Google patches crticial vulnerabilities in android

Any news on vulnerability would surely be like the striking of the thunder. Chill...This time its not a news on any new vulnerability discovered.

Google has released a new patch of security fixes for its Nexus devices that would fix the flaws which enabled the attackers to compromise the android device via spam mails, web pages and MMS messages. Firmware updates are being rolled out for supported Nexus devices and the patches will be added as part of Android Open Source Project. The updates address five vulnerabilities in which 1 is rated as critical, 2 rated as high and 2 rated as moderate.

A handful number of flaws were located in the OS' media processing components that handle audio and video file playback parsing. One of the critical vulnerabilities is said to be located at a core part of the OS (mediaserver) that can be exploited with the privileges that third-party applications are not supposed to have. Attackers would trick the users into playing specially crafted media in their browsers or using MMS messaging.

Another critical vulnerability is the privilage escalation of Android kernel. This allows the applications designed by attackers to execute code at the root level. This vulnerability has been patched in the updated.

Google Photos will now free up your storage space

Storage has become a major issue nowadays as people want more and more storage space to store their data. When it comes the matter of personal details such as snaps and videos, 32GB or 64GB of space is just not enough for people to record their day to day activities. Just then Google launched it application Photos, an application that would store pictures and videos on cloud and access anywhere.Now, an update to the application would free up the storage space in your android device on just one click.

On Tuesday, Google announced in its Google+ page that a new 'Free Up Space' button has been added to the Settings menu of the Google Photos application on android. When you click on this button, you will be prompted to delete all the copies of photos and videos that have been backed up by the application. The update also gives SD-card enables devices the ability to delete photos and videos from SD card.

In addition to this, Google is rolling out a website feature which will allow users to downgrade the photos uploaded in "Original Quality" to "High Quality" from their browsers. This feature is already present in the the Photos application for android devices

This is a welcoming move by Google as it would save a lot of storage space of the device.

iOS apps more vulnerable than android apps

Application written for iOS are more vulnerable than those written for android. As attackers are moving to application based threats, this vulnerability (has the potential for security problems in the future) can be the budding for the future attacks.

According to report from mobile application security vendors Checkmarx and AppSec Labs, the average mobile app has nine vulnerabilities of which 40% were critical and highly severe compared to 36% from android.

The researchers carried out tests on hundreds of applications of all type (that included banking, utilities, gaming and security). Major banking applications had vulnerabilities such as faulty authentication and data leakage. The most common vulnerability was the leakage of personal and other sensitive details. The authentication and authorization vulnerabilities were found to account for 23% of the total which takes the second place in the list. Other vulnerabilities included disclosure of technical information such as application logs and input validation handling.

Although there is assumption that iOS devices are more secure than android, it proved to be wrong from this report. What actually happens in iOS is that iOS has more restrictive controls over what developers can do and strict application sandboxing. If any vulnerability is found, the application would be immediately removed from the Apple App Store. 

New Android update to fix critical vulnerabilities

Recent vulnerabilities allowed an hacker to enter your device through an email, MMS or either using web browsing. Android now has released an update that would fix this vulnerabilities. A total of 23 vulnerabilities including two critical issues would be fixed in this update. The update would also fix a vulnerability discovered in the Stagefright library.

The patch covers the bugs reported by Trend Micro, System Security Lab and the internal security team. Although, the big question would be on how long would it take to patch all the vulnerabilities for every device. 

Social Apps are the worst battery eaters

Next time you blame your phone for the battery, think of it before you start the blaming game. Yes, your phone's battery eater is none other than the social apps that you have installed in it. AVG has released a report on the apps that eats up your battery, performance and the data. There are a number of familiar faces in the report.

What AVG did was that it  anonymously collected data from its anti-virus and the cleaner apps from the users in US, UK and Australia. It then ranked those apps based on the data collected from the apps installed in the devices. Here are the worst battery eaters and performance drainers based on the analysis that are started by the user.

It is also shocking that Snapchat is eating up a lot of battery when compared to Facebook(due to its simultaneous use of WiFi, GPS and the phone's camera).

However, the worst apps are those which run at start-up(not started by the user).Here is the list of such apps.

It is clear that Facebook consumes a lot of battery in this category of apps, the worst in this category.

AVG has recommended the users to clean their browsing history and cache files regularly. Also, it is advised for the users to spend a limited time on these apps. They must not forget to keep their devices up to date.

OnePlus to start building phones in India

Looks like the Digital India movement is paying off to India.Yes,it is. Chinese smartphone company OnePlus has announced that it would open a manufacturing plant in India by the end of 2015. 

The production facility is planned to be setup at the Siri City Integrated Business City in the state of Andhra Pradesh. The 30,000 square feet production facility would support a production capacity of 500,000 units per month allowing  the company to pursue a more aggressive marketing and retail in the country.

The goal  of the company is to improve the supply of handsets to the country thereby allowing faster and  more frequent sales. The company would now not need to ship the handsets from its main manufacturing plant and it would result in a lot of savings. The first batch of the smartphones manufactured in India is expected to be available by the end of the year. Although, delay can to be expected as setting up of the company would itself take time.

Time to move on to Marshmallow

Google recently announced android Marshmallow at its annual I/O expo that place in US and since then, a number of beta versions have been released. Finally, a final build would be coming up in the new Nexus devices 6P and Nexus 5X. Android Marshmallow would fix many of the bugs from the lollipop 5.0, the most notable one is the security and the power management.
Here are the notable features that would be in the latest Android Marshmallow

1. App Permissions
   Google has officially confirmed that users can reject or approve app permissions from individual apps and the individual functions within the app. While you want to install an app from the Play Store, you wont be hit with a bunch of permissions to which you are forced to agree(else you cannot install the app).You can install the app and when you want to use a feature of an app, you would be asked for the permission(you can grant permission only at that particular instance).Later, you can revoke that permission
   
2. Fingerprint Scanner
   Google has gone standardized to include a built-in support for fingerprint authentication.This means an extra security for your phone wherein your app can be accessed only on your authorization.
   
3. Battery Optimisations
   We have faced serious battery issues on devices running on Android Lollipop. This issue has been taken into account by developers. Now, Android M will use onboard sensors to detect when the phone has been unused for a while and would go into specially made low-power sleep mode.This would close all the unwanted background processes that eats up the battery.
   USB Type-C has also been given with rapid charging.
   
4. Android RAM Manager
   The android RAM manager would now be shipped with Android M which would monitor your phone's RAM and shows more detailed background of the apps.
   
5. Adaptive Storage
   This feature allows the system to an external storage devices(a microSD card) and treat it as an onboard storage.
   
6. Google Now
   A lot of attention has been given to the Google Now feature to make it smarter, faster, more responsive and accurate. The new Google Now feature understands the context like never before(Ex:If you have a route setup in the Google Maps and you just say "How far is it?", Google Now would understand that you need the distance of the current destination) meaning that you need not have to be specific from now on. .