Google is changing how sideloading works on Android. Starting in 2026, only apps from verified developers will be allowed on certified Android devices. Developers distributing apps outside the Play Store must register through a new Android Developer Console and submit personal details such as name, address, and contact information. Google says this is needed because malware from sideloaded apps is 50 times higher compared to apps installed through the Play Store.

The new system will begin with early sign-ups in October 2025. It will open to all developers in March 2026, followed by enforcement in September 2026 across Brazil, Indonesia, Singapore, and Thailand. These countries are being targeted first due to high scam rates. A global rollout will follow in 2027. Hobbyists and students will have a separate, simplified process, but anonymity will no longer be possible. Devices not certified by Google will not be affected.

Why Google is Doing This

Google says the move is about accountability. By tying apps to verified developer identities, it becomes harder for bad actors to release malicious apps under new names after being banned. The company compares the process to an ID check at an airport. It does not inspect the app’s code but ensures that the person behind it is identifiable.

The policy is also part of a larger industry trend. Apple already requires developer identity checks in the European Union. Regulators and banking groups in the first rollout countries have backed Google’s decision, saying it will reduce scams. Industry experts argue that Android is moving toward a model of tighter security and transparency, in line with other major platforms.

For most Android users, this should result in fewer harmful apps and scams from unregulated sources. Google stresses that sideloading itself remains available, but every developer must be registered.

Online Reaction and Skepticism

Unsurprisingly, reactions online have been divided. Supporters of the change argue it closes a loophole without removing sideloading entirely, since developers can still share apps after registering. Google says the platform remains open, with the addition of an ID check, and many security experts agree this makes sense. Some see it as a fair balance: not a full lock-down like iOS, but an extra layer of protection against widespread third-party malware.

Critics, however, have raised several concerns. Many fear Android is slowly moving toward Apple-style restrictions. Some point out that determined attackers could still bypass the rules by using stolen or newly created verified accounts, meaning independent developers may face more hurdles while scammers find ways around it. Hobbyists in particular feel left out, since one of Android’s long-standing appeals has been the ability to install apps without tying them to a personal identity. Now, many feel that freedom is being reduced. One commentator even warned that this shift could erase Android’s role as a real alternative to Apple’s mobile system, especially for open-source and hobby developers.

Conversations in online forums reflect similar frustrations. Some users joked that if sideloading unofficial apps becomes harder, they might as well switch to iPhones. Others argued that the change only adds red tape for ordinary developers, while determined attackers will still find ways to exploit the system. Privacy advocates also highlighted that requiring personal information goes against the idea of Android as an open platform. Overall, many worry that the solution of identity checks may end up hurting independent creators more than protecting users, while giving Google greater control over the Android ecosystem.

What It Means Going Forward

For regular Android users, the change should mean fewer risks when installing apps from outside the Play Store. For developers, it means going through an identity check before their apps can reach users. The bigger question is whether this move will actually improve security or whether it will mark the start of Android losing the openness that set it apart.

(Sources: Android Developers Blog, Reddit, Fairphone Community, F-Droid, Wilders Security Forums, ResetEra Forum)

The post Google’s Android Sideloading Crackdown: Safety at the Cost of Freedom? appeared first on Gizmochina.

The UK government has secretly ordered Apple to create a backdoor enabling unrestricted access to encrypted iCloud backups worldwide, according to a Washington Post report. Issued under the Investigatory Powers Act 2016 (IPA), or “Snoopers’ Charter,” the demand compels Apple to bypass its Advanced Data Protection (ADP) feature, which uses end-to-end encryption to secure user data such as photos, messages, and device backups. The order, delivered via a “technical capability notice” in January 2025, applies to all users globally, not just UK citizens, and prohibits Apple from disclosing its existence.

Threat to Privacy and Security

ADP, an opt-in service launched in 2022, ensures that even Apple cannot access user data. The UK’s demand would undermine this encryption, creating vulnerabilities that cybersecurity experts warn could be exploited by hackers and authoritarian regimes. Privacy advocates, including Big Brother Watch, condemned the move as an “unprecedented attack” on civil liberties, arguing that backdoors erode trust in digital security and disproportionately harm law-abiding citizens.

Apple’s Dilemma and Potential Response

Apple has historically resisted such demands, citing privacy as a “fundamental human right.” The company may withdraw ADP from the UK market to avoid compliance, but this would not resolve the government’s demand for global access. Under the IPA, Apple cannot delay implementation during an appeal, which must be filed in a secret court. Critics note that the law’s extraterritorial scope allows the UK to target any tech firm operating in its market, regardless of headquarters.

Global Implications

The order risks diplomatic friction, particularly with the EU, which reviews UK data-sharing agreements this year. It also contradicts recent U.S. recommendations advocating stronger encryption to counter cyber threats. While UK officials claim the measure targets national security risks, experts warn criminals will simply migrate to other platforms, leaving ordinary users more exposed.

For more daily updates, please visit our News Section.

Don’t miss a thing! Join our Telegram community for instant updates and grab our free daily newsletter for the best tech stories!

(Source, via)

The post UK Govt Orders Apple to Create Backdoor for Encrypted iCloud Backups appeared first on Gizmochina.

Cyberattacks are increasing with the increasing penetration of the internet across different countries. The attacks not only affect individuals but sometimes pose substantial risks to governments and corporations. Forecasts indicate that the global economic toll from these attacks will increase to 10.5 trillion USD in 2025 from an astounding 8 trillion USD in 2023.

The attacks are significantly increasing and impact several industries. In recent years, we have even seen some countries accuse others of cyber security concerns. In a recent example, China accused the US of having Huawei servers. A new report Cost of Data Breach from IBM reveals average losses reaching $4.45 million per attack in recent years. The cyber attacks were estimated at $8 trillion in 2023, and they could reach 9.5 trillion in 2024. Apart from business disruptions, cyberattacks contribute the most to crippling businesses across the globe, as per a survey by Statista.

Well, the losses are going to escalate in the coming years. According to Statista and Cybersecurity Ventures predictions, the losses due to cybersecurity thefts are going to increase to $10.5 trillion in 2025. Further, it will increase to $11.3 trillion in 2026 and 12.4 trillion in 2027. However, these numbers are projected considering the current scenario; however, these may change as AI inclusion will further increase the losses.

Cyber Attack Details Across Different Industries

Precisely, the healthcare industry suffered a loss of around $10.93 million in 2023. Sensitive information in the healthcare sector, such as personal information, Social Security numbers, and other details, attracts the culprits. It leads to identity theft, insurance fraud, and even extortion in rare cases.

Meanwhile, the manufacturing industry accounted for 30% of attacks in the last year. The industry’s inability to cope with any downtime that halts production often leads to companies paying the ransom. A chipset manufacturer, TSMC, confirmed a cybersecurity incident and data breach where the culprit demanded a ransom of $70 Million.

The IT sector itself is a major target due to being the backbone of digital work across different sectors. It even has a major impact on other services, which is another reason that cybercriminals often target IT companies.

Apart from the industries, high-profile individuals are often the last of the cybercriminals. The list includes prominent politicians, industrialists, and other influential figures.

Understanding the impact of cyber attacks on various industries

The landscape of cyber threats is indeed evolving rapidly, with data breaches, ransomware, social engineering, supply chain attacks, and AI-generated threats posing significant risks to businesses and individuals alike.

In 2023, IBM research shows that the average cost of data breaches globally has surged, reaching 4.45 million USD, with the United States bearing the highest average cost in 2023. The severity of data breaches is evident from incidents like those affecting Real Estate Wealth Network, Comcast Cable Communications, Delta Dental of California, and Integris Health, which compromised billions of records containing personal information.

However, the Middle East is trailing the US with a loss of $8.07 million and then Canada with a $5.13 million data breach. The rest of the list includes Germany, Japan, the United Kingdom, France, Italy, Latin America, South Korea, and others.

Different Attacks That Cripple Industries

For a deeper dive into the evolving cyber threat landscape, including the types of attacks, their impacts, and strategies for protection, read on:

Phishing: Cybercriminals impersonate legitimate organizations to steal sensitive information via email, text, or other channels, targeting human error rather than system vulnerabilities.

Ransomware: Malicious software encrypts files until a ransom is paid, with global attacks surging by 55% in 2023, affecting 4,368 cases.

DDoS Attacks: Overwhelming online services with traffic from multiple sources, DDoS attacks disrupt operations and lead to revenue loss.

Malware: Harmful software infiltrates systems, allowing unauthorized access and espionage, with Trojans comprising 58% of all malware.

Data Extortion: Cybercriminals steal sensitive data and demand ransom, posing threats of public exposure or sale of stolen data.

Man-in-the-Middle Attacks (MitM): Intercepting and possibly altering communication between two parties, MitM attacks lead to theft of personal and financial information.

The projected increase in the cost of cyber attacks underscores the urgency of addressing cybersecurity vulnerabilities and implementing robust defense mechanisms. Both businesses and individuals must prioritize cybersecurity efforts to mitigate risks and minimize the impact of cyber threats.

There’s a dire need to invest in cybersecurity infrastructure and legislation to combat cyber threats. In a rapidly evolving digital landscape, proactive measures are critical to safeguarding against cyber attacks and mitigating their potentially devastating impacts.

Related:

• Microsoft’s Cyber Secrets at Risk, The Strontium Cyber Threat Unmasked
• Massive leak reveals more about Insomniac’s Wolverine game
• Get $100 Off on Vivo X100 Pro at Giztop
• Get the Realme GT5 Pro phone on Giztop for $599
• Best Smartphones Awards 2023
• Best VR / AR Headsets of 2023

Via

The post The Rising Toll of Cyber Attacks in 2024 and Beyond appeared first on Gizmochina.

Google has just unveiled a new security feature that arrives in the form of new alerts. These alerts are designed to function as security alerts that notify the user if a hacker has broken into their account.

Earlier this week, the company debuted the new redesign of its “critical alert” notification, which is said to be impossible for hackers to spoof. Previously, users would only receive a mail regarding certain suspicious behavior, but now, a notification will be displayed via the Google app itself to alert one of a possible hacker breaking into your account. After receiving this notification, users can choose to lock down access to the account and even remove the hacker.

Editor’s Pick: Huawei Mate X2 handled in leaked picture showing a similar design to the Mate Xs

Rahul Roy-Chowdhury, Google Vice President stated that “when we detect a serious Google Account security issue, we’ll automatically display an alert within the Google app you’re using and help you address it —no need to check email or your phone’s alerts. The new alerts are resistant to spoofing, so you can always be sure they’re coming from us. We’ll begin a limited roll out in the coming weeks and plan to expand more broadly early next year.”

According to a PCMag report, the new alerts feature will first debut for iOS users, with the new redesigns building on top of Google’s current safeguards and security measures. These alert would utilize the Android push notification system as well, to promptly notify the users of the potential breach in their account. The email based alerts will still remain active alongside the new push notifications.

UP NEXT: Huawei smartphones powered by Kirin chipset see price increase in second hand market

The post Google unveils new alert feature that notifies if your account has been hacked appeared first on Gizmochina.

According to a new report, researchers have found a new method to steal data from computers that are not connected to any external system or other computers. They achieved this by mapping the brightness of the LCD monitor.

The method utilizes a previously compromised computer to relay changes in the LCD’s RBG color values through a camera. The changes are imperceptible, meaning its almost impossible to map it with the naked eye, thus it requires a camera equipped device. Theoretically speaking, one can also trick someone into loading malware on their computer through a USB drive and use nearby security cameras, that have been hacked, to relay the relevant data.

Editor’s Pick: Samsung Galaxy Z Flip gets a special cavier Joker & Harley Quinn edition even before launch

In other words, all of this sounds like a technique out of science fiction or a hacking scene in a movie, but it is now also a method of extracting data out of one’s system. However, don’t worry too soon, as it is not yet possible for hackers to simply gain access to your computer’s important credentials and sensitive data through brightness alone.

A data thief would have to go through many loops like gaining access to a camera that is pointed towards the target computer for it to be possible. As it stands right now, the technique will supposedly more helpful to intelligence agencies and other such organizations rather than a hacker keeping track of your PC monitor. Although the development does give rise to a new avenue of hacking altogether, even between air-gapped computers that are completely isolated.

UP NEXT: Apple patents a Next Gen Apple Watch with Touch ID fingerprint scanner support

(Via)

The post Researchers can track PC Monitor’s brightness to Steal User Data appeared first on Gizmochina.

In recent times, many developers and publishers ranging from online service providers to even gaming studios have started offering two-factor authentication. And what they all stated and everyone is led to believe is that it makes one’s account, system, smartphone, etc, more secure. However, it seems like that is not the case.

According to a new report, a Chinese hacker group called APT20 has managed to bypass the commonly used security methods without settings off any alarms. In other words, the group has circumvented the means for two-factor authentication which makes the security method vulnerable.

Reportedly, APT20 used what Fox-IT has labeled “Operation Wocao” to achieve this feat. Previously, the group managed to hack web servers but have now shifted focus. APT20 used an RSA SecurID software which was stolen from a hacked account to circumvent through the two-factor verification methods. In simpler terms, the group used a stolen and modified key from a hacked account to make their hack seem valid to the security systems.

Editor’s Pick: WhatsApp to add disappearing messages feature for group chats

Through this method, APT20 also managed to fool other systems to show valid results. Since two-factor authentication relies on different systems, it means that if the group manages to hack one side, then they can manage to make the other system agree to its modified key as well. Thus, allowing them to either steal or not need a key in the first place.

As of right now, no solution for the latest exploit is currently available. But, it does not mean that the system is completely flawed and insecure. The report also details various methods through which the dual verification process can be made more independent and less reliant on one another.

Notably, Chinese citizens are at higher risks apparently due to the group being allegedly linked to the Chinese Government. It seems more plausible now as the group is actively targetting VPN systems. A VPN is basically used to access outside data or websites that the nation censors or doesn’t allow its people to access freely.

UP NEXT: Huawei denies WSJ allegations of receiving $75 billion in state support

(Source)

The post Chinese Hacker group circumvents Two-Factor Authentication security methods appeared first on Gizmochina.

According to a new rule, any Chinese citizen registering for a new SIM card must submit facial recognition scans starting this Sunday. So for those that wish to register their new smartphones with their telecom operators in China, must now send facial scans from their devices to the said operator.

The guidelines were initial issued in September and require telecom companies to check the identities of individuals registering SIM cards through facial recognition and other technical methods. Notably, physical stores of the telecom operators had until 1st December to begin implementing the new standards in China.

The ministry of industry and information of China has described the new measures as a means to “protect the legitimate rights and interest of citizens in cyberspace.” But, this also makes the Chinese smartphone and internet users much easier to track and identify. At present, Chinese citizens already need to provide identity cards or passports to register a new SIM card. Furthermore, numerous social media platforms also require users to sign up with their “real-name-identities” via their phone numbers.

Editor’s Pick: Samsung to set up a new Chip Plant in Vietnam?

The new rule has already started raising security and privacy concerns as it employs in a wide field ranging from middle schools, concert venues to even public transport. Additionally, general unrest has plagued the public in regard to this decision due to the uncertainty of its regulations and standards; with lawsuits against the measure already surfacing.

The ministry has said the rule will protect citizens from phone scams and prevent the reselling of SIM cards as part of cybersecurity and anti-terrorism campaigns in China. However, human rights advocates described the new rule as another step towards a “dystopian surveillance state” where citizens are constantly monitored for dissent or signs of unrest.

UP NEXT: BOE AMOLED production to rise by 200% reaching 70 million units in 2020

(Via)

The post China now requires smartphone users to provide facial data to the Government appeared first on Gizmochina.

At a time when most countries are concerned about security aspect related to Huawei’s products, the company’s founder Ren Zhengfei has sent a letter to all its employees talking about security and credibility and focusing on cyber-security and privacy protection.

The letter is titled “To Improve Software Engineering Capabilities and Practices, and Create Credible High-Quality Products.” In the letter, he says that the company is at a new starting point when it comes to cloud computing, AI, Software definition and other development trends.

He says that the company’s credibility will be an important factor for customers when they decide to buy and accept Huawei products and trust the brand. He added that credibility is not only a high-quality result of the external performance of the product but also a high-quality process inherent in the product.

Apart from that, he also talks about improving software engineering capabilities and practices in order to create credible and high-quality products. For this, Ren Zhengfei says that the company’s board has decided carried out the improvements in a revolutionary manner.

Huawei’s chairman Xu Zhijun has promised an initial investment of around $2 billion, which the company will be using over the course of five years in the field of ICT Infrastructure. As it is clear, the company is aiming to build credible and high-quality products. It says that Huawei’s mission is to bring the digital world to everyone, every family and every organization. To read the full letter, go to the source link.

In the year 2018, Huawei has seen both — growth as well as resistance. While the company surpassed $100 billion in revenue for the first time and crossed its goal of 200 million smartphone shipments, it is also facing strong criticism and legal hurdles in the west.

Read More: Huawei, Xiaomi, OPPO, and Vivo are expected to maintain a lead in the Chinese market in 2019

Last week, it was reported that the USA is considering to ban American wireless carriers from procuring equipment from the Chinese companies, a big blow to both Huawei and ZTE, which are the two largest producers of Telecom equipment. Huawei is also among the leading players when it comes to 5G technology.

(Source)

The post Huawei will focus on Cyber Security and Privacy Protection in 2019: Founder appeared first on Gizmochina.