On iOS there is App already built-in SMS app, so anything I download that MAY ask for permission to my SMS will NOT to downloaded. It's simple folks. On android they have to downloaded everything, even apps to help the os to give functionality that we take for granted on iOS, poor bastards, bu they chose this , so let them suffer.
Also app killer is required for those that have old versions o he android os, wow what a wonderful advertisement !
Meeec, to download the app you must agree to the permissions, if you don't agree the permissions you can't download or install the app.
Right. That's not the problem though.
Quote:
And no it can't download and install stuff withouth asking your permission.
Right in a narrow definition, but wrong in the big picture. How many users are going to refuse a request to update an app they already have on the phone? Sure the phone makes the request, but the malicious software is reinstalling whatever the hell it wants in response to that OK.
This is a big problem where everything including the totally innocuous stuff needs the same OK as dangerous stuff. The user is defenseless to determine which is which.
Right in a narrow definition, but wrong in the big picture. How many users are going to refuse a request to update an app they already have on the phone? Sure the phone makes the request, but the malicious software is reinstalling whatever the hell it wants in response to that OK.
Meeec another time, the request is fot the actual applications that is installed or removed, not for the app that has started the request.
Meeec another time, the request is fot the actual applications that is installed or removed, not for the app that has started the request.
Are you really that slow? App A, the "starter" maliciously modified app gets loaded. Eventually it generates the update for App B message. When App B gets updated it wasn't the App B you thought it was, it is the App B with the nasty malicious payload grafted onto it. And its maliciousness has all the permissions of the original App B.
It is classic permissions escalation without any out of the ordinary messages to queue you that there is anything funny going on.
If App A had network permissions that exchange isn't even necessary, you could be in possession of a zombie bot. That easy.
Are you really that slow? App A, the "starter" maliciously modified app gets loaded. Eventually it generates the update for App B message. When App B gets updated it wasn't the App B you thought it was, it is the App B with the nasty malicious payload grafted onto it. And its maliciousness has all the permissions of the original App B.
It is classic permissions escalation without any out of the ordinary messages to queue you that there is anything funny going on.
If App A had network permissions that exchange isn't even necessary, you could be in possession of a zombie bot. That easy.
Slow? No, perhaps not so ignorant of the way Android permission work.
But it's easier for you to talk about something you don't know nothing than inform a little, isn't?
I love stupid comments like this. No one has access to these kind of statistics outside the developer(s), and I'm sure you know that.
If that is your thoughts then your entitled to them, but if you love stupid comments, then why didn't you reply to the person who made the claim...
Quote:
Except on OS X, we have a large number of users using "Little Snitch" or other such software who would catch such a thing in an instant and it would be front page news on every tech related news site and several mainstream media sites.
After all, how can they claim that "we have a large number of users using "Little Snitch" without knowing the stats.
You do now. And it has allowed me to uncover at least one attempted malware javascript that tried to get out on a port other than 80 which I allow Safari to have.
It also puts a kibosh on some apps phone home behavior.
Congrats, I'm glad you like it, personally I don't think it is worth the NZ$105 they charge for the family licence
On iOS there is App already built-in SMS app, so anything I download that MAY ask for permission to my SMS will NOT to downloaded. It's simple folks. On android they have to downloaded everything, even apps to help the os to give functionality that we take for granted on iOS, poor bastards, bu they chose this , so let them suffer.
There's already a built-in SMS/MMS app on Android phones as well (as opposed to the iPhone where users had to wait over a year for MMS to be available). The Handcent app is an alternate SMS client (you know, one of those things that would never appear on the iTunes App Store because it "duplicates functionality" and iPhone users are apparently too stupid to realize that an app they intentionally downloaded and installed is different than the built-in app).
Comments
On iOS there is App already built-in SMS app, so anything I download that MAY ask for permission to my SMS will NOT to downloaded. It's simple folks. On android they have to downloaded everything, even apps to help the os to give functionality that we take for granted on iOS, poor bastards, bu they chose this , so let them suffer.
Also app killer is required for those that have old versions o he android os, wow what a wonderful advertisement !
Nice try
Meeec, to download the app you must agree to the permissions, if you don't agree the permissions you can't download or install the app.
Right. That's not the problem though.
And no it can't download and install stuff withouth asking your permission.
Right in a narrow definition, but wrong in the big picture. How many users are going to refuse a request to update an app they already have on the phone? Sure the phone makes the request, but the malicious software is reinstalling whatever the hell it wants in response to that OK.
This is a big problem where everything including the totally innocuous stuff needs the same OK as dangerous stuff. The user is defenseless to determine which is which.
Right. That's not the problem though.
Right in a narrow definition, but wrong in the big picture. How many users are going to refuse a request to update an app they already have on the phone? Sure the phone makes the request, but the malicious software is reinstalling whatever the hell it wants in response to that OK.
Meeec another time, the request is fot the actual applications that is installed or removed, not for the app that has started the request.
Meeec another time, the request is fot the actual applications that is installed or removed, not for the app that has started the request.
Are you really that slow? App A, the "starter" maliciously modified app gets loaded. Eventually it generates the update for App B message. When App B gets updated it wasn't the App B you thought it was, it is the App B with the nasty malicious payload grafted onto it. And its maliciousness has all the permissions of the original App B.
It is classic permissions escalation without any out of the ordinary messages to queue you that there is anything funny going on.
If App A had network permissions that exchange isn't even necessary, you could be in possession of a zombie bot. That easy.
Are you really that slow? App A, the "starter" maliciously modified app gets loaded. Eventually it generates the update for App B message. When App B gets updated it wasn't the App B you thought it was, it is the App B with the nasty malicious payload grafted onto it. And its maliciousness has all the permissions of the original App B.
It is classic permissions escalation without any out of the ordinary messages to queue you that there is anything funny going on.
If App A had network permissions that exchange isn't even necessary, you could be in possession of a zombie bot. That easy.
Slow? No, perhaps not so ignorant of the way Android permission work.
But it's easier for you to talk about something you don't know nothing than inform a little, isn't?
I love stupid comments like this. No one has access to these kind of statistics outside the developer(s), and I'm sure you know that.
If that is your thoughts then your entitled to them, but if you love stupid comments, then why didn't you reply to the person who made the claim...
Except on OS X, we have a large number of users using "Little Snitch" or other such software who would catch such a thing in an instant and it would be front page news on every tech related news site and several mainstream media sites.
After all, how can they claim that "we have a large number of users using "Little Snitch" without knowing the stats.
You do now. And it has allowed me to uncover at least one attempted malware javascript that tried to get out on a port other than 80 which I allow Safari to have.
It also puts a kibosh on some apps phone home behavior.
Congrats, I'm glad you like it, personally I don't think it is worth the NZ$105 they charge for the family licence
On iOS there is App already built-in SMS app, so anything I download that MAY ask for permission to my SMS will NOT to downloaded. It's simple folks. On android they have to downloaded everything, even apps to help the os to give functionality that we take for granted on iOS, poor bastards, bu they chose this , so let them suffer.
There's already a built-in SMS/MMS app on Android phones as well (as opposed to the iPhone where users had to wait over a year for MMS to be available). The Handcent app is an alternate SMS client (you know, one of those things that would never appear on the iTunes App Store because it "duplicates functionality" and iPhone users are apparently too stupid to realize that an app they intentionally downloaded and installed is different than the built-in app).