You might say the day is never really done in consumer technology news. Your workday, however, hopefully draws to a close at some point. This is the Daily Roundup on Engadget, a quick peek back at the top headlines for the past 24 hours — all handpicked by the editors here at the site. Click on through the break, and enjoy.
A team of security researchers claim to have identified a four-year-old Android bug that can allow malicious trojans to appear as verified apps, infecting devices with malware while users remain unaware of its presence.
     |
Bad news for slow coaches: the white Nexus 4 has now sold out on the Play Store. Given it was a limited edition, that’s your chance gone.
| |
Amazon Japan has harnessed (hired?) goats to manicure the grounds at its distribution center in Gifu Prefecture. And the most interesting part? Amazon isn’t even the first internet company to do this!
| |
If you’ve been putting off buying a white Nexus 4, be ready to wallow in regret: you’ve missed your chance to get one straight from Google Play. Both the 8GB and 16GB versions are “no longer available for sale,” a little more than a month after the company’s online store started carrying them. A Google spokesperson told us that the alabaster phone has indeed sold out, and that the Play Store won’t carry it again, as it was a limited edition release. All’s not lost, though — T-Mobile still sells the white Nexus 4, but you’ll pay a slight premium for it.
Filed under: Cellphones, Mobile, Google
Via: Android Police
Source: Google Play, T-Mobile
A doozy of an Android bug has been discovered by Bluebox Security’s Bluebox Labs, one that affects all Android releases since 1.6 Donut. With the vulnerability, malicious coders can create a trojan application to serve whatever purpose they’d like, whether to steal a user’s information or take over control of the device. More information will be given at Black Hat USA 2013 in a keynote speech.
According to Bluebox Labs, because of how many versions of Android are affected, a potential 900 million devices could suffer from the vulnerability, which involves a means for modifying APK code without harm to the app’s cryptographic signature. As such, a perfectly legit app can be converted into a trojan that slips under the radar.
The company goes on to specify that apps developed by the handset’s makers pose a greater risk due to their elevated privileges. Because of this, one of these apps that are exploited and turned into a trojan can give the hacker complete access to the mobile OS’s apps and system, as well as all their related data. The ramifications of this are two-fold:
Depending on the intent of the hacker, personal data like text messages, emails, any documents on the device, account passwords that are saved, pictures, and other related items can be swiped, potentially giving access to things like bank accounts and revealing contacts’ information. In addition, this can be taken a step further so that the hacker has the ability to use the device to send text messages, snap pictures, record videos, make phone calls, etc.
In an extreme case, the vulnerability could be used to create a botnet.
According to Bluebox, it informed Google of this Android vulnerability in February of this year. To take care of the issue, every device manufacturer will need to create a patch and roll it out to its users, who will then need to install it. The security firm says it will release “tools/material” and more info about this vulnerability during Blackhat USA 2013, which takes place later this month.
SOURCE: BlueBox
Android vulnerability discovered affecting devices running version 1.6 and later is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.
It’s become a race, suddenly, to deliver the first Android smartphone – or first smartphone with any mobile operating system, that is, to bring on a whopping 3GB of RAM, here between the Samsung Galaxy Note III and the LG Optimus G2. While neither device has been confirmed with full specifications delivered by its creator – or confirmed to exist, at that – both machines have been rumored just today to be carrying the next-level amount of processing capability.
The Samsung Galaxy Note III may be the first to market, bringing with it a cool 5.99-inch 1080p display, holding with it the same amount of pixels (slightly less tightly packed) as the Galaxy S 4. This device is also suggested by MyDrivers, a publication speaking with South Korean inside sources, to be working with a slightly thinner body than its predecessor. As the Galaxy Note II worked with a weight of 182g, the Note III will be edging down below 180g and 8mm thick.
The Galaxy Note III is suggested to, by the time it’s launched, be working with Android 4.3, Jelly Bean’s newest iteration, and will support 4G LTE-Advanced. Of course there will be more than one iteration of the Galaxy Note III, the same as the Galaxy S 4 and its own LTE-A version unveiled last week.
The third version of the Note handset will be working with at least two versions, depending on the region they’ll be delivered. One iteration’s delivery with a Samsung-made Exynos 5 “Octa” SoC will match that of the international version of the Galaxy S 4. The other version will have the same Qualcomm Snapdragon 800 quad-core processor as the LTE-A version of the Galaxy S 4, a step above the standard Galaxy S 4 delivered to the USA on multiple carriers earlier this year.
Earlier today it was also reported that the reveal date for the Samsung Galaxy Note III will be September 4th at a pre-IFA 2013 “Samsung Unpacked” event. Sounds reasonable!
Samsung Galaxy Note III specifications leak with 3GB RAM is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2013, SlashGear. All right reserved.
Researchers at Bluebox Security have revealed a disturbing flaw in Android’s security model, which the group claims may affect up to 99 percent of Android devices in existence. According to Bluebox, this vulnerability has existed since Android 1.6 (Donut), which gives malicious app developers the ability to modify the code of a legitimate APK, all without breaking its cryptographic signature — thereby allowing the installation to go unnoticed. To pull off the exploit, a rotten app developer would first need to trick an unknowing user into installing the malicious update, but hackers could theoretically gain full control of a user’s phone if the “update” posed as a system file from the manufacturer.
Bluebox claims that it notified Google of the exploit in February. According to CIO, Bluebox CTO Jeff Forristal has named the Galaxy S 4 as the only device that’s currently immune to the exploit — which suggests that a security patch may already exist. Forristal further claims that Google is working on an update for its Nexus devices. In response to our inquiry, Google told us that it currently has no comment. We certainly hope that device manufacturers do the responsible thing and distribute timely security patches to resolve this issue. Absent that, you can protect yourself by installing updates through the Play Store and Android’s built-in system update utility.
Filed under: Software, Mobile, Google
Source: Bluebox Security, CIO
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
