Crowdfunding Spotlight: SoSecure

Crowdfunding Spotlight: SoSecure

Jul 2, 2014

Everyone wants their data to be secure, and to go along with that security there is also the demand for portability and the ability for it to be constantly backed up. This is a hard task for hard drive manufacturers to deliver on, but with the rise of quality solid state hard drives there has been an advent of devices that aim to create that elusive perfect mobile drive. One of those drives is the project that was created by British developer SoSecure, and its accompanying KickStarter project is our focus in this week’s Crowdfunding Spotlight.

SoSecure aims to revolutionize the portable hard drive industry by delivering a SSD that interfaces with any smartphone to extend the security capabilities beyond a simple password or file encryption. The app that connects to the hard drive over Bluetooth allows for a bevy of options including immediate locking of the hard drive, setting an inactive time before locking, proximity alerts, and of course information on all the available metrics on the drive like date of last backup or battery percentage remaining. The date of backup is important because in conjunction with keeping data secure the SoSecure drive also has a docking station that contains an identical SSD, and this drive, along with charging the device, automatically backs up the main drive to the copy.

Basically the SoSecure drive is the perfect hard drive. Extensive security for those with a lot to hide, including a destroy drive button that restores the drive to clean factory settings. There are more security measures for the extra paranoid including a number pad that randomizes the tile layout to thwart wandering eyes, and a motion detection mechanism that will alert the owner every time the drive is moved. Pair this with the proximity sensor that sends an alert when Bluetooth connection is lost because of distance, and there is essentially no way that any unauthorized person is getting the data off this device.

a8907090392fbd1061b43c3f1fe885a1_large

To make the pot even sweeter, the SoSecure drive comes in a plethora of designs including real oak, bushed aluminum, and carbon fibre. Unfortunately, with such upside there was that one large elephant lurking around the room and that is the price of the device. For just one hard drive, without the Zero-Touch Backup dock, it is $315 for the 64 GB version and $398 for 128GB. Add on another $45 to both those prices for that carbon fibre finish. The dual-brushed aluminum Zero-Touch Backup drives will run a cool $874 for 64GB and $1,003 for 128GB. It is worth noting that the backup drive is 2TB however so this option is slightly more feasible.

I am definitely out the running for this device, but I am sure there are those out there, especially in a professional capacity, where data reliability and security are paramount. For these people the SoSecure drive looks like a godsend, but there are some 64GB single drives available for around a $300 donation. For those looking for a no-holds-barred security solution to their data look no further, the SoSecure is certainly poised to become a revolutionary product.

Crowdfunding Spotlight: ALYT

Crowdfunding Spotlight: ALYT

Apr 23, 2014

Even though sometimes these things seem impractical it is good to highlight those projects that are actively pushing the envelope and creating the foundation for the future in technology. This week I believe we have just that project in ALYT; a project that could be the dominating iPod-esque frontrunner 20 years from now or a necessary unsuccessful attempt that piqued interest but left room to be improved. We’re always hoping that these projects are successful of course and ALYT is bringing some serious innovation to a burgeoning field of tech that is beginning to show signs of cash grab mimicry.

The technology is Z-Wave and it is a standard that allows appliances and security systems to interact and create the futuristic, mythical smart-home. The technology is quite impressive and seems to has the benefit to watching the missteps of previous wireless standards such as wifi and Bluetooth. There have been a lot of developers hoping to gain an early foothold on this market which has lead to a lot of helpful products that unfortunately have not been very creative. Most of these are just simple modules that work with an existing security system, and there has not been much of an effort to make a device that ties all these devices together. This is what the ALYT aims to do. The ALYT‘s goal is to be the central hub of the house; the device that manages not just the security system but the lights, thermostat, and even the shopping list from a connected refrigerator. All these plans are possible because unlike a lot of other devices the ALYT has 512 MB of RAM which allows it to smoothly run its Android software and manage all the scheduling and security measures that accompany a fully operational smart-home.

ALYT-CrowdfundingSpotlight

Now this is obviously a piece of technology that is still a handful of years away from breaking into the average family’s ranch, but the ALYT seems like a very solid piece of hardware with some smart software and a very impressive looking app for both Android and iOS. It goes without saying, but as with everything now this is fully compatible with most smartphones, but what is interesting is that the ALYT comes with a 3.5G cellular connection and a battery backup in case of a power outage. It’s these little things that make me think that this little device can really embed itself into the middle of this emerging field, and it is definitely worth a look at its IndieGoGo page.

Presenting Wickr, A Simple Secure Messaging App

Presenting Wickr, A Simple Secure Messaging App

Mar 20, 2014

Wickr 3

If you’re on a cautious side and don’t want the NSA snooping on your mobile messages, here’s an app to make you feel a bit more comfortable. Wicker presents a “military-grade encryption” and other tools to remove any traces of any conversation. The app is very easy to use and is free. You can download it for free from here: Wickr-Top Secret Messenger on Google Play.

Protect Your Online Privacy With AVG Privacy Fix

Protect Your Online Privacy With AVG Privacy Fix

Dec 17, 2013

AVG Privacy Fix 3

AVG has released a special little app for various platforms, including Android, that allows the users to see and block tracking of their data by various websites, and notifies about potential privacy risks. It has different options to allow customization of the levels of protection, and is completely free. It can be downloaded from here: AVG Privacy Fix on Google Play.

Security Researcher Discovers Ways That Android Apps Can Maliciously Share Data Without Permissions

Security Researcher Discovers Ways That Android Apps Can Maliciously Share Data Without Permissions

Apr 13, 2012

Ever think that a way to detect if certain Android apps are malware because of suspicious permissions they request access to? Well, apparently that’s not even a reliable indicator at this point, because Paul Brodeur of Leviathan Security has put together a sample app that shows just what trouble an app can cause even without having any permission access at all. It’s possible for any app to have read-only access to the SD card and all the photos, backups, and even sometimes OpenVPN certificates as Brodeur discovered. Second, it’s possible for any app to find out what apps are currently installed on each device and “This feature could be used to find apps with weak-permission vulnerabilities, such as those that were reported in Skype last year.” Third, it’s possible for apps to read GSM and SIM vendor IDs, kernel version, and Android ID.

In order to share this information, apps can use the URI ACTION_VIEW to send this data by opening a web browser by sending it through a URI. These vulnerabilities exist in both Gingerbread and Ice Cream Sandwich. Since updating Android is so difficult for Google, these security vulnerabilities may not be patched for many users for a while – and it may be difficult to tell if an app is taking advantage of them.

Clip Ninja Review

Clip Ninja Review

Feb 6, 2012

I love my phone; it’s with me everywhere I go. To be honest though, I am the world’s slowest phone keyboard typist. This is fine until I make a mistake and delete an entire email, long text, or awkwardly long URL; ten minutes wasted. Since installing Clip Ninja the amount of time I have saved retyping is immeasurable. Even if my typing speed never increases, I can still save precious time.

Clip Ninja keeps a record of everything typed on a phone in any application. The user can then copy the data to the clipboard and easily paste it elsewhere. Sounds pretty basic, right? There is more. Clip Ninja allows users to save snippets as “favorites,” filter messages by application, editing and create entries, and has unique sharing option. To top it all off, Clip Ninja gives the user complete control over security. No need to worry about passwords or personal information being stored on the phone or elsewhere.

Clip Ninja has an intuitive user interface and is quick and responsive but what really makes it a truly amazing app is it’s security features. The user has complete control over which applications Clip Ninja records from. The blacklist feature allows the Clip Ninja to ignore specified apps, like banking apps. Additionally the user has the ability to manually delete specific entries or set the program to clear its history automatically. Security is enhanced by only storing history natively; Clip Ninja does not even request Internet permissions upon installation.

When I think “what would improve Clip Ninja?” I do not come up with much in terms of functionality. The program runs smoothly and I have not encountered a single glitch.

Overall this app is amazing. The amount of time and frustration saved in the first day of use was well worth the purchase. How much is your time worth?

HTC & Samsung’s Security Issues Putting Android Users in Hot Water

HTC & Samsung’s Security Issues Putting Android Users in Hot Water

Oct 5, 2011

Security is becoming an unfortunate hot-button issue in the Android world as of late, with one major phone manufacturer in hot water over a data leakage, and a new phone that features a silly glitch that compromises a phone’s lock settings.

HTC Android phones feature a security issue where any app that requests Internet access can get access to an extreme amount of data that could be used to clone the phone and access sensitive user information. Malicious apps could get access to the user’s accounts, phone numbers, text messages, GPS data, and system log dumps that contain vast swaths of information that could be recovered from them. Again, this can be done just simply through an app that requests internet access. Android Police, who originally reported this story, created a proof of concept app that shows just what data can be acquired through this security chasm. As well, there’s a suspicious VNC server app that HTC has added, and there exists the possibility that a hacker could find a way to activate this and take complete control over a user’s phone.

Luckily, not all HTC phones are affected, though the Evo 4G, Evo 3D, Thunderbolt, and possibly other phones could be affected. Users who root can delete one APK, /system/app/HtcLoggers.apk to help fix this vulnerability. Some custom roms, such as CyanogenMod, do not feature this vulnerability at all. Similar to the PDF exploits that led to JailbreakMe on iOS, the way to make one’s phone safer is to hack it in order to remove vulnerabilties. Oh, the irony. HTC was notified of the vulnerability a week before the post went up, but didn’t promise a fix until October 4th (3 days after the story was initially reported), and an over-the-air update patching the vulnerability is in the works.

However, other Android manufacturers can’t just sit back and laugh at their competitor’s misfortune; Samsung’s Galaxy S2 has issues in the US. Specifically, the AT&T version of the Galaxy S2 can have lock screen security bypassed by waking a device by tapping the lock key, letting the screen time out, and then pressing the lock key once again. This will bypass any security on the AT&T Galaxy S2; reports indicate that the Sprint Galaxy S2 does not suffer from this issue.

Apparently Android manufacturers need to keep a tighter lock on their devices’ security, as users could potentially find their devices and sensitive data compromised by shoddy programming.

Securo Mobile Attempts to Make Photo Authentication a Reality on Android

Securo Mobile Attempts to Make Photo Authentication a Reality on Android

Aug 15, 2011

Securo is a photo service that seeks to help users out with taking authenticated photos when proof is needed as to the photo’s authenticity. Users take photos inside of Securo (note that tap to focus does not seem to be enabled, as tapping inside the digital viewfinder window only causes a photo to be taken), and the information about the photo is sent to Securo right away. They log the date and location of the photo, and track whether it has been modified. Photos can be imported from the photo library for verification as to their modification status, they will not have a Securo Certificate issued.

The idea of using Securo is to provide independent authentication and verification to photos for important purposes. This means that hypothetically, a user could take a photo of something like a car accident with their phone and be able to use that photo as evidence that it hasn’t been altered in any way, and that the photo was taken at that time and in the location that it was taken. Securo can then provide a digital certificate authenticating the photo; the concern for non-Italian users is the legal admissibility of the photo, but a rough translation of their FAQ claims that “the Italian legislation in this area [of digitial signatures] is one of the most restrictive and demanding. This has forced us to a difficult interpretation of the rules, but at the same time leads us to consider Secure Mobile a product ready for export and use abroad.”

While the international applications of Securo are not entirely answered yet, it does have potential as a photo authentication service, and could help with making Android devices with cameras able to handle even more important tasks. Securo appears to be increasing their presence in English territories, so any questions about the legal use of their application should be answered soon. Securo Mobile is available right now as a free download through the month of August, though only a limited number of authentications per user are available. Users can log in via several authentication methods, including Google and Facebook accounts.

Update: Marco Rucci from Securo chimes in from our comment section: “Just wanted to clarify that the legal validity of the certification applied by Securo Mobile is recognized in the EU countries, since timestamps are issued by a Certification Authority in the “European Trusted List of Certification Service Providers”. This is the same level of security that banks and governments use.”

Seekdroid Review

Seekdroid Review

Jun 24, 2011

As smartphones become capable of performing more and more complex tasks, the thought of losing your phone becomes more and more terrifying. Losing your cell phone ten years ago meant that whoever found it would have access to your contact list, and that copy of Tetris that came preloaded on your phone, but losing your phone today means that they’d have access to personal and professional documents, your Gmail account, and any other file or service you might have installed.

Seekdroid gives users an easy way to protect and find their phone if it’s lost or stolen. Aster installing Seekdroid, you’ll be prompted to set up an account on Seekdroid.com which allows you to track your phone remotely, lock it, hide the Seekdroid app on your phone, see recent calls to and from the phone, set off an alarm that also displays a message, and even wipe the phone completely.

The tracking service uses your phone’s GPS to pinpoint its location within a 60 meter radius. It won’t help you figure out where in your apartment the phone is, but if you’re not sure whether you lost it at the grocery store, or the restaurant you went to for lunch, Seekdroid will help you narrow the choices down. If your phone was stolen, Seekdroid’s tracking capabilities will provide you with a location that the police can use to track it down.

Using the Seekdroid website to lock your phone entails entering and verifying a lock code, and then hitting the lock button. The phone will be almost instantly locked, even if the phone was in use when you locked it. A thief wouldn’t be able to do anything other than reboot or power off your phone once it’s been locked, and as such, your personal information would be safe.

Once you know where your phone is, and you’ve locked intruders out of it, you can then set off an alarm that will play a loud noise, and display a message of your choosing. If, for example, you lost your phone at a restaurant, you could push a message to the phone asking that whoever found it call you back at a specific number to arrange a time and place for you to pick it up. Or, if you’re using a laptop or a friend’s smartphone while hunting for your phone, you could ask whoever found it to hold it up in the air so you could spot them easily once you’re close enough to it.

Seekdroid offers every feature you could want in the unfortunate event that your phone gets lost or stolen. In fact, in a worst case scenario, you can even use the Seekdroid site to wipe all data from your phone, and the SD card, ensuring that your data won’t fall into the wrong hands. Each feature works exactly how you’d want it to, making this app a must-own for anyone with an Android phone.

Security Update: Google Removes Malicious Market Apps

Security Update: Google Removes Malicious Market Apps

Mar 7, 2011

Last Tuesday Google’s Android team was informed of possible malicious applications published to the Android Market. These applications were found to contain a new type of Android malware called DroidDream. Using a root exploit and a hidden apk these applications were able to extract a multitude of information from infected devices. According to Lookout Mobile Security, over 50 applications were infected with DroidDream and were distributed via three separate publishers. These publishers used pirated versions of legitimate apps to infect over 200,000 users.