Android DRM Cracked! Pirating Apps is "Easy"

The licensing system Google implemented to protect the applications found in its Android Market has been cracked, only a month after it debuted. Google's "Licensing Service for Android," designed to protect against unauthorized use of paid Android applications, was released late July for all versions of the Google Android mobile operating system, 1.5 or higher. In basic terms, the system functions as sort of a DRM protection mechanism for Android applications, ensuring that the apps on a user's phone have been properly purchased and paid for.

Now, in a detailed how-to guide posted by Justin Case on Android Police, not only has Google's licensing system been cracked, doing so was a fairly easy process.

How Was This Hacked?

It's not surprising to hear that a protection system was hacked or cracked these days. There is virtually no unbreakable code, given enough Red Bull and a dedicated hacker. What's somewhat disturbing about this particular crack, however, was how simple it was to accomplish.

In this case, the crack was made possible due to the licensing system's use of Java code. According to Case, Java code is what most Android applications are currently written in. Because of Java's cross-platform compatibility needs, there are already a number of software suites that can decompile and disassemble Java code, making it an easy target for reverse engineering.

After decompiling the code, cracking the licensing system is as simple as finding the file that references Google's licensing service and changing it to include a different set of instructions. A hacker would just need to change of couple of bytes of code that detail how an application should behave after verification of its license is complete.

Read more...

Android Anti-Malware Apps vs. Tap Snake

Last week Sarah Perez reported that a game called Tap Snake, available in Android Market, was actually a mostly harmless piece of spyware. I took to the opportunity to test a few of the anti-malware apps available on the market: antivirus free from droidSecurity, Lookout, Symantec's Norton Mobile Security for Android beta, and Smobile. I was also going to try SmrtGuard, but I couldn't get the app to activate before Tap Snake was removed from Android Market. Of those four apps, only one detected Tap Snake as a potential threat.

Surprisingly, Lookout was the only app that caught Tap Snake. I say surprisingly, because Symantec definitely knew about the app by the time I conducted my tests on the morning of August 17th. droidSecurity, SmrtGuard and Symantec did not respond to inquiries as to why their respective apps failed to detect the spyware.

It's important to note that one is an incredibly small sample size, and it's hard to judge a security solution based on one case study. The apps also have other security features, such as backup, device location and remote wipe, that are worth considering.

Read more...

Android Mobile Web Use Up 400% in Q2, Outpacing Apple & BlackBerry

The Android platform has garnered much attention lately because of its rapidly expanding number of apps and phones on the market, so additional growth statistics should come at no surprise. Mobile Web usage on Android devices in the U.S. quadrupled in the second quarter of 2010, stealing market share from Apple and BlackBerry devices, says U.K. mobile analytics firm Bango. Apple's traffic grew just 13% causing it's share of the mobile browsing market to fall 16%, and BlackBerry saw its similarly slow growth outpaced by Android devices.

 

"Apple appears to be losing ground to the latest Android handsets from HTC, Sony Ericsson, Motorola and Samsung, showing the slowest quarterly growth in Web browsing."
- Ray Anderson, CEO Bango

Statistics like these can be misleading or confusing to some mobile consumers. To paraphrase what is happening in the mobile Web industry, all platforms - Apple, BlackBerry, Android, Nokia, etc - are all seeing growth and the market is expanding. However, Android devices saw far more growth than the others in this last quarter, snagging a larger piece of the overall pie.

As Bango CEO Ray Anderson points out, BlackBerry and Apple still dominate, together accounting for nearly two-thirds of the mobile Web market.

Read more...

Countering all the FUD About Cloud Security

Right now, attacks on data as it passes between virtual machines are pretty much theoretical. We have not had a major public attack that we can point to as a clear example.

It raises questions when we talk about security in the cloud. Without any proof of any major attacks, the discussion about cloud security can seem like FUD.

Still, the perception about security is what in large part slows the cloud's adoption in the enterprise. But it can also have a counter effect by spurring security development for the network. That's where the focus needs to be as cloud computing becomes more predominant.

Tom Mornini co-founded Engine Yard. He wrote a commentary piece for ZDnet that compares cloud security to the Maginot Line:

"Reasonable security standards
A large number of data breaches occur because of issues with internal security and protocols. Security concerns are the number one roadblock to enterprise adoption of cloud computing, yet most security breaches occur on-premise. Whether it's a code glitch, unencrypted network traffic within a secure data center, a disgruntled employee, or a thief on your payroll, enterprise data may well be more secure in the cloud.

Read more...

Good, But Not Too Good - Microsoft Seeks Sweet Spot With Docs.com

Microsoft announced new features today to Docs.com, a Facebook-integrated Web app in closed beta that lets users create multi-author Word docs, Excel spreadsheets and PowerPoint presentations for free.

The new features themselves are not earth-shattering, but they show how the team behind Docs.com continues to improve and innovate. The question is, how far will Microsoft go to make Docs.com better before the free service starts to undermine its flagship Office products?

Docs.com is part of Microsoft's response to Google Docs, the Web app that revolutionized collaborative editing and introduced people to the idea of letting documents live in the cloud, for free.

Microsoft Office Home and Business 2010, which includes Word, Excel, PowerPoint, outlook and OneNote, costs $279.99 - which seems staggering in the age of so many free Web-based productivity tools.

Microsoft seems to be hoping that Docs.com will convert free users into paid users of Microsoft Office. The company never misses a chance to mention that Docs.com is "built on Microsoft Office 2010" and has "full compatibility with Microsoft Office:"

Read more...