security

The Windows Phone Store received a bug fix recently, closing a hole that allowed developers to publish applications that can access a user’s photo library without their permission. The quirk was originally brought to our attention by developer Al Gihuni, who makes the popular Sound Cloud app SoundClone for Windows Phone (don't worry, that app is safe).

Gihuni demonstrated this quirk for us by submitting a test app to the Store –  seen in this article's images –  that required three capabilities: access to your photo library, phone identity, and owner identity. After passing through Microsoft’s certification processes, we opened up the Store app and navigated to the app listing. The listing only indicated the app needed phone and owner identity access, with no mention of access to the photo library.

More →
5
loading...
0
loading...
42
loading...
0
loading...

Back in November, we reported on Telegram, a new WhatsApp-like messenger service that is available on iOS and Android. Hailing from Russia and created the founders of VKontakte, Telegram (www.telegram.org) is a decentralized, cloud-based and encrypted messaging service that promises to be the fastest and most secure out there (it supports RSA 2048 encryption and Diffie–Hellman secure key exchange).

At the time, we reported that the client should be ready by January but as the month winds down, we still don’t have a client on our phone. The official Twitter account for Telegram has now confirmed their schedule, and while they are a little behind, we should have something tangible in the coming weeks.

More →
6
loading...
0
loading...
54
loading...
0
loading...

Enpass (enpass.sinew.in) is an application that is purely designed to store your passwords and important information. The reason I like this one over some of the others we have looked at is down to two reasons. The first being that it’s a real beauty on the eye and super easy to use. And secondly, it allows for two cloud syncing options. Secure yourself for more details past the break.

More →
4
loading...
0
loading...
29
loading...
0
loading...

Microsoft, along with other companies have been in the news surrounding the US National Security Agency (NSA) and general privacy concerns that government agencies have easy access to customer data. Brad Smith, General Counsel & Executive Vice President, Legal & Corporate Affairs at Microsoft, recently published a blog post detailing now is the time for an international convention on government access to data.

More →
5
loading...
0
loading...
57
loading...
0
loading...

There has been a bit of confusion for Windows XP users (yes, they still exist) over whether or not they would be able to obtain antivirus support after July 2015. Let us take a few moments to talk about what antivirus support you won’t have after the 2015 date, but what might still be available. In addition, take a second to learn why you will still be at risk after this April even if you choose to continue using a third party service's security solution.

More →
4
loading...
0
loading...
52
loading...
0
loading...

Microsoft had stated that they are "focused on engineering improvements that will further strengthen security," and evidence has begun to take root with a collection of new security features that will be added to existing and new Microsoft accounts. The new features will be rolling out over the next few days and include a new Recent Activity tab, Recovery Codes, and increased security notifications. 

More →
3
loading...
0
loading...
63
loading...
0
loading...

Many people have had their trust shaken by the United States National Security Agency’s involvement with top technology companies around the globe including Google, Apple, Facebook, Microsoft, and many more. To this day, many people still feel at least a bit of lost faith towards the aforementioned technology giants and any personal data that they may hold.

The paranoia can be seen in Microsoft’s release of the Xbox One and its Kinect accessory – there was a vocal, but visible, minority that screamed the Kinect could be used by the NSA for spying purposes. But recently, Microsoft has announced major plans to increase encryption techniques on their own internet traffic to keep users more secure.

More →
5
loading...
0
loading...
62
loading...
0
loading...

Two factor security authentication isn’t a new concept to secure online information and data, but it has never been convenient. I used to play World of Warcraft (Horde FTW), and used Blizzard’s authentication tool to log into my account and keep it secure – there is nothing worse than someone stealing gold you quested all day for.

The Blizzard application for WoW was cumbersome and became an annoyance to constantly use. Before that, I used a physical authenticator keychain to gain access to my PayPal account – an even more painful experience. One company, Adips, believes they have the solution and it’s called Rublon; an easy form of authentication that uses your own Windows Phone to gain access to what you treasure the most.

More →
2
loading...
0
loading...
54
loading...
0
loading...

InPic, developed by ApplyF, is full featured Instagram client for Windows Phone 8. It falls into the same camp as Instance and 6tag in that it allows users to directly post to the popular photo sharing network. It’s also available as a Windows 8 app, is completely free and it easily has one of the nicest UIs we’ve come across.

Version 1.1 is now live in the Store and with it, brings numerous changes worth revealing. The biggest one is InPic now has the Instagram security requirements enabled, including full logout from the service.

More →
1
loading...
0
loading...
35
loading...
0
loading...

Nokia has joined forces with the University of Bristol in the UK to develop the first practical way of processing quantum cryptography on a mobile phone. What does this mean with a mini jargon buster? It would essentially enable you to send encrypted messages or data in secrecy. Currently utilised by banks and other organisations who can afford such expensive technology, the work carried out by Bristol University and Nokia could integrate simple client electronics on a single chip - perfect for a mobile phone.

More →
1
loading...
0
loading...
40
loading...
0
loading...

Do you trust Microsoft’s latest operating system, Windows 8? If you are the Federal Republic of Germany, the answer to that question is "no". Last week internal documents from IT professionals within the government showed a strong rejection of the new operating system calling it "unacceptable for the federal administration and the operators of critical infrastructure".

More →
3
loading...
0
loading...
14
loading...
0
loading...

Earlier this week we saw the release of the highly anticipated Instagram client for Windows Phone called 6tag. Developed by Rudy Huyn in just a few weeks’ time, the app has skyrocketed to the top of the Windows Phone Store. While the app is not official or endorsed by Instagram, the company signed off on the name as not conflicting with their brand, in addition to looking the other way on the usage of their API.

Now, version 1.0.1.0 has landed in the Store and while it doesn’t bring any new features per se, it does address some security concerns that were raised in an alarmist article. Plus, we can share with you a new trick that will allow you to open 6tag from Internet Explorer 10.

So what are those changes?

More →
3
loading...
0
loading...
59
loading...
0
loading...

Microsoft has issued an advisory warning concerning a Windows Phone vulnerability when connecting to rogue Wi-Fi networks.

The issue at hand rests in a Wi-Fi authentication scheme (PEAP-MS-CHAPv2) which our Windows Phones use to access protected wireless networks. Cryptographic weaknesses in the technology can allow an attacker to recover a Windows Phone encrypted domain credentials (passwords) when it connects to a rogue access point.

More →
5
loading...
0
loading...
26
loading...
0
loading...

Microsoft has announced this week that it will be removing Windows Phone apps that the company deems to have critical vulnerabilities. Microsoft notes in a TechNet blog post that developers will be provided 180 days to patch the issues in their app or their work will be pulled from the store, preventing consumers from accessing the app from their smartphones or via the web.

More →
6
loading...
0
loading...
46
loading...
0
loading...

Microsoft’s security division has been fighting back hackers and botnets for years and now they want you to help out. The company is offering a variety of bounties for finding bugs and security flaws in a variety of software.

Windows 8.1 is the first on a list of bounty programs to launch on June 26th. Microsoft will pay up $100,000 USD to hackers who can showcase “truly novel exploitation techniques”. The company is serious about making sure Windows’ latest revision is released to the public without a hitch.

More →
4
loading...
0
loading...
70
loading...
0
loading...

Microsoft has been fighting off botnets and hackers for the last few years with Project MARS (Microsoft Active Response for Security). They have crippled major botnet networks including Waledac, Rustock, Kelihos, Zeus, Nitol, and Bamital.

Today, Microsoft plans to take their fight for web justice to the next level using their own cloud resources. The newly designed Windows Azure-based Cyber Threat Intelligence Program (C-TIP) allows computer emergency response teams to respond in near real time. TJ Campana, director of security in Microsoft’s Digital Crime Unit, stated that:

“(C-TIP) will allow organizations to have better situational awareness of cyber threats, and more quickly and efficiently notify people of potential security issues with their computers.”

Last Friday, Microsoft’s Orlando Ayala joined the Secretary of State of Telecommunications and Information Society of Spain to announce an agreement for the Spanish CERT, to become one of the first organizations to hook up with the company’s C-TIP service. The new technology will allow ISPs and CERTs to receive updated threat data every 30 seconds; the data will alert the organizations of any infected computers in their network or domain.

More →
0
loading...
0
loading...
28
loading...
0
loading...

Pages