids@boingboing.net.

Jane and I love to get your emails with questions about game, gear, and tech. What's your question?

Listen to past episodes of Apps for Kids here.

To get a weekly email to notify you when a new episode of Apps for Kids is up, sign up here.

APPS FOR KIDS: RSS | iTunes | Download this episode | Stitcher

Read the rest

CyanogenMod rolls out secure device-locating feature

CyanogenMod is a free/open version of the Android operating system. Yesterday, they announced a cool new feature called CM Account, for recovering and/or wiping lost or stolen devices. Unlike traditional device-locating services, which effectively offer a back-door to your phone or tablet that can be exploited by hackers, spies, or unscrupulous insiders, CyanogenMod's version relies on your browser establishing a secure connection to your device, without anyone in the middle having access to the keys and passwords used to hijack the device and get its location or wipe its drive. The service was developed in part by Moxie Marlinspike, a legendary security and privacy hacker, and the code is open and free for audit. Read the rest

Nvidia Shield, portable game console, reviewed

Nvidia's Shield is the chipmaker's big push into an already well-stocked portable gaming field. Sony and Nintendo sell millions of handsets, yet their lunch's been conspicuously eaten by Apple's iPhone, and other touchscreen smartphones and tablets, in the last few years.

Resembling a large game controller with a flip-out screen, the $299 monster will win no awards for pocketability, prettiness or pricing. With beefy specs, traditional controls and a versatile, open cut of Android, though, it has a strong appeal to serious gamers—it can even control games streamed live from your PC. What did reviewers make of it? Read the rest

PIN-punching $200 robot can brute force every Android numeric screen-password in 19 hours

Justin Engler and Paul Vines will demo a robot called the Robotic Reconfigurable Button Basher (R2B2) at Defcon; it can work its way through every numeric screen-lock Android password in 19 hours. They built for for less than $200, including the 3D printed parts. It doesn't work on screen-patterns (they're working on that) nor on Ios devices (which exponentially increase the lockout times between unsuccessful password attempts). They're also whomping up new versions that can simulate screen-taps with electrodes, which will run much faster. They're also working on versions that can work against hotel-room safes, ATMs, and other PIN-pad devices. It's a good argument for a longer PIN (six-digit PINs take 80 days to crack), and for using robust and random PINs (26% of users use one of 20 PINs). Read the rest

More posts