I suppose I should have posted a caveat regarding "only"; obviously nothing is perfectly secure. But for all intents and purposes, the only malware in circulation on non-jailbroken iOS devices is via apps that slipped through the App Store's approval process. And these are quickly pulled (my point; the App Store allows Apple control over actually pulling malware, vs the traditional approach of allowIng users to install apps from a variety of sources).
Whatever developers do with your personal info is out of your control once you give them access. However, The privacy setting in iOS 6 prevent other apps that are not supposed to access your calendar and contact from doing so.
Very true. However, everyone needs to think truly about what they install & authorize. The new privacy settings are a great addition, but we all know how well the whole "Allow or Deny" thing worked for MS. People tend to just click on anything asked of them without thinking just to move forward.
I'm just saying we can't let ourselves fall into the mentality that "Walled garden + privacy settings = totally safe".
Whatever developers do with your personal info is out of your control once you give them access. However, The privacy setting in iOS 6 prevent other apps that are not supposed to access your calendar and contact from doing so. For example, after I installed iOS 6 I discovered that Realtors.com iOS app was accessing my contacts. Why do they need my contacts? I also found a couple of other apps trying to access my contacts and they are not supposed to do that.
The new privacy setting in iOS 6 are not meant to prevent what developers do with your contacts but instead give you control on who should have access to your personal data.
The apps you found to be doing more than you had allowed are referred to as malware when doing the same on the Android platform. The antivirus companies have a quite broad definition for it.
Do any Android owners feel unsafe when going to the Android Ap locations? Has Google ever mentioned that they look into malware at all in the Android Marketplace?
Do any Android owners feel unsafe when going to the Android Ap locations? Has Google ever mentioned that they look into malware at all in the Android Marketplace?
Public Service Announcement ... Please stop drinking and/or eating prior to reading this post. The Surgeon General of the United States has issued a warning on this post as drinks and foodstuffs can be quite painful when forcefully expelled from the nose.
Google does provide Google Play Bouncer among other features ...
"Today we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process..." (1)
"... This remote removal functionality — along with Android’s unique Application Sandbox and Permissions model, Over-The-Air update system, centralized Market, developer registrations, user-submitted ratings, and application flagging — provides a powerful security advantage to help protect Android users in our open environment..." (2)
but ...
Android botnet ... (3)
"The past quarter has seen the number of malicious apps double from 10,000 to 20,000 in just one month ..." (4)
"... hundreds of thousands of devices were infected after malware found its way onto the official Google Play marketplace." (4)
"... More worryingly for users, even Google’s official application marketplace, Google Play, was breached, with 17 malicious apps downloaded over 700,000 times before they were spotted and removed from the site..." (4)
"The security firm said at the start of the year, it had found more than 5,000 malicious applications designed to target Google's Android mobile operating system, but the figure has since risen to about 20,000 in recent months. By the coming third-quarter, the firm estimates there will be around 38,000 malware samples, and close to 130,000 in the fourth-quarter." (5)
"... malware targeting Android grew by 3,325 percent in the last seven months of 2011..." (6)
Interesting that this was 'discovered' by Kaspersky - leading to months more of them crying they can't put anti-virus software on the iPhone.
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Shooting the messenger won't rewrite history.
Apple have done a very good job thus far but it is inevitable that attempts to slip malware in to walled app stores will increase in line with market share. Phone malware has been around since the days of the Symbian Cabir. We the public just need to accept that the safety of our personal data is in the hands of other people.
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
It almost seems kind of like one of those arsonists who set a fire, and then "discover" the fire and report it to the authorities. That was my first thought when I saw Kaspersky mentioned in this article.
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Could it be kaspersky created this app and passed it along to someone to upload it for approval.
The speed of finding out what this app did, by them, is a bit suspicious.
Could it be kaspersky created this app and passed it along to someone to upload it for approval.
The speed of finding out what this app did, by them, is a bit suspicious.
How paranoid are you?
If you read the links you will see that Kaspersky were contacted by a telco who had noticed suspicious behavour related to this app. Do you not think that if they wanted to scare iPhone owners they would create something that does more than just annoy your friends?
Are you suggesting that they are also responsible for the other apps that uploaded plain text copies of owners address bocks (Aurora Feint/LinkedIn/Path)?
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Wow, now that you brought it up,...
what about Android malware? Could Kapersky, Symantec or some big OS competitors be funding or outright creating it? It wouldn't surprise me that someone like Microsoft was brewing some up right now and telling Kapersky where to find it.
"The past quarter has seen the number of malicious apps double from 10,000 to 20,000 in just one month ..." (4)
"... hundreds of thousands of devices were infected after malware found its way onto the official Google Play marketplace." (4)
"... More worryingly for users, even Google’s official application marketplace, Google Play, was breached, with 17 malicious apps downloaded over 700,000 times before they were spotted and removed from the site..." (4)
"The security firm said at the start of the year, it had found more than 5,000 malicious applications designed to target Google's Android mobile operating system, but the figure has since risen to about 20,000 in recent months. By the coming third-quarter, the firm estimates there will be around 38,000 malware samples, and close to 130,000 in the fourth-quarter." (5)
"... malware targeting Android grew by 3,325 percent in the last seven months of 2011..." (6)
Thats growth that any droid dork would be proud of. The perceived freedom they spout off about does comes at a high price, and with a shitty company such as giggle watching the door you may as well hand over everything on your way in...
They should also send some of their Apple "boys" over there to rough these guys up and send the world a message: don't mess with our walled-garden. Seriously what kind of cack-sucking ossholes do this? They should be strung up in a public square like those people caught kissing each other in Dubai.
what about Android malware? Could Kapersky, Symantec or some big OS competitors be funding or outright creating it? It wouldn't surprise me that someone like Microsoft was brewing some up right now and telling Kapersky where to find it.
/s
Not to bag on any particular entity in the security biz, good or bad, but it has gone to the dogs in the past couple years and fill-in-the-blank exploit/demonstration is now an open market activity with recognized brokers and a highest bidder mentality.
I would not find it the least bit amazing if there are lowish danger exploit+demos sold and then "discovered" by the buyer. Simply because high danger stuff is far more valuable to the cyber criminals as a money making opportunity than it might be as PR/advertising to a security company.
They should also send some of their Apple "boys" over there to rough these guys up and send the world a message: don't mess with our walled-garden. Seriously what kind of cack-sucking ossholes do this? They should be strung up in a public square like those people caught kissing each other in Dubai.
Step away from the banjo... come on, keep things in perspective. The firm was sending unsolicited sms invites to people. The owners were not financially harmed in anyway. It was an abuse, that is best resolved via legal action.
Erm... just noticed your user name. Sorry, it's been a long day, am sitting in the pub and I have evidentally had a sense of humour bypass. Time for another pangalactic garglebalster, or two.
Comments
I suppose I should have posted a caveat regarding "only"; obviously nothing is perfectly secure. But for all intents and purposes, the only malware in circulation on non-jailbroken iOS devices is via apps that slipped through the App Store's approval process. And these are quickly pulled (my point; the App Store allows Apple control over actually pulling malware, vs the traditional approach of allowIng users to install apps from a variety of sources).
I am not referring to java exploits.
Quote:
Originally Posted by NasserAE
Whatever developers do with your personal info is out of your control once you give them access. However, The privacy setting in iOS 6 prevent other apps that are not supposed to access your calendar and contact from doing so.
Very true. However, everyone needs to think truly about what they install & authorize. The new privacy settings are a great addition, but we all know how well the whole "Allow or Deny" thing worked for MS. People tend to just click on anything asked of them without thinking just to move forward.
I'm just saying we can't let ourselves fall into the mentality that "Walled garden + privacy settings = totally safe".
Quote:
Originally Posted by NasserAE
Whatever developers do with your personal info is out of your control once you give them access. However, The privacy setting in iOS 6 prevent other apps that are not supposed to access your calendar and contact from doing so. For example, after I installed iOS 6 I discovered that Realtors.com iOS app was accessing my contacts. Why do they need my contacts? I also found a couple of other apps trying to access my contacts and they are not supposed to do that.
The new privacy setting in iOS 6 are not meant to prevent what developers do with your contacts but instead give you control on who should have access to your personal data.
The apps you found to be doing more than you had allowed are referred to as malware when doing the same on the Android platform. The antivirus companies have a quite broad definition for it.
Do any Android owners feel unsafe when going to the Android Ap locations? Has Google ever mentioned that they look into malware at all in the Android Marketplace?
Public Service Announcement ... Please stop drinking and/or eating prior to reading this post. The Surgeon General of the United States has issued a warning on this post as drinks and foodstuffs can be quite painful when forcefully expelled from the nose.
Google does provide Google Play Bouncer among other features ...
"Today we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process..." (1)
"... This remote removal functionality — along with Android’s unique Application Sandbox and Permissions model, Over-The-Air update system, centralized Market, developer registrations, user-submitted ratings, and application flagging — provides a powerful security advantage to help protect Android users in our open environment..." (2)
but ...
Android botnet ... (3)
"The past quarter has seen the number of malicious apps double from 10,000 to 20,000 in just one month ..." (4)
"... hundreds of thousands of devices were infected after malware found its way onto the official Google Play marketplace." (4)
"... More worryingly for users, even Google’s official application marketplace, Google Play, was breached, with 17 malicious apps downloaded over 700,000 times before they were spotted and removed from the site..." (4)
"The security firm said at the start of the year, it had found more than 5,000 malicious applications designed to target Google's Android mobile operating system, but the figure has since risen to about 20,000 in recent months. By the coming third-quarter, the firm estimates there will be around 38,000 malware samples, and close to 130,000 in the fourth-quarter." (5)
"... malware targeting Android grew by 3,325 percent in the last seven months of 2011..." (6)
1. Hiroshi Lockheimer. Published 2 February 2012. Android and Security, Google Mobile Blog. Retrieved 5 July 2012.
2. Rich Cannings. Published 23 June 2012. Exercising Our Remote Application Removal Feature. Android Developers Blog. Retrieved 5 July 2012.
3. Terry Zink. Published 3 July 2012. Spam from an Android botnet. Terry Zink's Cyber Security Blog. Retrieved 5 July 2012.
4. Unattributed. Published 2 July 2012. The True Face of the Android threat. Trend Micro. Retrieved 5 July 2012.
5. Zack Whittaker. Published 4 July 2012. Trend Micro warns of Android malware pandemic by Q4 2012. ZDNet. Retrieved 5 July 2012.
6. Jeffrey Burt. Published 5 July 2012. Android Malware Creates Smartphone Botnet, Researchers Say. eWeek. Retrieved 5 July 2012.
All I could think when originally reading the bold, italicized text was ... WTF... Who are they kidding?
[url=http://www.topclub88.com]??????[/url] --- [url=http://www.plaza888.com]??????????????[/url]
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Quote:
Originally Posted by markbyrn
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Shooting the messenger won't rewrite history.
Apple have done a very good job thus far but it is inevitable that attempts to slip malware in to walled app stores will increase in line with market share. Phone malware has been around since the days of the Symbian Cabir. We the public just need to accept that the safety of our personal data is in the hands of other people.
Quote:
Originally Posted by markbyrn
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
It almost seems kind of like one of those arsonists who set a fire, and then "discover" the fire and report it to the authorities. That was my first thought when I saw Kaspersky mentioned in this article.
Quote:
Originally Posted by markbyrn
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Could it be kaspersky created this app and passed it along to someone to upload it for approval.
The speed of finding out what this app did, by them, is a bit suspicious.
Quote:
Originally Posted by AdamC
Could it be kaspersky created this app and passed it along to someone to upload it for approval.
The speed of finding out what this app did, by them, is a bit suspicious.
How paranoid are you?
If you read the links you will see that Kaspersky were contacted by a telco who had noticed suspicious behavour related to this app. Do you not think that if they wanted to scare iPhone owners they would create something that does more than just annoy your friends?
Are you suggesting that they are also responsible for the other apps that uploaded plain text copies of owners address bocks (Aurora Feint/LinkedIn/Path)?
Quote:
Originally Posted by markbyrn
Yes, extremely interesting considering that the company lied about Apple wanting them to advise them about security issues. In my mind, Kaspersky is bordering close to being a protection racket and it would not surprise me if they were brewing up malware to make more a market for their products.
Wow, now that you brought it up,...
what about Android malware? Could Kapersky, Symantec or some big OS competitors be funding or outright creating it? It wouldn't surprise me that someone like Microsoft was brewing some up right now and telling Kapersky where to find it.
/s
Quote:
Originally Posted by MacBook Pro
Android botnet ... (3)
"The past quarter has seen the number of malicious apps double from 10,000 to 20,000 in just one month ..." (4)
"... hundreds of thousands of devices were infected after malware found its way onto the official Google Play marketplace." (4)
"... More worryingly for users, even Google’s official application marketplace, Google Play, was breached, with 17 malicious apps downloaded over 700,000 times before they were spotted and removed from the site..." (4)
"The security firm said at the start of the year, it had found more than 5,000 malicious applications designed to target Google's Android mobile operating system, but the figure has since risen to about 20,000 in recent months. By the coming third-quarter, the firm estimates there will be around 38,000 malware samples, and close to 130,000 in the fourth-quarter." (5)
"... malware targeting Android grew by 3,325 percent in the last seven months of 2011..." (6)
Thats growth that any droid dork would be proud of. The perceived freedom they spout off about does comes at a high price, and with a shitty company such as giggle watching the door you may as well hand over everything on your way in...
They should also send some of their Apple "boys" over there to rough these guys up and send the world a message: don't mess with our walled-garden. Seriously what kind of cack-sucking ossholes do this? They should be strung up in a public square like those people caught kissing each other in Dubai.
Quote:
Originally Posted by Gatorguy
Wow, now that you brought it up,...
what about Android malware? Could Kapersky, Symantec or some big OS competitors be funding or outright creating it? It wouldn't surprise me that someone like Microsoft was brewing some up right now and telling Kapersky where to find it.
/s
Not to bag on any particular entity in the security biz, good or bad, but it has gone to the dogs in the past couple years and fill-in-the-blank exploit/demonstration is now an open market activity with recognized brokers and a highest bidder mentality.
This is just a tip of the iceberg in the open example: http://www.forbes.com/sites/andygreenberg/2012/03/23/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits/. Once upon a time there were just a couple government, code and security companies that purchased them with the express intent of using them to plug holes. But open market is much more lucrative.
I would not find it the least bit amazing if there are lowish danger exploit+demos sold and then "discovered" by the buyer. Simply because high danger stuff is far more valuable to the cyber criminals as a money making opportunity than it might be as PR/advertising to a security company.
Quote:
Originally Posted by FjordPrefect
They should also send some of their Apple "boys" over there to rough these guys up and send the world a message: don't mess with our walled-garden. Seriously what kind of cack-sucking ossholes do this? They should be strung up in a public square like those people caught kissing each other in Dubai.
Step away from the banjo... come on, keep things in perspective. The firm was sending unsolicited sms invites to people. The owners were not financially harmed in anyway. It was an abuse, that is best resolved via legal action.
Erm... just noticed your user name. Sorry, it's been a long day, am sitting in the pub and I have evidentally had a sense of humour bypass. Time for another pangalactic garglebalster, or two.