May 28, 2019

Firefox brings Lockbox password manager to Android’s autofill

By Lisa Vaas

Diehard Firefox user? Devoted resister of the Google-in-every-nook-and-cranny Android mobile environment?

Mozilla to the rescue!

On Tuesday, Mozilla, the maker of Firefox, announced that it’s brought its free password manager, Firefox Lockbox, to Android users, bringing what it says will be cross-platform happiness to Firefox users who have dozens, or even hundreds, of logins stored in their browsers.

Today, many of those logins are the same ones used in the apps you download on mobile, so we’ve been working on making your various online identities work on your terms.

Mozilla already has an iOS version of Firefox Lockbox – one that it’s recently optimized for iPad. Bringing it to Android is…

…the next step in our efforts to give people the advantage when it comes to keeping them safe online with trusted tools and services from Firefox.

Automagical autofill

Mozilla says that Lockbox works with Android autofill to make it a seamless transition from using your Firefox desktop browser to your mobile browser. It automatically fills in the passwords saved on desktop to get into your apps, be it Facebook, Yelp, Netflix or anything else, on your mobile device.

Read more at https://nakedsecurity.sophos.com/2019/03/28/firefox-brings-lockbox-password-manager-to-androids-autofill/

Facebook’s Whitehat Settings lets bug-hunters dial back app security

By Lisa Vaas

What if the security controls added by Facebook to make it harder for snoopers and ne’er-do-wells to attack the company’s servers…

…makes things harder for researchers who are trying to hunt for bugs legitimately?

That’s what’s been happening, bug hunters have told Facebook via its Whitehat survey.

Nearly all Facebook-owned apps make it as hard as they can to stop tricks such as Man-in-the-Middle (MiTM) attacks, which could allow rogues in your local coffee shop to spy on you, but this also makes it tough for ethical hackers and security researchers to intercept and analyze network traffic to find server-side security vulnerabilities.

That’s why Facebook decided to help them out by giving them Researcher Settings so they can dial back their connection security and pretend that it’s still 2009.

Facebook’s Whitehat Settings

Facebook’s Bug Bounty program announced on Friday that it’s implemented what it’s calling Whitehat Settings.

Read more at https://nakedsecurity.sophos.com/2019/03/27/facebooks-whitehat-settings-lets-bug-hunters-dial-back-app-security/

Preinstalled Android apps are harvesting and sharing your data

By Danny Bradbury

When you buy a brand-new smartphone, there’s that precious moment just after you take it out of the box when it is shiny and clean, unsullied by dirty software that could endanger your data. Or so you thought. New research reveals that the bloatware preinstalled on many new Android phones could do far more than simply chew up your storage.

Many Android phones ship with software that has been pre-installed by the smartphone vendor. Researchers at IMDEA Networks Institute, Universidad Carlos III de Madrid, Stony Brook University, and ICSI scanned the firmware of more than 2,700 consenting Android users around the world, creating a dataset of 82,501 pre-installed Android apps.

Many of these apps spied on their users, according to the research paper, accessing highly personal information. The researchers said:

According to our flow analysis, these results give the impression that personal data collection and dissemination (regardless of the purpose or consent) is not only pervasive but also comes pre-installed.

What data are these apps collecting?

Not only did preinstalled applications harvest geolocation information, personal email, phone call metadata and contacts, but some of them even monitored which applications users installed and opened. In many cases, personal information was funneled straight back to advertising companies.

Read more at https://nakedsecurity.sophos.com/2019/03/27/preinstalled-android-software-is-pilfering-your-data-say-researchers/

ACS

Advanced Computer Services of Central Florida

Centrally located in Winter Haven, we serve residential and business clients in and around Polk County.

9 Camellia Drive
Winter Haven, FL 33880
863-229-4244

Our Promise to You

Plain language, no tech-talk

We will never try to over-sell you a product you don't need.


Advanced Computer Services of Central Florida is your local, hometown computer service and repair company that can do more than just fix your PC.  We offer highly skilled professionals who can be counted on to give you sound advice on upgrades, software and hardware, commercial & residential networks, hardwire or secure wireless.

No trip charges within Polk County

No after-hours or weekend fees

$45.00/hr Residential

$65.00/hr Commercial - free system evaluation