Ee Blog

In a follow up to our recent report regarding how an Android Security Bug was found to let hackers gain system access, Google has released a fix to its Android original equipment manufacturers (OEM’s) for this bug, named: Android security bug 8219321 as unearthed by Bluebox Security in February this year. The flaw was confirmed from Google’s Android Communications Manager, Gina Scigliano, she said “a patch has been provided to our partners.” She also mentioned “Some OEMs, like Samsung, are already shipping the fix to the Android devices.”

The flaw in question will allow a hacker to turn a legitimate app into malicious files by modifying APK code without breaking the app’s cryptographic signature. In response to this, Google has already modified its Play Store’s app entry process to scan for the exploit so apps that have been modified using this vulnerability can no longer be distributed via the Play Store. Bluebox Security discovered the hole in Android’s code, which it claims could potentially affect 99 percent of Android devices, back in February and informed Google at that time. (but only made it public recently). Samsung’s Galaxy S4 was named then as one Android device that had already been patched, so it seems likely that this model is the device Gina Scigliano referred to when she cited Samsung as a manufacturer already shipping a fix. The problem for Android users is that even though Google has now in fact released a fix to its OEMs, they still have to wait for the maker of their particular handset to implement and ship the fix. This also poses another question, how long before their particular carrier tests it? Having to wait around to receive updates is a byproduct of the freeness and fragmentation of the Android sphere, still, it does not sound like this particular Android flaw has been widely exploited thus far. Scigliano has told ZDNet: “We have not seen any evidence of exploitation in Google Play or other app stores via our security scanning tools. Google Play scans for this issue and Verify Apps provides protection for Android users who download apps to their devices outside of Play.” But just because it has not been widely exploited yet, does not mean it will not be…does it?

Source: http://techcrunch.com/2013/07/09/google-plugs-android-hole/

If you don’t like the new Timeline feature on Facebook and want to view profiles in the old style, then TimelineRemove is the perfect browser extension for you. (Firefox, Internet Explorer, Chrome and Safari) included in one zip!

This tiny, but handy tool disables the new Facebook timeline feature and restores the classic look, without changing the timeline behavior for other visitors of your Facebook profile. The extension basically works by hiding the timeline, so you can view your own and others’ profiles in the old style.

TimelineRemove works automatically once installed, and a button is added to the toolbar that lets you toggle the timeline on and off, whenever you want.

Editor's Note: The download contains 3 files; .xpi for Firefox, .exe for Internet Explorer, .safariextz for Safari and .crx for Chrome.
- Download -

You can visit the author link to download individually.
TimeLineRemove.Com

The Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA) are two bills that sound like they have a mildly positive aim but, in reality, have serious potential to negatively change the internet as we know it. Here are some tools that can help you keep track of SOPA and PIPA as well as prepare for problems in case they pass.

Protect Yourself in Advance

Google Chrome users can pick up the No SOPA, which reveals which sites support SOPA when visiting them. If you're interested in writing a letter to supporters, boycotting their sites, or simply be aware of their support, this extension can help with identification.

Google Chrome users should check out MAFIAAFire Redirector, which will intercept any domain names typed into your address bar and load via the site's numeric IP address instead. Firefox users have the choice of two extensions, DeSOPA and MAFIAAFire ThePirateBay Dancing, which do the same thing.

Additionally, Reddit users are creating a SOPA emergency list that hold the IP addresses of various sites. In the event these extensions don't work out or there isn't one for your browser, you'll be able to make edits to the hosts file on your computer to override any blocked sites. For now there's no sense in doing anything because there is no problem yet, but it's good to be prepared for the worst.

SOURCE: Lifehacker