Tag: android

The Google Pixel smartphone’s dialler will soon have a spam filtering feature that sends suspected spam callers directly to voicemail.

According to MyBroadband, this is an extension of the app’s existing ability to alert users as to whether it suspects a call of being a “suspected spam caller”.

Instead of a missed call, numbers marked as “spam” or “suspected spam” will be automatically sent to voicemail where they can be listened to at a later date.

This may pose a problem for the traditional telemarketing companies. Once a company has been marked as “spam” by a number of users, it will be “blacklisted” and not appear as a call.

Marketing for large companies is often done by telephone.

Your phone is tracking your every move

Your phone can reveal all of your physical activities to Google and the apps you use.

The sensors inside it can monitor, understand and disclose your real-world movements, based on what’s happening to the phone itself.

It can tell, for instance, if you’re standing up, or if you’ve just lifted your phone off a desk, or if you’ve started
walking.

An Android permission called “Activity Recognition”, which was discussed on Reddit and highlighted by DuckDuckGo last week, makes it much easier for developers to work out what you’re doing at any one time.

Shazam and SoundHound request the permission, but it isn’t completely clear why.

Though Activity Recognition isn’t new, the reaction to the Reddit and DuckDuckGo posts suggests a lot of users are unaware of it.

“The Activity Recognition API is built on top of the sensors available in a device,” says Google.

“Device sensors provide insights into what users are currently doing. However, with dozens of signals from multiple sensors and slight variations in how people do things, detecting what users are doing is not easy.

“The Activity Recognition API automatically detects activities by periodically reading short bursts of sensor data and processing them using machine learning models.”

Activity Recognition can tell developers when your phone is: in a vehicle, such as a car; on a bicycle; not moving; being tilted, due to its angle “relative to gravity” changing; on a user who’s walking or on a user who’s running.

It can even tell when you’re doing more than one thing at once, such as walking while being on a bus.

The API automatically gives its findings a likelihood rating out of 100. The higher the number, the more confident it is that you’re actually doing what it believes you’re doing.

This information is fed to the apps you’ve granted the Activity Recognition permission to.

“A common use case is that an application wants to monitor activities in the background and perform an action when a specific activity is detected,” says Google.

For instance, an app can automatically start monitoring your heartbeat when you start running, or switch to car mode when you start driving.

Though it can prove useful, it also sounds somewhat creepy.

The fact that Google categorises buries it in the “Other” category of permissions and doesn’t let you deny or disable it doesn’t help matters.

Google keeps a complete list of almost everything you’ve looked at, and what’s more, the company has made it difficult to find out which apps ask for the permission.

Right now, the only way to find out is by checking out each of your apps’ permissions one-by-one, by going to Settings, Apps, tapping an app, hitting the menu button and selecting All Permissions. It’s a slow and laborious process.

If you’re particularly concerned about Activity Recognition, it’s worth going through the effort and uninstalling any of you apps that request the permission, for peace of mind.

What can you do about Activity Recognition?

  • Read app permissions closely when you install a new app
  • Go into settings on your phone and read each existing app’s permissions
  • Delete apps that require Activity Recognition permissions

By Aatif Sulleyman for The Independent 
Image credit: Reuters

Cybercriminals could have access to hundreds of millions of Android smartphones’ data. This conclusion was reached after Check Point uncovered four vulnerabilities.

The security firm released a report that showed Android devices running Qualcomm chipsets are at risk from a threat dubbed QuadRooter.

The affected devices include smartphones from BlackBerry, Blackphone, Google Nexus, HTC, LG, Motorola, OnePlus, Samsung and Sony Xperia.

“Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing,” says Adam Donenfeld, a member of the Check Point mobile research team.

The attacker would then potentially be able to control devices and could access capabilities such as GPS tracking, and recording video and audio.

The weaknesses were found in software drivers that come with Qualcomm chipsets.

“The drivers, controlling communication between chipset components, become incorporated into Android builds manufacturers develop for their devices,” the company said in the report.

“Pre-installed on devices at the point of manufacturing, these vulnerable drivers can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers can only issue patches after receiving fixed driver packs from Qualcomm.”

After discovering the faults, Check Point let the chip manufacturer know in April.

Qualcomm confirmed to the firm it would release patches to the device manufacturers. It is then up to the manufacturers to send updates to smartphones already sold, and for end-users to install them.

“This situation highlights the inherent risks in the Android security model. Critical security updates must pass through the entire supply chain before they can be made available to end-users,” says Donenfeld.

Check Point has developed a QuadRooter scanner app that is available free on Google Play. Running it will tell users if these vulnerabilities exist on their device.

Smartphone models which could be at risk include:

  • BlackBerry Priv
  • Blackphone 1 and Blackphone 2
  • Google Nexus 5X, Nexus 6 and Nexus 6P
  • HTC One, HTC M9 and HTC 10
  • LG G4, LG G5, and LG V10
  • New Moto X by Motorola
  • OnePlus One, OnePlus 2 and OnePlus 3
  • Samsung Galaxy S7 and Samsung S7 Edge
  • Sony Xperia Z Ultra

While the vulnerabilities unearthed by Check Point are serious, Google has said it has an app pre-installed onto most affected devices that will automatically block a malicious app from being downloaded.
A Google spokesperson told Android Central: “Exploitation of these issues depends on users also downloading and installing a malicious application. Our Verify Apps and SafetyNet protections help identify, block and remove applications that exploit vulnerabilities like these.”

However, Android phones that do not come with Google Play Services installed will still be at risk.

The spokesperson also said Google has released a security patch that protects against three of the vulnerabilities and is working on a patch for the fourth.

Smartphone manufacturer BlackBerry has released a statement saying it is aware of QuadRooter and a fix for BlackBerry’s Android devices has been tested and pushed to customers.

Risky behaviour
Much has been done by partners to mitigate the vulnerabilities and protect the device owners.

Those most at risk will be users who side-load Android apps, by downloading APK files, or those who have disabled Google’s Verify Apps feature.

Side-loading apps is often used to acquire apps that are not available in certain regions, like the mobile game Pokémon Go and music app Spotify.

Check Point recommends downloading and installing the latest Android updates as soon as they become available, carefully examining app permissions before giving access, and avoiding app downloads from third-party sources.

By Lauren Kate Rawlins for www.itweb.co.za

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top