>the laziest blog on earth...contact me: mudwerks AT gmail DOT com
ALL MY SONGS!...
AVAILABLE NOW on bandcamp!
(via Critical app flaw bypasses screen lock on up to 100 million Android phones | Ars Technica)
A critical flaw in an Android app downloaded as many as 100 million times allows attackers to take full control of handsets even when they’re protected by screen locks.
The vulnerability in the Skype rival known as Viber affects Android smartphone brands such as Samsung, Sony, and HTC, according to a blog post published Tuesday by Bkav Internet Security. Although attack techniques differ from model to model, they all exploit programming logic in the way Viber handles popup messages, researchers with the company wrote.
A spokesman Viber Media, maker of the affected app, said company officials learned of the vulnerability on Wednesday and plan to release a fix next week.
“In the meantime, anyone concerned about this issue can resolve it by disabling Pop-up Notifications in the Android version of Viber,” Viber said in a statement issued to Ars. “This can be done by going to Viber Settings and choosing to disable—’New Message Pop-Up…’”
Malware used to spy on Tibetan activists and other ethnic groups in China is nothing new. But a new Trojan discovered by researchers at Kaspersky Labs has widened the scope of this digital espionage and intimidation. The malware uses a combination of e-mail hacking, “spear phishing,” and a Trojan built specifically for Android smartphones. Kaspersky claims this is the first discovery of a targeted attack that uses mobile phone malware.
On March 25, the e-mail account of a Tibetan activist was hacked and then used to distribute Android malware to the activist’s contact list. The e-mail’s lure was a statement on the recent conference organized by the World Uyghur Congress that brought together Chinese democracy activists and Tibet, Southern Mongolia, and East Turkestan human rights activists. The e-mail claimed to have an attachment that was a joint letter from WUC, the Unrepresented Nations and Peoples Organization, and the Society for Threatened Peoples. If the targets opened the attachment, however, they received malware packaged in an Android APK file.
When opened, the Trojan installs an app called “Conference” on the Android devices’ desktops. If the app is launched, it displays a fake message from the chairman of the WUC—while sending back a message to a command and control server to report its successful installation. The malware provides a backdoor to the device via SMS messages sent by the server. On command, it returns the phone’s contact lists, call logs, data about the smartphone, its geo-location data, and any SMS messages stored on it to a server via a Web POST upload.
The server itself is running on a Chinese-language configured Windows Server 2003 machine sitting in a data center in Los Angeles. In addition to providing an upload point for the data stolen from Android devices, it also hosts more Android malware in its home page and provides a public Web interface (in Chinese) that allows direct control over phones that have been infected with the malware. While the server itself is at an IP address registered to a company called Emagine Concept, a domain pointed at the machine is registered to Shanghai Meicheng Technology Information Development Co., Ltd., a Chinese company with a contact in Beijing.
(via Serial hacker says latest Android will be “pretty hard” to exploit | Ars Technica)
Diagram showing attacker overwriting a return address with a pointer to the stack that contains attacker-supplied data
The latest release of Google’s Android mobile operating system has finally been properly fortified with an industry-standard defense. It’s designed to protect end users against hack attacks that install malware on handsets.
In an analysis published Monday, security researcher Jon Oberheide said Android version 4.1, aka Jelly Bean, is the first version of the Google-developed OS to properly implement a protection known as address space layout randomization. ASLR, as it’s more often referred to, randomizes the memory locations for the library, stack, heap, and most other OS data structures. As a result, hackers who exploit memory corruption bugs that inevitably crop up in complex pieces of code are unable to know in advance where their malicious payloads will be loaded. When combined with a separate defense known as data execution prevention, ASLR can effectively neutralize such attacks.
Although Android 4.0, aka Ice Cream Sandwich, was the first Android release to offer ASLR, the implementation was largely ineffective at mitigating real-world attacks. One of the chief reasons for the deficiency was Android’s executable region, heap, libraries, and linker were loaded at the same locations each time. This made it significantly easier for attackers designing exploits to predict where in memory their malicious code can be located…
(via Android users targeted in drive-by download attacks | Ars Technica)
Almost a dozen sites are actively targeting Android users with malware that could gain access to corporate networks and other protected systems, security researchers said. They note it’s the first time compromised sites have been used to infect users of a mobile handset.
The malware, dubbed NotCompatible, is being transmitted by websites when they’re accessed on smartphones running Google’s Android operating system. This is according to a blog post published Tuesday by researchers from Android antivirus provider Lookout. An iframe tag included in the sites provides a link to malicious software that’s automatically downloaded after the site is visited. The sites then provide notifications prompting end users to install the downloaded app. Installation is possible only on phones that have been configured to run apps acquired from sources other than the Google Play market.
“Hacked websites are frequently used to infect PCs with malware,” Lookout researchers wrote in Wednesday’s post. “However, today we have identified the first time hacked websites are being used to specifically target mobile devices.” The company’s security app automatically blocks installation of the software…
E Gynoid Angel Peter Gric
While politicians continue to pretend that SOPA support is a minor issue, there’s been more and more evidence that it’s a big deal to an awful lot of people. For example, in just the past few weeks, there’s been a Chrome add-on to tell you when you’re browsing a site from a company that supports SOPA, as well as an Android app that will do the same thing via physical barcodes, to help people avoid buying products from companies who support SOPA. But, I’m sure the public doesn’t really care about the law at all…
(via ClockworkMod Tether serves free Android USB tethering, no root required — Engadget)
Not content to provide us with ClockworkMod Recovery and other fine hacks, Koush just made a free USB tethering app available for Android aptly called ClockworkMod Tether Alpha. While it’s not the first app to bypass paid tethering plans, it supports unrooted phones and works with Linux, Mac and Windows computers. Just enable USB debugging on your phone, download the appropriate installer for your desktop OS of choice, then connect both devices via USB and you’re all set. The installation process creates a virtual network adapter on your computer and pushes a matching APK to your phone. A proxy is used to avoid detection by the carriers.
We tested the app on a late-model MacBook Air running OS X Lion and an AT&T-branded Samsung Captivate Glide — along with a couple other handsets — without much success (as documented in the screenshot above). Then again, based on the discussions following Koush’s Google+ post (source link below), the app appears to work for many folks and continues being tweaked on an hourly basis. Clearly your mileage will vary, but let us know in the comments how it’s working out if you’ve installed the app.
![nemomatic:
This is the second time Wired Magazine has printed this photo (this time in their UK version) without bothering to credit me or my sculpture. The image is used to support an article about Andy Rubin (he’s the one wearing pants), the man behind the Android operating system. Is it too much to ask that Art be considered as intellectual property, or at least valued in some way like every other business? I mean, come on, they’re printing a picture of a giant, anatomically correct, gun toting robot. Why bother even staging such a photo if it’s image isn’t compelling enough to warrant some kind of interest from their readers? Why not do the honorable thing and at least mention the guy who spent countless hours and dollars creating the thing? How hard is it to print a tiny little image credit? O.K. done ranting now.
[wow - seriously, WIRED - WTF?!!?!?…]](http://25.media.tumblr.com/tumblr_lx6tevD8LW1qdxhi1o1_500.png)
This is the second time Wired Magazine has printed this photo (this time in their UK version) without bothering to credit me or my sculpture. The image is used to support an article about Andy Rubin (he’s the one wearing pants), the man behind the Android operating system. Is it too much to ask that Art be considered as intellectual property, or at least valued in some way like every other business? I mean, come on, they’re printing a picture of a giant, anatomically correct, gun toting robot. Why bother even staging such a photo if it’s image isn’t compelling enough to warrant some kind of interest from their readers? Why not do the honorable thing and at least mention the guy who spent countless hours and dollars creating the thing? How hard is it to print a tiny little image credit?
O.K. done ranting now.
[wow - seriously, WIRED - WTF?!!?!?…]
