FBI issues warning to smartphone users regarding Android malware

2456

Comments

  • Reply 21 of 104

    Quote:

    Originally Posted by sflocal View Post




    Yeah, next thing you know the FBI and CDC will tell people to refrain from inappropriate physical contact with their Scamscum phones. :)



     


     


    OMG no more exchanging playlists by touching the backs of your Samsung phones? But that was their one exciting new feature! I mean, what would Windows Vista be without its singularly defining gimmick?

  • Reply 22 of 104

    Quote:

    Originally Posted by derekmorr View Post



    Of course, no where in this article or any of its sources does it claim that this is an issue for apps in the Play Store. Most malware is found in shady, third-party stores.

    Further, Dilger's claim that "FinFisher is installed by simply visiting a Web link or opening a text message that disguises itself as a system update" is misleading. Android devices block third-party app stores by default. Unless a user has gone into their security settings, they don't be able to install an app that they download from an arbitrary web page. (It's worth noting that Dilger's wording, "installed," is different from the FBI's wording, "transmitted to.")

    In other words, nothing to see here, folks.


    So the best way to experience Android's only advantage ("Openness") is to disable the openness?


     


    Brilliant.

  • Reply 23 of 104
    dasanman69dasanman69 Posts: 13,002member
    I've always been curious how Google is even allowed to operate when they refuse to actually do anything about the illegal stuff on YouTube.

    Such as?
  • Reply 24 of 104
    sflocalsflocal Posts: 6,092member

    Quote:

    Originally Posted by BlackPepper View Post



    This is just bullshit. Loozfon needs to convince the user with a spam email to send out an email so that it can steal contacts data. Any app can do it on iPhone without even notifying. (Whatsapp, skype etc). There are thousands of apps using address book api, and they can easily upload the whole address book.

    Stop hating Android. It's year advanced than iOS now. Try getting used to this fact.




    What brand of Kool-Aid are you chugging?

  • Reply 25 of 104

    Quote:

    Originally Posted by Suddenly Newton View Post


     


     


    OMG no more exchanging playlists by touching the backs of your Samsung phones? But that was their one exciting new feature! I mean, what would Windows Vista be without its singularly defining gimmick?





    Wait, what were the exciting features of iPhone 5? Hmmm, the calendar app has now one more column in the landscape mode... And, please don't forget, the headphone jack is on the bottom... phew....

  • Reply 26 of 104

    Quote:


    Originally Posted by BlackPepper View Post



    This is just bullshit. Loozfon needs to convince the user with a spam email to send out an email so that it can steal contacts data. Any app can do it on iPhone without even notifying. (Whatsapp, skype etc). There are thousands of apps using address book api, and they can easily upload the whole address book.

    Stop hating Android. It's year advanced than iOS now. Try getting used to this fact.



     


     


    Android has Contact access in the API as well, and it even has those programs mentioned (WhatsApp, Skype).  But that isn't really what the article is about there is a line between an obvious unwanted program like the fake game that Loozfon presents and an app developer that monetizes content by selling data.  I think that is an important debate to have but not in the context of this article which is discussing malware.

  • Reply 27 of 104

    Quote:

    Originally Posted by dasanman69 View Post





    Such as?


    the entire Frasier series is up about 3 or 4 times over.  I've also watched countless operas and movies, many of which are still up.  And I haven't even been looking, really.

  • Reply 28 of 104

    Quote:

    Originally Posted by Tallest Skil View Post


     


    Yeah, they pull down fair use utilizations while leaving up unedited, unchanged, illegal content.



    Given the extremely high rate of video uploads, what do you suggest they do?

  • Reply 29 of 104

    Quote:

    Originally Posted by addicted44 View Post


    So the best way to experience Android's only advantage ("Openness") is to disable the openness?



     


    Disabling untrusted sources is hardly disabling openness. Further, it can be enabled selectively -- if you want to install a third-party app that you trust, enable the setting, install the app, then clear the setting.

  • Reply 31 of 104
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by addicted44 View Post

    So the best way to experience Android's only advantage ("Openness") is to disable the openness?


    Just like real life. Openness is good. Freedom is good. Only problem is there are a lot of bad guys out there. It would be nice if you didn't have to lock your house or your car or your computer but you do. Kids used to walk to school. Now you have to drive them so they don't get kidnapped. Credit cards were designed for convenience but are now a risk. Freedom just isn't as free as it once was. Now it is a liability. That is why Apple designed the walled garden. It is like being under house arrest in a five star hotel with really good catering, but it is still house arrest.

  • Reply 32 of 104

    Quote:

    Originally Posted by thejenkas View Post


     


     


    Android has Contact access in the API as well, and it even has those programs mentioned (WhatsApp, Skype).  But that isn't really what the article is about there is a line between an obvious unwanted program like the fake game that Loozfon presents and an app developer that monetizes content by selling data.  I think that is an important debate to have but not in the context of this article which is discussing malware.





    I have no objection to access to Contacts. I said any app on iOS can steal contacts data. And they probably already have.

  • Reply 33 of 104


    Originally Posted by dasanman69 View Post

    Such as?


     


    What do you mean, such as? Entire movies are uploaded. TV shows, music videos, links to ROMs for pirated video games or to MP3s for the music…





    Originally Posted by derekmorr View Post

    Given the extremely high rate of video uploads, what do you suggest they do?


     


    Allow users (not just copyright holders) to flag stuff as copyright infringement and then actually act on the flags instead of ignoring every flag about something that breaks their rules.

  • Reply 34 of 104
    auxioauxio Posts: 2,717member



    Quote:

    Originally Posted by shompa View Post



    And Google uses Linux/Unix. The most secure OS there is.


     


    Every UNIX variant is different, and each repackaged distribution of those variants is different still.  You can't make a blanket statement like "most secure" without getting a bit more specific.


     


    IMO, the single most secure UNIX variant is OpenBSD because it's main focus is security ahead of everything else.  However, because ease-of-use isn't as high a priority as security, it has a fairly steep learning curve.

  • Reply 35 of 104
    gatorguygatorguy Posts: 24,176member

    Quote:

    Originally Posted by Tallest Skil View Post


     


    What do you mean, such as? Entire movies are uploaded. TV shows, music videos, links to ROMs for pirated video games or to MP3s for the music…


     


    Allow users (not just copyright holders) to flag stuff as copyright infringement and then actually act on the flags instead of ignoring every flag about something that breaks their rules.



    If you allow users to flag videos for takedown you end up with things like removal of the Democratic National Convention. 


    http://www.theblaze.com/stories/youtube-cautiously-praised-for-video-takedown-policy-update/

  • Reply 36 of 104

    Quote:

    Originally Posted by Tallest Skil View Post


    Allow users (not just copyright holders) to flag stuff as copyright infringement and then actually act on the flags instead of ignoring every flag about something that breaks their rules.



  • Reply 37 of 104


    Originally Posted by Gatorguy View Post

    If you allow users to flag videos for takedown you end up with things like removal of the Democratic National Convention. 


    http://www.theblaze.com/stories/youtube-cautiously-praised-for-video-takedown-policy-update/



     


    The problem is in the automation. An automatic system can't tell fair use editing from straight up reuploading unless there's a source on which to base it or a human to make that decision. 






    Originally Posted by derekmorr View Post




     


    And that's overly protective… of the uploaders. It'll come back to bite Google.

  • Reply 38 of 104

    Quote:

    Originally Posted by BlackPepper View Post




    Wait, what were the exciting features of iPhone 5? Hmmm, the calendar app has now one more column in the landscape mode... And, please don't forget, the headphone jack is on the bottom... phew....





    You forgot this?



    http://www.anandtech.com/show/6324/the-iphone-5-performance-preview

  • Reply 39 of 104

    Quote:

    Originally Posted by BlackPepper View Post




    I have no objection to access to Contacts. I said any app on iOS can steal contacts data. And they probably already have.



     


    Well if the API has access to contacts and access to the network then it would be possible to "steal" contacts on either ecosystem.  This hypothetical scenario is actually best addressed by the App Store/Google Play model where a single company can decline to publish any software it deems to be a bad actor.  And in the cases of the malware as discussed in the artcile neither of them appeared in any appstores, finfisher never appeared on Play/iOS App Store and Loozfon never appeared on Play. But really if that is the argument is simply the ability to steal contacts then that is about equal on both platforms if the device is jail broken and the default application settings changed.

  • Reply 40 of 104


    Seems like nothing will satisfy you, which isn't atypical for commenters here. Human review isn't feasible for something at YouTube's scale.

Sign In or Register to comment.