Security

Get flash to fully experience Pearltrees

Today in my undergraduate security class , we set up a sniffer so we could run Wireshark and Mallory to listen in on my Android smartphone. This blog piece summarizes what we found. Google properly encrypts traffic to Gmail and Google Voice, but they don’t encrypt traffic to Google Calendar. An eavesdropper can definitely see your calendar transactions and can likely impersonate you to Google Calendar. Twitter does everything in the clear, but then your tweets generally go out for all the world to see, so there isn’t really a privacy concern. Twitter uses OAuth signatures , which appear to make it difficult for a third party to create forged tweets.

https://freedom-to-tinker.com/blog/dwallach/things-overheard-wifi-my-android-smartphone/

Things overheard on the WiFi from my Android smartphone | Freedom to Tinker

Weird

Advanced sign-in security for your Google account

Google rolling out two-step account security using your Android phone | Android Central

You can never care about your personal information security too much, and Google's rolling out a cool new feature to keep your stuff safe. It'll work in conjunction with your phone. You'll still have your usual password. But as an added layer of security, you can opt to have a second checkpoint that will send you a verification code, either through the Google Authenticator app (for Android, BlackBerry or iPhone), or by SMS or even a phone call. You can have it remember the verification for 30 days if you wish.

http://www.androidcentral.com/google-rolling-out-two-step-account-security-using-your-android-phone