Google

(get it in RSS or Atom)

SSCC 154: Fraud, viruses, patches and encryption (in that order!) [PODCAST]

chet-chat-logo-featured-250

Where does your country sit on the fraud list? Just how much can you trust SMSes on Android? Is Apple serious enough about iOS security? And will Google's End-To-End email encryption plugin save the world?

Find out with Chet and Duck in this week's Chet Chat podcast...

Anatomy of a buffer overflow - Google's "KeyStore" security module for Android

ks-250

Here's a cautionary tale about a bug, courtesy of IBM.

Not that IBM had the bug, just to be clear: Google had the bug, and IBM researchers spotted it.

Supreme Court refuses to drag Google out of its Street View privacy wreckage

Supreme Court won't drag Google out of its Street View privacy wreckage

Google's planning to slurp up ever more data, from wearables, fitness apps and more. It sure would be nice for Google if the Street View fiasco would fade away and stop reminding people of how they snooped on data and then lied about it, but the Supreme Court isn't disposed to helping it out on this one.

Google looks to make OpenPGP easier for Gmail users

Google switches Gmail to HTTPS only

In early June Google announced a new project designed to create a Chrome plugin to allow end-to-end encryption of web-based emails using OpenPGP. We take a look at its current state and explain how it works.

Anatomy of an Android SMS virus - watch out for text messages, even from your friends!

slf-logo-250

Paul Ducklin looks into "Andr/SlfMite-A", an Android SMS virus.

The malware sends itself to your top 20 contacts and foists an third party app for an alternative Android software market onto your device...

"Towelroot" app makes it easy to root Galaxy S5 and other locked Androids...

towels-250

Galaxy S5 users will be cheering. System administrators are probably groaning.

Paul Ducklin looks at an Android-era variant of Hamlet's dilemma: "To root or not to root, that is the question."

Is that Google Glass wearer stealing your iPad passcode?

Tablet. Image courtesy of Shutterstock.

What about the one with a smartwatch? Snoopers can catch your code from nearly 10 feet away with Google Glass or Samsung's smartwatch and from almost 150 away using a HD camcorder, thanks to researchers' custom-coded, shadow-tracking recognition algorithm.

SSCC 153: TrueCrypt, Towelroot, Cryptowall, and spam in Canada [PODCAST]

chet-chat-logo-featured-250

Chester Wisniewski and Paul Ducklin present this week's edition of the regular Sophos security podcast, the "Chet Chat."

In this episode: the TrueCrypt saga continues; the Towelroot software for unlocking Androids; ransomware after CryptoLocker; and Canada's long, long, long-awaited anti-spam law.

BoringSSL wants to kill the excitement that led to Heartbleed

Bored girl

Some things just aren't meant to be exciting. In fact some things are supposed to be so far from novelty, surprise and frivolity that any whiff of excitement at all is a bad sign indeed. Introducing Boring SSL...

Google and Microsoft want to kill your phone if it's stolen. Do you feel safer?

Kill switch

The law enforcement group Secure Our Smartphones is claiming victory after Google and Microsoft announced they will add a "kill switch" to their mobile operating systems.

Google forced to e-forget a company worldwide

Google forced to e-forget a company worldwide

Perhaps inspired by Europeans winning the right to be forgotten in Google search results last month, a Canadian court has ruled that Google has to remove search results for a Canadian company's competitor, not just in Canada but around the world.

Google's after your health data with 'Google Fit' service

Dumbbells. Image courtesy of Shutterstock

Google's reportedly about to jump into the growing fitness data marketplace - a mosh pit that consumer advocates are already calling a privacy nightmare - to wrestle with Apple and Samsung for the data getting created by fitness trackers and health-related apps.

Here's what bugging your own office NSA-style can reveal

Eavesdropping. Image courtesy of Shutterstock.

A US reporter for National Public Radio found that NSA-style broad surveillance enabled by a pen-testing device and software crunching picked up on his research (in spite of Google's default search encryption), intercepted uncut interview tape, ferreted out his interview subjects' phone numbers and email addresses, and more.

Google to flag 'right to be forgotten' censored search results

Google to flag 'right to be forgotten' censored search results

Google is reportedly planning to put an alert on the bottom of every page where links have been removed in the wake of the recent "right to be forgotten" court ruling.

Mobile malware, Gameover, CryptoLocker, and SSL/TLS holes - 60 Sec Security [VIDEO]

2014-06-07-thumb-250

How long has mobile malware been around? Is it really game over for Gameover and CryptoLocker? Which cryptographic security libraries need patching?

It'll only take a minute to find out...

CryptoLocker wannabe "Simplelocker" scrambles your files, holds your Android to ransom

sl-bars-250

"If the crooks keep copying Windows threats that were financially lucrative," you're thinking, "we'll soon see Android ransomware that doesn't just lock your device, but locks up your data instead, or as well."

Guess what?

Google says half of email is sent unencrypted

Open padlock. Image courtesy of Shutterstock.

It's been an encryption-intensive start to the week - good news for all of us who are wary of snooping.

SSCC 150 - TrueCrypt, Gameover, CryptoLocker and whither mobile malware? [PODCAST]

sscc150-thumb-250

This week, Chet and Duck dig into the bafflement of the disappearing TrueCrypt encryption software: did it jump, or was it pushed?

They also look at the takedown of Gameover and CryptoLocker, and look into what we can learn from ten years of mobile malware.

Prankster fakes pick axe murder for Google Street View

Pick axe on Street View

It took over a year for somebody to complain about the image. If you're worried that Big Brother is watching, think of it as consolation that he's not too quick on the uptake.

12,000 Europeans ask Google to forget them

12,000 Europeans ask Google to forget them

Those are the results from just Day 1 of a web form to allow Europeans to request that outdated information about them be removed from Google's search results. Will those numbers continue, or is there just a pent-up demand of people wanting to blip their existence off the internet?