Bluebox

Bluebox Heartbleed Scanner

Bluebox
Latest version scans your OS & apps for Heartbleed vulnerabilities!

The Heartbleed vulnerability is a flaw in the OpenSSL library, used for secure communications.
http://heartbleed.com/

Android devices ship with OpenSSL library by default. In addition, many apps will bundle their own copy of the library. The Bluebox Heartbleed Scanner from Bluebox Labs will check all of these copies and let you know if any appear to be vulnerable to the Heartbleed vulnerability.

For more information, please visit the Bluebox Labs writeup available at: https://bluebox.com/blog/technical/heartbleed-bug-impacts-mobile-devices/

Bluebox Security Scanner

Bluebox
The Bluebox "Master key" Security Scanner will scan your device to determine:
- If your system is vulnerable or patched to any of the "master key" security flaws affecting most Android devices (there are multiple 'master key' flaws at this point)
- If your system settings allow 'Untrusted Sources' application installs
- If any installed application on your device is trying to maliciously take advantage of any of the 'master key' security flaws


Further details of the Android "Master key" security flaw are available at:
http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/


NOTICE: the scanner currently cannot check .APKs in the /mnt/asec/ (copy protected apps) directory; this is a security limitation enforced by Android OS. You are told how many were skipped, and given a checkbox (if one or more are skipped) to enable seeing the full list of details if you so choose.

Currently we do not have a reliable way to test for bug 9950697; however, the fix for 9950697 tends to be paired with fix for bug 10148349. So use the patch status of bug 10148349 as an indicator to patch status of bug 9950697.

Bluebox Wifi Cleaner

Bluebox
The Bluebox Wifi Cleaner will remove potentially unused open Wifi network profiles from your device, to protect you from spoofed malicious Wifi access points.

Candidate Wifi networks are auto-selected when you launch the app; you can review the list, then press the "Clean Me" button to remove unused networks. It is safe to remove open networks -- you can easily add them back at a later date by selecting them from the list of available Wifi networks.

Note:
- This app can find certain Wifi profiles that are not displayed under the normal Android settings list
- Some Wifi network profiles are embedded into the vendor firmware and cannot be removed

Bluebox VPN

Bluebox
The Bluebox VPN application requires the use of the Bluebox Security Management Client. This application provides the ability for the Bluebox Security Management Client to support VPN connections.

NOTE: This application does *not* provide any user-interactive activities; it is designed to be exclusively used by the Bluebox Security Management Client in the background.

Bluebox VPN is based on StrongSwan VPN. GPL source code available upon request.

Bluebox Samsung Support

Bluebox
The Bluebox Samsung Support application requires the use of the Bluebox Security Management Client. This application provides the ability for the Bluebox Security Management Client to support Samsung devices.

NOTE: This application does *not* provide any user-interactive activities; it is designed to be exclusively used by the Bluebox Security Management Client in the background.

Bluebox Security

Bluebox
The Bluebox Security app enrolls your device with the Bluebox mobile data security solution. By installing Bluebox, you ensure corporate data remains secure on your mobile device without sacrificing your personal privacy or freedom to use any preferred apps for the ultimate productivity. Finally, security that both the enterprise and employees can embrace.

Notes:
• You need a Google Play account to install the app.
• After install, you also need a valid Bluebox account group ID to enroll with Bluebox. Please contact your administrator.


About Bluebox

Founded in 2012 by a team of security experts, Bluebox Security offers the first mobile data security platform to safeguard corporate data across the device, application, and network. The cloud-based solution provides complete visibility and security of corporate data, while providing employees the freedom, ease of use, and privacy that ensures widespread adoption. Bluebox Security has received a total of $27.5 million in funding from Andreessen Horowitz, Tenaya Capital, Sun Microsystems co-founder, Andreas Bechtolsheim, SV Angel, and Google Board member Ram Shriram. The company is headquartered in San Francisco.

Webpage: http://www.bluebox.com
Twitter: https://twitter.com/BlueboxSec
Facebook: https://www.facebook.com/pages/Bluebox-Security/120767781395545