The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: android app development

Android Q — Google Adds New Mobile Security and Privacy Features

Android Q — Google Adds New Mobile Security and Privacy Features

March 19, 2019Swati Khandelwal
Google has recently released the first beta version of Android Q, the next upcoming version of Google's popular mobile operating system, with a lot of new privacy improvements and other security enhancements. Android Q, where Q has not yet been named, offers more control over installed apps, their access, and permissions, and location settings; more support for passive authentication like face ID, and warnings when you install a new app targeting Android Marshmallow or older. Instead of directly going through dozens of different pages Google published about Android Q, here I have summarized all new privacy and security features of the new version of Android you can quickly learn from: 1) Stop Android Apps From Tracking Your Location in the Background Android Q gives you more control over how an app can use your device location information. Currently, you have a single option to either allow or deny an app access to your device location, doesn't matter if it is in-use
New Android API Lets Developers Push Updates Within their Apps

New Android API Lets Developers Push Updates Within their Apps

November 08, 2018Mohit Kumar
You might have read somewhere online today that Google is granting Android app developers powers to forcefully install app updates…but it is not true. Instead, the tech giant is providing a new feature that will help users to have up-to-date Android apps all the time and yes, it's optional. Along with the launch of a number of new tools and features at its Android Dev Summit 2018 , Google has also launched the a new API, called "In-app Updates," which aims to help developers ensure that users are running the latest and greatest version of their app. "We've heard that you'd like more controls to ensure that users are running the latest and greatest version of your app. To address this, we're launching an In-app Updates API," Google said . How Does Android's New In-app Updates API Work? It should be noted that the Android's new In-app Updates API doesn't force or lock out users from the app if they chose not to update it. In
From Now On, Only Default Android Apps Can Access Call Log and SMS Data

From Now On, Only Default Android Apps Can Access Call Log and SMS Data

October 09, 2018Mohit Kumar
A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident. Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app. The changes are part of Google's Project Strobe —a "root-and-branch" review of third-party developers access to Google account and Android device data and of its idea around apps' data access. Restricted Call Log and SMS Permissions for Apps Google announced some new changes to the way permissions are approved for Android apps to prevent abuse and potential leakage of sensitive call and text log data by third-party developers. While the apps are only supposed to request permission those are required for functioning properly, any Android app can ask permission to access y
New Man-in-the-Disk attack leaves millions of Android phones vulnerable

New Man-in-the-Disk attack leaves millions of Android phones vulnerable

August 14, 2018Swati Khandelwal
Security researchers at Check Point Software Technologies have discovered a new attack vector against the Android operating system that could potentially allow attackers to silently infect your smartphones with malicious apps or launch denial of service attacks. Dubbed Man-in-the-Disk , the attack takes advantage of the way Android apps utilize 'External Storage' system to store app-related data, which if tampered could result in code injection in the privileged context of the targeted application. It should be noted that apps on the Android operating system can store its resources on the device in two locations—internal storage and external storage. Google itself offers guidelines to Android application developers urging them to use internal storage, which is an isolated space allocated to each application protected using Android's built-in sandbox, to store their sensitive files or data. However, researchers found that many popular apps—including Google Translate
Over 500 Android Apps On Google Play Store Found Spying On 100 Million Users

Over 500 Android Apps On Google Play Store Found Spying On 100 Million Users

August 23, 2017Swati Khandelwal
Over 500 different Android apps that have been downloaded more than 100 million times from the official Google Play Store found to be infected with a malicious ad library that secretly distributes spyware to users and can perform dangerous operations. Since 90 per cent of Android apps is free to download from Google Play Store, advertising is a key revenue source for app developers. For this, they integrate Android SDK Ads library in their apps, which usually does not affect an app's core functionality. But security researchers at mobile security firm Lookout have discovered a software development kit (SDK), dubbed Igexin, that has been found delivering spyware on Android devices. Developed by a Chinese company to offer targeted advertising services to app developers, the rogue 'Igexin' advertising software was spotted in more than 500 apps on Google's official marketplace, most of which included: Games targeted at teens with as many as 100 million download
Android Instant Apps — Run Apps Quickly Without Installation

Android Instant Apps — Run Apps Quickly Without Installation

May 19, 2016Swati Khandelwal
Downloading an app is a real pain sometimes when you don't want to install the complete app on your smartphone just for booking a movie ticket, or buying something online. Isn't that? Now, Imagine the world where you can use any Android app without actually the need to download or even install it on your smartphone. This is exactly what Google has intended to offer you with its all new Instant Apps feature. Announced at Google I/O event Wednesday, Android Instant Apps will break down the walls between websites and Android apps by allowing people to tap on a URL and open an Android app instantly, without even having to install it. As a live demonstration, Google's presenter on stage showed how just clicking a Buzzfeed Video link, which has a dedicated app, opened the relevant part of an app — all in just 2 seconds. Also Read: Google Unveils AI-powered Smart Messaging App In another demonstration, the presenter showed a link to buy a camera bag at B&H Ph
Google may adopt Apple's Swift Programming Language for Android

Google may adopt Apple's Swift Programming Language for Android

April 08, 2016Swati Khandelwal
Almost two years back, Apple introduced Swift programming language at its World Wide Developers Conference (WWDC) to the developers who build software applications for Apple devices. Swift was designed to make it easier for developers to create apps for Apple's mobile platform. Usually developers write complete app code and then compile it to see output, but Swift helps them see results in real time instantly while writing code. Now, reports have been emerged that the search engine giant is also considering making Swift programming language a "first class" language choice for programmers making apps for its Android platform. In between an ongoing legal battle with Oracle over Android, Google is planning to bring Swift into the Android platform with at least two major third-party developers — Facebook and Uber, reports The Next Web. Around the time when Apple officially made Swift an open source language, executives from Google, Facebook and Uber attended a m
Google Play Store increases Android APK Size Limit from 50MB to 100MB

Google Play Store increases Android APK Size Limit from 50MB to 100MB

September 30, 2015Swati Khandelwal
Google is doubling the maximum APK file size on the Play Store from 50 MB to 100 MB . That means... Android app developers can now build higher quality Apps and Games that users love. Of course, for an end user it may affect the overall app performance and installation time, as well as mobile data connectivity. Google Wants Developers to Create Richer Apps By increasing file size limit from 50 MB to 100 MB, Google wants to encourage developers for creating richer apps and games , as well as help avoid the need for downloading additional files after the initial APK download. There are two primary purposes of setting a cap for APKs. The limit ensures: Developers write code efficiently and keep an eye on the overall size of their app Users don't have to wait too long to download an app or game from the Play Store However,  Expansion Files are still there to help developers build apps that exceed the 100MB barrier , but the aim to increase the base lim
Microsoft Open-Sources Tool for Porting iOS Apps to Windows

Microsoft Open-Sources Tool for Porting iOS Apps to Windows

August 07, 2015Mohit Kumar
At its Build developers conference in April this year, Microsoft announced " Project Islandwood " - the " Windows Bridge for iOS " that lets iOS and Android developers port their apps to Windows. Microsoft finally made another surprise move on Thursday by open sourcing an early version of its toolkit for iOS to help iOS developers move their apps more easily to Windows 10. The source code for an early preview of " Windows Bridge for iOS " is now available on GitHub under the MIT open-source license. By releasing the preview of iOS Bridge, Microsoft wants the open-source community to contribute code, comments, testing, vulnerability reports, before the company launch the final version later this fall. iOS Toolkit for Building Windows 10 Apps The iOS Bridge enables developers to create apps that work with both Windows 8.1 and Windows 10 operating systems. Currently, Microsoft only targets the standard X86 and X64 processor archi
Malicious Gaming App Infects More than 1 Million Android Users

Malicious Gaming App Infects More than 1 Million Android Users

July 12, 2015Swati Khandelwal
It's not at all surprising that the Google Play Store is surrounded by a number of malicious applications that may gain users' attention to fall victim for one, but this time it might be even worse than you thought. Threat researchers from security firm ESET have discovered a malicious Facebook-Credentials-Stealing Trojan masquerading as an Android game that has been downloaded by more than a Million Android users. Malicious Android Apps downloaded 50,000-1,000,000 times The Android game, dubbed " Cowboy Adventure ," and another malicious game, dubbed " Jump Chess " – downloaded up to 50,000 times, have since been removed from Google Play Store. However, before taking them off from the app store, the creepy game apps may have compromised an unknown number of victims' Facebook credentials . Both the games were created by the same software developer, Tinker Studio and both were used to gather social media credentials from unsuspec
How to Manage Android App Permissions to Protect Your Privacy

How to Manage Android App Permissions to Protect Your Privacy

June 22, 2015Wang Wei
Do you actually read the list of permissions that Android apps are asking for before you install them? I know most of us treat those permissions like terms and conditions, blindly tapping our way through. But if you actually do, you would be aware of their reach. Some of your apps can make phone calls Some can track your location Some can read your browsing history, contacts, SMS, photos, calendar And… Even share this personal information with third parties without your knowledge. But, do they need all those permissions? No doubt, Google’s Android mobile operating system has a powerful app permission system that forces app developers to mention the exact permissions they require. But, there is one major issue for Android users: By default, it is a Take-it-or-Leave-it situation, which means you can choose to install the app, granting all those permissions or simply, not install it. It appears like every app developer wants access to much of my phon
Facebook Messenger Platform Launches at F8 Developer Conference

Facebook Messenger Platform Launches at F8 Developer Conference

March 26, 2015Mohit Kumar
Yesterday at its annual F8 Developer Conference in San Francisco, Facebook officially turned its Messenger app into a Platform. Facebook's Messenger Platform allows third-party app developers to integrate their apps with Facebook messenger app. However, other popular messaging apps are already offering similar features, like Chinese WeChat, but Facebook release is much bigger than any other platform. At F8 Developer Conference, Facebook released SDK v4.0 for iOS and Android along with Graph API v2.3 that enable app developers to add new messenger platform features to their custom apps quickly. Facebook users can install these compatible third-party apps from the messenger app, which offers users to send animated GIFs, images, videos, and more content within the Facebook Messenger app easily. BOON FOR BOTH FACEBOOK AND THIRD PARTY DEVELOPERS Facebook Messenger Platform will offer third party app developers to reach out Facebook’s 600 Millions of users. So, the move will be a
Google Now Manually Reviews Play Store Android App Submissions

Google Now Manually Reviews Play Store Android App Submissions

March 18, 2015Mohit Kumar
Google has changed the way it managed apps on the Google Play Store . After years of depending on the automated app check process, the company just made some changes to its Play Store policies  that will successfully weed out malicious and undesirable apps from Google Play store. Google has introduced an update for developers and users that's sure to make some parents happy and some developers sad. The new features are — Better App Review Process Age-Based Rating System BETTER APP REVIEW PROCESS The search engine giant announced on Tuesday that it has started employing humans to review apps before they go live on the Google Play Store , a move intended to " better protect the community " and " improve the app catalog ." The new approach would definitely affect app developers, as they'll have to wait for their apps to be approved by Google after they submit them to the Play Store. But, it would keep users safe from harmful malware or offensive content.
DroidStealth — Android Encryption Tool with Stealth Capabilities

DroidStealth — Android Encryption Tool with Stealth Capabilities

February 14, 2015Swati Khandelwal
We all have Internet-connected smartphones in our pockets, but it’s very hard to find a place on Internet to feel secure and private. No doubt, there is data Encryption on cell phones, but what’s the use if it is cracked by hackers or law enforcement? What if the encrypted files don’t exist in the first place for law enforcement to decrypt it? That’s the motive behind DroidStealth , a new Android encryption tool that not only protects sensitive data with obfuscation, but ​also hides its existence on your phone as if it has nothing to hide. DroidStealth Android app has been developed by security researchers from Delft University of Technology in the Netherlands and would come as a windfall to both the privacy lovers and the cyber criminals. STEALTH LOGIN MECHANISM DroidStealth Android encryption tool creates a hidden folder in your phone in which it stores your all encrypted files. The app itself can be opened by simply dialing a phone number of any length which is
Adware Android Apps Found in Google Play With Millions of Downloads

Adware Android Apps Found in Google Play With Millions of Downloads

February 04, 2015Swati Khandelwal
With the rise in mobile market, last year we have seen sharp growth in malicious ' adware ' — the most prevalent mobile threat in the world. And now, security researchers have once again found Google Play Store offering malicious apps that are infecting millions of Android users with adware . It’s not at all surprising that the Android operating system is surrounded by a number of unwanted intrusions that may gain users’ attention to fall victim for one, but this issue might be even worse than we thought. WHAT IS ADWARE ? For those not familiar with adware, adware is a software that automatically displays or downloads advertising material like banners or pop-ups when a user is online. Doesn’t sound dangerous, Right? But adware could result in a serious threat to users. Android Adware can pose a major threat to users' privacy, since some ad networks gather personal information like phone number, email address, and many more. Depending on where the ad netwo
Beware! Fake WhatsApp PLUS App Rumored to be Next Official WhatsApp Release

Beware! Fake WhatsApp PLUS App Rumored to be Next Official WhatsApp Release

January 19, 2015Mohit Kumar
Several reports from the popular news websites had suggested that WhatsApp , the widely popular messaging application, is working on a new version of its instant messaging client, called  WhatsApp PLUS , in order to provide its users a lot of handy new features. However the news seems to be completely fake!! WhatsApp Plus has already been launched a long ago and is not at all genuine as it is not associated with the Facebook-owned WhatsApp. Many users claimed to have already used WhatsApp Plus before. The latest news reports insist that WhatsApp Plus will bring 700 new themes and more number of emoticons, as well as will provide users with an option to change the font, and color among other things in an attempt to make the app look and feel more personalized. Moreover, the app will provide better privacy compared to the existing one. But, here you need to have a second thought. If we talk about better privacy, the only genuine report about WhatsApp came late last year,
GCHQ Releases 'Cryptoy' App for Kids to Teach Encryption

GCHQ Releases 'Cryptoy' App for Kids to Teach Encryption

December 14, 2014Mohit Kumar
British government surveillance agency GCHQ – counterpart of NSA – has fired-up another debate over the Internet by launching Android application to encourage teenagers to tackle emerging cybersecurity threats. The newly launched Android app , dubbed " Cryptoy ", was developed by STEM (science, technology, engineering and maths) students on an industrial year placement at GCHQ. The Cryptoy app was highly appreciated and liked by GCHQ at the Cheltenham Science Festival that they made it available to download today. The app is designed mainly to tempt youngsters between the ages of 14 and 16 into trying their hand in cryptography and code-breaking, but can be used by anyone interested in cryptography. According to GCHQ , Cryptoy app will help users to understand basic encryption methods, teach the codes of the past, and create their own encrypted messages. The app allows users to share these encoded messages by using four code-breaking techniques – Shift, Subs
Twitter will now Track EVERY App You have Installed on Your Smartphone

Twitter will now Track EVERY App You have Installed on Your Smartphone

November 27, 2014Mohit Kumar
Like Facebook and Google, Twitter will soon be collecting your smartphone data in order to provide a " more personal Twitter experience " by serving targeted advertisements. The popular microblogging service Twitter said Wednesday that it will start collecting information about the other applications its users have installed onto their smartphones or tablet in a bid to better target ads and content, which some users may consider as another threat to their online privacy. In the Security and Privacy section of its support site, Twitter says that it will be " collecting and occasionally updating the list of apps installed on your mobile device so we can deliver tailored content that you might be interested in ." The company has updated its app with this new feature for iOS platform on Wednesday, and Android will integrate this new feature in the next week. The app update is opt-out , which means Twitter will start collecting information from users aut
Researcher Found TextSecure Messenger App Vulnerable to Unknown Key-Share Attack

Researcher Found TextSecure Messenger App Vulnerable to Unknown Key-Share Attack

November 03, 2014Swati Khandelwal
Do you use  TextSecure Private Messenger  for your private conversations? If yes, then Are you sure you are actually using a Secure messaging app? TextSecure , an Android app developed by Open WhisperSystems , is completely open-source and claims to support end-to-end encryption of text messages. The app is free and designed by keeping privacy in mind. However, while conducting the first audit of the software, security researchers from Ruhr University Bochum found that the most popular mobile messaging app is open to an Unknown Key-Share attack . After Edward Snowden revealed state surveillance programs conducted by the National Security Agency, and meanwhile when Facebook acquired WhatsApp , TextSecure came into limelight and became one of the best alternatives for users who want a secure communication. " Since Facebook bought WhatsApp , instant messaging apps with security guarantees became more and more popular ," the team wrote in the paper titled,
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.