So now that these exploits for Android and iPhone are out in the wild, will developers patch them?
Would like to know everyone's thoughts.
For those who aren't up to speed on the news report today here is the press release and relevant info:
Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones.
Click to expand...
Click to collapse
Thoughts? Concerns?
I can't post outside links yet, but if you want the full information, you can search "wikileaks press release vault 7" on google and see the press release and search the information database and exploits. Basically exploits are out in the wild that compromise your android phone completely rendering them completely insecure and giving zero privacy.
Related
REDMOND, Wash. — Feb. 21, 2008 — Microsoft Corp. today announced a set of broad-reaching changes to its technology and business practices to increase the openness of its products and drive greater interoperability, opportunity and choice for developers, partners, customers and competitors.
Specifically, Microsoft is implementing four new interoperability principles and corresponding actions across its high-volume business products: (1) ensuring open connections; (2) promoting data portability; (3) enhancing support for industry standards; and (4) fostering more open engagement with customers and the industry, including open source communities.
"Ensuring open connections to Microsoft’s high-volume products. To enhance connections with third-party products, Microsoft will publish on its Web site documentation for all application programming interfaces (APIs) and communications protocols in its high-volume products that are used by other Microsoft products. Developers do not need to take a license or pay a royalty or other fee to access this information. Open access to this documentation will ensure that third-party developers can connect to Microsoft’s high-volume products just as Microsoft’s other products do. "
"Microsoft is providing a covenant not to sue open source developers for development or non-commercial distribution of implementations of these protocols. These developers will be able to use the documentation for free to develop products."
More after the jump, direct from Microsoft:
http://www.microsoft.com/presspass/press/2008/feb08/02-21ExpandInteroperabilityPR.mspx?rss_fdn=Press%20Releases
Thank you to anyone who takes the time to read this and explain if it means any positive news for our Windows Mobile devices. They aren't high-volume devices according to the press release, and they didn't specifically mention them, but they are opening up the APIs for Exchange Server. Will that help in making apps for our XDAs? Interesting read anyways.
Here's my take.
There are two reasons for doing this.
First, as the world business climate changes and MS grows, antitrust issues are not going away. With a high probability of a democratic presidency, you can pretty well plan on more probes into MS business practices. EU regulators have already stated that they are going to be watching this one closely. Open architecture would place MS in a better position to defend themselves.
Second, "open" increases dependency. If you are a developer and you build your tools around the "open" MS architecture, where are you going to send your customers to buy base applications? In theory this would increase the number of units sold (breadth) but not increase the number of functions provided (depth). The net impact would be a much more stable revenue base for MS and not an "all or nothing" approach. Remember, Microsoft does not do ANYTHING that they do not believe contributes to their long term viability or profitability.
Hi All,
Some time ago I've created a game called "Boulders and Diamonds" for Android.
The game was similar to well known 80s game "Boulder Dash", but contained no original code, graphics, levels or name. I've also added a lot of additional elements never present in "Boulder Dash", which makes game-play very different.
But after few weeks after distribution, I've got an email from "President" of First Star Software (original Boulder Dash publisher - not author!), that my game is not legal and have to be removed from market, because is violating their copyrights. See email below for details.
They assume that nobody can use falling stones or any other elements which were present in "Boulder Dash". Actually, thinking this way leads to conclusion that there is no legal application created nowadays, because every application contains some elements introduced previously!
Do you think they are right and I cannot create a game which is similar (but not the same) to their game or everything they say is just a bull****?
Note: As far as I know they don't have any patents for a game.
I've decided to unpublish my game from Android Marked for now.
Thanks in advance for comments.
/Arek
Here is an email from First Star Software:
Hello again Arkadiusz,
We are writing to you once again regarding "Boulders & Diamonds" to let you know that the current version also infringes upon our copyrights which are registered with the United States Copyright Office.
Further due to international copyright laws, treaties and conventions, your continued distribution of "Boulders & Diamonds" is illegal; and, as pointed out in prior email, such continued distribution, even of a free, ad-supported game, has already caused us to suffer financial damages and losses.
The fact that you have changed the graphics and cave maps does not mean that 'Boulders & Diamonds" no longer violates our Intellectual Property rights. As stated above, it still does. While indeed, the graphics and cave maps are PART of our copyrighted material there is a GREAT deal more that is also copyrighted by us that remains in "Boulders & Diamonds".
Among these, without limitation, are the following non-obvious elements that comprise our copyright: the rules of physics that we created to determine when and how a boulder falls; the rules of how diamonds fall and their effects on the player; the 3 x 3 tiles size of explosions; the movement patterns of the enemies; the ability to push/grab/dig without moving; having the death of one type of enemy result in the creation of 9 diamonds, while other enemies die with a 3 x 3 explosion but without creating diamonds; having explosions destroy certain types of walls but not those that create the border of the cave; etc., etc.
You yourself in the game state: "Based on ideas of game developed by Peter Liepa and Chris Gray in 1980s." As stated in previous email (August 1, 2010, again below) First Star Software, Inc. purchased ALL rights to that game = Boulder Dash(R) and no one can use the protected ideas contained therein without our prior, written approval.
If you have any doubt or questions about the copyright claims being made here by First Star Software, Inc. you should consult an attorney who specializes in Intellectual property law; but, let me say, in summary form, and without prejudice of any kind: our Intellectual Property rights, including copyrights, protect the fundamentals of Boulder Dash(R) e.g. the unique and non-obvious expressions of ideas that were original and unique to Boulder Dash when it first came out. So, for example, even if someone changes the way things look (the in-game elements) we're still protected.
For example in Boulder Dash(R) one collects diamonds, however, the fact that in a 'clone' the player collects carrots instead, does not mean that the clone is non-infringing. Thus, if a clone is 'different' from Boulder Dash(R) because they both use different graphics to represent the corresponding 'elements' e.g. diamonds become carrots, boulders that fall are made to look like something else (say a melon), walls that block your path look differently but serve the same purpose, etc., etc. then the clone IS violating our Intellectual Property rights.
Sometimes the 'differences' are that some features in Boulder Dash are not included in these clones; BUT, all of the features, gameplay mechanics, etc. that are used in the clones FIRST appeared in Boulder Dash. (For example, we have enemies which turn into diamonds if they are killed by a falling boulders and others that do not turn into diamonds when killed...each enemy type moving in a unique pattern (algorithm) that controls how they travel in empty spaces). It is things such as these, and those listed above, that are protected under copyright law.
Once again, as we did in August, we are contacting you immediately upon learning that you have again posted 'Boulders & Diamonds" to the Android Marketplace, as required under law, in our attempt to mitigate our losses and enforce our Intellectual Property rights.
So, once again, with this email we are formally requesting, in writing, that you immediately remove "Boulders & Diamonds" from the Android Marketplace as well as any and all other distribution platforms and channels.
Please send an email acknowledging your receipt of this email and let us know when you have removed 'Boulders & Diamonds' from the Android Marketplace. Further, please attempt to notify the sites below, and any others that you are aware of, that you have been contacted by the owners of Boulder Dash(R) and that you have agreed to cease all distribution of any type or manner of 'Boulders & Diamonds' and request that they remove any and all download links from their sites. Thank you.
Again, by way of full disclosure, I must mention that if we have not heard from you by 10:00 a.m. (New York time) Monday morning, Nov. 1, 2010, we will be filing a formal Android Market Digital Millennium Copyright Act Complaint with Google.
Arkadiusz, now that we have further explained the basics of copyright law, it is my hope and expectation that you will please conform to our request; immediately remove 'Boulders & Diamonds' from the Andorid Marketplace and as many other sites as you can and work with us in protecting our Intellectual Property rights.
Thank you in advance for your prompt attention to this serious matter,
Richard
Click to expand...
Click to collapse
IMHO these guys are mental. They apparently aren't familiar with the 21st century. Name something that hasn't been cloned?
Sent from my SGH-T959 using XDA App
Maybe Google aren't the savour of mankind.
U.S. antitrust regulators are focusing their investigation of Google Inc. on key areas of its business, including its Android mobile-phone software and Web-search related services, people familiar with the probe say.
Six weeks after serving Google with broad subpoenas, Federal Trade Commission lawyers, in conjunction with several state attorneys general, have been asking whether Google prevents smartphone manufacturers that use its Android operating system from using competitors' services, these people said.
Federal Trade Commission officials are focusing their antitrust investigation on several key areas of Google's business, including its Android mobile phone software and Web search related services. Joe White has details from Washington.
They also have inquired whether Google grants preferential placement on its website to its own products, such as Google's "Places" business listings, its "Shopping results" and Google Finance services above most other results.
And they're looking into allegations that Google unfairly takes information collected by rivals, such as reviews of local businesses, to use on its own specialized site and then demotes the rivals' services in its search results, the people said.
When the FTC probe first became official in June, Google said it wasn't clear what the agency was concerned about. But the early focus of the investigation suggests a potential threat to Google's plans to expand its commercial success beyond its current cash cow: the Web-search engine.
The European Commission, which has imposed restrictions on Microsoft Corp.'s ability to leverage its dominant computer-operating system to promote other services, has been carrying out its own broad antitrust probe of Google since last year.
Google denies that it engages in unfair or illegal competitive practices. The company has suggested the growing number of antitrust investigations have been spurred by rivals unsettled by its aggressive push into new business sectors.
"We understand that with success comes scrutiny," said a Google spokeswoman. "We're happy to answer any questions they have about our business."
An FTC spokeswoman declined to comment.
The FTC's probe is still at an early stage, with investigators seeking to learn the inner workings of a complex business. An investigation of this kind can last a year or longer and won't necessarily result in the FTC's filing a lawsuit.
Even so, the existence of the probe already appears to be affecting the Web giant's behavior. The company has made tweaks to its search engine to mollify rivals and head off a possible legal clash with antitrust authorities.
For example, FTC lawyers have asked several Web companies about Google's practice of including customer reviews from websites such as Yelp and TripAdvisor on Google's own "Places" service, which has millions of pages for individual local businesses, these people said. Google Places competes with Yelp and other business-review sites, which have alleged Google stole their content.
In meetings with some complaining websites, Google executives have held firm that the practice wasn't anticompetitive, according to representatives of those sites.
Late last month, Google said it had removed snippets of reviews that originated on other sites from Google Places.
As part of its probe, the FTC is preparing to send out civil subpoenas to third parties to provide documents and evidence in its investigation, said people familiar with the matter. Investigators have already held a series of exploratory meetings and interviews with Google, its competitors and other third parties, giving a flavor of the kinds of areas they're concerned about.
Investigators have been asking technology companies whether Google is restricting the use of rivals' services on mobile devices using its widely used operating system, Android, the people said.
One alleged example has come to light in a private lawsuit, filed against Google by Skyhook Wireless Inc. The Boston-based company accused Google of using its market power to pressure smartphone makers into dropping Skyhook's location-sensing technology in favor of Google's own, competing service. Google has called it a "baseless complaint."
FTC lawyers have also asked about the growing influence of Android and how it may be helping Google maintain its lead in Web search. Google's search engine is the default for many phones built using Android.
Read more: http://online.wsj.com/article/SB10001424053111904823804576500544082214566.html#ixzz1UfxPzK00
Click to expand...
Click to collapse
Andy Rubin, the boss of all things smartphone at Google, can barely contain his excitement. A huge robot he designed has just arrived at Google's office.
The machine's sole function? To inscribe the logo of the Android operating system - a squat, R2-D2-like robot - into the foam of employees' coffees.
Considering its purpose, Scribbles, as its known, appears comically overengineered. But the machine itself is not what's important to Rubin. It's the robot's brains, its operating system. Just like the majority of mobile gadgets sold in the world today, it runs on Android, Google's open-source software.
In the third quarter of 2012, worldwide manufacturers - among them Apple, Samsung, HTC and Research in Motion - shipped 181.1 million smartphones, according to market analytics group IDC. Google's Android operating system was installed on 75 percent of them, says IDC; Apple's system, iOS, was on about 15 percent. That market share for Android was a 91 percent jump from the previous year's third quarter.
While proud of Android's increasing reach, Rubin tries to be modest. He points to bigger trends like faster wireless Internet, improved batteries and falling hardware costs for Android's success.
"But obviously, it's hypercompetitive," he said of the smartphone market. "It's an opportunity to make the world a better place, but, if you're selling stuff, make a profit - if you're good."
Apple, Microsoft, Google, Yahoo, Facebook and Amazon all try to keep customers within "walled gardens" or "ecosystems" of proprietary software. Operating systems, a form of ecosystem, provide a captive audience of customers for selling more software. The Windows operating system, for instance, is one of the main reasons Microsoft Word, Excel and PowerPoint are today's dominant business software.
For Google, Android is the means by which it keeps its popular services, such as Maps, Drive and YouTube, in play in the increasingly mobile Internet environment of smartphones and tablets.
"We wanted to be sure those devices in your pocket were able to get to Google," said Hiroshi Lockheimer, Android's vice president of engineering. "In the end, we're an advertising company and we make money through ads."
Mobile future
Google bought Android in 2005 as it became clear that the future of computing was on mobile devices. About two years would pass before Apple's Steve Jobs unveiled the first iPhone, but BlackBerry, among others, had already shown the world that pocket-sized computers were where we were all heading. Rubin has been at the helm of Android's meteoric rise since the company's founding in 2003, and saw the first Android phone sold in 2008.
He shies from the idea that he is responsible for the proliferation of the open-source software.
"Everything has a point of inception, but after that, it's everybody's," he said. "Rather than being 'the father of,' we consider ourselves 'the shepherd of.' "
Making Android "everybody's" has been perhaps the key to its proliferation. Anyone can download it, for free. For large gadget manufacturers like Samsung and HTC, building and maintaining a working operating system is a huge task. Google's strategy was to give Android away, in the hope that manufacturers would use it so they didn't have to build one themselves.
Apple, which declined interviews for this story, has followed an opposite strategy. Every device that runs on iOS - iPhones and iPads - are made by Apple. Apple does not license or give away iOS. This gives Apple full control, but reduces the number of opportunities it has to expand the use of the operating system.
Still, that anyone can install Android in a device - examples range from microwaves to robots - makes it hard to keep Google's ecosystem cohesive. It also calls into question the definition of Android's "market share."
Author:Caleb Garling
Wrong place to post, lol.
Sent from my SPH-D710
Hazukashii said:
Wrong place to post, lol.
Sent from my SPH-D710
Click to expand...
Click to collapse
should I remove it ?
EvaBrian said:
should I remove it ?
Click to expand...
Click to collapse
Ask moderator to move this thread to android general.
Sent from Hubble Telescope
https://www.youtube.com/watch?v=xSpu5rbLsCg
Have you ever wanted to test mobile applications? If you have ever had the pleasure of working with Eclipse or Android Virtual Devices (AVD) don’t worry! Adware or paid apps like Bluestacks, Andy OS and GenyMotion have bloatware and garbage you don’t need. I will share and show you how-to setup a working super-fast portable android application testing rig including everything you need to get testing.
Robert is a long time attendee and past speaker at PhreakNIC. He is an Advisory Associate in KPMG LLP.s Southeast Advisory Services practice. Very skilled with hands-on technology projects focused on making portable versions of attack / penetration tools, custom scripted scanning applications and automation
PhreakNIC is a technology conference held annually in Middle Tennessee. PhreakNIC started as an infosec hacker convention but has expanded over the years to include the maker scene, ham radio, DIY engineering, space and science nerds, the skeptics community, electronic and experimental music, gamers, anime, and general geekery.
Category
Education
License
Creative Commons Attribution license (reuse allowed)
-rmccurdyDOTcom