iOS 7 lock screen bypass flaw discovered, and how to fix it [Video]

It happened with iOS 6 (twice!), and it looks like it’s happening on iOS 7 again.

YouTube user Jose Rodriguez shows off how to bypass your iPhone’s lock screen on iOS 7 to peek into your photos and other places.

The trick takes a little finesse, but works on any iPhone or iPad running iOS 7:

1. Swipe up on the lock screen to get to the Control Panel.
2. Open the stopwatch and head to the alarm.
3. Hold down the power button until the “Slide to Power Off” button comes up.
4. Hit the cancel button, then hit the home button twice, holding it down on the second press.

It takes a little bit to get it right, but it’s doable once you know what you’re doing. The good news? All you need to do to disable this is turn off Control Center on the lock screen. Head into Settings > Control Center and turn off “Access on Lock Screen.”

Source: Life Hacker

Google Is Waging War on Apps That Attack and Steal From Your Phone

Google made sweeping changes late last month to its policies for developers on Play, the official store for apps that run on Android, Google’s smartphone operating system.

The changes, which among other things affect how ads are displayed and permissions sought, are meant to make Android safer so users can download and use apps with confidence. Developers have until later this month to make the changes. Those that run afoul of the new rules after the deadline will find their apps deleted.

If the past few months are any indication, the Play store will experience a major purge. Google does not disclose or publicly comment on how many apps it removes from its store every month. But Priori Data, an app-market research firm based in Berlin, estimates that in the month through Aug. 9, more than 36,000 apps were removed from Google Play.

That may not sound significant compared with the roughly 950,000 apps in the store, but in the same period, the number of apps available on Play only increased by 35,000. That means one app was removed for every two new apps that came to the Play store. According to Zscaler, a security firm, one in every five apps available on Google Play has some sort of problem with it.

The numbers have been fairly consistent. As per Priori’s data, it is not uncommon for between 25,000 and 35,000 apps to be removed in any given month.

The Perils of “Open”

Google makes a big deal about being an open marketplace. Unlike Apple, it does not vet apps before they become available in its store. The idea is to make Android a more welcoming platform, one that is not subject to the whims of the store owner. The problem is that it also makes Android much more vulnerable to attacks.

Early in 2012, Google unveiled Bouncer, an automatic scanner that checks for malware, spyware and trojans when apps are submitted to Google Play. That catches some of the more obviously undesirable apps — the ones with bad code.

But it misses apps that infringe on copyright, contain what Google considers undesirable content (hate speech, sexually explicit material, gambling and so on), and ones that more skillfully hide their malicious nature. Even so, as the number of apps seeking approval goes up, the speed at which Google allows them onto its marketplace is going down. Until last year, apps went live on Play within five minutes of submission. It now takes several hours, according to one developer.

Google also encourages users to be vocal about negative experiences so it can find and remove bad apps. But some malicious apps are very clever indeed. Joji Hamada of Symantec, a large computer security company based in California, recently found a spate of Japanese scam apps that require users to willingly and very consciously take a series of steps that eventually result in the phone owner being slapped with an “annual fee” of 315,000 yen ($3,100) just to look at some dirty videos.

Three developers known to upload malicious apps. Symantec

Even apps that are less clever can cause damage to phones, Android’s reputation, and the bank balance of both users and Google. The stories, once you start looking for them, are endless. Some 2 million people downloaded one of 32 apps that installed malware masquerading as free apps before the apps were pulled earlier this year. Others fall for anti-malware apps that turn out to be phony.

Not all removed apps are malicious. Some are taken down by the developers. Others run afoul of Google’s policies. Many are just frustrating and pointless: “Ad-related apps probably make up the majority of those removed from stores,” Hamada told Quartz. “Developers can make healthy profits from display advertising such as pop-ups, displaying notification ads at the top of the screen.” In addition, adblockers are also banned from Play, though people can still download such apps elsewhere.

Closing In

Still, being a “closed” system like Apple’s App Store is not easy either. Despite an extensive review process that can take as long as two weeks before an app is approved, undesirable apps manage to sneak into the App Store as well. One of the most common problems is copycat apps.

When a new app becomes popular, developers simply copy the icon and name and reap the benefits of easily fooled users. Worse, some developers complain that Apple is slow to respond to their requests to remove the imitators. Malware also manages to sneak in. Yet Apple’s store retains the trust of both consumer and business users. Google has managed to catch up to Apple in the number of apps it offers and far exceed iPhones in market share. But trust is something it is still fighting to establish.

Little surprise then that Google does all it can to remove offending apps as swiftly as possible. Hence Google’s new policy that explicitly bars certain things, like allowing users to pay through a non-Google mechanism. If apps are forced to accept payment only through Google, it should in theory make it easier for Google to ensure such payments are legitimate, safeguarding its and Android’s reputation.

But that will take time. For now, Google Play remains a tempting target for scammers and attackers. ”A relatively typical fraudulent app can be spotted, reported and removed in about half a day as we know what we’re looking out for,” Hamada said. “However, scammers can also just as easily post up a new one the next day. Half a day is all they need to make a quick profit.”

Image: Neilson Barnard/Getty Images for Samsung

Source: Mashable

Samsung Reveals The Galaxy Note 3, The Slimmer And Lighter Evolution Of The Phablet

Samsung’s big Unpacked Episode 2 event is underway, and as expected, the company has used the venue to announce the Galaxy Note 3 smartphone. The Note is the original phablet, and the new version continues the tradition of big screen gadgets best-suited for big-handed people.

The new Galaxy Note 3 features a design with extremely slimmer bezels and sharper angles on its rounded edges, marking a slight departure from Galaxy device design language thus far. It’s thinner than its predecessor and lighter (168g), despite offering a larger screen at 5.7-inches. It also offers more battery life than the Galaxy Note 2, and there’s a new and improved S Pen, too. Plus it supports faster, and more “seamless LTE” with multi-band support.

The camera has 4K video recording capabilities with a new CRI LED flash that should improve low-light photography. Samsung claims nearly four more hours of battery life when playing back video, and performance in general during normal use should also extend battery by up to 40 percent over the previous generation.

Samsung was emphasizing craftsmanship with the Galaxy Note, which features a stitched leather rear cover (available in black, white and pink). It also has a metallic rim running around the edge, and there’s a flip wallet accessory available in 10 different colors that also features a larger S View window cover for checking messages, making calls and accessing more info at a glance without having to activate the whole display.

The new S Pen is designed to work with the larger screen. Samsung called it the “key” to unlocking Note features and power. This works via a number of new interface controls. There’s a dot on-screen that appears when you can activate “Air Command,” which is a tool wheel that provides quick access to memo, scrapbooking, screenwriting, and a finder search function. There’s also something Samsung calls “circle,” which uses a circle drawing gesture to capture content you want to save to your scrapbook, as called up via Air Command. Box is a way to multitask, that lets you do two things at once via essentially a picture-in-picture interface.

Samsung’s Knox mobile security feature, which is designed to help increase enterprise and consumer security via partitioned software for consumer and business use for BYOD device users. The Note 3 will ship September 25 in 149 countries around the world.

Samsung’s smartphone fortunes are the subject of major scrutiny at the moment, since the company is perceived as possibly having hit a ceiling in terms of growing its overall share of the market. The company is hosting a meeting with investors and analysts to discuss its long-term plans in the face of these fears, and the Note line drives quite a few sales, though not as many as the flagship Galaxy S4. Estimates for break-out sales of the Note 2 on its own are hard to place, but Samsung has in the past said it anticipated the device would pass 20 million units shipped.

Galaxy Note 3 specs:

• 151.2mmx79.2mmx8.3mm
• 5.7-inch SuperAMOLED 1080p display with 368 ppi pixel density
• 2.3GHz Snapdragon 800 processor, or 1.9GHz Samsung Exynos Octacore depending on market
• Android 4.3
• 13 megapixel rear camera, 2 megapixel front camera
• 3GB RAM
• 32 or 64GB storage
• MicroSDXC card storage expansion
• Bluetooth 4.0, WiFi 802.11ac, LTE Category 4
• 3,200 mAh battery
• LED/IR combo

No information on Galaxy Note 3 availability just yet beyond the September 25 date, and the official Samsung press materials around the launch says only that it’ll make it out to all major U.S. carriers “later this year.”

Via TechCrunch