we reported that bloggers had found a vulnerability in the Skype App which allows hackers to harvest data from a user's Android handset with no need to root a phone or gain special permission. The problem was discovered during the testing of a leaked version of Skype for Android's new Video App. But it didn't take long to notice that the flaw was carried over from the already released Skype for Android App that's currently in the Market. Skype has responded to the news in their security blog, admitting that the flaw exists and they're working hard to fix it. But what can a user do to protect themselves in the meantime?
new features centered around security and collaborative working. Available to all Google Apps for Business and Google Apps for Education customers, the functionality includes remote tracking and locking support via the My Devices dashboard. It's now possible to locating a lost Android 2.2+ handset on a map, ring the device, and reset its PIN or password remotely. There's also a new "Encrypt Data on Device" feature, which will now include requiring encrypted storage on Android 3.0 tablets. Finally, there's a new Google Apps Lookup feature which promises to make locating enterprise business details more straightforward. More information on the changes here.
Dropcam has added an Android app for accessing its streaming webcams to the Android Market, having previously only offered basic browser support for non-iOS devices. The app itself is a free download, though you'll need to be a paying Dropcam subscriber in order to actually access your cameras. As well as regular streams, you can set alerts to be notified on movement or audio. [youtube jIbzF3RQf6g] [via AppScout]
has been revealed, which might make users more wary of plugging smartphones into their computers to sync or recharge. The exploit, developed by Angelos Stavrou and Zhaohui Wang, infects an Android device so that it mounts as a regular HID (human interface device) keyboard and mouse on a PC, Mac or Linux machine. With that access, the malware author could then retrieve files, download other malware or even take control of the system altogether, depending on the nature of the exploit code. Versions of the exploit have been written for computers and for the Android kernel; an iOS version would also be possible, the researchers claim.
"Say your computer at home is compromised and you compromise your Android phone by connecting them. Then, whenever you connect the smartphone to another laptop or computing device I can take over that computer also, and then compromise other computers off that Android. It's a viral type of compromise using the USB cable" Angelos Stavrou