Linked by Thom Holwerda on Mon 22nd Apr 2013 23:00 UTC
Google "The family of Android malware that slipped past security defenses and infiltrated Google Play is more widespread than previously thought. New evidence shows it was folded into three additional apps and has been operating for at least 10 months, according to security researchers." Google removed most of it, but not before it was installed anywhere between 2 to 9 million times - finally some figures from Google itself, and not scaremongering by antivirus companies. At 9 million, that's 1.2% of all Android devices sold.
Order by: Score:
Article title a bit misleading
by WorknMan on Mon 22nd Apr 2013 23:52 UTC
WorknMan
Member since:
2005-11-13

According to the linked article:

Even after a malicious update is displayed on an infected device, the user must specifically choose to download and install it and must have configured the phone to install apps from third-party sources.

That's not exactly 'infiltrating' the Google Play store. Obviously, anytime you're running apps not vetted by anyone, there are going to be risks. The question is, do you want a corporation deciding what you are/are not allowed to install in order to alleviate risks?

Some people are willing to give up their freedom for a little security, and I don't necessarily think that's a bad thing in all cases. I mean, if all the apps you really want are inside the walled garden, it's kind of a win/win situation.

Reply Score: 4

RE: Article title a bit misleading
by wocowboy on Tue 23rd Apr 2013 11:58 UTC in reply to "Article title a bit misleading"
wocowboy Member since:
2006-06-01

I've been around long enough to have "enjoyed" the experience of having to re-install Windows or erase/reformat/reinstall the hard drive or having to install a complete new hard drive because of infection by a virus or malware. Even with anti-virus software installed. I've lost entire hard drives worth of data in some of those great experiences.

Having enjoyed all those experiences, I gradually came to the realization that I didn't have to worry about all that in a "walled garden" type of situation, so I slowly migrated and have been quite happy ever since. As the original poster said, if the applications you want and need are within that wall, then fine & dandy, all is well. I have no problem with the walled garden and the experience Apple or anyone else is trying to provide to their customers. If it works for them, great, there is nothing wrong with that.

I have also tinkered with my iPhone, jailbreaking and unlocking the various models I have owned. It was fun and exhilarating but I have left that behind because I know/knew the risks and don't need to do that any more. As with my computer, all the software I need or want is within the walled garden. This is probably all a function of getting older and having had those "fun" experiences of crashing computers and cellphones and not wanting to have to deal with that any more, but that's fine. As long as people know the risks, if they want to have that experience, I have no problems with it, just don't come crying to me when your computer or phone becomes nothing more than a doorstop. Been there/done that/you've been warned.

Reply Score: 1

No thanks.
by UltraZelda64 on Tue 23rd Apr 2013 01:26 UTC
UltraZelda64
Member since:
2006-12-05

"The takeaway for Android users is to consider running a smartphone antivirus app."

And we'll end up with the same problems that people have on Windows: Cell phones everywhere will run slow as anti-virus software sucks up CPU time and RAM, causing false positives like the recent Malwarebytes dud that downed countless computers, and in the end people will still get infected because they will feel "safe" and think they can do anything. Meanwhile, no program will successfully defend against all malware. Meanwhile, we'll get the added annoyance that this extra resource hogging sucks our batteries dry.

No thanks, that doesn't sound like the kind of thing I want to go back to. I already have a serious lack of storage space, I can't even install everything that I want, there's no way in hell I'll get an anti-virus program that will continue to get bigger and bigger with no end.

Edited 2013-04-23 01:28 UTC

Reply Score: 4

RE: No thanks.
by moondevil on Tue 23rd Apr 2013 07:34 UTC in reply to "No thanks."
moondevil Member since:
2005-07-08

And we'll end up with the same problems that people have on Windows


Which we used to have on MS-DOS, CP/M, Amiga, Atari, Mac OS (<= X), C64, ....

Virus were never Windows specific, rather common to any consumer systems.

Even in more secured systems, the problem still persists given how consumers behave, assuming they can have root/admin rights.

Most people will just install whatever they can put their hands on, without pausing 1 second to think about it, regardless how they got the software.

From magazines, friends, acquaintances, strange looking web sites, you name it.

The only way is for someone else to look after what people are allowed to install on their own systems, but we can all imagine how it ends if taken too far.

Reply Score: 3

RE[2]: No thanks.
by MOS6510 on Tue 23rd Apr 2013 08:23 UTC in reply to "RE: No thanks."
MOS6510 Member since:
2011-05-12

C64??? I know there were some proof-of-concept-wannabe viruses, but these required you to load them yourself and after you ran them you shouldn't reset or power cycle the computer (which people tended to do before loading a new program or game).

These "demo" viruses ran invisible and after a while caused some funny effect.

I guess they could be considered virus simulators and not real ones.

Reply Score: 2

RE[3]: No thanks.
by moondevil on Tue 23rd Apr 2013 08:59 UTC in reply to "RE[2]: No thanks."
moondevil Member since:
2005-07-08

In Portugal most 8 bit software was cloned and sometime it got fatter in the process. ;)

You could only buy legit copies in big cities.

Reply Score: 2

RE[4]: No thanks.
by MOS6510 on Tue 23rd Apr 2013 19:12 UTC in reply to "RE[3]: No thanks."
MOS6510 Member since:
2011-05-12

What kind of stuff did they add?

Most cracked games came with cracking crew intros and often "trainers" (cheat options).

It's hard to imagine any virus kind of software having much effect. It wouldn't survive a reset or power cycle, which you had to do when changing software. Also there was no boot sector or hard disk to infect.

The Commodore Amiga could catch a number of viruses.

Reply Score: 2

RE[5]: No thanks.
by moondevil on Tue 23rd Apr 2013 20:42 UTC in reply to "RE[4]: No thanks."
moondevil Member since:
2005-07-08

They could affect existing software in the case you were using floppies.

Reply Score: 2

RE[2]: No thanks.
by UltraZelda64 on Tue 23rd Apr 2013 18:35 UTC in reply to "RE: No thanks."
UltraZelda64 Member since:
2006-12-05

True--viruses were definitely to DOS back in those days as flies are to shit, and no OS is 100% immune to viruses (except, of course, that massive majority written of them written for DOS/Windows...). But I think the "security" companies and their software have only got worse since those days, and I wouldn't trust them or their software these days much more than the viruses themselves.

Reply Score: 2

RE[3]: No thanks.
by moondevil on Tue 23rd Apr 2013 18:53 UTC in reply to "RE[2]: No thanks."
moondevil Member since:
2005-07-08

I fully agree with you.

On the other hand I sometimes have doubts when on UNIX systems if my firewall configuration is really secure or how far each application is free from exploits.

Having a microkernel OS, capabilities based or with process fine grained sandboxes will improve surely security, but they are no solution for dumb users that install everything from everywhere.

Reply Score: 4

RE[4]: No thanks.
by UltraZelda64 on Tue 23rd Apr 2013 19:39 UTC in reply to "RE[3]: No thanks."
UltraZelda64 Member since:
2006-12-05

Unfortunately... yup. If someone does something stupid, it will always carry the potential consequence of screwing them over. It's an unavoidable fact of... well, pretty much everything. I think mounting the /home partition on Linux (or the BSD/UNIX equivalent) with the "noexec" option can go a long way, though. Eliminating sudo and giving them a "secret" root password would help even further--although in some cases this may not be possible. And, of course, have a hardware firewall/router for extra protection. I have to admit, I don't normally use a software firewall (IMO they're more trouble than they're worth), but when I know I'll be using a potentially-untrusted network (like lately...) I make an exception.

Edited 2013-04-23 19:42 UTC

Reply Score: 0

RE: No thanks.
by sithlord2 on Tue 23rd Apr 2013 07:58 UTC in reply to "No thanks."
sithlord2 Member since:
2009-04-02

And we'll end up with the same problems that people have on Windows


Speak for yourself. My antivirus does not slow down my computer at all. I also run Avast Mobile on my Android, and I don't notice any difference in performance.

Reply Score: 3

RE[2]: No thanks.
by UltraZelda64 on Tue 23rd Apr 2013 18:23 UTC in reply to "RE: No thanks."
UltraZelda64 Member since:
2006-12-05

Speak for yourself. My antivirus does not slow down my computer at all. I also run Avast Mobile on my Android, and I don't notice any difference in performance.

[emphasis added]

Do you have any benchmarks to prove that your anti-virus software causes absolutely no slowdown whatsoever? And if it is using absolutely no processing power or memory, is it even running and working correctly? Somehow I don't believe that *any* program can use zero resources while running, especially an active anti-virus program.

I also find it ironic that at 5.4 MB according to the Google Play store, there's no way in hell that the Avast Mobile program that you mentioned would fit on my phone without uninstalling several *more* programs (as if I haven't had to get rid of enough already). Give it a few years (months?) and it'll explode to 10 MB... then 15 MB... just like they all do.

Again, I'll pass on cell phone anti-virus. But if it really makes you feel safe, then have at it. I, on the other hand, don't trust those programs or the "security" companies behind much more than the malware that they claim to "eliminate" (but typically fail miserably at, while potentially causing serious problems of their own).

Edited 2013-04-23 18:25 UTC

Reply Score: 1

RE[3]: No thanks.
by WorknMan on Tue 23rd Apr 2013 20:12 UTC in reply to "RE[2]: No thanks."
WorknMan Member since:
2005-11-13

Do you have any benchmarks to prove that your anti-virus software causes absolutely no slowdown whatsoever? And if it is using absolutely no processing power or memory, is it even running and working correctly? Somehow I don't believe that *any* program can use zero resources while running, especially an active anti-virus program.


Here's a more important question - does he NOTICE a difference in speed when the AV software is running vs when it isn't? And if the answer is no, then it really doesn't matter, does it?

Reply Score: 4

RE[4]: No thanks.
by UltraZelda64 on Tue 23rd Apr 2013 20:41 UTC in reply to "RE[3]: No thanks."
UltraZelda64 Member since:
2006-12-05

Here's a more important question - does he NOTICE a difference in speed when the AV software is running vs when it isn't? And if the answer is no, then it really doesn't matter, does it?

Notice the wording:
My antivirus does not slow down my computer at all.

He did not say a word about not "noticing" anything, he stated it as fact. If he had been a bit more careful with his wording, then I wouldn't have said a word about that in response.

Reply Score: 1

Getting you bit by bit
by orfanum on Tue 23rd Apr 2013 04:55 UTC
orfanum
Member since:
2006-06-02

So, most of the said apps originate from Russia or are Russian-language specific. Why is this a surprise to anyone? Even from the days of searching for files via ftp servers I have avoided .ru ones (as well as Chinese-bases hosts) even where these were apparently attached to legit institutions seemingly, such as in the educational sector.

Also, doing a search for 'bitdefender' via Google Play gives one the first option of 'Bitdefender mobile security'. Take a look at the permissions that programme demands. Is this legit, and if it is, why would Bitdefender need such access to my device? If it isn't, why is it there and why does Google's search algorithm present it as the top choice?

I am a reasonably savvy hobbyist user (which means mostly I have absorbed enough information to be on the sanely side of twitchy rather than having become technically expert as such over the years) but getting corroboration of validity and authenticity even when alarm bells start to ring seems to me to be getting gradually harder and harder to achieve with confidence since the advent of smartphones.

I may be rambling here (as an amateur that's another hit-and-miss risk one takes) so am open to being corrected.

Reply Score: 2

RE: Getting you bit by bit
by pandronic on Tue 23rd Apr 2013 05:18 UTC in reply to "Getting you bit by bit"
pandronic Member since:
2006-05-18

Bitdefender is not made by a Russian company, but by a Romanian one, also it's one of the top antiviruses on the market.

Reply Score: 3

RE[2]: Getting you bit by bit
by orfanum on Tue 23rd Apr 2013 15:04 UTC in reply to "RE: Getting you bit by bit"
orfanum Member since:
2006-06-02

I wasn't suggesting it was ;) Good to know the origin though-not that it makes me feel safer...

Reply Score: 2

RE: Getting you bit by bit
by aligatro on Tue 23rd Apr 2013 05:33 UTC in reply to "Getting you bit by bit"
aligatro Member since:
2010-01-28

"So, most of the said apps originate from Russia or are Russian-language specific. Why is this a surprise to anyone? Even from the days of searching for files via ftp servers I have avoided .ru ones (as well as Chinese-bases hosts) even where these were apparently attached to legit institutions seemingly, such as in the educational sector. "

They do, however you are ignoring the fact that's its mostly the rogue ad-network that caused those infections. Of course its the also the fault of those developers for not realizing this. Something similar can happen even with legitimate ad-networks and in result with legitimate websites.


"Bitdefender is not made by a Russian company, but by a Romanian one, also it's one of the top antiviruses on the market."

So what you are saying is: its more trust-worthy because the company was founded in Romania?

Edited 2013-04-23 05:42 UTC

Reply Score: 2

RE[2]: Getting you bit by bit
by orfanum on Tue 23rd Apr 2013 15:09 UTC in reply to "RE: Getting you bit by bit"
orfanum Member since:
2006-06-02

Yes, you are right, my conclusion was a bit unfocused of me really since I had read the article fully and had come away with the notion that it explained the complexities of the situation well enough for a layperson to comprehend. Still, there seems to be a fair amount of correlation going on which to me suggests either it's possibly malicious use of the ad-framework or a lack of rigour on the part of the developers. Neither possibility fills me with any greater feeling of ease regarding apps that originate from that part of the world, unfortunately.

Reply Score: 2

RE[2]: Getting you bit by bit
by Soulbender on Thu 25th Apr 2013 03:10 UTC in reply to "RE: Getting you bit by bit"
Soulbender Member since:
2005-08-18

So, are you saying it's less trustworthy because it's not made in western Europe or the US?

Reply Score: 2

RE[3]: Getting you bit by bit
by orfanum on Fri 26th Apr 2013 14:41 UTC in reply to "RE[2]: Getting you bit by bit"
orfanum Member since:
2006-06-02

Not per se but I'd probably have a different take on the particular risks to be managed. There are always risks, some just have different criteria from others.

Reply Score: 2

lucas_maximus
Member since:
2009-08-18

I would love to know. It kinda like adding up every Windows sale since Windows 95.

Reply Score: 4

Comment by Soulbender
by Soulbender on Thu 25th Apr 2013 03:05 UTC
Soulbender
Member since:
2005-08-18

The takeaway for Android users is to consider running a smartphone antivirus app


No, the takeaway is not to install apps that requires you to allow installation of non-store apps. If you don't find that suspicious then what the heck are you thinking?
Really, it's just common-sense although I guess common sense is rather uncommon.

Reply Score: 2