digital signatures

AppWizard
July 1, 2026
Google is introducing a new utility app named “Signatures” for Android users, starting to appear on Pixel devices and select Android smartphones with the June 2026 Play system update. The app is operational on devices like the Google Pixel 10 and Samsung Galaxy Z Fold 7, but not on the Oppo Find X9 Ultra, despite the same update. The app serves as a repository for users' digital signatures, which can be drawn, typed, or scanned. Its integration with other applications remains uncertain, and it can only be accessed by manually launching its components. The app is designated as (com.google.android.signature), version “17,” and is compatible with Android 12 and newer versions. It is not available through the Play Store and is distributed exclusively via Play System Updates.
AppWizard
June 21, 2026
Obtainium is a free and open-source sideload manager designed to simplify the updating process for sideloaded Android applications. Users can add their sideloaded apps to Obtainium’s tracking list after a one-time setup, allowing the app to monitor these sources for updates in the background. Obtainium supports various sources, including GitHub, GitLab, F-Droid, APKMirror, and Uptodown. The app checks for updates every six hours and can either download and install updates automatically or notify the user. Setting up Obtainium involves downloading the APK, adding app source URLs, and ensuring the correct source is used for each app. However, it has limitations, such as relying on HTML scraping for websites without an API and potential API rate limits for GitHub apps. Additionally, Obtainium may have read-only access to certain sites, requiring users to manually update apps in some cases.
Winsage
June 4, 2026
Active Directory Certificate Services (ADCS) now supports the generation of post-quantum certificates, enhancing quantum-safe cryptography within Windows' secure connection protocols. Microsoft has integrated PQ TLS hybrid key exchange into the Windows Transport Layer Security (TLS) stack, providing protection against "Harvest Now, Decrypt Later" attacks. The PQ TLS hybrid key exchange combines traditional cryptographic methods with the NIST ML-KEM algorithm, offering three hybrid combinations: X25519MLKEM768, SecP256r1MLKEM768, and SecP384r1_MLKEM1024. This feature is available in preview via the Windows Insider Program and will be rolled out to Windows 11 and Windows Server. Additionally, Windows cryptography APIs now support composite ML-KEM and ML-DSA algorithms, which are NIST-approved standards for key exchange and digital signatures, enhancing security by requiring multiple components to be compromised. Microsoft emphasizes the importance of establishing new Certification Authorities (CAs) for implementing post-quantum certificate issuance, as existing CAs cannot be upgraded. The introduction of ML-DSA support within ADCS allows organizations to counter HNDL risks associated with long-lived data. Organizations are encouraged to inventory their use of public-key cryptography, prioritize systems protecting sensitive data, and test hybrid and composite approaches in non-production environments to facilitate a smooth transition to quantum-safe cryptography.
Winsage
May 24, 2026
Windows Secure Boot is a feature of the Unified Extensible Firmware Interface (UEFI) specification that enhances system security by ensuring only trusted software is loaded during the startup sequence. It verifies the digital signatures of boot components to protect against malicious software and unauthorized access. Key aspects include enhanced security by preventing untrusted code execution, compatibility with various hardware and software configurations, and user control over Secure Boot settings for customization.
Winsage
May 10, 2026
Between May 6 and May 7, 2026, the official JDownloader website was compromised in a supply chain attack, leading to the distribution of malicious installers for Windows and Linux users. Attackers altered download links, redirecting users to harmful files, specifically targeting the Windows “Alternative Installer” and the Linux shell installer. A Reddit user reported the issue after Microsoft Defender flagged the installers as malicious, noting unusual developer names instead of the expected publisher, AppWork GmbH. JDownloader developers confirmed the breach and temporarily took down the website for investigation, revealing that an unpatched vulnerability in the content management system allowed the attackers to modify download pages. The genuine installer packages were not altered, and the malicious links were removed. The website was restored on May 8–9, 2026, with verified clean installer links. Indicators of compromise included specific hashes and compromised URLs related to the attack.
AppWizard
May 6, 2026
Supply chain attacks targeting mobile software have increased due to the reliance on smartphones for essential functions. In response, Google has launched an enhanced Binary Transparency program for Android, which includes a public ledger that records cryptographic entries for production applications. This program initially covers two software layers: Google Applications and Mainline Modules. For Pixel device owners, it complements the Pixel System Image Transparency feature introduced in 2023, allowing users to verify the authenticity of system images and Google applications. The program aims to address the gap in software trust by distinguishing between digital signatures, which confirm the identity of the binary's creator, and binary transparency, which indicates the intent for public release. If a Google-signed application released after May 1, 2026, is not listed in the ledger, it means Google did not authorize it as production software. Verification tools are available on GitHub for assessing software against the ledger. Google employs "defense-in-depth" protocols to mitigate insider risks, ensuring that no single individual can publish a binary without triggering cryptographic verification. The ledger acts as a public record to deter unauthorized modifications. Google is also working to extend Binary Transparency to third-party developers to enhance the security of the global software supply chain.
AppWizard
May 4, 2026
Google is expanding its Binary Transparency initiative, originally focused on verifying Pixel firmware, to include its Android applications and Mainline updates. This initiative aims to enhance user trust by providing a publicly auditable record of all official app and Mainline updates, ensuring that only certified Google-approved releases are documented. The updated system began implementation in May, allowing users to track every officially published Google Android app and Mainline module.
Winsage
May 1, 2026
Microsoft resolved an issue affecting the display of security warnings when opening Remote Desktop (.rdp) files across all supported Windows versions, including Windows 11, Windows 10, and Windows Server. This problem was particularly evident on devices with multiple monitors having different display scaling settings. The fix was included in the optional KB5083631 preview cumulative update for Windows 11. The issue arose after the installation of the April 2026 security update, which introduced security warnings to enhance protection against phishing attacks. Users reported misalignment and obscured buttons in the security dialog, making it difficult to interact with. Additionally, the April security updates caused issues with third-party backup applications on Windows 11 systems and led to restart loops and failures during update installations on Windows Server.
Search