Tag Archives: Android

AVG

AVG demonstrates robust anti-theft solution in partnership with Qualcomm

Leave a comment

Losing a smartphone means so much more than the cost of the device itself – personal and business information, messages, emails, contacts and social networking profiles may all be potentially compromised. When you add banking and shopping apps, the financial costs and associated risks can also escalate significantly.

That’s why we’re pleased to announce that AVG is working with Qualcomm Technologies, Inc., a leading supplier of semiconductors to the mobile industry, to expand the functionality of our applications to include Qualcomm SafeSwitch kill switch technology on devices with select Snapdragon chipsets.

Unlike other anti-theft alternatives, SafeSwitch provides a robust yet reversible kill switch solution that locks the device at the chip level, rendering it unusable and extremely difficult to crack. SafeSwitch also helps protect user privacy by encrypting the device’s storage, making it very difficult for attackers to obtain any personal or privileged information from a stolen device.

Any attempt to replace the SIM card, perform a factory reset or brute force the passcode will lock down the device and render it temporarily unusable. After locking, the device owner can unlock the device and restore it to its pre-locked condition by entering the master passcode.

AVG and Qualcomm conducted a demonstration of the SafeSwitch solution on a device incorporating Qualcomm’s premium-tier Snapdragon 810 chip at the 5th Annual International Cybersecurity conference held in Tel Aviv, Israel, June 22nd -25th, 2015.

Following the conference, AVG and Qualcomm Technologies will continue working together to offer a joint end-to-end commercial solution later this year.

AVG

Will your next password be an emoji?

Leave a comment

Emoji’s such as smiley faces and others pictographs used commonly by many people nowadays have been put forward as a possible replacement to the humble password or PIN by a British start-up called Intelligent Environments.

As reported in The Guardian recently, the concept lends itself to our natural ability to remember pictures much more vividly than standard characters like letters and numbers.

Add to that research that shows 64% of millennials are using Emoji’s almost exclusively in their communication, and one wonders if this trend just might have some merit in the future.

The method proposed is that instead of entering your password or PIN, instead you would select a sequence of 4 Emoji pictures from a possible set of 44.  The math behind this says that an Emoji “password” would therefore be one out of a possible 3,748,096 combinations.

However, the question of whether this would be more secure over the standard password, and in particular a 4-digit PIN is open for debate.

While technically your 4-digit PIN is only one from a combination of 10,000 choices, the implementation on your mobile device tends to be much more secure, by the fact that incorrect attempts will result in gradually increasing timeouts – making it much more difficult and impractical to crack easily.

And consider that, just as with passwords, it is possible that people will select Emoji sequences that are quite predictable.  For example, selecting Emoji’s that tell a common story, like a Man, a love heart, a Woman, and a bunch of flowers; it’s quite possible people will end up selecting popular Emoji versions of the 1234 PIN equivalent.

On the positive side, think of how hard writing down your Emjoi “password” is going to be for those of us who aren’t artistically gifted.

If you are concerned about only using a 4-digit PIN on your mobile device, however, there are options you can change:

  • For Android users, depending on the version you have, you can select from PIN, Password, and also Smart Lock features. Using the Pattern option (where you draw a pattern on the screen) is not recommended as the smudge marks you leave on the screen can be enough to give it away!

For more information keeping your mobile device safe, check out the video below 6 Tips to Secure your Android Phone video.

Video

6 Tips to Secure Your Android Phone

 

Until next time, stay safe out there.

AVG

Tablet AntiVirus Security FREE scoops award

Leave a comment

We are happy to announce that AVG’s Tablet AntiVirus Security FREE has been voted as the best tablet security app in a Czech and Slovak app award.

The awards, organized by Czech company Tuesday Business Network, are designed to celebrate the very best of Czech and Slovak app development industry.

A shortlist of products was drawn up by public nominations and an expert panel selected the winners.

AVG Tablet AntiVirus Security FREE has many powerful protection and anti-theft features that can help you keep your device safe as well as protecting the data stored on it.

These include:

  • App scanning
  • Remote locating/locking/wiping if it gets lost or stolen.
  • Task killer to help you improve the speed of your device
  • Secure web browser to protect you from malicious links and phishing attacks
  • Battery, storage and data package usage monitors
  • And many more

 

Download AVG Tablet AntiVirus Security FREE from Google Play today.

Avira

Fix for 600 Million Galaxy Phones Available Soon

Leave a comment

You might have heard of the security issue with Galaxy phones that was everywhere in the media this week. If not, let me fill you in:

Samsung phones come preinstalled with SwiftKey, a very popular alternative keyboard for Android and iOS. Security researchers from NowSecure discovered a vulnerability in the update mechanism for the customized version the company uses and which is being distributed on most of the Galaxy phone models.

According to NowSecure „a remote attacker capable of controlling a user’s network traffic can manipulate the keyboard update mechanism on Samsung phones and execute code as a privileged (system) user on the target’s phone. This can be exploited in a a manner that requires no user interaction — a user does not have to explicitly choose to download a languagePack update to be exploited.“

Samsung itself played the issue down and stated that a “very specific set of conditions” needs to be met in order for the attack to be successful. Nonetheless a patch will be made available soon – after all more than 600 million Samsung Galaxy phones are affected. The drawback is that only devices that have Samsung’s Knox security platform installed will profit from the updates. “For the devices that don’t come with KNOX by default, we are currently working on an expedited firmware update that will be available upon completion of all testing and approvals” the company says in their statement.

The post Fix for 600 Million Galaxy Phones Available Soon appeared first on Avira Blog.

AVG

Google Photos: the Faustian bargain of privacy

Leave a comment

Unlimited backups of all your photos. For free. Now that’s hard bait to refuse, especially considering how photo-happy we’ve all become since our smartphones have replaced our pocket cameras. But this offer is just the tip of the iceberg in Google’s new app. After all, if you’re going to be uploading thousands upon thousands of photos, you’d expect sorting them would be a pain.

Google’s answer to that seems to be: Don’t. Instead, trust us to deliver the right photos when you use our in-app search bar.

 

Searching Photos

Google’s new Photos app leverages the search giant’s recent investments in machine learning to “read” your photos and figure out what they’re about without any need for you tag, label or date them.

Looking for photos of that holiday in London? Type “London”, and even without geo-location data enabled, Google’s algorithms will “read” the photos for any landscape it can recognize as coming from Old Foggy.

Type in “dog”, and it will do the same, pulling any photos of dogs it can find in your collection. If you’ve ever tagged a photo of your pet with its name, it will learn that too, and show you photos of “Rex” alone if you ever search for it.

None of this is happening with your input: Google’s engines have just learned to look at your photos, and understand what they’re looking at.

Facial recognition

Another feature you can choose to activate or deactivate, is the system’s ability to sort through faces. When you hit the search bar, you’ll be presented with a series of faces it has pulled out. Tap on one, and most if not all of the photos you have of that person will be presented. If your photo collections go back far enough, the system will sometimes be able to recognize the person as far back as childhood.

While not 100% accurate, it’s damn impressive, very useful, and whole lot of creepy.

Dealing with the Privacy Devil

The story of Faust is a quite apt description: in exchange for incredible powers, Dr. Faust sold his soul to the devil. You can bet that Google is not offering this much free backup storage and amazing machine analysis out of the goodness of its heart.

Just as Gmail made a breakthrough in the email market by offering enormous amounts of free storage in exchange for data-mining your communications to sell against ads, you can put down some good money on Photos going the same way.

While Google has affirmed that they will never sell your photos to third parties or publish them without your consent, that’s most likely not how they intend to use your collections. Instead, they will use them to get to know you better.

However the system manages it, it is somehow labeling your photos so that when you search for a term, it can deliver results against it. It will also be doing it for terms you may never search for.

Happen to be wearing Adidas shoes in a photo? In the future, you can expect Google Photos to make note of that, and the next time you are near a shoe store, don’t be surprised to receive discounted offers from Adidas.

Again, it’s unlikely that Adidas will ever see your photos. It will instead ask Google to target all the relevant users on its behalf.

In many ways, this is nothing new: it’s exactly the way any of Google’s other services work, whether that be Gmail, Google Now, or even the main Google search engine. Indeed it is how nearly all major web companies operate.

But it is taking that data-mining to a new, uncomfortably close-to-home level.

AVG

AVG opens new Tel Aviv Center of Excellence for mobile

Leave a comment

It gives me great pleasure to tell you about AVG’s latest office in Israel, spanning three floors in the brand new Adgar Tower in Tel Aviv.

The view from the large windows on the 23rd floor is impressive, and light pours into every room.

Adgar Tower

The office is set to become AVG’s global center of excellence for mobile and the headquarters for our mobile development and product teams. As the world looks ahead to the Internet of Things and an increasingly mobile future, the AVG office in Tel Aviv is the perfect breeding ground for innovation and growth.

As you would expect from such an important locale, a huge amount of planning went into the office, built with AVG’s core values at its heart:

Transparency

AVG has long held the belief that everything we do should be transparent. In our products, this manifests itself through pioneering projects such as the Short Privacy Notice but in the new Tel Aviv office, it is exists in a wonderful mixture of glass and light.

transparent office

I firmly believe that collaboration is key to the success in a company of any size, and with my background in startups, it was a principle we wanted to ingrain in our new office space. Glass walls and doors of glass ensure that everyone is visible, reachable and approachable. To me, it feels more like an incubator than a corporate office.

Execution

Like any AVG office around the globe, the engineers and workers in the Tel Aviv office pride themselves on attention to detail and high quality execution. Continuing this ethos was something we was certain needed to be done when planning for the future.

Every room houses a team of product and engineering experts all working together with a common purpose, to provide value to over 100 million users of AVG’s mobile products.

We never stop trying to help and protect our users, and the vibrant and collaborative atmosphere in Tel Aviv is the perfect environment to make it happen!

Shaul

Respect

Naturally, any office gets its character from its staff and we wanted to make sure that the new Tel Aviv office felt like home from the word ‘go’.

Work Life Balance

Each team customized the layout and finish of their office, down to choosing their own posters. Like in any business, motivated and impassioned people perform better, feel more rewarded and the office benefits from this.

Never stop hacking

Work-life balance has always been important to me, so we felt it was important that staff in Tel Aviv were able to express themselves for their talents and abilities outside of work. The AVG Talents initiative is the perfect reflection of that.

AVG Talents

Throughout the office, the walls display the artwork, photography and pets of AVG Tel Aviv staff. It doesn’t just make the office look great, but creates a sense of trust and familiarity. It encourages us to value each other not just as colleagues, but as talented and diverse people from all walks of life.

AVG Talents was in full swing this week as the staff band, The Showstoppers, helped us celebrate the new office with a concert, attended by the whole team.

Show Stoppers

Crowd

 

AVG

Google rolls out a new password manager

Leave a comment

Unveiled at its 2015 I/O developer conference, Google has begun to roll out a new security feature to all Chrome browsers and virtually all Android devices: the Smart Lock Password manager.

From now on, any website login details that you save in your desktop Chrome browser will be accessible via any Android device signed in with your Google account. So, if you’ve saved your login details for, say, Facebook or Netflix, you will be automatically signed in when accessing them from the Chrome browser on your Android device, and vice-versa.

In addition, if you were to install the Facebook or Netflix apps on your phone, they will also be able to automatically retrieve your login details from your Google account and sign you in.

The last feature requires individual app developers to include the newly released API codes from Google, but it’s a relatively simple matter, so we expect to see this feature rolling out across a variety of apps soon.

How to feel about Google managing your passwords for you is for you to decide. If you’re already saving these accounts in your Chrome browser, chances are you will enjoy this feature. However, you’re now putting more of your eggs in the same basket, so make sure that your main Google Account is locked down with strong passwords and two factor authentication.

So given our recent post about the fragmented nature of Android update deployments, when can you expect this feature? Well, for the last few years, Google has been using the Google Play Services app to get around this roadblock and send out major system updates to Android users, regardless of brand or make (but that’s a story for another time).

Any device running Android 2.3 or above will be receiving the update to Google Play Services 7.5 and be able to use the feature.

 

How to turn on or off Smart Locks Passwords

Interested in using the feature, or just want to make sure it’s turned off and Google isn’t vacuuming up all your passwords?

In your Android device, open the Google Settings app. This where all the details concerning your Google Account reside. You’ll find the Smart Locks setting at the bottom of the main menu in the Google Settings app. From there, you can select to turn on or off the password manager, allow auto-sign ins, and add exceptions to certain sites or applications.

Google settings

Smart Lock

Smart Lock options

 

From your Chrome Browser, you won’t find the Smart Locks name per say, but you will find where to manage the passwords saved in your browser. Just click on the menu in the top right corner of the browser, and select settings.

Chrome Settings

Chrome password save

 

At the bottom of the settings page click on “Show advanced settings”. From there, you can scroll down to “Passwords and forms”. Any passwords you’ve saved can be found here.

If you feel the convenience isn’t worth the privacy tradeoff, you can delete them and also set the browser to no longer automatically sign you into websites. Just keep in mind: you will regularly be asked if you want Chrome to save your logins when you sign in to websites. Remember to say “no” and “Never ask for this website again”.

As always, stay safe out there.

AVG

AVG Technologies Establishes Worldwide Center of Excellence for Mobile in Israel

Leave a comment

AMSTERDAM – June 16, 2015 – AVG® Technologies N.V. (NYSE: AVG), the online security company™ for more than 200 million monthly active users, announced today the establishment of its global Center of Excellence for mobile in Tel Aviv, Israel. The new office comprises a 3,200 square meter facility, supporting more than 120 employees working across state-of-the-art mobile innovation, emerging mobile threats research, and Internet of Things technology development.

“Israel has emerged as a hotbed for mobile innovation, resulting in unparalleled opportunities to partner with innovative start-ups and develop cutting-edge mobile technologies. AVG’s rapidly growing mobile customer base makes this a critical time to build robust, future-proof offerings, supporting the multiple mobile platforms and services that are so popular today,” said Harel Tayeb, AVG Israel Country Manager. “The historical success of our investments in this market have laid a strong foundation for the development of our signature AVG Zen platform, growing our global mobile user base, and delivering on our mobile monetization strategy.”

The development of AVG’s most popular mobile product, AVG AntiVirus for Android™, was driven by the acquisition of Israeli start-up, DroidSecurity, and quickly became the first mobile security product to enter the 100-500 million downloads category on the Google® Play™ store. With over 100 million mobile users worldwide today, and growing, AVG is focused on enhancing and innovating on its mobile portfolio through a dedicated program of industry partnerships, top talent recruitment and discerning investment.

On the back of the new office opening, AVG commenced a roadshow on Monday, June 15, in which fifteen innovative Israeli start-ups were invited to meet with AVG’s global senior management team, including Todd Simpson, AVG’s Chief Strategy Officer, and Judith Bitterli, AVG’s Chief Marketing Officer, to discuss and debate Israel’s hottest innovations in the mobile market.

AVG’s Country Manager, Harel Tayeb, will lead the program of mobile momentum for Israel. An entrepreneur himself, who has founded and run several mobile-oriented start-ups in this market, Tayeb also previously served as Vice-President of Conduit’s Mobile Business Unit, and headed up its spin-off, Como, prior to becoming a start-ups advisor.

AVG

Which is the most secure Android Smart Lock?

Leave a comment

If you’re one of the lucky few to be running a phone or tablet with Android Lollipop (5.0 or above), you might be tempted to use one of its new Smart Lock security features. These features bypass your lock screen when certain conditions are met.

Here, we examine the various kinds of Smart Locks Lollipop offers, where they fail, and how reliable they are.

Trusted devices

Trusted devices is perhaps the safest of the new smart lock features. It works by confirming your identity with “something you have”; in this case a bluetooth device or NFC trigger. When your devices pair, your lock screen will be removed. The feature seems to have been designed with smartwatches in mind, but any bluetooth device like car or wireless headset will work.

This is particularly secure, as bypassing this lock would require both your devices be stolen at the same time. The other workaround includes spoofing the MAC address (or identity) of your bluetooth device, which is a difficult and highly unlikely process.

Trusted places

Trusted places creates geofences around specific areas you designate as “safe”. Usingbuilt-in GPS, WiFi scanning, and other location services, your device can determine whether you are inside the area and disable your phone’s lock screen. When the phone leaves the area, it automatically locks up again.

This feature can be particularly useful and safe if you designate your home as a safe zone, especially if you’re home is in an isolated area. However, we wouldn’t recommend setting any location you do not fully control as safe. Any passerby in the “safe zone” could potentially pick up your phone and use it. Furthermore, the feature isn’t as precise as it could be: the diameter of the “safe zone” can be up to 80 meters wide (nearly 90 yards or 262 feet).

Trusted face

Trusted face essentially confirms your identity by looking at you, using your device’s front facing camera to recognize your face. Because of that, hardware can be a limiting factor in this method’s reliability: a poor front-facing camera can quickly become a liability.

While the system is smart enough not to get fooled by a static photo of your portrait, it still requires you to “teach it” to recognize your face in several different lighting conditions or wearing various accessories.The more you do this, the more reliable it becomes, but it can require more “teaching” than most users would feel comfortable providing. Essentially, every time your phone doesn’t unlock is an opportunity to teach it.

Oh, and you can give up on getting this to work in low lighting conditions.

We leave it to you to determine the likelihood that a look-a-like will snatch your phone. Just don’t use this feature if you have an evil identical twin.

Trusted voice

Trusted voice relies on vocal recognition to confirm your identity. It works particularly well if you are a consistent user of Android’s voice activated features, since those learn to recognize your speaking patterns to better interpret your queries. If you do not use them often, you may find the reliability of this method to be somewhat limiting.

A secondary annoyance is that it relies on triggering the Google Launcher’s signature “Ok, Google” to unlock your screen, which will then wait for a search query or command. Unless you are a heavy user of the Launcher or Google Now, we don’t recommend this.

On-body detection

This is easily the least secure of the methods revealed so far, and we strongly recommend you do not use it. On-body detection relies on your phone’s internal accelerometers and gyroscopes to determine if you are carrying your phone. Unlock it once, and it will stay unlocked while in your hands or pocket. Put it down on a table, and it will lock immediately.

While this may seem to make sense and greatly simplify your life, it’s also a godsend to any pickpocket or straight-out thief that would snatch the phone out of your hands. So long as the phone is in movement, it doesn’t care who unlocked it. With over 3 million smartphones stolen every year in the US alone, and 2000 a day in the UK, we really cannot recommend this method.

 

How to turn the Smart Lock features on

If you decide you still want to use one or more of these securityfeatures, you’ll need to turn them on first, and Google has not made that easy.

First, in the Settings menu, you’ll need to scroll down to Advanced and select Trust agents. Inside this menu, you’ll need to activate the Smart Lock option.

Trust Sources

Smart Lock

 

Now, when you head back into the main Security menu, you’ll be able to find the Smart Lock menu, and activate whichever features you want.

Smart Lock

Options

 

If you see one of these features missing, make sure that you’re Google Services app is up-to-date.

 

AVG

New “Porn Droid” ransomware hits Android

Leave a comment

Researchers at ZScaler have discovered a new variation of the “Porn Droid” ransomware that affects Android devices.

Once the device is infected, the malware sends the user a message, apparently from the FBI, accusing the user of watching child pornography. It then demands a $500 ransom to restore the device to normal.

fake FBI alert

 

Infection:

After masquerading as a Google patch update, the malware then asks for a number of powerful permissions including “Erase all data” and “set storage encryption”.

Fake Google Alert

 

Clearly, the message is not from the FBI and the victim should not pay the ransom.

Porn Droid

 

How to stay safe:

Always check permissions

Apps are the lifeblood of our Android devices and make them the powerful and useful tools we know and love. Apps help us stay in touch with family and friends, guide us, educate us and sometimes simply entertain us. But how much attention do we pay when we install an app? In the case of this ransomware, an alert user would never have granted those permissions to an app.

For a list of permissions to look out for when installing an app, check out this AVG Academy video from Michael McKinnon.

Video

Make sure you check these app permissions

 

Have up-to-date security software

One of the simplest and most effective ways of keeping your device safe from malware such as “Porn Droid” is to have up-to-date antivirus protection.

By scanning links and attachments before they are loaded onto your device, security apps like AVG’s AntiVirus for Android can help keep your device free from randomware and running in top condition.