BlackBerry to launch Android phones

Isn’t it too late to launch an Android smartphone now, for a company like BlackBerry?

BlackBerry, a global leader in mobile communication which was introduced in 1999, is all set to launch an Android smartphone. Many people had already assumed few months ago that the company was planning to build the smartphones when the keyboard of the new Android phone was leaked.

During that time, it was said that the new phone would be named the BlackBerry Venice, and would come with a BlackBerry-esque sliding keyboard (H/T evleaks).

If the initials leaks were true, then the new BlackBerry Android phone would be a slider and would be touchscreen with a slide-out keyboard.

Now, it would be a great challenge for the BlackBerry to stand out among other giant Android phone companies. It seems the company has to do a lot of struggle to be the favorite.

It is said that people might love BlackBerry hardware but many people do not like its software. Hope the new phone will meet people expectations.

According to the second quarter financial results of the company, it plans to launch a flagship handheld device that will run on the Android operating system with BlackBerry security.

As per a news report published in Venturebeat, it is “focused on making faster progress to achieve profitability in our handset business,” before finally confirming the launch of “Priv,” a name that was first rumored earlier this week.

“I am confirming our plans to launch Priv, an Android device named after BlackBerry’s heritage and core mission of protecting our customers’ privacy,” John Chen, CEO of the BlackBerry told Venturebeat. “Priv combines the best of BlackBerry security and productivity with the expansive mobile application ecosystem available on the Android platform.”

The report suggested that the new Android phone would launch in November.

At the meantime, the company has also confirmed that it would continue working on BlackBerry 10, and said platform updates would be made available next March.

Beware of setting fingerprints screen lock on your Smartphone as it can easy hack

When we have to set lock screen feature on our Smartphone, we usually go with a fingerprint scanner in our Smartphone. We think that the fingerprint scanner is very safe and sound.

However, researchers from FireEye, a security firm, have found a way to break the fingerprints from Android phones such as Samsung Galaxy S5 and HTC One Max.

“Fingerprints last for a life, once leaked; they are leaked for the rest of your life. Moreover, fingerprints are usually associated with every citizen’s identity, immigration record, etc. It would be a hazard if the attacker can remotely harvest fingerprints in a large scale,” the researchers said in the PDF report.

The research team, which includes Yulong Zhang, Zhaofeng Chen, Hui Xue and Tao Wei, has found a forehead-slapping flaw in HTC One Max in which fingerprints are stored as an image file (dbgraw.bmp) in an open "world readable" folder.

The researchers have provided detail information about the problems of existing designs, including the confused authorization attack that enables malware to bypass pay authorizations protected by fingerprints, insecure fingerprint data storage, fingerprint sensor, and pre embedded fingerprint backdoor.

However, the team reported the flaw to the companies concerned and was patched.

As per the news reports, the research team had also identified another attack that affects other Android phones where malware can circumvent protections in the operating system to access the fingerprint hardware directly.

The researchers have suggested, “To avoid being attacked by malware or being exploited for remote code execution, we suggest normal users to choose mobile device vendors with timely patching/upgrading to the latest version (e.g.'Android'Lollipop), and always keep your device up to date.”

Google offers Refunds to users scammed by fake "Virus Shield" app

Google is trying to maintain its reputation by offering refunds to those android users who were scammed by a fake antivirus app "Virus Shield".

Earlier this month, Android Police uncovered a fake virus scanner which was hosted in Google's Play Store that did nothing other than changing the icon and led the users into believing their devices are safe.

This fake paid app($3.99) was downloaded by more than 10,000 users before Google and others became aware of the true nature of this app.  In fact, this app reached number one position in the Top Paid apps list.

However, the developer of this app told the Guardian that one of their developers mistakenly uploaded the wrong version of "Virus Shield" application.  At the time, he also promised to refund users who bought their app.

But, Google seems to have decided not to lose thousands of users who are unhappy about the lax security mechanism which allowed such fake apps to be published.

According to Android Police report, Google is not only issuing refunds to purchasers but also offering them $5 promotional credit using which you can buy apps, books and music in Google Play store.

Android Vulnerability allows hackers to Turn Legitimate Application into Virus

All Android applications contain a signature which helps the Android to determine if the app is legitimate and to make sure the apk hasn't been tampered with or modified.

Security Researchers from BlueBox Labs have uncovered a new security flaw in Android that allows hacker to modify the application's code without breaking the application's cryptographic signature.

It can be exploited by cyber criminals to turn the legitimate applications into Malicious apps.

Exploited HTC Phone. - Image Credits: BlueBox

In a blog post, Jeff Forristal, Bluebox CTO, noted that the security flaw is particularly dangerous if hackers managed to exploit the application developed by the device manufacturers.

He also pointed out that turning the apps from the device manufacturer into Malware will grant the app full access to Android system that allows hackers to gain access to email , Messages, documents, passwords and more sensitive data.

Security Alert: Linux Kernel Privilege escalation exploit affects Android platform

Android Operating System is based on the Linux, means the vulnerabilities affecting Linux kernel have the possibility of being exploited in the Android platform.

It appears the recently discovered Linux local kernel privilege escalation vulnerability (CVE-2013-2094) is affecting the Android operating system.

According to Symantec researchers, the exploit for the kernel vulnerability has now been modified to work on Android platform. The security flaw allows hacker to gain complete control of the infected devices.

The researchers have warned that malware will take advantage of this exploit to access data from other apps, prevent users from uninstalling the malware, and allows them to send premium rate SMS.

We are not sure how much time Google will take to patch the bug. So, users are advised to download the apps only from trusted marketplaces.

Inbuilt Malware Scanner for Android 4.2 Jelly bean

The number of malware attacks on Android smartphones is increasing day in day out.  Google has been taking some steps to protect their users in recent months.  Now they are implementing a powerful new security features to android OS - an inbuilt malware scanner that scans app for malicious code.

Whenever you install an app from a source other than the Play Store -- including a third-party app market like Amazon's app store, Android pops up a box asking if you want such applications to be checked for "harmful behavior."

If user don't want to display a pop-up whenever installing new app, there is "checkbox" in the security section of the 4.2 system settings that lets you turn the service on or off at any point.

"We have a catalog of 700,000 applications in the Play Store, and beyond that, we're always scanning stuff on the Web in terms of APKs that are appearing," Lockheimer says. "We have a pretty good understanding of the app ecosystem now, whether something's in the Play Store or not."