A paper presented at last week's USENIX Security Symposium in Washington described how a group of security researchers at Georgia Tech were able to create a "novel method of attack" that can defeat the mandatory software review and code-signing mechanisms defending apps in the Apple App Store. The title of the paper was Jekyll on iOS.
Google developers have confirmed a cryptographic vulnerability in the Android operating system that researchers say could generate serious security glitches on hundreds of thousands of end user apps, many of them used to make Bitcoin transactions.
Users of Android Bitcoin apps have woken to the unpleasant news that an old pseudo random number generation bug has been exploited to steal balances from users' wallets.
The Bitcoin Foundation's announcement, here, merely states that an unspecified component of Android “responsible for generating secure random numbers contains critical weaknesses, that render all Android wallets generated to date vulnerable to theft.”
Police in the Chiba Prefectural zone of Japan have arrested nine people suspected of making nearly $4m by distributing malware that harvested mobile user's contact information and using it for a fake dating website.
The arrests came after a joint operation between the police and Symantec, and the security company reports that the possible ringleader of the group is Masaaki Kagawa, president of IT firm Koei Planning and a semi-professional poker player who has netted over $1.5m in winnings from tournament play over in the last six years.
It may well be that the NSA is recording every breath you take, every move you make.
But it's going to take them quite some time to review whether your breaths and moves are, in some way, significant or even troubling.
So along comes an Android app that can help you by forewarning the NSA with "Look! It wasn't me!" I am grateful to Android Central for forewarning me about USA PRISM Plus. Being an Android app, this sprightly invention relies on utter openness. For it takes random shots of your cell phone and sends them to the NSA Careers Twitter account.