I'm assuming most people identify malware as stealing information through exploiting security flaws. By your definition, in-app purchases for kids focused apps that don't require password protection for every purpose can be considered malware.
edit:
The scam was through purchasing a product. It just happened that the product was software. If I bought software off of ebay and the software failed to activate, does that make ebay malware?
1) Yes, an in-app purchase that gets a child to pay $99 for a few digital coins in a game is malware. Same goes for cloned games in Play or App Store that steal the original app's code, or try to mirror its look, feel and name as to confuse buyers as malware. Pretty much any unethical tactic that has to trick the user or system is malware.
2) Why does it have to steal your personal info to fall into that category? What about a trojan that installs on WinPC and then deletes files or just pushes up spam? Would you not call the computer worm Stuxnet that ruing nuclear centrifuges unpleasant SW to the systems that installed it?
I'm assuming most people identify malware as stealing information through exploiting security flaws. By your definition, in-app purchases for kids focused apps that don't require password protection for every purpose can be considered malware.
edit:
The scam was through purchasing a product. It just happened that the product was software. If I bought software off of ebay and the software failed to activate, does that make ebay malware?
IAPs have to be declared on the apps main page. If a user doesn’t notice it then it's not the fault of the software, but the ignorance of the user.
You didn't buy the software from eBay, but from a seller using eBay as the middleman. eBay will get you a refund if you didn't get what you paid for.
1) Yes, an in-app purchase that gets a child to pay $99 for a few digital coins in a game is malware.
I disagree.
I'm not a fan of the freemium gaming model, but what you describe there is fairly common in virtually all freemium games.
There are many freemium games where the top in app purchase is $99 for a trunk or bunch of gems or coins in a game.
These in app purchases require a password, and whoever purchases them is responsible for their own actions. If a kid purchases it, then the parents are responsible.
1) Yes, an in-app purchase that gets a child to pay $99 for a few digital coins in a game is malware.
2) Why does it have to steal your personal info to fall into that category? What about a trojan that installs on WinPC and then deletes files or just pushes up spam? Would you not call the computer worm Stuxnet that ruing nuclear centrifuges unpleasant SW to the systems that installed it?
2) I concede #2. I didn't state my intention correctly. I had really meant exploiting security for detrimental effects, not limited to just stealing information. By this I had meant the app doesn't create a security issue with the phone itself. It was a scam that caused people to lose money which needs to be addressed by Google - probably in at least implementing a better review process that can at least check to see an app does what it states it does.
My point was that the article shown is specifically geared to security exploits from software. The scam app doesn't cause any inherent security issues with Android itself. It's an issue with the Play Stores review policy.
IAPs have to be declared on the apps main page. If a user doesn’t notice it then it's not the fault of the software, but the ignorance of the user.
You didn't buy the software from eBay, but from a seller using eBay as the middleman. eBay will get you a refund if you didn't get what you paid for.
Purchases from app stores are from a developer (and not Apple/Google) using the app store as the middleman. I'm guessing Google will refund the people that purchased this app in this case. How is it any different than the ebay example I gave?
I'm not a fan of the freemium gaming model, but what you describe there is fairly common in virtually all freemium games.
There are many freemium games where the top in app purchase is $99 for a trunk or bunch of gems or coins in a game.
These in app purchases require a password, and whoever purchases them is responsible for their own actions. If a kid purchases it, then the parents are responsible.
I see your point but if that code was designed to exploit techtarded or lazy parents then I still consider it malicious software. I'm sure you've heard the expression "There is a sucker born every minute." i don't believe that should put all the responsibly on the "sucker" and giving the unethical people taking advantage of them a free pass. That's not the world I want to live in.
I see your point but if that code was designed to exploit techtarded or lazy parents then I still consider it malicious software. I'm sure you've heard the expression "There is a sucker born every minute." i don't believe that should put all the responsibly on the "sucker" and giving the unethical people taking advantage of them a free pass. That's not the world I want to live in.
There are of course many suckers around and gullible people too, but are you trying to say that virtually every freemium game on the app store is malware? Because they all have some hefty in app purchases that can be bought.
Look at the top grossing apps on the iOS app store, they're freemium games.
Clash of Clans makes close to a million dollars a day.
...but are you trying to say that virtually every freemium game on the app store is malware?
I have no idea how you jumped to that conclusion. I specifically stated an example where the developer is specifically trying to take advantage of the customer.
In-app purchases have extensive benefits for users. For instance, since Apple doesn't allow trial versions and having a free app and then a full app looks sloppy some App Store vendors have created their free trial app with an in-app purchase that will unlock all the features of the full app. This is a great solution.
There are of course many suckers around and gullible people too, but are you trying to say that virtually every freemium game on the app store is malware? Because they all have some hefty in app purchases that can be bought.
Look at the top grossing apps on the iOS app store, they're freemium games.
Clash of Clans makes close to a million dollars a day.
I wouldn't classify in app purchases as malware unless there is something that subverts password entry requirements for each purchase. If a password is required for every purchase, then the blame has to fall on the user as they are making a conscious decision every time to make that purchase. It'd be different if a purchase was made with just single click with no other logic check.
Number of iOS users 500 Million who are high value targets vs vast number of low value targets, users, says the number of users is a weak decision component to malware developers. It's the enormous security weaknesses in Android and the near total lack of meaningful SW OS updates, in other words, it is easy to do malware on Android.
This harkens back to Windows in the 90s and early new millennium. The utter apathy and indifference by Google, HW OEMs, and ISPs is embarrassing. But the silence of the tech media to raise the issues is equally embarrassing.
When the press make this a real concern, then the industry will respond, unfortunately, this won't get addressed until something(s) awful happens.
I have no idea how you jumped to that conclusion. I specifically stated an example where the developer is specifically trying to take advantage of the customer.
Ok, i guess that I just misread or misunderstood what you were trying to say.
Had to laugh at the reviews. If you are stupid enough to buy an Android phone, you are stupid enough to fall for a placebo app.
You mean like with the iOS 5.0 update where it changed the 3G icon to a 4G and a bunch of iPhone users swore how much faster the connection was when the only thing that changed was the icon?
What amazes me is that I always assumed the official Google Play Store itself was free of malware (or very nearly, comparable to Apple). So you're safe if you avoid third-party sources.
But apparently that was never true!
Follow the money: malware writers are doing this because it works.
Search for "android botnet" for a fun time.
hit rate for use of third party app stores would not make it worth their time to write malware.
That's a bit of a stretch. I would consider software knowingly giving its users a false sense of security, a security issue.
Having a false sense of security doesn't reduce the actual security of the system. For example, a house with a security alarm that puts a sign up that says "This house is secured by XX" is no more secure than a house that has the same alarm system but doesn't put up that sign.
What amazes me is that I always assumed the official Google Play Store itself was free of malware (or very nearly, comparable to Apple). So you're safe if you avoid third-party sources.
But apparently that was never true!
Follow the money: malware writers are doing this because it works.
Having a false sense of security doesn't reduce the actual security of the system. For example, a house with a security alarm that puts a sign up that says "This house is secured by XX" is no more secure than a house that has the same alarm system but doesn't put up that sign.
But a house with a real security system installed is more secure than a house where the installer did nothing but hang a fake cardboard alarm panel.
Comments
1) Yes, an in-app purchase that gets a child to pay $99 for a few digital coins in a game is malware. Same goes for cloned games in Play or App Store that steal the original app's code, or try to mirror its look, feel and name as to confuse buyers as malware. Pretty much any unethical tactic that has to trick the user or system is malware.
2) Why does it have to steal your personal info to fall into that category? What about a trojan that installs on WinPC and then deletes files or just pushes up spam? Would you not call the computer worm Stuxnet that ruing nuclear centrifuges unpleasant SW to the systems that installed it?
Also, Fandroids deserve to get infected and scammed, as their decision to use a crappy OS was all their own.
Here's to a great 2014 too!
" src="http://forums-files.appleinsider.com/images/smilies//lol.gif" />
IAPs have to be declared on the apps main page. If a user doesn’t notice it then it's not the fault of the software, but the ignorance of the user.
You didn't buy the software from eBay, but from a seller using eBay as the middleman. eBay will get you a refund if you didn't get what you paid for.
1) Yes, an in-app purchase that gets a child to pay $99 for a few digital coins in a game is malware.
I disagree.
I'm not a fan of the freemium gaming model, but what you describe there is fairly common in virtually all freemium games.
There are many freemium games where the top in app purchase is $99 for a trunk or bunch of gems or coins in a game.
These in app purchases require a password, and whoever purchases them is responsible for their own actions. If a kid purchases it, then the parents are responsible.
1) Yes, an in-app purchase that gets a child to pay $99 for a few digital coins in a game is malware.
2) Why does it have to steal your personal info to fall into that category? What about a trojan that installs on WinPC and then deletes files or just pushes up spam? Would you not call the computer worm Stuxnet that ruing nuclear centrifuges unpleasant SW to the systems that installed it?
2) I concede #2. I didn't state my intention correctly. I had really meant exploiting security for detrimental effects, not limited to just stealing information. By this I had meant the app doesn't create a security issue with the phone itself. It was a scam that caused people to lose money which needs to be addressed by Google - probably in at least implementing a better review process that can at least check to see an app does what it states it does.
My point was that the article shown is specifically geared to security exploits from software. The scam app doesn't cause any inherent security issues with Android itself. It's an issue with the Play Stores review policy.
IAPs have to be declared on the apps main page. If a user doesn’t notice it then it's not the fault of the software, but the ignorance of the user.
You didn't buy the software from eBay, but from a seller using eBay as the middleman. eBay will get you a refund if you didn't get what you paid for.
Purchases from app stores are from a developer (and not Apple/Google) using the app store as the middleman. I'm guessing Google will refund the people that purchased this app in this case. How is it any different than the ebay example I gave?
I see your point but if that code was designed to exploit techtarded or lazy parents then I still consider it malicious software. I'm sure you've heard the expression "There is a sucker born every minute." i don't believe that should put all the responsibly on the "sucker" and giving the unethical people taking advantage of them a free pass. That's not the world I want to live in.
I see your point but if that code was designed to exploit techtarded or lazy parents then I still consider it malicious software. I'm sure you've heard the expression "There is a sucker born every minute." i don't believe that should put all the responsibly on the "sucker" and giving the unethical people taking advantage of them a free pass. That's not the world I want to live in.
There are of course many suckers around and gullible people too, but are you trying to say that virtually every freemium game on the app store is malware? Because they all have some hefty in app purchases that can be bought.
Look at the top grossing apps on the iOS app store, they're freemium games.
Clash of Clans makes close to a million dollars a day.
It's 1 area where others aren't copying Apple. If the majority are doing it, Apple must be doing it wrong.
Cue the "Apple is doomed" and a share price drop.
I have no idea how you jumped to that conclusion. I specifically stated an example where the developer is specifically trying to take advantage of the customer.
In-app purchases have extensive benefits for users. For instance, since Apple doesn't allow trial versions and having a free app and then a full app looks sloppy some App Store vendors have created their free trial app with an in-app purchase that will unlock all the features of the full app. This is a great solution.
There are of course many suckers around and gullible people too, but are you trying to say that virtually every freemium game on the app store is malware? Because they all have some hefty in app purchases that can be bought.
Look at the top grossing apps on the iOS app store, they're freemium games.
Clash of Clans makes close to a million dollars a day.
This harkens back to Windows in the 90s and early new millennium. The utter apathy and indifference by Google, HW OEMs, and ISPs is embarrassing. But the silence of the tech media to raise the issues is equally embarrassing.
When the press make this a real concern, then the industry will respond, unfortunately, this won't get addressed until something(s) awful happens.
Had to laugh at the reviews. If you are stupid enough to buy an Android phone, you are stupid enough to fall for a placebo app.
I have no idea how you jumped to that conclusion. I specifically stated an example where the developer is specifically trying to take advantage of the customer.
Ok, i guess that I just misread or misunderstood what you were trying to say.
Had to laugh at the reviews. If you are stupid enough to buy an Android phone, you are stupid enough to fall for a placebo app.
You mean like with the iOS 5.0 update where it changed the 3G icon to a 4G and a bunch of iPhone users swore how much faster the connection was when the only thing that changed was the icon?
That's a bit of a stretch. I would consider software knowingly giving its users a false sense of security, a security issue.
What amazes me is that I always assumed the official Google Play Store itself was free of malware (or very nearly, comparable to Apple). So you're safe if you avoid third-party sources.
But apparently that was never true!
Follow the money: malware writers are doing this because it works.
Search for "android botnet" for a fun time.
hit rate for use of third party app stores would not make it worth their time to write malware.
That's a bit of a stretch. I would consider software knowingly giving its users a false sense of security, a security issue.
Having a false sense of security doesn't reduce the actual security of the system. For example, a house with a security alarm that puts a sign up that says "This house is secured by XX" is no more secure than a house that has the same alarm system but doesn't put up that sign.
According to the most recent real data the rate of actual malware infection from Google Play apps is only .001% which is probably not far off from Apple's App Store.
http://www.phonearena.com/news/Google-says-less-than-.001-of-Android-malware-evades-Google-Play-security-to-cause-harm_id47960
But a house with a real security system installed is more secure than a house where the installer did nothing but hang a fake cardboard alarm panel.