or Connect
AppleInsider › Forums › Mobile › iPhone › Mobile malware exploding, but only for Android
New Posts  All Forums:Forum Nav:

Mobile malware exploding, but only for Android - Page 2

post #41 of 123
Quote:
Originally Posted by os2baba View Post

Don't get me wrong. There are plenty of real dangers. But it's really not that difficult to prevent getting a single malware on your phone. And as far as iOS apps are concerned. How do you know they are safe? The reason that malware is discovered on Android is precisely because the OS is open.

A while ago, the Camera+ app which used the Volume buttons for taking snaps was rejected from the AppStore *after* it was approved. How did it get the hidden feature through the approval process? It was discovered and rejected because it violated AppStore policies. How do you know how much malware has made through and not been discovered?

Charlie Miller snuck in a prototype malware program into the App Store. Apple did not discover it until he publicly announced it and got the app rejected. How do you know hoe much malware there really is floating around in the App Store?

Give me the choice of checking the permissions any day. I let Google's Bouncer do the grunt work, but still search myself. Likewise Apple may well be getting *most* of the malware out, but if something slips through, there is no second line of defense.

 

So your argument is: Android's 136 threats must be less than iOS's ___ threats, because we don't know what ___ equals, despite F-Secure saying it was zero? So to "prove" F-Secure is wrong about iOS having zero threats, you use the Camera+ app as an example of "how much malware has made it through and not been discovered." LOL. Camera+ is not malware. It was pulled for violating Apple's Human Interface Guidelines. F-Secure would not classify that as malware, trojan, or PUA. And yet you do as part of your FUD campaign against iOS? Why don't you count ALL of the iOS apps that have been rejected for violating Apple's HIG rules as evidence of malware on iOS? That might add up to a high number, LOL.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #42 of 123
Nice post SFLOCAL! I set up two XP Pro (SP3) machines for the office a couple of years ago (Windas coz of a small budget and the workers only knew MS shite), and tried to run them without AV software for a couple of weeks as a experiment to see (as a curious Mac user) how they stood up: was XP really that vulnerable? Both hopelessly infected via the browser in three days of occasional use on the internet! Reinstalled with Kaspersky and worked OK for a few months but then got slower and slower. What a farce!
post #43 of 123
Quote:
Originally Posted by Suddenly Newton View Post

 

So your argument is: Android's 136 threats must be less than iOS's ___ threats, because we don't know what ___ equals, despite F-Secure saying it was zero? So to "prove" F-Secure is wrong about iOS having zero threats, you use the Camera+ app as an example of "how much malware has made it through and not been discovered." LOL. Camera+ is not malware. It was pulled for violating Apple's Human Interface Guidelines. F-Secure would not classify that as malware, trojan, or PUA. And yet you do as part of your FUD campaign against iOS? Why don't you count ALL of the iOS apps that have been rejected for violating Apple's HIG rules as evidence of malware on iOS? That might add up to a high number, LOL.

 

I don't think you got what I was trying to say about the Camera+ app or Charlie Miller's apps. Not that they were real malware. In fact Camera+ actually was very useful. What I'm saying is that those two apps made through the App approval process without Apple realizing the first one had the hidden feature and the second one was a malware prototype. Both were discovered after the fact due to publicity. You have no way of knowing how many real malware apps are in the App Store that are obviously not going to be public about their behavior. What you have is a false sense of security. Here's a malware that affects Windows iTunes in an iOS app. http://reviews.cnet.com/8301-13727_7-57478793-263/windows-malware-slips-into-apples-ios-app-store/ And do you think this is not malware? http://arstechnica.com/apple/2011/11/safari-charlie-discovers-security-flaw-in-ios-gets-booted-from-dev-program/
post #44 of 123
Quote:
Originally Posted by VL-Tone View Post

Sideloading enables those who know about it to do "cool things" that others can't do on their phone. 

 

Which leads to bragging and explaining to friends how to do it, who then show it to other friends etc.

 

At the end of the day, a lot of Android users end up side loading apps because someone told them to. And a lot of them don't have the knowledge to be able to discern what is a so-called "trusted source".

 

Jailbraking enables those who know about it to do "cool things" that others can't do on their phone. 

 

Which leads to bragging and explaining to friends how to do it, who then show it to other friends etc.

 

At the end of the day, a lot of iOS users end up side loading apps because someone told them to. And a lot of them don't have the knowledge to be able to discern what is a so-called "trusted source".

post #45 of 123
Originally Posted by dasanman69 View Post
Not entirely true. The apps I have sideloaded were recommended on XDA, and various other sites. Side loading by default is off and many devices do not allow the user to change it, and the vast majority of users don't even know how to do it or are unaware that they can.
Originally Posted by KDarling View Post
1) Newbies cannot accidentally sideload an app.  They have to first go find and purposely turn on "Load from unknown sources" and on some phones, also turn off "Disallow or warn before installation of apps that may cause harm."

 

I suffered the mercifully brief misfortune of owning a Samsung Galaxy Y phone.

Samsung's own in-house apps prompted the user to enable "Load from unknown sources" to allow further updates of its own software to be installed.

 

The Galaxy Y runs Android 2.3 gingerbread and can't be updated to Android Jelly Bean, so it's wide open to security flaws that have since been patched.

I replaced it with a Xperia tipo running android 4.0.4.   It was released by Sony in early 2012 but can't be officially upgraded to 4.2.1!

Yet the iPhone 3GS I bought in 2009 has been updated to the current iOS 6.1.

 

OS improvements include security updates, the large proportion of Android handsets which can't be patched remain potentially vulnerable.

post #46 of 123
Quote:
Originally Posted by Suddenly Newton View Post

 

So your argument is: Android's 136 threats must be less than iOS's ___ threats, because we don't know what ___ equals, despite F-Secure saying it was zero?

 

It's weird. The last time a security firm issued an alert for OS X, the general theme here was that they were blowing it out of proportion. That they were only interested in selling AV software to Mac users. And over half a million Macs got infected. But anytime malware on Android gets mentioned, it's, "Aha, see Android is a virus ridden piece of sh-t!!!" What reason does F-Secure have to really look for malware on iOS since they KNOW they aren't going to allowed to sell any form of AV software for iOS? If trying to sell their software negates their warnings for OS X, why doesn't it affect any opinions on Android malware?

 

And as someone tried to point out, it DOES matter both where these Android viruses are coming from and where they are targeted. As someone living in the US, why would I be concerned with malware showing up on 3rd party app stores in China or India? Similarly, how many apps have been found that actually contain these malware vectors? One per type? Twenty? These things matter when you're going to start making claims that Android is more or less secure than iOS.

post #47 of 123
Quote:
Originally Posted by KDarling View Post

Oh for goodness' sake.

1) Newbies cannot accidentally sideload an app.  They have to first go find and purposely turn on "Load from unknown sources" and on some phones, also turn off "Disallow or warn before installation of apps that may cause harm."

2) Look at the list of threats.  Almost all affect a small, targeted group that sideload an app in China or India, etc.  They include sideloaded apps aimed at Tibetan human rights activists, and my favorite,  "A fake "job offer" Android app in India informs that the user is being considered for a position at TATA Group, an Indian multinational company. To arrange the interview, the app asks for a refundable security deposit."    

Sorry, but if you're that gullible, it doesn't matter if the "threat" came from an app or a website or an email.

What about this? Is this a side load?

"As Sean Sullivan, Security Advisor at F-Secure Labs stated in the report, ?I?ll put it this way: Until now, I haven?t worried about my mother with her Android because she?s not into apps. Now I have reason to worry because with cases like Stels, Android malware is also being distributed via spam, and my mother checks her email from her phone.?

Stels, an Android trojan delivered via fake U.S. Internal Revenue Service-themed emails, uses "an Android crimeware kit to steal sensitive information from the device," and also makes calls to premium numbers. Sullivan said the new threat ?could be a game changer.?"

Tell me how your grandmother will be smart enough to avoid this stench. And then tell me how much of your brain is dedicated to safe computing.
post #48 of 123
Quote:
Originally Posted by pk22901 View Post

What about this? Is this a side load?

"As Sean Sullivan, Security Advisor at F-Secure Labs stated in the report, ?I?ll put it this way: Until now, I haven?t worried about my mother with her Android because she?s not into apps. Now I have reason to worry because with cases like Stels, Android malware is also being distributed via spam, and my mother checks her email from her phone.?

Stels, an Android trojan delivered via fake U.S. Internal Revenue Service-themed emails, uses "an Android crimeware kit to steal sensitive information from the device," and also makes calls to premium numbers. Sullivan said the new threat ?could be a game changer.?"

Tell me how your grandmother will be smart enough to avoid this stench. And then tell me how much of your brain is dedicated to safe computing.

Because it'll most likely end up in his grandmother's spam folder.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #49 of 123

I think a big part of the problem is that Android users tend to use more pirated apps than others and this is an easy way to infect an android phone.

post #50 of 123
Quote:
Originally Posted by caliminius View Post

 

It's weird. The last time a security firm issued an alert for OS X, the general theme here was that they were blowing it out of proportion. That they were only interested in selling AV software to Mac users. And over half a million Macs got infected. But anytime malware on Android gets mentioned, it's, "Aha, see Android is a virus ridden piece of sh-t!!!" What reason does F-Secure have to really look for malware on iOS since they KNOW they aren't going to allowed to sell any form of AV software for iOS? If trying to sell their software negates their warnings for OS X, why doesn't it affect any opinions on Android malware?

 

And as someone tried to point out, it DOES matter both where these Android viruses are coming from and where they are targeted. As someone living in the US, why would I be concerned with malware showing up on 3rd party app stores in China or India? Similarly, how many apps have been found that actually contain these malware vectors? One per type? Twenty? These things matter when you're going to start making claims that Android is more or less secure than iOS.

If you are not concerned they are targeted at the US then you are making a mistake. They soon will be as that is where the money is and that's what these guys are after. 

post #51 of 123
Quote:
Originally Posted by stniuk View Post

If you are not concerned they are targeted at the US then you are making a mistake. They soon will be as that is where the money is and that's what these guys are after. 

How do you know that they haven't already and that Americans haven't fallen prey?
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #52 of 123
Quote:
Originally Posted by dasanman69 View Post


You act like one has to write a thesis on a app before installing it. No research needs to be done. Think of it like ebay, you search a item you want to buy and 2 sellers pop up, one with a high rating and another with few or none. Who are you going to buy from? You probably do the same exact thing in the app store. This data is really worthless without data on how many devices have gotten infected. More malware does not mean more infected devices.

 

Not buy from anyone, drive by link in email.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #53 of 123
Quote:
Originally Posted by dasanman69 View Post


Not entirely true. The apps I have sideloaded were recommended on XDA, and various other sites. Side loading by default is off and many devices do not allow the user to change it, and the vast majority of users don't even know how to do it or are unaware that they can. Very much like the app store most users don't go past the highly downloaded or recommended apps. I won't deny malware is a problem with Android but I think most users especially in the US have little to none to worry about.

 

So, the Kindle Fire and all those "hub" equipped galaxies, how do their repositories work, given they are not Google Play?

 

Some of the most popular Android devices rely on breaking their users away from Google Play.

 

Making them vulnerable.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #54 of 123
Quote:
Originally Posted by dasanman69 View Post


I loved and hated XP, it was the mother magnet of malware. My friend would get malware without ever visiting any questionable sites. Vista along with Chrome has all but eliminated malware.

 

On our work XP systems, the IT department briefly flirted with Chrome.

 

They removed it due to trojans infecting our PC's.

 

IE 8 and Firefox are used, along with virtual IE 6 running critical legacy software.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #55 of 123
Quote:
Originally Posted by KDarling View Post

Oh for goodness' sake.

 

1) Newbies cannot accidentally sideload an app.  They have to first go find and purposely turn on "Load from unknown sources" and on some phones, also turn off "Disallow or warn before installation of apps that may cause harm."

 

2) Look at the list of threats.  Almost all affect a small, targeted group that sideload an app in China or India, etc.  They include sideloaded apps aimed at Tibetan human rights activists, and my favorite,  "A fake "job offer" Android app in India informs that the user is being considered for a position at TATA Group, an Indian multinational company. To arrange the interview, the app asks for a refundable security deposit."    

 

Sorry, but if you're that gullible, it doesn't matter if the "threat" came from an app or a website or an email.

 

3) Many of these "security firms" include, as potential threats, apps like log viewers which people download on purpose.  Anything to boost the numbers.

 

Security reports try to scare people into buying security software.  That's their primary purpose.

 

So why isn't iOS also being targeted?

 

Is that because "gullible people" as you call them, are only sucked in by Android?

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #56 of 123
Quote:
Originally Posted by d4NjvRzf View Post

 

You know, I've sometimes wondered why sideloading is considered unacceptable on smartphones and tablets when it has almost always been how one installs programs on laptops or desktops. Is installing a third party app inherently riskier on a mobile device? Or is the perceived danger of side-loading due to users tending to install more apps on their mobile devices, thereby exposing themselves more often?

 

Well, from what kdarling says, it's because Android users are more "gullible".

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #57 of 123
Quote:
Originally Posted by hill60 View Post

 

On our work XP systems, the IT department briefly flirted with Chrome.

 

They removed it due to trojans infecting our PC's.

Trojans unique to Chrome? First I'd heard of it. Any example or are you mistaking it for this recent story?

http://thenextweb.com/insider/2013/03/21/new-os-x-trojan-injects-ads-into-pages-browsed-by-chrome-firefox-and-safari-even-targets-apples-website/

 

EDIT: Chrome automatically disables 3rd-party extensions, even "silent" ones. Users have to actively choose to individually enable them.


Edited by Gatorguy - 5/15/13 at 6:20am
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #58 of 123
Quote:
Originally Posted by os2baba View Post

 

I have now been using Android for 5 years. And I have no malware on my phone. Yes, I check the permissions before installing, and if I find anything suspicious, I don't install the app. Not really all that difficult.

 

I would pay money to see you explain this to a room full of people who aren't interested in technology in the slightest (only use their phone to keep in contact with others), don't even want to be at a meeting with an IT person (only doing it because it's required for their job), and will make a joke or snide comment anytime they hear tech terminology they don't understand (either that or just tune out at that point).  Welcome to the rest of the world.

 
Reply
 
Reply
post #59 of 123
Quote:
Originally Posted by os2baba View Post

blah, blah, blah

 

Don't care, go spread your message on Android forums where kdarling's "gullible" android users hang out.

 

My first android phone was an HTC Magic.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #60 of 123
Quote:
Originally Posted by Gatorguy View Post

Trojans unique to Chrome? First I'd heard of it. Any example or are you mistaking it for this recent story?

http://thenextweb.com/insider/2013/03/21/new-os-x-trojan-injects-ads-into-pages-browsed-by-chrome-firefox-and-safari-even-targets-apples-website/

 

EDIT: Chrome automatically disables 3rd-party extensions, even "silent" ones. Users have to actively choose to individually enable them.

 

How the f*ck do you confuse trojans infecting Microsoft Windows XP systems using legacy software requiring Microsoft Internet Explorer along with Microsoft ActiveX with that article you linked to?

 

Mate, maybe it's time to give up, the tenuousness of the far fetched links you use in your constant defence of all things Google has left the bounds of reality. 

 

How did trojan's get in via Chrome?

 

Because the idiots in IT trusted the "most secure browser" bullshit spouted by Google acolytes which let Chrome punch a hole through the corporate firewalls most probably by installing Java in the background, when users stupid enough to believe that "private browsing" gave them immunity from going to sites they shouldn't have.


Edited by hill60 - 5/15/13 at 6:47am
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #61 of 123
So a security company that sells Android security apps has produced a report that says Android malware is increasing? It's hardly going to say "Hey folks, there isn't much Android malware, you don't need to buy our apps!" There's a bit of self interest conflict here. I had security software installed on my Android devices, but took it off after 6 months because it never found anything. I'm not saying it doesn't exist, it does, but if you only ever install popular apps from the Play Store you'll never see a virus. A cynical person might wonder whether this F-Secure report is in part a scare story in order to boost its app sales.
post #62 of 123
Quote:
Originally Posted by RAWComputing View Post

So a security company that sells Android security apps has produced a report that says Android malware is increasing? It's hardly going to say "Hey folks, there isn't much Android malware, you don't need to buy our apps!" There's a bit of self interest conflict here. I had security software installed on my Android devices, but took it off after 6 months because it never found anything. I'm not saying it doesn't exist, it does, but if you only ever install popular apps from the Play Store you'll never see a virus. A cynical person might wonder whether this F-Secure report is in part a scare story in order to boost its app sales.

Sex sells but it pales in comparison to scare tactics.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #63 of 123
Quote:
Originally Posted by hill60 View Post

So why isn't iOS also being targeted?

 

Is that because "gullible people" as you call them, are only sucked in by Android?

 

iOS was targeted (legally) for a long time, in order to collect Contacts info to send to spam producers.  Why do you think Apple belatedly added the Contact permission popup?

 

As for "gullible", you don't need a malware app to get some people to send money in hopes of getting more money.  That's just a classic scam, and it's not something that just happens on Android or in apps.  Such scams happen far, far more often via websites, email, texts.  The report simply ignored the other vectors because it didn't matter to them.

 

Now, there are apps that I would classify as real malware, for example, ones that send expensive texts or calls in the background.  But again, they mostly occur in places like China where people are sideloading like crazy on devices without access to the Play Market.

 

The reality is that most people never see any malware.   You guys acting like it's a huge problem just look silly to all those who use Android daily.


Edited by KDarling - 5/15/13 at 7:20am
post #64 of 123
See, Android is the superior platform, because it's open! Open for business to scammers! You get what you pay for from a free OS. It'll be okay though. They'll release a software update (you should probably start calling them "Service Packs"). Just sit tight for another year or so.
post #65 of 123
Quote:
Originally Posted by hill60 View Post

 

How the f*ck do you confuse trojans infecting Microsoft Windows XP systems using legacy software requiring Microsoft Internet Explorer along with Microsoft ActiveX with that article you linked to?

 

Mate, maybe it's time to give up, the tenuousness of the far fetched links you use in your constant defence of all things Google has left the bounds of reality. 

 

How did trojan's get in via Chrome?

 

Because the idiots in IT trusted the "most secure browser" bullshit spouted by Google acolytes which let Chrome punch a hole through the corporate firewalls most probably by installing Java in the background, when users stupid enough to believe that "private browsing" gave them immunity from going to sites they shouldn't have.

 So no example then. Sounds almost made up if I didn't know you better.


Edited by Gatorguy - 5/15/13 at 7:58am
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #66 of 123
Quote:
Originally Posted by pk22901 View Post


What about this? Is this a side load?

"As Sean Sullivan, Security Advisor at F-Secure Labs stated in the report, ?I?ll put it this way: Until now, I haven?t worried about my mother with her Android because she?s not into apps. Now I have reason to worry because with cases like Stels, Android malware is also being distributed via spam, and my mother checks her email from her phone.?

Stels, an Android trojan delivered via fake U.S. Internal Revenue Service-themed emails, uses "an Android crimeware kit to steal sensitive information from the device," and also makes calls to premium numbers. Sullivan said the new threat ?could be a game changer.?"

Tell me how your grandmother will be smart enough to avoid this stench. And then tell me how much of your brain is dedicated to safe computing.

 

This is typical scare tactics. If Sean Sullivan's grand mother is not tech savvy, she's not going to be able to install the app since the "Install from unknown sources" is disabled by default. She would have to first dig into the settings go to security (which by itself should be a hint), enable the checkbox. Which displays a warning dialog about the consequences. Ignore the warning. Go back and click on the link again (this is a smart thing Android's done that the install doesn't start immediately), download the apk again. See the permissions that a flash player needs to make phone calls and send SMSes. Ignore that as well and then install the app. And if she's not tech savvy, she's probably unlikely to have much sensitive information on the phone either.
post #67 of 123
Quote:
Originally Posted by stniuk View Post

I think a big part of the problem is that Android users tend to use more pirated apps than others and this is an easy way to infect an android phone.

 

And if they are using pirated apps, then they deserve it.
post #68 of 123
Quote:
Originally Posted by hill60 View Post

 

So, the Kindle Fire and all those "hub" equipped galaxies, how do their repositories work, given they are not Google Play?

 

Some of the most popular Android devices rely on breaking their users away from Google Play.

 

Making them vulnerable.

 

Maybe someone with a Kindle fire can comment. But I would hope that Amazon has done what Google has done and has the same setting. Except that would work for stores other than the Amazon App Store.
post #69 of 123
Quote:
Originally Posted by auxio View Post

 

I would pay money to see you explain this to a room full of people who aren't interested in technology in the slightest (only use their phone to keep in contact with others), don't even want to be at a meeting with an IT person (only doing it because it's required for their job), and will make a joke or snide comment anytime they hear tech terminology they don't understand (either that or just tune out at that point).  Welcome to the rest of the world.

 

Agreed. I'm a techie. But my wife is not. I'd say she would typify most non technical folks. I occasionally check her phone as well. And she doesn't have any malware on it either. The only time I can remember was a few years back there was a rash of apps that injected ads in the notification shade. Wouldn't exactly call it malware. But annoying. It was a simple matter of running a scan to see which apps pushed ads and deleting them. Thankfully that practice is no longer followed. Obviously the app developers got the message. It's very likely that other app stores contain malware and people pirating apps get malware (and serves them right), but for the vast majority of folks using the Google Play Store and following a little bit of common sense, the danger of getting infected I'd think is very low. I don't know if this is actually true, but I think phishing attacks seem to be down as well. Maybe it's better filtering of spam by email providers, or maybe it's that people have smartened up and you have tools now like browsers flagging possible phishing links. If you are susceptible to phishing *and* enable side loading *and* ignore permissions, then you may possibly get malware on your phone. But you are probably getting malware on your PC as well.
post #70 of 123
Quote:
Originally Posted by os2baba View Post

 

Maybe someone with a Kindle fire can comment. But I would hope that Amazon has done what Google has done and has the same setting. Except that would work for stores other than the Amazon App Store.

 

...and Samsung's hub?

 

Take a look at a Samsung Android phone, there is pretty much two of everything, Google version and Samsung version with Samsung applications asking for update permissions while you are still in the process of setting the phone up.

 

I've never noticed a list of trusted sources in settings, only allow third parties or not.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #71 of 123
Remember when computer "XPerts" would recommend Windows for home use? to everyone? And many of the XPerts knew that it was a dangerous decision that cost many thousands, maybe millions, of home users data and drives. Same history rolling out again: Filthy OS and no updating. Just Google's "here, look at it through these pose colored glasses."
post #72 of 123
Quote:
Originally Posted by os2baba View Post

 

Agreed. I'm a techie. But my wife is not. I'd say she would typify most non technical folks. I occasionally check her phone as well. And she doesn't have any malware on it either. The only time I can remember was a few years back there was a rash of apps that injected ads in the notification shade. Wouldn't exactly call it malware. But annoying. It was a simple matter of running a scan to see which apps pushed ads and deleting them. Thankfully that practice is no longer followed. Obviously the app developers got the message. It's very likely that other app stores contain malware and people pirating apps get malware (and serves them right), but for the vast majority of folks using the Google Play Store and following a little bit of common sense, the danger of getting infected I'd think is very low. I don't know if this is actually true, but I think phishing attacks seem to be down as well. Maybe it's better filtering of spam by email providers, or maybe it's that people have smartened up and you have tools now like browsers flagging possible phishing links. If you are susceptible to phishing *and* enable side loading *and* ignore permissions, then you may possibly get malware on your phone. But you are probably getting malware on your PC as well.

 

It seems to happen a lot with live wallpaper type applications which can consume a lot of data and often affects people on lower plans who only notice when they run up large bills.

Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
Better than my Bose, better than my Skullcandy's, listening to Mozart through my LeBron James limited edition PowerBeats by Dre is almost as good as my Sennheisers.
Reply
post #73 of 123
Quote:
Originally Posted by os2baba View Post

Maybe someone with a Kindle fire can comment. But I would hope that Amazon has done what Google has done and has the same setting. Except that would work for stores other than the Amazon App Store.

Amazon has their own app store, no side loading allowed and I'm not sure if apps need their approval but my guess is yes.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #74 of 123
Quote:
Originally Posted by Apple v. Samsung View Post

 

Jailbraking enables those who know about it to do "cool things" that others can't do on their phone. 

 

Which leads to bragging and explaining to friends how to do it, who then show it to other friends etc.

 

At the end of the day, a lot of iOS users end up side loading apps because someone told them to. And a lot of them don't have the knowledge to be able to discern what is a so-called "trusted source".

 

Too bad Jailbreaking and Sideloading are different things, and this makes your "replace Android by Apple in that phrase" switcheroo pretty meaningless in the context of the discussion.

 

The barrier to entry for jailbreaking is much higher than for sideloading. You have to physically connect the iPhone to a computer, and it is disabled with every iOS update. It's not something that you switch on your friend's phone while waiting for the bus.

 

Also, by default you can't install random apps directly from the Web like you can on Android with sideloading, you have to go through the Cydia store which is curated and malware-free. Only if you really wanted you could hack your jailbroken iOS device the enable installing arbitrary apps from the Web, and there's no enticing reason to do so for less knowledgeable users as you can find pretty much everything on Cydia.

If you're trying to argue that Jailbreaking an iPhone is as easy as Sideloading on Android, then you're also saying that the whole point about "Android is better because you can sideload apps" is moot.

post #75 of 123

"security firms", snake oil security firms, typical scare tactics - WOW, really... then I suggest you remove any and all programs that "protect" you from any threat, virus, spam, trojan, spyware, adware, etc etc... Tell Malwarebytes, McAfee, Symantec, and the many others that they are fools, sham artist, etc. Cause they are in the same business as F-Secure. 

 

All spam filters are not 100%, and you have many users that just click without thinking and infect their PC, or mobile device with something.  Sometimes things load WITHOUT the users knowledge, and start installing all kinds of things.  

 

YES, majority of this type of stuff is non-USA based, hence reason you don't hear US based corps going on about this.  F-Secure is not US based and deals more with international stuff.  So you will hear more from them.  And they have a blog you can read for free, and not pay a dime to them.  So, let's warn people, and have them take steps they need to, period.  They don't go on about you must buy our stuff.  They give you information, if you act on it fine, if you don't fine.  

 

You will always have "threats" to any device, MAC, PC, Mobile... you will always have silly users who click and don't pay attention, you will always have those making millions off those silly users.  And they will then make more stuff to get more money from more people... simple.

You don't want to make me curmudgeon, you would not like me when I am curmudgeon.  I go all caps, bold, with a 72PT font and green lettering.  

Reply

You don't want to make me curmudgeon, you would not like me when I am curmudgeon.  I go all caps, bold, with a 72PT font and green lettering.  

Reply
post #76 of 123
Quote:
Originally Posted by Stef View Post

Remember when computer "XPerts" would recommend Windows for home use? to everyone? And many of the XPerts knew that it was a dangerous decision that cost many thousands, maybe millions, of home users data and drives. Same history rolling out again: Filthy OS and no updating. Just Google's "here, look at it through these pose colored glasses."

Get a Nexus and you'll get all the updates. Google doesn't control the other manufacturers.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #77 of 123
Quote:
Originally Posted by VL-Tone View Post

Too bad Jailbreaking and Sideloading are different things, and this makes your "replace Android by Apple in that phrase" switcheroo pretty meaningless in the context of the discussion.

The barrier to entry for jailbreaking is much higher than for sideloading. You have to physically connect the iPhone to a computer, and it is disabled with every iOS update. It's not something that you switch on your friend's phone while waiting for the bus.

Also, by default you can't install random apps directly from the Web like you can on Android with sideloading, you have to go through the Cydia store which is curated and malware-free. Only if you really wanted you could hack your jailbroken iOS device the enable installing arbitrary apps from the Web, and there's no enticing reason to do so for less knowledgeable users as you can find pretty much everything on Cydia.


If you're trying to argue that Jailbreaking an iPhone is as easy as Sideloading on Android, then you're also saying that the whole point about "Android is better because you can sideload apps" is moot.

What about enterprise iPhones? Weren't there fake enterprise accounts being open in China and pirated apps being installed on iPhones?
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #78 of 123
Originally Posted by Alfiejr View Post

of course it would be best to have some actual stats on how many Android units are in fact compromised.                                

 

You asked for it.

 

32.8 million devices are supposedly infected:

 

http://www.technologyguide.com/news/report-32-8m-android-devices-infected-by-malware-in-2012-mobile-attacks-grew-163/

 

And if you unbundle "threats and variants" into individual malware discoveries, the numbers are staggering.

Android malware discoveries by year:

 

2009: 1,649

2010: 6,760

2011: 24,794

2012: 65,227

 

And you thought XP was bad.

Sent from my iPhone Simulator

Reply

Sent from my iPhone Simulator

Reply
post #79 of 123
Quote:
Originally Posted by SockRolid View Post

You asked for it.

32.8 million devices are supposedly infected:

http://www.technologyguide.com/news/report-32-8m-android-devices-infected-by-malware-in-2012-mobile-attacks-grew-163/

And if you unbundle "threats and variants" into individual malware discoveries, the numbers are staggering.
Android malware discoveries by year:

2009: 1,649
2010: 6,760
2011: 24,794
2012: 65,227

And you thought XP was bad.
http://m.techcrunch.com/2013/04/15/malware-on-mobile-grew-163-in-2012-infecting-around-32-8m-android-devices-report-says/
Complete story from original site
post #80 of 123
Quote:
Originally Posted by Suddenly Newton View Post

I believe proof by squirrel was used to back up one of the major theories in quantum physics. It's that sound. /s

Nothing has been proven until tested against Squirrel Girl. Squirrel Girl is apparently one of the most power characters in Marvel Comics. Squirrel Girl has beaten some of the most powerful characters in the Marvel Universe.

Doctor Doom (one of the two smartest men in the Marvel Universe who is also a powerful sorcerer)
Mandarin
Thanos (a herald of Galactus)
Terrax
Deadpool
Pluto
Fin Fang Foom
Baron Mordo
Korvac
Ego the Living Planet (one of the most powerful beings in the Marvel Universe)
Wolverine

"Proof by Squirrel (Girl)," the Marvel Comics way!
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
AppleInsider › Forums › Mobile › iPhone › Mobile malware exploding, but only for Android