Security

Google keeps an ever-closer eye on non-Play Store apps

SAN FRANCISCO -- Android owners who use apps installed from outside of the Play Store will soon find their devices just a smidge safer, as Google announced at the RSA Conference here that Verify Apps will soon keep an eye on non-Play Store apps even after you install them.

Adrian Ludwig, Google's Android security engineer lead, said the change builds on the Verify Apps security feature introduced last year. He explained the change during a talk on how Google has created a secure open-source operating system.

When the Verify Apps option is checked, Google will scan apps installed outside … Read more

Bitcoin exchanges reportedly served with subpoenas

Mt. Gox and other Bitcoin exchanges have reportedly received subpoenas from a US Attorney investigating their handling of the recent cyberattacks launched against them.

Citing "a source familiar with the probe," Reuters said on Thursday that the subpoenas from Manhattan U.S. Attorney Preet Bharara were sent to Mt. Gox, other Bitcoin exchanges, and businesses that deal in the virtual currency. The investigation is focused on the recent distributed denial of service attacks that forced Mt. Gox and other exchanges to suspend withdrawals.

A spokesman for Bharara declined to comment to Reuters. A spokeswoman for the attorney's … Read more

Google, Microsoft agree: Cloud is now safe enough to use

SAN FRANCISCO -- Nevermind Microsoft's awkward "Scroogled" anti-Google campaign. When it comes to cloud security, the two giants are practically best buds.

At the annual RSA Conference held at the Moscone Center here on Wednesday, Microsoft Chief Information Security Officer Bret Arsenault and Google Director of Security for Google Apps Eran Feigenbaum explained their stances on cloud security at a panel also featuring noted independent security expert Bruce Schneier and Verizon's data breach risk team expert, Wade Baker.

Schneier said that the way to make the cloud more secure depends entirely on the ability of companies … Read more

RSA protests by DEF CON groups, Code Pink draw ire

The RSA security conference (where the world's security companies come to do business with each other), opened its doors this week in San Francisco to a wide range of protests by security professionals who would otherwise be attending and speaking at the conference.

The protests might be called "obnoxious," "pointless" and "first world outrage " -- but the protesters affiliated with hacker conference DEF CON, organization Code Pink, and sold-out opposition conference "TrustyCon" are getting everyone's attention this week.

Wednesday's protest by two noted DEF CON -affiliated organizations (Vegas 2.… Read more

Spring clean with Revo Uninstaller Pro

If you're an app aficionado, you've heard of Revo Uninstaller. It has been praised as one of the best uninstaller programs for PCs and runs circles around the default Windows uninstaller. Thanks to the folks at Revo, you can now get this essential toolkit for only $15.70 -- 60 percent off the regular price of $39.25.

A combination uninstaller and Registry cleaner, Revo Uninstaller Pro is one of the first program that new computer owners should install. This premier software allows you to remove installed applications quickly, while efficiently cleaning up leftover files and Registry keys, … Read more

White House faces options for regulating NSA data snooping -- report

The White House has reportedly received a proposal suggesting four ways to overhaul the National Security Agency's controversial phone record surveillance program.

Citing information from "officials familiar with the discussions," The Wall Street Journal reported Wednesday that the proposal from the Office of the Director of National Intelligence and the Justice Department was due by March 28 but was delivered earlier than expected.

Following widespread criticism over the NSA's bulk record collection, the Obama administration had asked US intelligence agencies and the Justice Department to come up with alternatives that would take the actual data ownership … Read more

Apple's culture of secrecy delays security response -- again

If it wasn't for the news reports of Apple's "goto fail" fix released on Tuesday, you might not have known that there had been a security problem with your Macs.

More than a decade ago, Microsoft was notorious for ignoring security problems. Years of complaints from independent security researchers and industry professionals resulted in big changes in how the company handles security problems.

After Windows security measures repeatedly fell to malicious hackers, and the company was in danger of becoming the laughingstock of the security community, Chairman Bill Gates wrote a now-famous 2002 letter saying security … Read more

MasterCard to boost credit card security with smartphones

With hacks, stolen credit card data, and identify fraud constantly on the rise, some credit card companies are looking into how to better beef up security.

MasterCard announced Tuesday that it has partnered with mobile technology company Syniverse to make it more difficult for unauthorized users to buy goods with nabbed credit cards. While working to heighten credit card security is nothing new, MasterCard's most recent plan is a bit different because it involves users' smartphone geolocation while they're traveling abroad.

The idea is that a users' credit card cannot be used unless it is within close range … Read more

iOS security hole reportedly exposes your screen input

Every tap, touch, and press you make on your iPhone and iPad could be monitored and captured remotely due to an iOS security flaw. At least, that's the claim from security firm FireEye.

In a blog posted Monday, FireEye researchers said they conducted a test on non-jailbroken iOS 7.0.x devices in which they installed a "monitoring" app. This app was able to record all touch and press events in the background, including screen touches, home button presses, volume button presses, and TouchID presses. Based on its findings, the team concluded that an attacker could use … Read more

New TextSecure delivers smoother encryption

TextSecure is a far cry from driving a multibillion-dollar buyout. But for people who care about having their SMS and instant messages protected from prying eyes, it's an app that just got easier to use and more secure.

The new Android version of TextSecure, announced Monday, still uses the TextSecure v2 protocol that debuted with its CyanogenMod integration last year. Open WhisperSystems' founder, a security researcher and developer who goes by the pseudonym Moxie Marlinspike, said that the partnership has helped his company.

"It's been great," he said. "Their userbase is enormous, and it's … Read more