user data Archives

AppWizard

June 3, 2025

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers

Recent developments in browser technology have raised concerns about user privacy and data tracking by companies like Meta and Yandex. In response, several Android browsers are enhancing user privacy by blocking abusive JavaScript linked to web trackers. DuckDuckGo has implemented measures to block domains and IP addresses associated with trackers, preventing the transmission of identifiers to Meta and restricting access to Yandex Metrica. Following feedback, DuckDuckGo's developers updated their blacklist to include missing addresses. The Brave browser uses extensive blocklists to prevent identifier sharing and blocks requests to localhost without user consent. Vivaldi forwards identifiers to local Android ports by default but allows users to adjust settings to block trackers. Researchers warn that these solutions may not be foolproof and emphasize the ongoing challenge of maintaining effective blocklists. Chrome and most other Chromium-based browsers execute JavaScript as intended by Meta and Yandex, while Firefox has faced challenges with SDP munging and has not yet announced plans to address this behavior.

AppWizard

June 2, 2025

Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands

On May 30, 2025, CERT Polska disclosed three security vulnerabilities affecting preinstalled Android applications on Ulefone and Krüger&Matz smartphones: CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917. - CVE-2024-13915: The com.pri.factorytest application allows any app to invoke the FactoryResetService, enabling unauthorized factory resets due to improper export controls (CWE-926). - CVE-2024-13916: The com.pri.applock application exposes a public method that allows malicious apps to steal the user’s PIN, representing an exposure of sensitive system information (CWE-497). - CVE-2024-13917: The exported activity in com.pri.applock allows privilege escalation by enabling malicious apps to inject intents with system-level privileges if they have access to the compromised PIN (CWE-926). Users of affected devices are advised to seek firmware updates or mitigations from their vendors.

AppWizard

June 2, 2025

Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection

Significant vulnerabilities have been identified in pre-installed applications on Ulefone and Krüger&Matz Android smartphones, disclosed on May 30, 2025. Three vulnerabilities affect these devices, including CVE-2024-13915, which targets the com.pri.factorytest application, allowing unauthorized factory resets. CVE-2024-13916 and CVE-2024-13917 affect the com.pri.applock application on Krüger&Matz smartphones, enabling malicious apps to extract user PIN codes and inject arbitrary intents. These vulnerabilities stem from improper export of Android application components, allowing malicious applications to bypass Android’s permission model. Users are advised to check for updates and consider disabling vulnerable applications.

AppWizard

May 30, 2025

Android 16 beta testers get a look at its Advanced Protection security bastion

Google is rolling out the Advanced Protection feature for Pixel devices enrolled in the Android 16 QPR1 Beta 1 program, which includes browsing safeguards, app protections, and USB transfer restrictions. This feature aims to enhance device security and protect against online threats. The Advanced Protection Program was originally launched for users at risk of data breaches and was expanded last year to include passkeys and a simplified enrollment process. Additionally, an "Intrusion Detection" feature was noted, designed to log user activity for suspicious behavior. The Android 16 QPR1 Beta 1 update was released on May 20, 2025, and introduced a new design language called Material 3 Expressive.

AppWizard

May 30, 2025

Russia unveils national messaging app to reduce reliance on WhatsApp, Telegram

The website www.aa.com.tr uses mandatory cookies that enhance user experience and cannot be disabled through the "Cookie Control Panel." Users can view and adjust cookie preferences. Necessary cookies differentiate between human users and bots, ensuring data integrity and accurate reporting. Functional cookies remember the user's language preferences for better accessibility. Performance and analytical cookies track user engagement and are used by Google Analytics to manage request rates. Advertising and marketing cookies collect consumer behavior insights for targeted marketing strategies, which are sent to Alexa Analytics.

AppWizard

May 29, 2025

Vietnam orders ban on Telegram messaging app over security concerns

Vietnam's telecommunications providers have been instructed to block access to Telegram due to national security concerns and alleged non-compliance with local laws. The Ministry of Information and Communications claims that 70% of Telegram channels in Vietnam are linked to illicit activities, including fraud and drug trafficking. Officials allege that Telegram has failed to remove illegal content and provide user data for investigations. A spokesperson for Telegram stated that the company had responded to legal requests from Vietnam. Vietnam has a history of enforcing strict online content controls, previously threatening to block Facebook and discussing a ban on TikTok. Pavel Durov, the founder of Telegram, was arrested in France earlier this year over allegations related to cybercrime and expressed his commitment to improving the platform's security in light of its rapid user growth to 950 million.

AppWizard

May 28, 2025

Perspective – Why online privacy is vital: Insights from messaging app Signal’s president

Meredith Whittaker, president of Signal, emphasized the need for enhanced personal data protection and criticized major tech companies for their pervasive data collection practices with minimal oversight. She called for structural reforms to regulate user data management and highlighted that a few tech giants dominate data collection without adequate transparency. Whittaker advocated for comprehensive regulations to safeguard user privacy and protect free speech, reflecting growing concerns among consumers and privacy advocates about the balance between technology and individual rights.

AppWizard

May 28, 2025

The best password managers for Android of 2025: Expert tested

Safeguarding personal information like login credentials and credit card details is crucial for Android users, and a password manager is essential for generating and securely storing strong, unique passwords. Bitwarden is highlighted as the best free password manager due to its open-source nature and robust encryption, allowing unlimited credential syncing across devices. It features autofill, secure note storage, a password generator, encrypted sharing, biometric unlock, and passkey support. 1Password is recommended for its user-friendly interface and security features, offering a library of over 20 credential types, autofill capabilities, and a feature called Watchtower for security alerts. It requires a subscription after a 14-day trial. Keeper is noted for its user-friendly onboarding process and enterprise-level security, accommodating various record types and offering features like account recovery and offline access, but it may be less appealing for budget-conscious users. Proton Pass, an open-source option from the creators of Proton VPN and Proton Mail, emphasizes privacy and offers features like password health alerts and hide-my-email aliases, although it currently lacks some functionalities of more established managers. Overall, Bitwarden is the top choice for cost-effective password management, while 1Password is recognized for its user experience.

Tech Optimizer

May 27, 2025

Microsoft oversells Windows 11’s Smart App Control as a “top antivirus solution”

Microsoft's Smart App Control (SAC) is integrated into Windows 11 and requires a clean installation to function optimally. It is designed to enhance security by using artificial intelligence to proactively shield users from threats, working alongside existing antivirus software rather than replacing it. SAC aims to anticipate and block suspicious applications before they can cause harm, minimizing system performance impact by avoiding constant file scanning. However, the effectiveness of SAC and its claims of being a groundbreaking innovation have been questioned, as proactive security measures have existed for years, and modern antivirus solutions offer advanced features beyond basic scanning. Users are advised to consider independent testing platforms for reliable antimalware options.

AppWizard

May 24, 2025

Vietnam acts to block messaging app Telegram

Vietnam's technology ministry has instructed telecommunication service providers to block the messaging app Telegram due to its lack of cooperation in combating criminal activities among users. This directive, issued on May 21, mandates that service providers implement the block and report their actions by June 2. Findings from the cyber-security department indicated that 68% of the 9,600 Telegram channels and groups in Vietnam were violating laws, including serious offenses like fraud, drug trafficking, and suspected terrorism activities. A representative from the ministry confirmed the document's authenticity, citing Telegram's failure to provide user data during criminal investigations. As of the latest update, Telegram remained accessible in Vietnam despite the directive.