I believe proof by squirrel was used to back up one of the major theories in quantum physics. It's that sound. /s
Nothing has been proven until tested against Squirrel Girl. Squirrel Girl is apparently one of the most power characters in Marvel Comics. Squirrel Girl has beaten some of the most powerful characters in the Marvel Universe.
Doctor Doom (one of the two smartest men in the Marvel Universe who is also a powerful sorcerer)
Mandarin
Thanos (a herald of Galactus)
Terrax
Deadpool
Pluto
Fin Fang Foom
Baron Mordo
Korvac
Ego the Living Planet (one of the most powerful beings in the Marvel Universe)
Wolverine
"Proof by Squirrel (Girl)," the Marvel Comics way!
What about enterprise iPhones? Weren't there fake enterprise accounts being open in China and pirated apps being installed on iPhones?
Good point, but the difference is that Apple will try to plug this "hole" while Google is willingly allowing random apps from the Web to be installed with a simple "allow sideloading" switch.
I'd like to see some Android enthusiast here complain that Google doesn't do enough to prevent Android from becoming a malware haven like Windows was. I'm sure those people exist, but it seems that pro Android posters here choose instead to blame the "stupid" users and/or try to minimize the problem.
Yes there will always be the possibility of malware but it doesn't have to be that bad. You can't tell me that Google can't improve things there.
The difference in security approaches is manifest by simply considering one simple "feature" of each product:
[LIST] [*] Samsung Galaxy S4 (released 21 days ago) already has root methods allowing the installation of custom ROMs, in fact, some root methods were released within days of the product release [*] Apple iPhone 5 required nearly six months to jailbreak [/LIST]
Anyone who thinks Google or Samsung take security seriously is seriously delusional.
Good point, but the difference is that Apple will try to plug this "hole" while Google is willingly allowing random apps from the Web to be installed with a simple "allow sideloading" switch.
I'd like to see some Android enthusiast here complain that Google doesn't do enough to prevent Android from becoming a malware haven like Windows was. I'm sure those people exist, but it seems that pro Android posters here choose instead to blame the "stupid" users and/or try to minimize the problem.
Yes there will always be the possibility of malware but it doesn't have to be that bad. You can't tell me that Google can't improve things there.
The occurrence relayed by the poster to whom you responded wasn't an exploit. The essence of the occurrence was as follows:
Chinese website offers an alternative App Store
Users must knowingly accept a digital certificate
Digital certificates are a form of identification that enables streamlined authentication, data integrity, and encryption
For example, a business enterprise or government agency may use a digital certificate to provide their own App Store to release in-house apps
Essentially, the Chinese website and the user are exploiting a security feature to install free apps
In some ways this is quite similar to "side loading" apps
The difference is that Apple iPhone users don't commonly promote exploitation of developers as a feature thus almost certainly limiting the impact of the Chinese website which will limit the possible distribution of exploit apps (assuming there are such on the Chinese website)
Furthermore, the limiting of hardware ports to a single proprietary "smart port" drastically limits the possibility of spreading exploits by swapping SD cards, etc.
Could the apps on the Chinese website offer exploits packaged as free replacements for popular apps? They absolutely could which is one possible reason Apple iPhone users aren't promoting the website constantly.
Is the Chinese website commonly offered as a "feature" of the Apple ecosystem? No!
Is the Apple App Store relatively secure? Yes! There have been few, in any, widespread exploits released in the Apple App Store.
Is Google Play relatively secure? No! While Google has improved their security and has removed apps there continue to be issues.
Is Google Play the only commonly accepted and promoted source of apps? No, which is a major issue with the security of Android. Many Android users believe that "side loading" and rooting are "features" of the platform when they are, in fact, simply exploits.
Oh crap I just bought a new Samsung side by side fridge... US Appliances BTW great prices, no sales tax, and free delivery, do you think the malware will hack my fridge and turn my meat rancid. Because I think there is an option for it to communicate with my phone. Oh noes, I should have listened to my brilliant wife and bought an iCool. :smokey:
The difference in security approaches is manifest by simply considering one simple "feature" of each product:
Samsung Galaxy S4 (released 21 days ago) already has root methods allowing the installation of custom ROMs, in fact, some root methods were released within days of the product release
Apple iPhone 5 required nearly six months to jailbreak
Anyone who thinks Google or Samsung take security seriously is seriously delusional.
It's not that clear-cut MacBook. Not mentioned in the recent Symantec report that said most malware was targeting Android was another claim they made.
93% of all newly discovered mobile OS vulnerabilities come from iOS, 387 of the total 415 in the Symantec report.
In case you think Symantec's report must be wrong (and if so why would the Android malware claim be any more right), CVE, a highly respected and detailed security datasource, finds much the same with over 225 identified security flaws in iOS or more than 80% of the the total number across all mobile OS's
What about Android? Fewer than 30. Windows mobile OS must have a lot right? Nope only 14 at last count, and Blackberry is best of all with only 11 identified exploitable OS flaws according to CVE.
But that doesn't seem to make any sense. If Apple's iOS has had the highest number of security flaws of all the major mobile OS's, why is Android getting the most attention from cyber bad-guys? Experts say (and I agree) it's because Google had been lax about policing apps and the "user experience", and that makes complete sense. One of the supposed attractions of Android is how easy it is to customize and Google has encouraged users to do what they want with their smart-devices. Don't like the skin? Download a new one. The latest OS not yet available for your Android smartphone? No prob, just download an app that gives your the same functionality, more or less.
It's not that Android has more OS vulnerabilities than iOS as you would suggest. Far from it. But Apple's more heavily curated approach to apps and the stronger control they exert on their platform and those who play in their backyard makes Android users the easier and more profitable target. At some point Google may need to move closer to Apple's approach and take a little more control of the platform than they have so far. "At some point" may not be all that far off either.
It's also clear that Google's control over their own app store has improved a whole lot over the past couple of years. Nefarious apps within Google Play are exceptionally uncommon, perhaps now nearly as rare as finding one in Apple's app store. I haven't seen anything that would dispute that. But with lots of other sources for Android compatible apps and users in less-developed countries perhaps more likely to look for "free" versions of official Google Play paid apps they end up being targets for very expensive (and highly profitable) SMS texts, the most commonly mentioned scam. At least Google recognized that and took action with Jellybean, which now will flag a warning and ask for permission before your smartphone will send that expensive SMS.
In any event, it's not the number of exploitable security flaws in Android or iOS that attracts the bad guys. It comes down to those apps and where a user can get 'em IMO.
Interesting that there is no concern for personally identifiable information, credit card data, etc. Possibly more evidence that Android users don't actually use their "smartphones" they spend so much effort to customize.
If he is truly concerned about rancid meat vulnerabilities he could peruse the NIST National Vulnerability Database which lists 348 vulnerabilities for Google Android.
I'll give you a plus 1 for identifying for the first man to get his fridge hacked. At least I don't have to use my att data minutes. But side loading and rooting will take a new meaning with this sob. But I'd bet that you'd use an ice chest before placing anything in a Samsung.
Interesting that there is no concern for personally identifiable information, credit card data, etc. Possibly more evidence that Android users don't actually use their "smartphones" they spend so much effort to customize.
If he is truly concerned about rancid meat vulnerabilities he could peruse the NIST National Vulnerability Database which lists 348 vulnerabilities for Google Android.
Just quickly scanning I think I saw Mac mentioned a few times. But getting to the larger question, a hack would look at all my stuff and would pass as he would be doing me a favor. As lame as it sounds I just thought it would be cool to chill a few pabst blue ribbons from the road.
Interesting that there is no concern for personally identifiable information, credit card data, etc. Possibly more evidence that Android users don't actually use their "smartphones" they spend so much effort to customize.
If he is truly concerned about rancid meat vulnerabilities he could peruse the NIST National Vulnerability Database which lists 348 vulnerabilities for Google Android.
If you meant to restrict your list to Google Android specific vulnerabilities as you said you instead would have found this: (your flawed searchincluded cross platform FLASH, Java etc that also affected Windows, iOS, Macs and others):
I assume you weren't intentionally being misleading MacBook Pro. You were just a little sloppy with the research.
EDIT: For someone who claims to have me on "ignore" and not reading my posts it's odd that you respond to the exact same points I bring up if I correct a post of yours. I don't mind having an honest debate if we disagree (and sometimes we do agree!) but you'd have to drop the charade that you don't have any idea what I write.
Ooohh, this is new. Mac malware signed with a real Apple ID? Tricky as that would bypass the security controls in Mountain Lion meant to prevent just such an occurance.
Ooohh, this is new. Mac malware signed with a real Apple ID? Tricky as that would bypass the security controls in Mountain Lion meant to prevent just such an occurance.
Be careful or you have the kool-aid drinkers all over you. And they really think the word "troll" is an insult. Try pig $%$%^^$ Cock ^%$^$^$ where I come from. 4chan would have fun trolling in some of these freaks. Read quickly before the delete boys and girls.
Maybe Apple Insider forgot the news they reported a few weeks ago when malware was discovered in an iOS app that made its way past the approval process. Not gonna pick fights because, yes, malware is Android's overwhelmingly lopsided problem. BUT, from Google itself to top ad networks (like Millennial Media and Airpush) I am seeing a lot of progress to minimize malware exposure and infection risks. So regardless of platform vulnerability, I think malware has become a big enough headache for everyone that big players are going to keep stepping up until the menace is mitigated - http://www.examiner.com/article/airpush-raises-the-bar-on-security-for-mobile-ad-networks
Anyone who thinks Google or Samsung take security seriously is seriously delusional.
I agree, Google and Samsung care about security about as much as Apple does on OSX. In other words, not at all - remember Flashback? Apple didn't release the patch for OSX for months and months after it was released by Oracle.
Comments
Originally Posted by Alfiejr
of course it would be best to have some actual stats on how many Android units are in fact compromised.
You asked for it.
32.8 million devices are supposedly infected:
http://www.technologyguide.com/news/report-32-8m-android-devices-infected-by-malware-in-2012-mobile-attacks-grew-163/
And if you unbundle "threats and variants" into individual malware discoveries, the numbers are staggering.
Android malware discoveries by year:
2009: 1,649
2010: 6,760
2011: 24,794
2012: 65,227
And you thought XP was bad.
Complete story from original site
Nothing has been proven until tested against Squirrel Girl. Squirrel Girl is apparently one of the most power characters in Marvel Comics. Squirrel Girl has beaten some of the most powerful characters in the Marvel Universe.
Doctor Doom (one of the two smartest men in the Marvel Universe who is also a powerful sorcerer)
Mandarin
Thanos (a herald of Galactus)
Terrax
Deadpool
Pluto
Fin Fang Foom
Baron Mordo
Korvac
Ego the Living Planet (one of the most powerful beings in the Marvel Universe)
Wolverine
"Proof by Squirrel (Girl)," the Marvel Comics way!
Quote:
Originally Posted by sflocal
I think the iPhone gave non-iPhone users the false impression that all phones are safe.
May I correct your statement for you?
"I think Google gave non-iPhone users the false impression that all smart phones are iPhones."
Quote:
Originally Posted by Gatorguy
So no example then. Sounds almost made up if I didn't know you better.
Thats the pot calling the kettle black, eh sport?
Quote:
Originally Posted by dasanman69
What about enterprise iPhones? Weren't there fake enterprise accounts being open in China and pirated apps being installed on iPhones?
Good point, but the difference is that Apple will try to plug this "hole" while Google is willingly allowing random apps from the Web to be installed with a simple "allow sideloading" switch.
I'd like to see some Android enthusiast here complain that Google doesn't do enough to prevent Android from becoming a malware haven like Windows was. I'm sure those people exist, but it seems that pro Android posters here choose instead to blame the "stupid" users and/or try to minimize the problem.
Yes there will always be the possibility of malware but it doesn't have to be that bad. You can't tell me that Google can't improve things there.
[LIST]
[*] Samsung Galaxy S4 (released 21 days ago) already has root methods allowing the installation of custom ROMs, in fact, some root methods were released within days of the product release
[*] Apple iPhone 5 required nearly six months to jailbreak
[/LIST]
Anyone who thinks Google or Samsung take security seriously is seriously delusional.
The occurrence relayed by the poster to whom you responded wasn't an exploit. The essence of the occurrence was as follows:
Originally Posted by SCProfessor
…do you think the malware will hack my fridge and turn my meat rancid.
If it's this model, yes.
Quote:
Originally Posted by MacBook Pro
The difference in security approaches is manifest by simply considering one simple "feature" of each product:
Samsung Galaxy S4 (released 21 days ago) already has root methods allowing the installation of custom ROMs, in fact, some root methods were released within days of the product release
Apple iPhone 5 required nearly six months to jailbreak
Anyone who thinks Google or Samsung take security seriously is seriously delusional.
It's not that clear-cut MacBook. Not mentioned in the recent Symantec report that said most malware was targeting Android was another claim they made.
93% of all newly discovered mobile OS vulnerabilities come from iOS, 387 of the total 415 in the Symantec report.
http://www.symantec.com/security_response/publications/threatreport.jsp
In case you think Symantec's report must be wrong (and if so why would the Android malware claim be any more right), CVE, a highly respected and detailed security datasource, finds much the same with over 225 identified security flaws in iOS or more than 80% of the the total number across all mobile OS's
http://www.cvedetails.com/vulnerability-list/vendor_id-49/product_id-15556/Apple-Iphone-Os.html
What about Android? Fewer than 30. Windows mobile OS must have a lot right? Nope only 14 at last count, and Blackberry is best of all with only 11 identified exploitable OS flaws according to CVE.
But that doesn't seem to make any sense. If Apple's iOS has had the highest number of security flaws of all the major mobile OS's, why is Android getting the most attention from cyber bad-guys? Experts say (and I agree) it's because Google had been lax about policing apps and the "user experience", and that makes complete sense. One of the supposed attractions of Android is how easy it is to customize and Google has encouraged users to do what they want with their smart-devices. Don't like the skin? Download a new one. The latest OS not yet available for your Android smartphone? No prob, just download an app that gives your the same functionality, more or less.
It's not that Android has more OS vulnerabilities than iOS as you would suggest. Far from it. But Apple's more heavily curated approach to apps and the stronger control they exert on their platform and those who play in their backyard makes Android users the easier and more profitable target. At some point Google may need to move closer to Apple's approach and take a little more control of the platform than they have so far. "At some point" may not be all that far off either.
It's also clear that Google's control over their own app store has improved a whole lot over the past couple of years. Nefarious apps within Google Play are exceptionally uncommon, perhaps now nearly as rare as finding one in Apple's app store. I haven't seen anything that would dispute that. But with lots of other sources for Android compatible apps and users in less-developed countries perhaps more likely to look for "free" versions of official Google Play paid apps they end up being targets for very expensive (and highly profitable) SMS texts, the most commonly mentioned scam. At least Google recognized that and took action with Jellybean, which now will flag a warning and ask for permission before your smartphone will send that expensive SMS.
In any event, it's not the number of exploitable security flaws in Android or iOS that attracts the bad guys. It comes down to those apps and where a user can get 'em IMO.
Interesting that there is no concern for personally identifiable information, credit card data, etc. Possibly more evidence that Android users don't actually use their "smartphones" they spend so much effort to customize.
If he is truly concerned about rancid meat vulnerabilities he could peruse the NIST National Vulnerability Database which lists 348 vulnerabilities for Google Android.
I'll give you a plus 1 for identifying for the first man to get his fridge hacked. At least I don't have to use my att data minutes. But side loading and rooting will take a new meaning with this sob. But I'd bet that you'd use an ice chest before placing anything in a Samsung.
Just quickly scanning I think I saw Mac mentioned a few times. But getting to the larger question, a hack would look at all my stuff and would pass as he would be doing me a favor. As lame as it sounds I just thought it would be cool to chill a few pabst blue ribbons from the road.
duplicate
Quote:
Originally Posted by MacBook Pro
Interesting that there is no concern for personally identifiable information, credit card data, etc. Possibly more evidence that Android users don't actually use their "smartphones" they spend so much effort to customize.
If he is truly concerned about rancid meat vulnerabilities he could peruse the NIST National Vulnerability Database which lists 348 vulnerabilities for Google Android.
If you meant to restrict your list to Google Android specific vulnerabilities as you said you instead would have found this: (your flawed search included cross platform FLASH, Java etc that also affected Windows, iOS, Macs and others):
http://web.nvd.nist.gov/view/vuln/search-results?query=Google+Android&search_type=all&cves=on
Total count: 29
The same search for Apple iOS is here:
http://web.nvd.nist.gov/view/vuln/search-results?query=Apple+iOS&search_type=all&cves=on
Total count: 185
I assume you weren't intentionally being misleading MacBook Pro. You were just a little sloppy with the research.
EDIT: For someone who claims to have me on "ignore" and not reading my posts it's odd that you respond to the exact same points I bring up if I correct a post of yours. I don't mind having an honest debate if we disagree (and sometimes we do agree!) but you'd have to drop the charade that you don't have any idea what I write.
Ooohh, this is new. Mac malware signed with a real Apple ID? Tricky as that would bypass the security controls in Mountain Lion meant to prevent just such an occurance.
http://arstechnica.com/security/2013/05/mac-malware-signed-with-apple-id-infects-activists-laptop/
Quote:
Originally Posted by Gatorguy
Ooohh, this is new. Mac malware signed with a real Apple ID? Tricky as that would bypass the security controls in Mountain Lion meant to prevent just such an occurance.
http://arstechnica.com/security/2013/05/mac-malware-signed-with-apple-id-infects-activists-laptop/
Be careful or you have the kool-aid drinkers all over you. And they really think the word "troll" is an insult. Try pig $%$%^^$ Cock ^%$^$^$ where I come from. 4chan would have fun trolling in some of these freaks. Read quickly before the delete boys and girls.
Quote:
Anyone who thinks Google or Samsung take security seriously is seriously delusional.
I agree, Google and Samsung care about security about as much as Apple does on OSX. In other words, not at all - remember Flashback? Apple didn't release the patch for OSX for months and months after it was released by Oracle.