An unusual instance of a cloned banking app has been spotted on Google Play by Lookout researchers: the app steals only the users' ID, and leaves alone the password.
Google has announced another OpenSSL fork. Dubbed BoringSSL, it will, in time, replace the OpenSSL library in various Google's projects.
A team of researchers from Columbia University has downloaded and decompiled over 880,000 applications found on Google Play, and has discovered - among other things - that app developers often embed their secret authentication keys in the apps, which can lead to attackers stealing server resources or user data available through services such as Amazon Web Services or Facebook.
A successful legal challenge has forced the UK’s top counter-terrorism official to reveal the (until now) secret government policy that allows the GCHQ to intercept British residents' emails, text messages, and communications sent via Facebook and other social networking sites and webmail services, as well as web searches made via Google - all without needing a warrant.
Google has announced the newest version of the Chrome Apps & Extensions Developer Tool, which helps developers debug apps and extensions, and power users to see which extensions ask for broad permissions that allow them to access sensitive data such as browser cookies or history.