Google is taking steps to make Android phones safer by including a verified boot system that checks for irregularities in the platform code. And device owners will know that their phone or tablet is safe based on startup messages from the system check.
Android Police spotted an updated Nexus support page showing the three possible boot verification messages.
If Android doesn't find any platform changes at bootup, the device will just start as it normally does. However, if there's a potential issue detected, one of three dialog messages will appear as a warning.
Fiat Chrysler’s recall of more than 1.4m of its Jeeps so they can be fitted with a software patch to make them safe from having the controls taken over remotely, draws attention to an unnerving fact: any modern car is a network of anything up to 70 powerful computers that happen to be mounted on wheels and armoured in a tonne or more of steel. Every new car sold in the past few years is running about twice as much code as the whole of Facebook.
At the 2015 Intelligent Defense European Technical Research Conference in June, Tripwire security researcher Craig Young presented Smart Home Invasion and revealed zero-day flaws in the “brains” of Internet of Things platform hubs such as SmartThings hubs, Wink hubs and MiOS Vera. The Wink and Vera products “contained critical remotely exploitable flaws.” Young warned that “if not addressed, smart home flaws can give rise to a new type of ‘smart criminal' able to case victims without being seen. Once a target is chosen, it is possible to unlock doors and disable security monitoring.”
Today, Fiat Chrysler recalled 1.4 million vehicles possibly affected by a vulnerability in the UConnect infotainment system that could allow attackers to hijack the vehicle's steering and braking. Car hacking researchers Chris Valasek and Charlie Miller demonstrated proof of concept in striking fashion, when they wirelessly took control of a 2014 Jeep Cherokee driven by Wired reporter Andy Greenberg and brought it from 70 mph to a screeching halt.
You can bypass Apple's space-age security and gain administrator-level privileges on an OS X Yosemite Mac using code that fits in a tweet.
Yosemite, aka version 10.10, is the latest stable release of the Mac operating system, so a lot of people are affected by this vulnerability. The security bug can be exploited by a logged-in attacker or malware on the computer to gain total unauthorized control of the Mac. It is documented here by iOS and OS X guru Stefan Esser.