US government warns of Android's dominance in mobile malware

124

Comments

  • Reply 61 of 85
    droidftwdroidftw Posts: 1,009member

    Quote:

    Originally Posted by Marvin View Post



    They even note that iOS had 387 reported vulnerabilities vs 13 on Android, which is really bad.


     


    You keep throwing stats like that around and you're gonna get a reputation.  image

  • Reply 62 of 85
    MarvinMarvin Posts: 15,309moderator
    droidftw wrote: »
    Marvin wrote: »
    They even note that iOS had 387 reported vulnerabilities vs 13 on Android, which is really bad.

    You keep throwing stats like that around and you're gonna get a reputation.  :p

    It's lies and propaganda that lead to a bad reputation, not stats alone. Constantly cherry-picking stats that show who you prefer to attack in a bad light would be propaganda and especially leads to a bad reputation if who you share it with happen to like who you are attacking.
  • Reply 63 of 85
    ukjbukjb Posts: 19member
    it's funny people pretend iOS has no vulnerabilities. But when they do exist they are "Probably all iOS malware threats related to jailbroken phones and non-app store apps collections." But Android doesn't get this excuse. Most of the malware related to android is found outside of google play and can only be installed by specifically allowing third party software to be installed (opt-in). But, whatever. I expect nothing less from the commenters on the appleinsider blog.

    You guys can now tear my post apart and argue all you want. i don't care. i know from previous experience that none of you listen to reason or facts. just make stuff up and boo anyone that comes here and doesn't agree with you.
  • Reply 64 of 85
    d4njvrzfd4njvrzf Posts: 797member

    Quote:

    Originally Posted by ukjb View Post



    it's funny people pretend iOS has no vulnerabilities. But when they do exist they are "Probably all iOS malware threats related to jailbroken phones and non-app store apps collections." But Android doesn't get this excuse. Most of the malware related to android is found outside of google play and can only be installed by specifically allowing third party software to be installed (opt-in). 


    Can you clarify your claim that "Android doesn't get this excuse?" Most posts I've seen about Android malware have tied the problem to the fact that android allows the user to install software from sources other than google play (after digging through settings and being warned of the risks).


     


    Also, I think you are conflating the concepts of OS vulnerabilities and malware when they are not entirely related. Most malware rely on social engineering, not kernel exploits. They are perfectly valid programs that are falsely advertised. For example, I could write an app that sends text messages but call it a coffee shop finder. If you believe me and install the app despite it asking permission to send texts, you will have just gotten malware. But my app would not be relying on some buffer overflow attack to cause damage. 

  • Reply 65 of 85
    misamisa Posts: 827member
    gctwnl wrote: »
    What malware threats are we talking about in that 0.7% slice that represents iOS?
    The jailbroken kind.
    Marvin wrote: »
    I don't know why they put in statements like:

    "Android has a 72 percent market share with Apple® iOS a distant second with 14 percent, according to Gartner. As a result of its market share and more open development environment, Android is the main target for mobile threats."

    to even suggest that security by obscurity is a factor here. Android is on 900 million devices (maybe 1b by now) and iOS is on 600 million. It's not 72% vs 14%. They even note that iOS had 387 reported vulnerabilities vs 13 on Android, which is really bad. It shows that in spite of the high iOS marketshare and vulnerabilities, Apple's strategy of using a curated App Store as the sole provider for apps and shipping iOS with its security design is offering better protection to mobile users.

    Yet you omit this:
    We have seen far more vulnerabilities for the iOS platform,
    which makes up 93 percent of those published, than for Android
    in 2012, but yet Android dominates the malware landscape, with
    97 percent of new threats.

    While seemingly contradictory at first, there is a good reason
    for this: jailbreaking iOS devices.
  • Reply 66 of 85
    MarvinMarvin Posts: 15,309moderator
    misa wrote: »
    Yet you omit this:
    We have seen far more vulnerabilities for the iOS platform,
    which makes up 93 percent of those published, than for Android
    in 2012, but yet Android dominates the malware landscape, with
    97 percent of new threats.

    While seemingly contradictory at first, there is a good reason
    for this: jailbreaking iOS devices.

    That's just saying that jailbreaking provides an incentive to find the vulnerabilities as they need to be used to jailbreak a device. Every time a jailbreak is released, it exploits a security vulnerability in iOS to get root access. Without the same incentive to find security vulnerabilities, it could be that people just haven't found them on Android but 387 in one year for iOS still seems high, especially with more devices using the latest OS.

    As I say, in spite of that, Apple's App Store strategy clearly gives the most effective protection against malware - the document says most of the malware isn't using security flaws.
  • Reply 67 of 85
    gatorguygatorguy Posts: 24,176member
    Marvin wrote: »
    That's just saying that jailbreaking provides an incentive to find the vulnerabilities as they need to be used to jailbreak a device. Every time a jailbreak is released, it exploits a security vulnerability in iOS to get root access. Without the same incentive to find security vulnerabilities, it could be that people just haven't found them on Android but 387 in one year for iOS still seems high, especially with more devices using the latest OS.

    As I say, in spite of that, Apple's App Store strategy clearly gives the most effective protection against malware - the document says most of the malware isn't using security flaws.

    It would be a useful metric for Symantec to report how many of the supposed malware developments actually resulted in an instance of malware infection, and how many "infections" occurred. I also realized this morning that to make these reports and stats sound more ominous than they probably are in real life Symantec includes ad-ware in it's malware category. My semi-educated guess is that half or more of what they refer to as malware is actually relatively benign (for the most part) adware. For instance if an app collects location information to assist with ad targeting but doesn't declare it does it's considered adware. If a "free app" displays undeclared ad popups it's again considered adware. Symantec simply lumps adware in with the malware statistics as do all the other security software providers as far as I can see.
    http://www.symantec.com/security_response/glossary/define.jsp?letter=a&word=adware

    Putting real numbers with the report would sure help separate the scare tactics from the legitimate concerns.
  • Reply 68 of 85
    MarvinMarvin Posts: 15,309moderator
    gatorguy wrote: »
    It would be a useful metric for Symantec to report how many of the supposed malware developments actually resulted in an instance of malware infection, and how many "infections" occurred. I also realized this morning that to make these reports and stats sound more ominous than they probably are in real life Symantec includes ad-ware in it's malware category. My semi-educated guess is that half or more of what they refer to as malware is actually relatively benign (for the most part) adware. For instance if an app collects location information to assist with ad targeting but doesn't declare it does it's considered adware. If a "free app" displays undeclared ad popups it's again considered adware. Symantec simply lumps adware in with the malware statistics as do all the other security software providers as far as I can see.
    http://www.symantec.com/security_response/glossary/define.jsp?letter=a&word=adware

    Putting real numbers with the report would sure help separate the scare tactics from the legitimate concerns.

    These companies do use scare tactics to sell their products but they can't lie about everything. There's a recent malware report here saying around 5 million infections:

    http://thehackernews.com/2013/08/Android-Malware-Google-Cloud-Messaging-mohit-Kaspersky.html

    Malware still manages to get into Google Play:

    http://thehackernews.com/2013/08/Android-hacking-apps-download-malware-tool.html

    Some of them use porn apps (one has 1 million installs) and there's very little that security can do about those. Warnings are no good because even saying "It is strongly recommended you don't install this app as it might seriously harm your device" just makes you want it more. If the warning said "Sure go ahead install it, it's only pictures of 50 year olds that nobody would pay to see naked", you'd probably skip it. Social engineering is more effective than exploiting a security vulnerability and how many people are going to complain?

    Customer: Yeah is this Google? I installed a pervy app on my phone with the intent of looking at dirty pictures of women and I've discovered that it's making premium calls without my consent.
    Google: Ok sir, can I have your full name and address.
    Customer: *click*
    Google: Sir? It's just for verification we already know your name and address and everything you do and so do the people who sold you the app!
  • Reply 69 of 85
    gatorguygatorguy Posts: 24,176member
    Marvin wrote: »
    These companies do use scare tactics to sell their products but they can't lie about everything. There's a recent malware report here saying around 5 million infections:

    http://thehackernews.com/2013/08/Android-Malware-Google-Cloud-Messaging-mohit-Kaspersky.html

    Malware still manages to get into Google Play:

    http://thehackernews.com/2013/08/Android-hacking-apps-download-malware-tool.html

    Some of them use porn apps (one has 1 million installs) and there's very little that security can do about those. Warnings are no good because even saying "It is strongly recommended you don't install this app as it might seriously harm your device" just makes you want it more. If the warning said "Sure go ahead install it, it's only pictures of 50 year olds that nobody would pay to see naked", you'd probably skip it. Social engineering is more effective than exploiting a security vulnerability and how many people are going to complain?

    The same Kaspersky Labs that last year predicted that iOS will soon be be overrun with millions of malware infections, leading to plunging sales and a "disaster for Apple"? That Kaspersky Labs? Doesn't mean of course that their report on Russian/Vietnamese Android malware is necessarily suspect. I have no doubt at all that malware exists. I just don't personally think Android is "overrun with it" or that it's a worthy and serious concern for the average user. I've seen no evidence that proves otherwise (unless I live in Russia or the Ukraine which I don't). With that said the potential for mobile platform malware can't be ignored. That's real and Android should more concerning. . .

    unless of course you believe Kaspersky.

    EDIT: I have absolutely no idea why nearly every piece of bonafide Android malware reported seems to target either Russian, Ukrainian or Chinese users. Any guess Marvin? I can't come up with a really good explanation, tho reports are that it's a regular business venture at least in Russia. Perhaps nearly all these reports of malware are 3rd party stuff three layers removed from official stores? Not sure.
    http://www.networkworld.com/news/2013/080513-lookout-malware-272528.html
  • Reply 70 of 85
    MarvinMarvin Posts: 15,309moderator
    gatorguy wrote: »
    The same Kaspersky Labs that last year predicted that iOS will soon be be overrun with millions of malware infections, leading to plunging sales and a "disaster for Apple"? That Kaspersky Labs? Doesn't mean of course that their report on Russian/Vietnamese Android malware is necessarily suspect.

    They also mention Western Europe. This site breaks down by country:

    http://www.techradar.com/news/phone-and-communications/mobile-phones/mobile-malware-jumped-163-percent-in-2012-mostly-on-android-1144848

    "Out of all malware-infected handsets scanned, 25.5 percent were in China, 19.4 percent were in India, and 17.9 percent were in Russia.
    The U.S. and Saudi Arabia brought up the tail end of the five-country list, with 9.8 percent and 9.6 percent infection rates respectively."

    Around 33m total in 2012 vs 11m in 2011. That would be around 3m US infections.
    gatorguy wrote: »
    I have no doubt at all that malware exists. I just don't personally think Android is "overrun with it" or that it's a worthy and serious concern for the average user.

    I'd say it should be a concern because the malware isn't primarily targeting phone vulnerabilities. Remember the email malware:

    http://www.techweekeurope.co.uk/news/japan-poker-android-malware-arrests-123059

    This is worse for the average user because it can come from any direction, not just hidden inside an app they won't likely come across.
    gatorguy wrote: »
    I have absolutely no idea why nearly every piece of bonafide Android malware reported seems to target either Russian, Ukrainian or Chinese users. Any guess Marvin?

    Same reason why these countries make and buy Android phones - they happily promote theft. They don't want to pay for apps so they use unofficial stores to rip-off developers and this requires side-loading:

    http://www.nytimes.com/2013/08/19/business/global/baidu-deal-may-reduce-app-piracy-in-china.html?pagewanted=all&_r=0
  • Reply 71 of 85
    gatorguygatorguy Posts: 24,176member
    Marvin wrote: »
    They also mention Western Europe. This site breaks down by country:

    http://www.techradar.com/news/phone-and-communications/mobile-phones/mobile-malware-jumped-163-percent-in-2012-mostly-on-android-1144848

    "Out of all malware-infected handsets scanned, 25.5 percent were in China, 19.4 percent were in India, and 17.9 percent were in Russia.
    The U.S. and Saudi Arabia brought up the tail end of the five-country list, with 9.8 percent and 9.6 percent infection rates respectively."

    Around 33m total in 2012 vs 11m in 2011. That would be around 3m US infections.
    I'd say it should be a concern because the malware isn't primarily targeting phone vulnerabilities. Remember the email malware:

    http://www.techweekeurope.co.uk/news/japan-poker-android-malware-arrests-123059

    This is worse for the average user because it can come from any direction, not just hidden inside an app they won't likely come across.
    Same reason why these countries make and buy Android phones - they happily promote theft. They don't want to pay for apps so they use unofficial stores to rip-off developers and this requires side-loading"

    Marvin. the article puts the majority of what they call "malware" in repackaged apps, ie stolen versions of developers paid apps.
    "App Repackaging was the most common method"

    As mentioned previously other security reports have already established that a big part of the "malware" sometimes included in apps is adware, relatively innocuous and generally more of an irritant if anything at all. Most mobile "malware" isn't the typical PC-type virus or trojan danger that probably comes to mind for many readers.

    Truly malicious money-stealing apps such as those sending expensive SMS texts appear to be almost non-existent in the US and Western Europe. Even assuming that your estimate of 3 million Android users in the US hit with a malware infection is correct the majority of them would simply have an app on their device that was ripped off from the original developer if I'm reading correctly. (I absolutely don't condone that and have never done so myself). Scam apps that potentially jeopardize users will be just a tiny part of that 3 million and very rarely appearing among the hundreds of thousands of apps available in the official app stores and even when they do not for long.

    As for the phishing-type emails and texts you mention even iOS/Mac users aren't immune to those. Stupid is as stupid does.

    By the way a much more recent version of the NQ Mobile Security Report highlights you got your stats from is available here:
    http://ir.nq.com/phoenix.zhtml?c=243152&p=irol-newsArticle&ID=1841095

    The US has seen a huge improvement rather than getting worse if you have faith that NQ reports have been accurate. I remember another high profile security paper from a couple months back that put the chance of a US Android user encountering "malware" at around 1% IIRC. As usual there's lots of reports floating around with various claims.

    EDIT: Thanks for the thoughtful and respectful discussion opportunity too!
  • Reply 72 of 85
    MarvinMarvin Posts: 15,309moderator
    gatorguy wrote: »
    Marvin. the article puts the majority of what they call "malware" in repackaged apps, ie stolen versions of developers paid apps.
    "App Repackaging was the most common method"

    As mentioned previously other security reports have already established that a big part of the "malware" sometimes included in apps is adware, relatively innocuous and generally more of an irritant if anything at all. Most mobile "malware" isn't the typical PC-type virus or trojan danger that probably comes to mind for many readers.

    They have number breakdowns in the report:

    http://blog.nq.com/2013midyearsecurityreport/

    43% are what you'd consider not a problem but many people do consider spyware, adware, surveillance etc serious problems - those terms pretty much describe Google so Android users are accustomed to it but typically people would mind that sort of thing. 32% were designed to profit from data e.g banking and premium calls, 23% designed to break the device.
    gatorguy wrote: »
    Truly malicious money-stealing apps such as those sending expensive SMS texts appear to be almost non-existent in the US and Western Europe.

    That report doesn't suggest that. It says that although the US has dropped in malware since 2012, it's the percentage share that's down and the number of infections are up. It currently accounts for 6.5% of 21 million infections in the first half of 2013 alone, which is 1.37m infections in the US of which potentially 32% are intended to get money from. 440k people might seem like a small amount relative to the 74m? US users ( http://www.asymco.com/2013/08/08/android-net-user-decline/ ) but it's a lot of people and potentially a lot of money.

    Also, although contacts harvesting might seem relatively harmless, they can send SMS messages using those details:

    "Using social engineering (phishing) along with SMS, consumers are contacted by cybercriminals and asked to click on a malicious link. Clicking the link will trigger a malicious app download or direct the consumer to a rogue website. One of the most efficient and lucrative methods of smishing automatically downloads Premium Rate Service (PRS) images to the infected device. Also called “Toll Fraud,” this method generates as much as $4 USD per SMS for cybercriminals."
    gatorguy wrote: »
    As for the phishing-type emails and texts you mention even iOS/Mac users aren't immune to those. Stupid is as stupid does.

    Some Android devices appear to help though:

    http://www.crn.com/news/security/240156925/samsung-galaxy-s4-contains-serious-smishing-vulnerability-firm-warns.htm

    and as I say, they need to get the contact details first.

    Concerning side-loading, it's commonly suggested that this is not a US problem but authorities have shut down app piracy sites in the US in the last two weeks:

    http://www.bbc.co.uk/news/technology-19347543

    "The agency said search warrants had been executed in six areas of the country including Georgia, Florida, Mississippi and Texas.

    In addition it said international law enforcers, including officials from France and the Netherlands, had helped seize evidence from computer servers based outside the US, which had hosted most of the websites' content."

    These wouldn't be hosted there if the users were from China, Russia etc.
  • Reply 73 of 85
    hmmhmm Posts: 3,405member

    Quote:

    Originally Posted by Marvin View Post





    It's lies and propaganda that lead to a bad reputation, not stats alone. Constantly cherry-picking stats that show who you prefer to attack in a bad light would be propaganda and especially leads to a bad reputation if who you share it with happen to like who you are attacking.




    I thought the joke was regarding the "add to reputation" button.

  • Reply 74 of 85
    gatorguygatorguy Posts: 24,176member
    Marvin wrote: »
    They have number breakdowns in the report:

    http://blog.nq.com/2013midyearsecurityreport/

    43% are what you'd consider not a problem but many people do consider spyware, adware, surveillance etc serious problems - those terms pretty much describe Google so Android users are accustomed to it but typically people would mind that sort of thing. 32% were designed to profit from data e.g banking and premium calls, 23% designed to break the device.
    That report doesn't suggest that. It says that although the US has dropped in malware since 2012, it's the percentage share that's down and the number of infections are up. It currently accounts for 6.5% of 21 million infections in the first half of 2013 alone, which is 1.37m infections in the US of which potentially 32% are intended to get money from. 440k people might seem like a small amount relative to the 74m? US users ( http://www.asymco.com/2013/08/08/android-net-user-decline/ ) but it's a lot of people and potentially a lot of money..

    Ummm, is the NQ report only applicable to Android? It looks like they're reporting on mobile threats as a whole and not just Android. Not all malware infections can be attributed to Android. For instance we already know for a a fact that some unidentified number of iOS users have had personal data collected without their knowledge by apps they were using, which qualifies them as malware. So there may be 440K smartphone users (more or less) in the US affected by malware but they aren't all Androiders.
  • Reply 75 of 85
    MarvinMarvin Posts: 15,309moderator
    gatorguy wrote: »
    Ummm, is the NQ report only applicable to Android? It looks like they're reporting on mobile threats as a whole and not just Android. Not all malware infections can be attributed to Android. For instance we already know for a a fact that some unidentified number of iOS users have had personal data collected without their knowledge by apps they were using, which qualifies them as malware. So there may be 440K smartphone users (more or less) in the US affected by malware but they aren't all Androiders.

    According to them, 95% of mobile malware is on Android:

    http://swiki.net/mobile-malware-on-android.html

    You can deduct 5% from the numbers if it makes you feel better though.
  • Reply 76 of 85
    gatorguygatorguy Posts: 24,176member
    Marvin wrote: »
    According to them, 95% of mobile malware is on Android:

    http://swiki.net/mobile-malware-on-android.html

    You can deduct 5% from the numbers if it makes you feel better though.

    No sir, that wouldn't be correct. You have to be very careful when using some of the third hand reports. They too often change the original wording either from sloppiness or to purposefully suit their agenda.

    You're linking and using an erroneous 3rd party "translation" of what NQ said in their 2012 report. I thought you already read and quoted the original a few posts back and it's quite different from what you just used for your "deduct 5%" suggestion.. This is what the report statistics you're relying on actually said:

    94.8% of malware discovered in 2012 was designed to
    attack Android devices vs. only 4% targeting Symbian

    http://www.nq.com/2012_NQ_Mobile_Security_Report.pdf

    So roughly 95% of the newly discovered exploits NQ identified targeted (only?) Android, not that 95% of all "malware infections" were found on Android devices.

    As a side comment I believe that if NQ had evidence that 95% of all malware was restricted to Android devices it would have made it's way into the report. In fact not mentioning what percentage of actual malware could be attributed to the various platforms might be an indication that what they found (if they found anything) was anti-climatic in comparison. The "95% designed for" was more attention-getting.

    So getting back to my original point several posts ago:
    "I have no doubt at all that malware exists. I just don't personally think Android is "overrun with it" or that it's a worthy and serious concern for the average user. I've seen no evidence that proves otherwise (unless I live in Russia or the Ukraine which I don't)."

    ... and that still stands.
  • Reply 77 of 85
    MarvinMarvin Posts: 15,309moderator
    gatorguy wrote: »
    No sir, that wouldn't be correct.

    You're linking and using an erroneous 3rd party "translation" of what NQ said in their 2012 report. I thought you already read and quoted the original a few posts back and it's quite different from what you just used for your "deduct 5%" suggestion.. This is what the 2012 NQ report you're relying on actually said:

    94.8% of malware discovered in 2012 was designed to
    attack Android devices vs. only 4% targeting Symbian

    http://www.nq.com/2012_NQ_Mobile_Security_Report.pdf

    So roughly 95% of the newly discovered exploits NQ identified targeted (only?) Android, not that 95% of all "malware infections" were found on Android devices.

    As a side comment I have no doubt that if NQ had evidence that 95% of all malware was restricted to Android devices it would have made it's way into the report. In fact not mentioning what percentage of actual malware could be attributed to the various platforms might be an indication that what they found (if they found anything) was anti-climatic in comparison. The "95% designed for" was more attention-getting.

    I see. Well let's see what news is reported by Google:

    http://www.google.com/hostednews/afp/article/ALeqM5h9YtoboM39ze2tgnmYnzIGJzer5A?docId=CNG.c7a205fd35088508f7ab23370e7d70e6.c41

    According to F-Secure, "The Android operating system accounted for 79 percent of all malware infections on smartphones, and the threat is multiplying. The only other platform with any significant share of malware was Symbian, the system dropped by Nokia, which F-Secure said accounted for 19 percent."

    So if you consider smartphone infections and remove Symbian, that's 79% vs 2% so Android = 79/81 = 97% of infections.

    Thanks for correcting me, I underestimated. In that case deduct 3% if it makes you feel better.

    Look I know it's hard to come to terms with the fact your preferred OS is a laggy, buggy insecure piece of badly supported junk but that's just the reality of it. Windows users were the same years ago, how you weren't likely to get a virus or that adware is not an issue and if you just know what you're doing, you'll be ok (in other words if you're too stupid to not know what malware is you deserve to get some grandma). Look on the bright side, at least you paid less for your Android devices than if you'd bought a smooth, well tested, secure piece of well supported awesomeness. Some people like to pay a bit more for that convenience.
  • Reply 78 of 85
    gatorguygatorguy Posts: 24,176member
    Fuzzy math?? 95% of infections claim dropped to 79% of infections claim which lead to your figures going from. . . never mind.

    Your opinion is certainly as valid as any I have Marvin I imagine something we both can agree on is we've beaten it up enough already, so again thanks for the respectful and thoughtful discussion. I wish there were more like this that didn't descend into "I know you are but what am I".
  • Reply 79 of 85
    MarvinMarvin Posts: 15,309moderator
    gatorguy wrote: »
    Fuzzy math?? 95% of infections claim dropped to 79% of infections claim which lead to your figures going from. . . never mind.

    It's 79% when Symbian is included. Symbian isn't a smartphone OS but it looks like NQ tracks Symbian too. I excluded Symbian to give you an idea where Android's infection rate is vs iOS and other smartphones. If you're happy with 79% including Symbian, go with that but your contention seems to be with how malware-ridden Android is in the current smartphone landscape - you seem to imagine that iOS is equally as vulnerable to malware as Android and therefore the infection rates are comparable. In the smartphone landscape (which excludes Symbian), the infection rate of Android appears to be approximately two orders of magnitude higher than the next competitor (95-97:1). The US number is listed as 1.37m total (440k was an estimate of serious ones) so if it's 79%, that makes 1.08m US infections of Android just in the first half of 2013. Users are already noticing malware:

    http://forums.androidcentral.com/google-nexus-7-tablet-2012/265125-need-help-nexus-7-malware-virus.html

    Although the common suggestion is to only use Google Play, one of the biggest advantages given for Android is not having a walled garden so you can't have both advantages of freedom and security and ignore the problems. If being able to access 3rd party stores is an advantage then it clearly has to be used by a significant enough number of people for it to be an advantage in which case the potential threat is high. If the threat isn't high because people aren't bothering to use 3rd party stores, then being able to access 3rd party stores is not a significant advantage.

    There's also a recent malware, which is designed to avoid detection:

    http://blogs.mcafee.com/consumer-threat-notices/android-users-beware-obad-a-is-out-there

    "Obad lets a hacker completely control your phone without you ever knowing about it and your phone can catch it just by standing next to someone with an infected phone."

    Remember Android users, if anyone in the street asks to bump phones, put on some protection first:

    1000
  • Reply 80 of 85
    gatorguygatorguy Posts: 24,176member
    Marvin, if you read your own links you probably recognized they actually [I]support my opinion[/I] that Android isn't riddled with malware, shouldn't be a major concern particularly for Western users, nor is it something that most users will ever encounter. Yup, Android users are more exposed to potential malware than iOS owners, but one guy who downloaded pirated apps gets a porn ad popup and you believe that's evidence of wide-spread and all-pervasive Android viruses? Oddly enough no one jumped in with "it happened to me too!"

    Your second link that prompted the suggestion of a phone condom notes "The prevalence of this threat [B]is very low and limited to a certain region[/B]." In other words darn unlikely that you'll even "know somebody who knows somebody whose cousin said they got it", so the emergency condom can stay wrapped for the time-being. Acquiring malware from a malicious phone charger is probably more likely. . . oh wait, that's not Android.

    Have you ever read up on iOS provisioning profiles and the potential for maliciousness? Is it something that Apple users should be concerned with and stay on constant guard for? Should enterprises be taking precautions against the danger?

    Are Mactan's in part behind the Apple offer to replace 3rd party chargers? Should iPhone and iPad users be ever vigilant when using any charger other than their own Apple-made?

    How about Jekyll-type trojan apps making their way into Apple's "walled garden"? Is it potentially a serious exploitable vulnerability that should scare Apple users into only downloading highly rated apps and avoiding anything unknown?

    Hardly. I think you'd be more inclined to put those malware infection possibilities on the tin-hat shelf. The thought of malware should never enter an iOS users mind. All mobile malware infects Android and Android alone so they really should be scared. . . along with those four Symbian users. ;) Would that be an accurate description of your opinion? I wouldn't think so. I'd completely agree if you said that much more malware makes it to Android devices than those running iOS. That doesn't then mean that Android trojans and viruses are therefor prevalent and something all users should always be on guard against.

    IMO, malware shouldn't qualify as huge concern no matter the mobile platform you choose. Of course if the security companies can find a way they'll scare us into believing it is. Seems to work to some degree too.

    Anyway, I've got nothing more to add and certainly don't expect any minds were changed. Still an interesting discussion tho.
Sign In or Register to comment.