Tag Archives: android

Reverse engineering my bank’s security token

Posted on by

The toolset

Reverse engineering Android apps requires a few software tools. Here’s what I used for this project:

  • Android SDKProvides the adb command-line tool, which can pull APKs, data files and settings from the phone.
  • dex2jarConverts Android’s Dalvik executables into JARs, which are easier to reverse engineer.
  • JD, JD-GUIAn excellent Java bytecode decompiler.
  • EclipseA Java IDE to validate discoveries during the reverse engineering process.

via Reverse engineering my bank’s security token | Thiago Valverde.

MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages

Posted on by

MisoSMS infects Android systems by deploying a class of malicious Android apps. The mobile malware masquerades as an Android settings app used for administrative tasks. When executed, it secretly steals the user’s personal SMS messages and emails them to a command-and-control (CnC) infrastructure hosted in China. FireEye Mobile Threat Prevention platform detects this class of malware as “Android.Spyware.MisoSMS.”

via MisoSMS: New Android Malware Disguises Itself as a Settings App, Steals SMS Messages | FireEye Blog.

Once the app is installed, it presents itself as “Google Vx.” It asks for administrative permissions on the device, which enables the malware to hide itself from the user, as shown in Figure 2.

Right there is a clue that something is not right.

Android tops 81 percent of smartphone market share in Q3

Posted on by

Now that we know what smartphone market share looked like in the third quarter when broken down by manufacturer, it’s time to compare performance by platform. As you’d imagine, the world is still Android’s oyster. Strategy Analytics estimates that the OS has crossed the symbolic 80 percent mark, reaching 81.3 percent of smartphone shipments by the end of September. Not that Google was the only company doing well — Nokia’s strong US sales helped Windows Phone grow to 4.1 percent of the market, or nearly double what it had a year ago. Whether or not these trends continue is another matter. Although Android likely isn’t in danger given the launches of phones like the Galaxy Note 3, there are also new iPhones and Lumias on the scene; there may be one or two surprise upsets when the fourth quarter is over.

via Android tops 81 percent of smartphone market share in Q3.

When Will Google Try to Make Android More Profitable?

Posted on by

Despite Android’s size, do advertisers and developers really see the OS as the most effective platform for their (monetary) needs? A new study by ad-buyer Nanigans suggests that Facebook ads on the iPhone generate 1,790 percent more return than equivalent advertising on Google Android (hat tip to VentureBeat for the link). “Retailers are realizing significantly greater return from audiences on iOS than audiences on Android,” that study reported.

via When Will Google Try to Make Android More Profitable?.

The Problem with Android is Choice

Posted on by

Perhaps the most famous is Sheena Iyengar’s 1995 “jam jar study“, which showed a 4x increase in options decreased purchases by 85%.

Iyengar’s study is not alone. Barry Schwartz’s excellent book The Paradox of Choice covers the problem in detail. Of particular interest is his discussion of how choice affects buyer’s remorse. The more choices you consider, the more likely you’ll be to regret your decision, and the less satisfied you’ll be.

via The Problem with Android is Choice.

Inside the Bluebox Android Master Key Vulnerability

Posted on by

The only way an Android user can be attacked via this master key flaw is if they download a vulnerable application.

“It all comes down to where you get your applications from,” Forristal said.

That means if a user gets their applications from trusted sources like Google Play, the risk of the master key exploit is not high, even if the given device has not been updated with the latest patched Android code. Forristal noted that he has seen reports that he has not been able to independently verify, that indicate Google is already scanning apps in the Play store to mitigate risk.

via Inside the Bluebox Android Master Key Vulnerability – eSecurity Planet.

From:  First Malicious Apps Targeting Android ‘Master Key Vulnerability’ Found in the Wild

Bluebox Security has released a free app designed to help Android users check if their device has been patched for the master key vulnerability.

Serval Mesh

Posted on by

Serval Mesh is an Android app that provides voice calls, text messaging and file sharing between mobile phones using WiFi, without the need for a SIM or any other infrastructure like mobile cell towers, WiFi hotspots or Internet access.

Via The Serval Project Wiki

Big winner with Office for iPad and Android delay

Posted on by

My colleague Zack Whittaker believes Google Docs will take some of these customers away, but that’s not the biggest threat to Microsoft. The longer Microsoft neglects to release the iOS and Android versions of Office, a greater number of customers owning iPads and other tablets will discover competing Office-compatible apps for those platforms. Having used many of these suites for years, it is clear they are robust enough to fill the need for Office for many owners.

via Big winner with Office for iPad and Android delay: Google | ZDNet.

After having used a tablet I can’t see how one could do any real work on one.  Tablets are good consumption devices — reading (and perhaps commenting on) documents produced on workstations with real QWERTY keyboards that fit one’s fingers and hand.