security | Windows Central

DeX Effect

Samsung DeX may beat Microsoft's Continuum, but it's still no slam dunk

You there Microsoft?

Is Microsoft listening when it comes to Windows phones?

Expert analysis

Don't miss our uber in-depth Creators Update review

Continuum vs Dex

Samsung 'DeX' is its own Continuum, complete with Microsoft Office

Window(s) to your world

Which version of Windows do you use?

History is the best teacher

Microsoft better not market 'Surface phone' like it marketed Windows phones

950 XL > x3 ?

Is HP's Elite x3 tough enough to overtake the Lumia 950 XL? Not exactly ...

Windows

Leaked Upgrade Advisor app lets you install the Creators Update now

All dem pixels

How many pixels are you pushing when you game on your PC?

Ultimate power

Razer Blade Pro 2017 nabs THX certification and an overclockable CPU

Better safe than sorry

Don't trust the cloud with your data, encrypt it before uploading

Podcast

Windows Central Podcast 42: RTM is here

Make up or break up?

Does Microsoft even care about Windows phone users anymore?

Lightweight powerhouse

Review: Samsung Notebook 9 just might be the best 15-inch Ultrabook

Pour it on

What are your biggest complaints about Windows 10?

Surface Cloud Book instead?

Microsoft may not announce a Surface Book 2 at rumored Spring event

Security Tip

Prevent users from seeing your files by hiding a drive on Windows 10

10 > 8.1

Now's the time for Microsoft to push Windows 10 Mobile to eligible devices

Deal alert

Unlimited calls, text and 10GB of 4G LTE data for $20 per month

Into the fold

Another foldable mobile patent hints at Surface Phone form factor

< >

Shop: Surface Studio | New Surface Book | Xbox One S Bundles | NEW Dell XPS 13"

security

Information security is always one of those topics that is hard to report on, especially with the sheer number of devices available today. The problem lies in what is dangerous, what is bad, or what is no-big-deal. Frankly, opinions vary on the risks and threats involved.

One neat feature in Windows Phone is the ability to select text and hit the Search key. The Windows Phone OS copies the information over to Bing (or Cortana), and it lets you search without having to copy/paste the selection. It is super useful and certainly convenient for speedy searches.

However, there does seem to be one instance where this feature works where it should not: password fields.

More →

Update: A new report in The Intercept claims that Gemalto is drastically downplaying the effects of this attack. In the report, several security researchers came to the conclusion that "the company made sweeping, overly-optimistic statements about the security and stability of Gemalto's networks, and dramatically underplayed the significance of the NSA-GCHQ targeting of the company and its employees."

Original story: Digital security vendor Gemalto revealed its findings today following last week's report of an incursion by the NSA and the GCHQ into the vendor's SIM card encryption keys. While Gemalto noted that an operation by NSA and GCHQ "probably happened" in 2010 and 2011, the intrusion could not have resulted in a "massive theft" of SIM card encryption keys as the breach affected the company's office network and not its secure networks.

More →

According to new documents leaked by Edward Snowden, the NSA and its UK counterpart, Government Communications Headquarters (GCHQ), hacked into the computers of Gemalto, a company that manufactures SIM cards for a large number of carriers around the world. In doing so, the intelligence agencies acquired encryption keys that would allow them to intercept communications from customers of all four major U.S. carriers, along with 450 others around the world.

More →

After having outed a vulnerability in Windows a few weeks ago, Google is at it again. This time a Google security researcher detailed another vulnerability in in both Windows 8.1 and Windows 7. Similar to the exploit that Google previously detailed, this vulnerability could allow a user to impersonate another ID, allowing encryption and decryption of data he or she otherwise wouldn't have access to.

More →
112

Unpatched vulnerability in Windows 8.1 gets published

An unpatched vulnerability in Windows 8.1 has been disclosed on Google Security Research. The issue was subject to a 90-day automatic disclosure policy, meaning the existence of the vulnerability is published after 90 days without a broadly available patch for the issue. The issue allows for privilege elevation in ahcache.sys/NtApphelpCacheControl.

More →
25

T-Mobile quietly upgrades 2G network security

T-Mobile US is quietly upgrading the security of their older 2G network, moving to more advanced encryption that prevents eavedropping. The new, more secure network has already been deployed in at least three locations, New York, Washington, and Boulder, Colorado. The T-Mobile 2G network has previously relied on older A5/1 encryption, with the new security standard known as A5/3.

More →

Pages