Lance Whitney/ZDNETGoogle today uses Play Protect to scan your Android device for malicious or suspicious apps, but nasty and clever apps can still sneak past and infect your device with malware or spyware. Now, a new option possibly coming to Android 15 or a future version of the OS will try to quarantine potentially hostile apps.Spotted and tested by Android Authority writer Mishaal Rahman, the app quarantining feature first popped up in Android 14 QPR2 Beta 1 in November 2023. This suggests that Google started testing the feature in an Android 14 beta with potential plans to roll it out in Android 15 or beyond.Unfortunately, Google has pulled the developer page for “Quarantined Apps,” according to Rahman. While the setting that would support app quarantining at the OS level still exists, there’s not even a command line option to quarantine an app. Furthermore, neither the Google Play Store nor Google Play Services apps request any type of permissions for app quarantining.Also: The top six Android 15 features I’m most excited aboutAs such, Rahman speculates that the feature may not appear in Android 15, but a future release instead. Regardless of the timing, here’s how the feature would work, based on Rahman’s early testing.Quarantining an app would be similar to suspending it, which is how Google’s Digital Wellbeing tool prevents you from using an app as a way to avoid distractions. A quarantined app would still be visible on the home screen launcher and in the Settings screen on your Android device, but certain aspects or features would be disabled. More

Image: Sebastian Herrmann

Security and phishing awareness programs wear off in time, and employees need to be re-trained after around six months, according to a paper presented at the USENIX SOUPS security conference last month.
The purpose of the paper was to analyze the effectiveness of phishing training in time.
Also: Phishing campaigns, from first to last victim, take 21h on average 
Taking advantage of the fact that organizations in the German public administration sector must go through mandatory phishing awareness training programs, academics from several German universities surveyed 409 of 2,200 employees of the State Office for Geoinformation and State Survey (SOGSS).
Researchers tested the effectiveness of the phishing training over time, with periodic tests at regular intervals, to determine when SOGSS employees would lose their ability to detect phishing emails.
Employees were split into multiple groups and tested four, six, eight, ten, and twelve months, respectively, after receiving an on-site phishing training course.
The research team found that while the survey takers were able to correctly identify phishing emails even after four months following the initial training, this was not the case after six months and beyond, with a new training being recommended.
Video and interactive training works best
Researchers also developed their own “reminders” in order to “replenish the employees’ phishing awareness and knowledge,” which they used to re-train employees after taking their survey, and again six and twelve months later.
“We developed four different ones,” academics said.
“Four reminder measures were distributed to four groups (one per group): (a) text, (b) video measure, (c) interactive examples, and (d) a short text.
“Twelve months after the tutorial, we compared the knowledge retention of the four reminder groups […]. Among the four reminder measures, the video measure and the interactive examples measure performed best, with their impact lasting at least six months after being rolled-out.”
Academics concluded that while training employees in detecting phishing emails might help organizations fend off some attacks, this training needs to be cyclical, with training sessions repeated, optimally every six months and using interactive or video training measures.
Additional details about the research team’s work can be found in a paper named “An investigation of phishing awareness and education over time: When and how to best remind users” [PDF here or here]. More

rob dobi/Getty Images A widespread “smishing scam” is targeting people for their personal information under the guise of unpaid tolls. In recent months, the American public has been hit with waves of texts claiming they owe unpaid tolls or E-ZPass bills. The FBI’s Internet Crime Complaint Center has logged more than 60,000 reports of the […] More

From a consumer perspective, not much. Yes, it’s easier to pick a menu item than swap those fiddly little nano-SIM cards, but that’s about it. SIMlessness isn’t really a feature that will sell iPhones.From Apple’s perspective, had they only one variant, you could say that it was simplifying the circuit. But since Apple appears to be supporting some SIM-free phones, some with SIM and eSIM, and dual SIM in China, that simplification benefit isn’t there.From the perspective of major carriers, it somewhat herds users into the premium carrier club, preventing iPhone 14 users in the US from using cheap seat carriers like Ting.From the perspective of law enforcement, iPhones 14s will be easier to trace back to their owners, but all of the other legendary iPhone privacy features remain intact.So there you go. Are you concerned about losing physical SIM cards? Do you travel? Will using your iPhone 14 in China be an issue for you? Let us know in the comments below. More

The Australian House of Representatives has agreed to the country’s new Online Safety Act that would hand the eSafety Commissioner powers to order the removal of material that seriously harms adults and hold platforms accountable to a set of yet to be determined basic online safety expectations.During a debate on the Bill on Tuesday, the federal opposition agreed with testimony from tech companies and civil liberties groups that the legislation was “rushed”.”We are concerned about a number of aspects of these Bills … firstly, there is the government’s delay and mismanagement of the process of getting a Bill for a new Online Safety Act before the Parliament here today, which has substantive consequences,” Shadow Assistant Minister for Cyber Security Tim Watts said.”Secondly, there is the government’s inability, after all of this time, to address key stakeholder concerns about serious, important, and legitimate issues enlivened by these Bills.”Labor, however, offered overall support for the Bill, with Watts highlighting his party is expecting “further changes” to address their concerns.”The safety of Australians online is of real importance, and Labor will work with the government to iron out these concerns in these Bills in time for the debate on this Bill in the Senate,” he said. “But, in the meantime, Labor will not oppose these Bills in the House of Representatives, and we will support passage through this place on the understanding that government amendments will be forthcoming.

“We have been in good-faith conversations with the government, and we expect those good-faith conversations to result in further changes.”The Online Safety Bill 2021 contains six key priority areas: A cyberbullying scheme to remove material that is harmful to children; an adult cyber abuse scheme to remove material that seriously harms adults; an image-based abuse scheme to remove intimate images that have been shared without consent; basic online safety expectations for the eSafety Commissioner to hold services accountable; an online content scheme for the removal of “harmful” material through take-down powers; and an abhorrent violent material blocking scheme to block websites hosting abhorrent violent material. Waved through simultaneously, the Online Safety (Transitional Provisions and Consequential Amendments) Bill 2021, meanwhile, repeals the Enhancing Online Safety Act 2015 upon commencement of the new Online Safety ActThe Australian Greens said it opposed the Bill because it believed the legislation was poorly drafted and could lead to widespread, unintended consequences. Among other things, the party said it was concerned that people opposed to sex work, pornography, and sexual health for LGBTIQ+ people could abuse the complaints process to seek to have lawful online adult content removed. “If we had some basic digital rights enshrined in this country, then you could have a sensible debate about things like what the government is proposing, because people would know that their rights were protected,” Greens leader Adam Bandt said. “But at the moment we can’t know that. “Why does the government want to go beyond the stated intent and name of the Bill and start regulating, in an unacceptable way, what adults are able to do online? It is part of creeping moves to exercise greater power over our freedoms and responsibilities, and that’s why in its current form, unless it’s withdrawn and redrafted, the Bill cannot be supported.”  Over in the Senate, Liberal Senator Alex Antic has failed to have his motion to stand up a Select Committee on Big Tech Influence in Australia passed, with a 32-32 vote.The committee proposed by Antic would have been charged with inquiring into, and reporting on, activity by major international and domestic technology companies.Specifically, the senator wanted the committee to look into big tech’s management of disinformation, misinformation, and malinformation, including “shadow banning”, “de-platforming”, “no platforming”, and “demonetisation”; fake accounts and bots that engage in online campaigns; terms of service of their platforms, including user privacy settings and use of user data by the companies and third parties; and the extent of compliance with Australian laws.Labor Senator Katy Gallagher said the opposition was not in support of the committee due to the government’s own declaration that there are already too many select committees. Similarly, the Australian Greens withheld its support.”There is no doubt that we do need an inquiry into the influence of big tech in this country, particularly its impact on our democracy and our media and the way that big tech has allowed for the proliferation of far-right extremism on digital platforms in Australia,” Greens deputy leader Senator Nick McKim said.”However, this motion contains language which concerns the Greens. It is language which is used overwhelmingly by the far right, including terms like shadowbanning and deplatforming. While we won’t be supporting this motion today, we do remain open minded and of the view that we need to have a look at some of the impacts of the big tech sector.”MORE ON THE ONLINE SAFETY BILL More