Hypponen (+++) cancelling his talk at the RSA Conference USA 2014 in San Francisco

(updated Jan 8.) More speakers cancelling here

Last february I had the pleasure to attended the RSA Conference in San Francisco. Among the speakers was the well known security professional and Chief Research Officer in F-Secure, Mikko Hypponen. His talk about Botnet mitigations was, in my opinion, one of the most inspiring talks at that conference.

2013-02-23 08.36.22

Mikko, being one of the “Top Rated Speakers” at RSA conference, he will not attend the 2014 conference due to the report on NSA secret payments to RSA. This to make RSA incorporate a flawed encryption algorithm into security software (according to Reuters).

Read Mikkos email to RSA, cancelling his attendance as a speaker for next years conference here

If (for some reason) you don’t want to attend the event as Mikko, you can check out last years talks here, and my personal event photos below;)

Continue reading “Hypponen (+++) cancelling his talk at the RSA Conference USA 2014 in San Francisco”

Optout of Android Ads, xapush, airpush etc…

Have you got annoying ads in your status bar or shortcuts on the home screen? Where do they come from and how can I remove/optout/delete them?

In Jelly Bean, you can figure out exactly which app caused a notification. By long-pressing it on the notification bar you can select App Info. From here you can actually disable notifications on a per-app basis altogether. Continue reading “Optout of Android Ads, xapush, airpush etc…”

Check if you’re vulnerable to the Android “Master key” exploit

2013-08-06_13-42-28Bluebox Security has released an App to check if your Android device is still vulnerable to the “master key” exploit. There is a patch out from Google, but not all handset providers have implemented it in their distros yet…

Check out this article if you want to know more about this expoit.

http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/

And this article about it being patched by Google.

http://www.engadget.com/2013/07/09/google-plugs-android-security-hole/

Jelly Bean is now biggest

According to Android.com, more accurate OS version detection methods, using stats from Google Play visits, shows that most users are noe using Jelly Bean –  Yeey. The more phones running the latest version, the more up-to-date/secured Android devices..

 

As you May notere, users of third party app stores are not included in these numbers. I believe there are unfortunately a lot more old Android versions running than what is reflected by Android.com. However, from a security point of view, I would like to add to the discussion of Android Vs iOS (when it comes to Malware stats) that the Google Play stats of OS versions reflect best what can be compared to Apples Appstore and their numbers of malicious apps.

http://developer.android.com/about/dashboards/index.html

Control your Java

Recent Java vulnerabilities have made Security experts advice people to fully disable Java scripts, or use two browsers such as;
– one for less critical tasks with Java, and
– one for critical tasks (e.g., online banking) where Java is enabled only when needed

However, Google Chrome lets you disable, enable only exceptions where you what to run Java and Javascripts, or if you would like Java- “click and play”. Problem solved?:)

Alternatively use “click to play” as explained here: http://superuser.com/questions/201613/disable-java-plugin-in-google-chrome