Google is trying to make it easier to implement end-to-end (E2E) encryption with the release of Project Capillary. The open-source library is designed to simplify the implementation of E2E-encryption for push messages between developer servers and users’ Android devices. “Developers already use HTTPS to communicate with Firebase Cloud Messaging (FCM). The channel between FCM server … continue reading
Microsoft has announced progress with the prototype design for Git Virtual File System (GVFS) for Mac. GVFS is the company’s project to bring Git to enterprise scale. Microsoft plans to publish all of the code for GVFS for Mac in their public repo. With GVFS for Windows, it contains patches to Git, a file system … continue reading
From the WannaCry ransomware attack that resonated across the globe, to the massive Equifax breach and series of security mistakes that followed, 2017 saw a major uptick in cyberattacks, with no signs of slowing down. While each incident was unique, they all highlighted the complexity of applying security at scale. Wrangling the vast number of … continue reading
Google is giving more insight into on the way the company handled Android security in 2017. The company removed 700,000 apps that violated Google Play policies, which was 70 percent more than it removed in 2016. According to the company, it actually detected those violating apps faster than before, too. Additionally, 99 percent of apps … continue reading
Android was found to be the most vulnerable product of last year, according to vulnerability and exposure database and information provide CVE Details. But Google said it is making strides every day to improve the security of Android. The company revealed insights into its app security improvements made over the last year. “Our goal is … continue reading
Google is taking steps to ensure its operating system is fully protected. The company recently publicized mechanisms it uses to ensure the Linux kernel in Android is protected. According to Google, Android depends on kernel to enforce its security model. The mechanisms can be grouped into two separate categories: memory protections and attack surface reduction. … continue reading
It has been one year since Google added Android Security to its vulnerability rewards program. Since then, the company has received more than 250 vulnerability reports, paid more than US$550,000 to 82 individuals, and paid 15 researchers $10,000 or more. The company is now updating its Android rewards program to entice even more security researchers … continue reading
Researchers from IBM’s X-Fore Application Security team have discovered a new serialization vulnerability that affect more than 55% of Android phones. According to the researchers, the vulnerability could allow attacks to perform arbitrary code execution and gain access to a user’s device. The vulnerability is nestled within the Android platform, and it affects Android Jelly … continue reading
Google recently released a report that provides insight into the Android’s security, revealing that it was able to cut the overall rate of potentially harmful application installs by 50% in 2014. “That’s why we built Android the way we did—with multiple layers of security in the platform itself and in the services Google provides,” wrote … continue reading
