or Connect
AppleInsider › Forums › Mobile › iPhone › New Android "RAT" infects Google Play apps, turning phones into spyware zombies
New Posts  All Forums:Forum Nav:

New Android "RAT" infects Google Play apps, turning phones into spyware zombies - Page 2

post #41 of 171
Quote:
Originally Posted by Dick Applebaum View Post
 
Quote:
Originally Posted by mstone View Post
 
Quote:
Originally Posted by Dick Applebaum View Post

 
No. the first "D" in DDOS means distributed. It is coming from everywhere.

Is DDOS or DOS against the law?

people have gone to jail for it yes. Good luck catching them however as the attack normally comes from stolen account from Cloud servers (i.e. Amazon cloud services) or from end user devices on a botnet (i.e.  PC and smartphones). 

"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
"Building for the future?! They should be running around reacting to the present!" -John Moltz
Reply
post #42 of 171
Quote:
Originally Posted by Gatorguy View Post


You claimed "Most of these will never receive security updates" which is easily proven false. Granted there may be some vulnerabilities that go unpatched (do you have any example) but that's not at all the same as going overboard with "No security updates for you" scareware. Google has demonstrated it's commitment to protecting it's users while still allowing a high degree of customizing. I think they've done pretty well finding a middle ground that fills most of it's buyers needs while avoiding a hard lockdown of the ecosystem. Android was never intended to be an OS controlled from top to bottom by a single manufacturer.

 

If it’s easy, go ahead and prove that most Android phones that shipped with an outdated version subsequently received security updates.

 

All evidence proves you are wrong.

 

Now you can claim that Google has tried to patch most of the flaws it has discovered. But the problem that’s obvious to anyone apart from the most desperate of Android apologists is that many end users never receive these, either because the update process is flawed (and users don’t do them), or because the carrier or the manufacturer isn’t interested in preparing and delivering the updates. Google couldn’t even get its partners to agree to support their phones for 18 months in the "Google Update Alliance."

 

Android is a pure mess. Sure you can only look at brand new, premium models and say that yes, these get updates for at least a year. But those devices represent only about a third of Android shipments. The majority of Google’s platform is an unmanaged heap of junk that is never going to be updated, just like the vast majority of Windows PCs. 

 

Also remember that "it is" as a contraction becomes its not it’s. 

post #43 of 171
No surprise here. Googs didn't design Android to be safe.
post #44 of 171

Ayyye, I gottch'r "Trojan payload" right here. Ayyyee…!

post #45 of 171
Quote:
Originally Posted by Corrections View Post


Also remember that "it is" as a contraction becomes its not it’s. 

You mean as a possessive noun.
post #46 of 171
Quote:
Originally Posted by Dick Applebaum View Post

Is DDOS or DOS against the law?

Sure since 2006 in the US. But can it be prosecuted is a different question.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #47 of 171

What else is new? Another day, another new Android malware/virus/security threat. :lol:

 

This is what you get when you go cheap. Android is a terrible OS. You couldn't pay me to use it.:smokey:

post #48 of 171
Quote:
Originally Posted by snova View Post

Quote:
Originally Posted by Dick Applebaum View Post

 
Quote:
Originally Posted by snova View Post

 
Quote:
Originally Posted by Dick Applebaum View Post

Can you block/refuse access to your servers based on platform and OS version -- or can that be easily spoofed?
Unfortunately, you can't prevent bandwidth usage if it requires no flow control.   They just clog up your pipe bandwidth and there is little you can do about it. Block it all you want to the final destination (if your router can handle the load), but the fact of the matter is quality of service of passing good packets into the network will be unusable.


Can this be addressed statistically – by the various hops along the path to the destination server?
technically yes, however in practice upstream ISP's won't take care of this for you on your behalf. They won't alter their upstream filters to protect you downstream.  Its your problem. 

Mmmm... Aren't US ISPs given a near monopoly in certain areas (cities) in exchange for providing a given level of service -- like a gas, electric or phone utility? If so, aren't these ISPs subject to regulation/taxes -- especial since they use the public airwaves?

It appears that there may be ways to incentivize the ISPs.
Edited by Dick Applebaum - 3/7/14 at 5:50pm
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
post #49 of 171
Originally Posted by Dick Applebaum View Post
Mmmm. Aren't US ISPs given a near monopoly in certain areas (cities) in exchange for providing a given level of service -- like a gas, electric or phone utility? If so, aren't these ISPs subject to regulation/taxes -- especial since they use the public airwaves?

 

Yep and shrug, in that order.

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already f*ed.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already f*ed.

 

Reply
post #50 of 171

Andrhoid's platform is "open" to RAT infestation, huh?

post #51 of 171
Quote:
Originally Posted by Corrections View Post
 

Also remember that "it is" as a contraction becomes its not it’s. 

 

If you're going to get anal about someone's grammar at least be accurate when doing so.

post #52 of 171
Quote:
Originally Posted by Tallest Skil View Post

Quote:
Mmmm. Aren't US ISPs given a near monopoly in certain areas (cities) in exchange for providing a given level of service -- like a gas, electric or phone utility? If so, aren't these ISPs subject to regulation/taxes -- especial since they use the public airwaves?

Yep and shrug, in that order.

Read my edit!
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
post #53 of 171
Quote:
Originally Posted by Dick Applebaum View Post
 
Mmmm. Aren't US ISPs given a near monopoly in certain areas (cities) in exchange for providing a given level of service -- like a gas, electric or phone utility? If so, aren't these ISPs subject to regulation/taxes -- especial since they use the public airwaves?

I think he is correct in general. A private citizen cannot get any action from a major carrier but if you go through channels it will get done such as my earlier description of data center protocol. A private citizen only sees the end result of the DDOS in that they can't get their email or something but the IT staff have much better access to the other network professionals and can escalate issues to level 3.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #54 of 171
Quote:
Originally Posted by NexusPhan View Post
 

 

 

It's insanely easy to avoid malware in Android. 

Simply avoiding android and its malware would be insanely easy.   

android sucks, but not as much as the people who come here to defend it.

New for MS dorks - Microsoft sucks just as much as the losers that come to AI to defend it

Reply

android sucks, but not as much as the people who come here to defend it.

New for MS dorks - Microsoft sucks just as much as the losers that come to AI to defend it

Reply
post #55 of 171
How horrifying it is to have an Android phone.
post #56 of 171
Quote:
Originally Posted by Corrections View Post

Also remember that "it is" as a contraction becomes its not it’s. 

That is incorrect, the contraction for 'it is' is indeed 'it's', but to show possession it is 'its'
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #57 of 171
Quote:
Originally Posted by dasanman69 View Post

Quote:
Originally Posted by Corrections View Post

Also remember that "it is" as a contraction becomes its not it’s. 

That is incorrect, the contraction for 'it is' is indeed 'it's', but to show possession it is 'its'

You dasen't correct Corrections!

I shan't warn you again!
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
post #58 of 171
Quote:
Originally Posted by Corrections View Post

If it’s easy, go ahead and prove that most Android phones that shipped with an outdated version subsequently received security updates.

Of course it's easy. Pretty sure that you already knew it too, the voracious reader that you would seem to be.
From the folks at Malwarebytes last June:
http://blog.malwarebytes.org/mobile-2/2013/07/android-as-a-service-verify-apps-for-gingerbread-and-up/

"Most of the features introduced in 4.3 are functionality related but one pertains to security, which is the Verify Apps feature. I covered this feature in one of my blogs last June, it’s pretty much a built-in app scanner. With this feature enabled, Android will interrogate apps installed outside of the Google Play store.

In Jelly Bean 4.3, Google has moved the Verify Apps feature to Google Play Services and will be available to Android versions 2.3 and up. This is significant because it is a huge feature—in my mind—to be available to older versions. This opens the door to making other features available to “outdated” devices."

"... I like that Google isn’t leaving some of its customer base behind, and Google Play Services gives every Android user an opportunity to receive updates otherwise unavailable. With Google Play Services, Google is showing that it is aware of the difficulties in getting updates to all its customers and making more and more features available to most—95 percent are using v2.3 or higher.
"


Sept of last year:
http://arstechnica.com/gadgets/2013/09/balky-carriers-and-slow-oems-step-aside-google-is-defragging-android/

"It's such a simple idea: Android updates roll out too slowly, so start releasing all the cool stuff separately. The hard part is making it actually work. But the first reason this is now possible is a little app that has finally come of age: "Google Play Services."

" While the latest version of Android is on six percent of devices, Play Services rolls out to everyone in a week or two and works all the way back to Android 2.2. That means any phone that is three years old or newer has the latest version of Google Play Services. According to Google's current Android statistics, that's 98.7 percent of active devices. So at Google I/O, when Google announced their slew of new APIs, nearly every Android device was immediately compatible in a week. Play Services is a direct line from Google to the core of your phone... This is how you beat software fragmentation. When you can update just about anything without having to push out a new Android version, you have fewer and fewer reasons to bother calling up Samsung and begging them to work on a new update."


And then a couple weeks ago Google began a rollout of more security enhancements via their Play Services pipeline and an enhanced VerifyApps:
http://blogs.computerworld.com/android/23590/google-android-security

"Dangerous malware" and "new threats" make for great headlines... to feed fear-inducing fodder to stats-loving reporters (go figure!). 1wink.gif
'Over the next couple of weeks, Google will be rolling out a universal update that'll enable constant on-device monitoring for potentially problematic apps. It's an upgrade to the platform's Verify Apps function that first launched with Android 4.2 in 2012, ... and then spread to all devices with Android 2.3 and up last July."

What's changing is that Verify Apps will soon continue to monitor your applications even after they're installed, thereby extending its level of protection.

"We're constantly updating what [threats] we're aware of, so being able to detect those things where we've improved our coverage is valuable," Android Lead Security Engineer Adrian Ludwig tells me.

...Ludwig says the newly expanded system will also help identify issues with apps installed before Verify Apps became available -- or those installed without a person's knowledge while, say, someone else was borrowing a device."

...So what's the broad takeaway from this? ... Now more than ever, malware on Android is far less significant of a real-world issue than some reports would lead you to believe. In the real world, the killer viruses that are so good for headlines actually affect next to no one. And now, even if you don't exercise basic common sense -- even if you carelessly download shady-looking stuff from unofficial sources out in the wild -- your phone will automatically protect you even more than it already did."


There you go sir. As I said it was easy to demonstrate your claim that most old Android phones won't ever get security updates isn't true. They do. Effectively all of them, not just most.

There's absolutely more that can and probably will be done. Malware authors are getting more clever by the week and some stuff will inevitably get thru. Resorting to drama and claiming that Google doesn't care about security for older phones is silly IMO. They obviously do. There's still plenty to complain about with Android so being creative with embellished complaints shouldn't really be necessary.
Edited by Gatorguy - 3/7/14 at 6:48pm
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #59 of 171
Quote:
Originally Posted by jameskatt2 View Post

How horrifying it is to have an Android phone.

Just as horrifying as it was when Iraq had WMDs, oh wait they didn't but we were scared into believing that they did. Things are never as good as they seem and they're never as bad as they seem.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #60 of 171
Quote:
Originally Posted by Dick Applebaum View Post

You dasen't correct Corrections!

I shan't warn you again!

Don't take my word for it. Read for yourself.

http://www.elearnenglishlanguage.com/blog/english-mistakes/its/
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #61 of 171
Quote:
Originally Posted by Gatorguy View Post

Of course it's easy. Pretty sure that you already knew it too, the voracious reader that you would seem to be.
From the folks at Malwarebytes last June:
http://blog.malwarebytes.org/mobile-2/2013/07/android-as-a-service-verify-apps-for-gingerbread-and-up/

"Most of the features introduced in 4.3 are functionality related but one pertains to security, which is the Verify Apps feature. I covered this feature in one of my blogs last June, it’s pretty much a built-in app scanner. With this feature enabled, Android will interrogate apps installed outside of the Google Play store.

In Jelly Bean 4.3, Google has moved the Verify Apps feature to Google Play Services and will be available to Android versions 2.3 and up. This is significant because it is a huge feature—in my mind—to be available to older versions. This opens the door to making other features available to “outdated” devices."

"... I like that Google isn’t leaving some of its customer base behind, and Google Play Services gives every Android user an opportunity to receive updates otherwise unavailable. With Google Play Services, Google is showing that it is aware of the difficulties in getting updates to all its customers and making more and more features available to most—95 percent are using v2.3 or higher.
"


Sept of last year:
http://arstechnica.com/gadgets/2013/09/balky-carriers-and-slow-oems-step-aside-google-is-defragging-android/

"It's such a simple idea: Android updates roll out too slowly, so start releasing all the cool stuff separately. The hard part is making it actually work. But the first reason this is now possible is a little app that has finally come of age: "Google Play Services."

" While the latest version of Android is on six percent of devices, Play Services rolls out to everyone in a week or two and works all the way back to Android 2.2. That means any phone that is three years old or newer has the latest version of Google Play Services. According to Google's current Android statistics, that's 98.7 percent of active devices. So at Google I/O, when Google announced their slew of new APIs, nearly every Android device was immediately compatible in a week. Play Services is a direct line from Google to the core of your phone... This is how you beat software fragmentation. When you can update just about anything without having to push out a new Android version, you have fewer and fewer reasons to bother calling up Samsung and begging them to work on a new update."


And then a couple weeks ago Google began a rollout of more security enhancements via their Play Services pipeline and an enhanced VerifyApps:
http://blogs.computerworld.com/android/23590/google-android-security

"Dangerous malware" and "new threats" make for great headlines... to feed fear-inducing fodder to stats-loving reporters (go figure!). 1wink.gif
'Over the next couple of weeks, Google will be rolling out a universal update that'll enable constant on-device monitoring for potentially problematic apps. It's an upgrade to the platform's Verify Apps function that first launched with Android 4.2 in 2012, ... and then spread to all devices with Android 2.3 and up last July."

What's changing is that Verify Apps will soon continue to monitor your applications even after they're installed, thereby extending its level of protection.

"We're constantly updating what [threats] we're aware of, so being able to detect those things where we've improved our coverage is valuable," Android Lead Security Engineer Adrian Ludwig tells me.

...Ludwig says the newly expanded system will also help identify issues with apps installed before Verify Apps became available -- or those installed without a person's knowledge while, say, someone else was borrowing a device."

...So what's the broad takeaway from this? ... Now more than ever, malware on Android is far less significant of a real-world issue than some reports would lead you to believe. In the real world, the killer viruses that are so good for headlines actually affect next to no one. And now, even if you don't exercise basic common sense -- even if you carelessly download shady-looking stuff from unofficial sources out in the wild -- your phone will automatically protect you even more than it already did."


There you go sir. As I said it was easy to demonstrate your claim that most old Android phones won't ever get security updates isn't true. They do. Effectively all of them, not just most.

Actually FALSE!!!!!

As previously stated, hundreds of millions of phones in Asia do not in fact get updated!

So stop spreading this total BS! There is more to the world than the narrow view of the West.
post #62 of 171
What should have been done with Microsoft/Windows years ago, and what should be done with Google/Android now, is for a consortium of people and organisations who suffer losses as a result of malware-based crimes, to mount a massive class action against companies that consistently fail to release or update malware-resistant products, or app stores.

The release of malware-friendly products does enormous damage to an industry that has become a central part of the global economy. This should NOT be tolerated in any shape or form. If that means putting big corporations out of business, and destroying 'shareholder wealth', then so be it. Those businesses will soon be replaced by others who behave in a much more responsible way towards their customers.
post #63 of 171
Quote:
Originally Posted by pauldfullerton View Post

The release of malware-friendly products does enormous damage to an industry that has become a central part of the global economy. This should NOT be tolerated in any shape or form. If that means putting big corporations out of business, and destroying 'shareholder wealth', then so be it. Those businesses will soon be replaced by others who behave in a much more responsible way towards their customers.

Why stop there? Go a step further, let's all kill ourselves so we don't get sick and avoid the medical costs.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #64 of 171
Quote:
Originally Posted by FreeRange View Post

As previously stated, hundreds of millions of phones in Asia do not in fact get updated!

 

Those that don't have Google Services certainly don't reap the benefits of those updates.  That may also explain why most Android malware targets users in eastern Asian countries like China and Russia as opposed to US Android users.

post #65 of 171
Quote:
Originally Posted by FreeRange View Post

Actually FALSE!!!!!

As previously stated, hundreds of millions of phones in Asia do not in fact get updated!

So stop spreading this total BS! There is more to the world than the narrow view of the West.

100's of millions? A citation might be nice.

Are you referring specifically to China or Asia in general? China is its own problem if they won't permit Play Services, but even there some 30% of devices would still get AppVerify via Google Play if the OP was correct with his claim and figures. Is an Android device that doesn't offer Play Services even a Google Android device? Anyway I'm not aware of a problem using Play Services throughout Asia. Sounds like more drama. Maybe you have more information to offer?
Edited by Gatorguy - 3/7/14 at 7:09pm
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #66 of 171
Updates through Play services can't fix stuff OUTSIDE of Play services. The handset vendor is still needed then--but instead, they abandon their devices and push the next one!
post #67 of 171
Quote:
Originally Posted by Gatorguy View Post
 

TLDW

bold italics, ha

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #68 of 171
Quote:
Originally Posted by nagromme View Post

Updates through Play services can't fix stuff OUTSIDE of Play services. The handset vendor is still needed then--but instead, they abandon their devices and push the next one!

Yes sir it can, VerifyApps scans even applications originating outside the Play Store. That's one of primary reasons for it.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #69 of 171
Quote:
Originally Posted by mstone View Post

TLDW
bold italics, ha

Whenever I quote long passages from another source I'll usually italicize it for obviousness. As far as being too long the post was for Daniels' benefit. I don't expect others to take the time to read it since most don't care about any inconvenient facts anyway. They already learned all they want to know about it from DED's article. 1smile.gif
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #70 of 171
Quote:
Originally Posted by nagromme View Post

Updates through Play services can't fix stuff OUTSIDE of Play services. The handset vendor is still needed then--but instead, they abandon their devices and push the next one!

http://gigaom.com/2014/02/27/google-to-expand-androids-verify-apps-security-for-apps-after-installation/

https://support.google.com/accounts/answer/2812853?hl=en
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #71 of 171
Quote:
Originally Posted by Gatorguy View Post

Every Google Android device with 4.0 and below (a large chunk of them) have a security hole that will never get fixed by updates to Google Play Services since the flaw is part of the underlying architecture and can't be fixed without re-writing portions of the OS.

There, fixed another one of your posts.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #72 of 171
Quote:
Originally Posted by EricTheHalfBee View Post

There, fixed another one of your posts.

Just never with examples, nor disproving the post. . . Wow, I guess I never realized it was that easy to put words in other people's mouths.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #73 of 171
Quote:
Originally Posted by Gatorguy View Post

Just never with examples, nor disproving the post. . . Wow, I guess I never realized it was that easy to put words in other people's mouths.

You know exactly how to do that since it's you're trademark. Don't get offended when someone returns the favor.

You shouldn't talk about security when you know nothing about how OS's are designed. For starters read this:

http://en.wikipedia.org/wiki/Address_space_layout_randomization

Only Android JB has fully implemented this feature.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #74 of 171


lol.giflol.giflol.gif
post #75 of 171
Quote:
Originally Posted by nagromme View Post

Updates through Play services can't fix stuff OUTSIDE of Play services. The handset vendor is still needed then--but instead, they abandon their devices and push the next one!

DING DING DING

We have a winner. Funny to see the uninformed responses claiming you're wrong. Google Play Servics IS NOT the Android kernel, and it can't make changes to the kernel to correct security flaws.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
post #76 of 171
Quote:
Originally Posted by EricTheHalfBee View Post

You know exactly how to do that since it's you're trademark. Don't get offended when someone returns the favor.

You shouldn't talk about security when you know nothing about how OS's are designed. For starters read this:

http://en.wikipedia.org/wiki/Address_space_layout_randomization

Only Android JB has fully implemented this feature.

So 80% of current Android devices aren't affected then. How many of the remaining 20% that still have the "security flaw" have resulted in harm to the user because of it? Anything you can point to or is it one of those theoretical attacks the security companies like to pump with little to no real world harm?
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #77 of 171
Quote:
Originally Posted by EricTheHalfBee View Post

DING DING DING

We have a winner. Funny to see the uninformed responses claiming you're wrong. Google Play Servics IS NOT the Android kernel, and it can't make changes to the kernel to correct security flaws.

That's not what he said though.
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
"Few things are harder to put up with than the annoyance of a good example" Mark Twain
"Just because something is deemed the law doesn't make it just" - SolipsismX
Reply
post #78 of 171
Quote:
Originally Posted by EricTheHalfBee View Post

DING DING DING

We have a winner. Funny to see the uninformed responses claiming you're wrong. Google Play Servics IS NOT the Android kernel, and it can't make changes to the kernel to correct security flaws.

But it sure can help prevent any user harm that might have come from apps taking advantage of them. If the malware can't do the damage it intended then you're back to talking about what might have happened. Malware designed to take advantage of a security hole but prevented from hitting the target because of improved security features. Sounds like a stalemate for the most part.
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #79 of 171
Android%u2026our garden walls are wide open. Come on in!
post #80 of 171
Quote:
Originally Posted by Gatorguy View Post

So 80% of current Android devices aren't affected then. How many of the remaining 20% that still have the "security flaw" have resulted in harm to the user because of it? Anything you can point to or is it one of those theoretical attacks the security companies like to pump with little to no real world harm?
80%? Where did you get that figure from. According to Google, it's 64%. And as I'm sure you remember, Google changed the way they calculate the percentage of users on each version. They used to count ALL devices. Now they only count devices that SPECIFICALLY visited Google Play within the previous 7 days (in other words, the user visited the Store). Of course, when Google made this accounting change we suddenly had an increase in reported users on newer versions and a decrease on older versions.

So that 64% is also suspect since it doesn't count ALL devices in actual use, like it used to.

Why do I have to provide proof of harm? I don't get malware on my PC, but I'd have to be an idiot to ask someone for "proof" that people with PC's are getting infected.

Author of The Fuel Injection Bible

Reply

Author of The Fuel Injection Bible

Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPhone
  • New Android "RAT" infects Google Play apps, turning phones into spyware zombies
AppleInsider › Forums › Mobile › iPhone › New Android "RAT" infects Google Play apps, turning phones into spyware zombies