WhatsApp Battens Down the Hatches

WhatsApp has added end-to-end encryption and enabled it by default in the latest version of its Android messaging application, partner Open Whisper Systems announced Tuesday.

The new feature taps Open Whisper's open source TextSecure encryption protocol to ensure that only a conversation's participants can read the messages they exchange. WhatsApp itself won't be able to decrypt the messages, in other words, even if law enforcement should try to require it.

Encrypted messaging isn't yet available for group chat or media messages within WhatsApp's Android client, but those features are coming next, Open Whisper said, along with support for more client platforms. Key-verification options also will be forthcoming once protocol integrations are completed.

A Rare Quality

Facebook-owned WhatsApp is one of several messaging applications called out in a recent scorecard report from the Electronic Frontier Foundation.

The EFF rated the security of more than three dozen such apps on seven different dimensions, including encryption. Also taken into consideration was whether or not the apps' code was audited and open to independent review.

Only six tools scored all seven stars, including ChatSecure, CryptoCat, Signal/Redphone, Silent Phone, Silent Text and Open Whisper's TextSecure app.

WhatsApp, on the other hand, was among those whose lack of end-to-end encryption resulted in a lower ranking. Included in that category were Google, Facebook and Apple's email products, along with Yahoo's Web and mobile chat and Secret.

Lacking encryption altogether were messaging platforms QQ, Mxit and the desktop version of Yahoo Messenger, the EFF found.

One Fell Swoop

"I think it's great news," said Joseph Bonneau, a fellow at both the EFF and Princeton University's Center for Information Technology Policy.

"One of the things we were hoping with the scorecard project is that we'd be able to push others to do the same thing," he told TechNewsWorld.

This one change "basically absolved them from being one of the apps that didn't really provide much security to being one of the most secure mainstream messaging apps out there," Bonneau said.

The Open Source Advantage

WhatsApp's choice of TextSecure was a good one, noted Bonneau.

"TextSecure has really been refined over the years," he said. "It's great to see them using a public application that has earned a lot of confidence and has a lot of strong security features."

The fact that TextSecure is open source is a particularly compelling advantage, Bonneau pointed out. "In practice, it means that any weaknesses are far more likely to be found and fixed. Open source is the way to go."

Billions of Encrypted Messages

Open Whisper Systems has been working with WhatsApp for the past half year or so to implement the new feature in what it called the largest deployment of end-to-end encrypted communication in history.

Billions of encrypted messages now are being exchanged each day through the enhanced service.

Users likely won't even notice that the additional security is there, however.

"It shouldn't affect the user experience at all," Bonneau remarked.

Educating Users

Of course, whether they realize it or not, the app's more than 600 million monthly active users are benefiting from the superior security the TextSecure code provides, Jean Taggart, senior security researcher at Malwarebytes, told TechNewsWorld.

"Implementing the Open Whisper Systems protocol under the hood of a popular messaging platform is a huge improvement," he said.

Looking ahead, moves like this one will begin to make it clear to users that there are "big security differences among messaging platforms," EFF's Bonneau observed. "Hopefully users will start demanding this kind of security." 

Danger comes in small packages: Securing employees' mobile devices

Whether your company provides workers with mobile devices or allows them to bring their own, you have to be vigilant. If your employees work outside the office with their tablets or smartphones, they’re walking around town with your data in small, easy-to-lose, easy-to-steal containers. Should any of those devices go missing, there’s a lot more at stake than the cost of the hardware.

Following these basic procedures will help keep your company safe from mobile threats.

Insist on mobile antivirus apps
Almost everyone knows that they need an antivirus program for their Windows PC, but few understand the necessity of running a similar tool on their mobile device. According to Symantec's Internet Security Threat Report for 2014, 57 percent of adults didn't even know that such tools existed. But here's the really scary part: Only 44 percent were equally ignorant in 2012. In other words, the average person knows less about mobile security now than they did two years ago.

Android attracts more malware than iOS by a very large margin. According to Kaspersky Lab's Mobile Cyber Threats report, published this October, "98.05% of all existing mobile malware targets the users of Android devices." The ability to download apps from sources other than the office Play Store, and the irregular way updates get pushed to devices make Android a tempting target.

But iPhone and iPad users shouldn't be complacent. iOS has its share of vulnerabilities. What's more, malware that latches onto applications doesn't really care about the operating system; if the OS can support the app, the app can support the malware.

Think data, not device
Losing a smartphone is an inconvenience. Letting the data on it fall into the wrong hands is a disaster. According to Adam Ely, Co-Founder of Bluebox Security, "79% of companies reported a mobile data breach, with the cost of data loss ranging from less than $10K to over $500K per incident." That's a lot more than the cost of a phone.

The first line of defense: Secure the mobile device with a sufficiently complex password. You might also consider other techniques for locking a phone. Add more protection by encrypting company data (a locked phone doesn't help much if the Micro SD card inside is open), and a mobile-to-company-server backup routine.

Use a Virtual Private Network
Criminals don't need to steal a smartphone to read the data flowing from that phone to the Internet.

That's why your company needs to use a VPN to encrypt the data as it journeys between the mobile device and the network. A good VPN provides more than just encrypted data. It can track who's accessing the network, authenticate users, and allow employees to access company applications in the field.

Respect your employees' privacy
If you don't handle your company's BYOD policy properly, your employees may look at you with the same lack of trust that American citizens reserve for the NSA. As Ely explained, "it is important to maintain boundaries between work and personal use on an employee’s personal device. Users are rightfully worried that their privacy will be compromised if they use their personal device for work purposes."

Your BYOD policy must spell out clearly what rights belong to the employee and the company. Prepare a clear statement that defines the circumstances in which the company will open private files. Also, the employee must understand ahead of time that the device may be wiped remotely should it be lost.

Make it easy
If a user must go through eight security steps before they can get to work, they will find a way around those steps. After all, they're being paid to be productive, not to enter multiple passwords and prove that they really are themselves. According to Ely, "No matter how robust a mobile device program is it will not succeed without the support of the end users."

So keep ease of use in mind when designing a secure system. Require fewer passwords, and use automated encryption technologies that don't require many user interactions.

Another way to simplify: Design easy-to-use systems, and help employees when the systems aren't as easy as they should be, and offer convenient options like remote access to help them get fast support from your help desk if they need it. "Support must be a priority," warns Ely. And "focus on product design to minimize issues, prioritize quality testing and populate…support portal with how-to’s and FAQs."

Going mobile has considerable risks and considerable benefits. You need to lower the first so you can make the most of the later.

Billionaire Paul Allen donates 10,000 smartphones to the Ebola battle

Billionaire Paul Allen is sending more than 10,000 smartphones to West Africa to help in the battle against Ebola.

The Microsoft co-founder’s Paul G. Allen Family Foundation is providing the specially-programmed phones in an attempt to help government workers and aid volunteers gather data about the effectiveness of relief efforts in the disease-ravaged region.

“We need reliable data to understand what is going on in impacted areas to get ahead of the Ebola crisis,” said Allen, in a statement released on Monday.

The smartphones are the philanthropist’s latest contribution to the Ebola battle.

Last month Allen said that he would increase his contribution to fighting the deadly disease to at least $100 million. In September the philanthropist donated $9 million to the Centers for Disease Control and Prevention to support the fight against Ebola.

While a number of the phones were purchased by the Paul G. Allen Family Foundation, others were gifts from companies.

As part of Allen’s existing commitment to tackle Ebola, he also announced a grant to communications specialist NetHope on Monday. NetHope is an international consortium of NGOs devoted to improving emergency response organizations’ IT communications.   

“NetHope is working closely with the U.N. and all of the large response organizations to identify the gaps in communications capacity,” said Allen. “Today, we are committing resources to boost communication and data collection capabilities to more effectively fight Ebola in West Africa.”

Allen’s donation to NetHope will help establish a fund to boost connectivity at 45 locations, as well as the deployment of up to 10 satellite communication terminals. The grant will also fund a number of short-term private sector projects to extend mobile capacity, as well as helping mobile operators widen their existing networks.

Technology is becoming a key weapon in the fight against Ebola. Last month, for example, IBM launched an analytics system to help track the spread of the deadly disease in Sierra Leone.

The system developed by IBM’s Nairobi, Kenya-based Africa research lab and Sierra Leone’s Government lets citizens report Ebola-related issues and concerns via text message or phone calls. The goal is to provide the country’s government with insight into communities affected by Ebola and improve its strategy for containing the disease.

Flip phones are hip again

Hipsters, rejoice. Next time you ride your fixed-gear bicycle to the the thrift store, where you find a vintage, grease-stained mechanic's shirt that matches your Rollie Fingers mustache and Grizzly Adams beard, there's an edgy, if technologically sub-optimal, way to tell your friends about it.
Use a flip phone.

In an age of the iPhone 6 Plus and massive Android phablets, flip phones are inexplicably making a comeback.

No less an arbiter of cool than Vogue magazine editor Anna Wintour has apparently dumped her iPhone in favor of a flipper. Indianapolis Colts quarterback Andrew Luck, actress Kate Beckinsale and even Rihanna are just a few of the celebrities spotted proudly brandishing the famous piece of paleo-technology.
And, believe it or not, "dumb phones" aren't exactly the elusive unicorn that some of us think they are.
As of January, 56% of American adults owned smartphones, compared to a total of 90% who had a cellphone of some kind, according to the Pew Research Internet Project. Among millennials age 18-29, an overwhelming 83% of those who owned cellphones had a smartphone, but that leaves the other 17% who keep their mobile life more basic.

The hinged, snap-shut "flipper" form factor was originally introduced to the public in 1982 by laptop manufacturer GriD with its Compass computer.

Motorola, perhaps the king of flip phones with its Razr line, introduced the clamshell style in 1996 with its StarTAC phone (which, appropriately enough, was re-released for nostalgic techies in 2010).
Is this really all about going for retro, hipster street cred? There is, at times, a mystifying aspect of "cool" that centers around eschewing modern convenience for vintage ... well ... inconvenience.
Writing on typewriters? Check. Racing high-wheel bicycles from the 1880s? Yes. Playing baseball with the rules and equipment of the 1860s? Absolutely.

But there are obviously some more practical reasons some people, including millennials, go flip.
For some, it's about simplifying and uncluttering in a 24/7 plugged-in society.
"It just seemed like it would be better for my addled brain than a smartphone," 26-year-old Angelica Baker, a tutor and writer, told TIME. "Personally I'm too scattered and unfocused to handle email and Facebook on my phone."

Baker swapped out her Droid for her mom's retired flip phone, a pink Motorola Razr.
No one has to worry about the iCloud being hacked when they use a flip phone. There's little to no eye and neck strain. No fear of Flappy Bird addiction.


And, let's be honest ... there's something satisfying about a switchblade-like phone flip after an annoying phone conversation that even the most emphatic tap of a touchscreen will never approach.
Maybe the hipsters are onto something after all. Though we'll still pass on the bushy beards.

Android Lollipop update causes problems

Users have reported Adobe Air-based apps being wiped from their handsets

Early adopters of Google's latest Android operating system are warning others of problems with the software.

Issues include the update causing Nexus 7 tablets to run slowly and repeatedly crash, with several users complaining they had become "unusable".

The code also appears to remove apps built with Adobe Air and then prevent them from being reinstalled.

Adobe said it had not been aware of this "critical" bug before Tuesday and had escalated it with Google.

A spokesman for the search firm was unable to comment at this time.

'Shockingly bad'
Android 5.0 - also known as Lollipop - is described as a "quantum leap forward" by Google and has attracted several positive reviews, fuelling desire for the software.

It revamps the system's user interface, offers greater control over notifications, and makes changes to the way the OS executes code, which Google said should mean fewer "temporary glitches" than before.

At the moment, it is only available to a limited number of machines, because many network operators and device manufacturers have yet to complete their own tests.

However, owners of Nexus-branded machines - which are sold by Google itself - can install the software by downloading it from the firm's website or, in the case of the Asus-made Nexus 7, accepting an over-

Victoria's Secret Wants to Win Over Millennials With Its Own Mobile Messaging App 'Pink' lets you talk and shop

Victoria's Secret wants to see what today's millennials are talking about with a new twist on mobile messaging.

At the same time that practically all millennial-minded marketers are using Snapchat, Line, Kik and every other social and mobile platform out there to get in touch with teens, Victoria's Secret has rolled out its own chat feature within its Pink shopping app.
The lingerie brand is the first marketer to use a chatting feature from a mobile messaging app called Frankly.
After opening the chat feature, app users can talk about predetermined topics like holiday gifts or school. Because this is Victoria's Secret (and millennials are fickle) the public chats are customizable with different shades of pink backgrounds and branded emojis. There's also the usual crop of smiley face emojis that app users can play with, much like a text message.
On Dec. 9, the chat function will be used to push out exclusive content during the Victoria's Secret Fashion Show in London. The retailer recently used the app to announce that singer Ariana Grande was performing at the show.
There is also a button to download the stand-alone Frankly mobile messaging app.
With a demographic that’s highly skewed toward millennials, mobile is important for Victoria’s Secret. This summer the brand launched an augmented reality feature within its app, in addition the the usual games and content, to keep people engaged.
Frankly claims to have been downloaded 1.5 million times, which is small potatoes compared to most messaging apps. Earlier this year, Forrester Research published a report showing that WhatsApp has 500 million users and Line has 420 million.

Samsung Had A Plan To End Android, But It's Failing

For the past two years, Samsung has been working on its own smartphone operating system, called "Tizen."

Tizen is very similar to Android. It's open source, meaning any smartphone maker can use it for free.

It's also a way for Samsung to wean itself off Android and use its own software instead. The theory goes that Samsung is ceding a lot of potential revenue to Google because it has to offer customers Google's app store and other services if it wants to keep using Android.

Samsung is the biggest Android phone maker in the world, but it's still giving a ton of control over its future to Google.

Yet, it sounds like Tizen is faltering. Samsung's chief architect of Tizen, Taesoon Jun, told CNET's Shara Tibken recently that the company is shifting its plans for the operating system. Instead of loading Tizen on high-end phones with specs similar to the Galaxy S5 or Galaxy Note 4, Samsung will put it on cheap phones to compete at the low-end of the smartphone market.

That's a troubling sign for Samsung, which has been struggling all year to combat dwindling smartphone sales and profits. Profits were down nearly 50% in the third quarter, and Samsung blamed increased competition from other smartphone makers.

For example, the Chinese startup Xiaomi makes phones with high-end specs similar to what you'd find in Samsung's best phones, but sells them for about half the price. Xiaomi is now the third largest smartphone maker in the world in terms of unit sales.

Still, Tizen isn't just for phones. Samsung also uses the operating system on several of its smartwatches, which is seen as the next major product category for mobile device makers. On the other hand, Samsung's watches have been poorly reviewed and there aren't any indications that they've been selling very well.

Samsung is still very profitable, but its next challenge is to find a way to differentiate its phones from the competition in order to stop its drastic decline in profits. The best way to do that would be to innovate on the software level, and Tizen was a big opportunity for Samsung. But it seems like it's just another Android clone that will be used in cheap phones.