Linked by Thom Holwerda on Mon 22nd Apr 2013 23:00 UTC
Google "The family of Android malware that slipped past security defenses and infiltrated Google Play is more widespread than previously thought. New evidence shows it was folded into three additional apps and has been operating for at least 10 months, according to security researchers." Google removed most of it, but not before it was installed anywhere between 2 to 9 million times - finally some figures from Google itself, and not scaremongering by antivirus companies. At 9 million, that's 1.2% of all Android devices sold.
Thread beginning with comment 559581
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: No thanks.
by moondevil on Tue 23rd Apr 2013 18:53 UTC in reply to "RE[2]: No thanks."
moondevil
Member since:
2005-07-08

I fully agree with you.

On the other hand I sometimes have doubts when on UNIX systems if my firewall configuration is really secure or how far each application is free from exploits.

Having a microkernel OS, capabilities based or with process fine grained sandboxes will improve surely security, but they are no solution for dumb users that install everything from everywhere.

Reply Parent Score: 4

RE[4]: No thanks.
by UltraZelda64 on Tue 23rd Apr 2013 19:39 in reply to "RE[3]: No thanks."
UltraZelda64 Member since:
2006-12-05

Unfortunately... yup. If someone does something stupid, it will always carry the potential consequence of screwing them over. It's an unavoidable fact of... well, pretty much everything. I think mounting the /home partition on Linux (or the BSD/UNIX equivalent) with the "noexec" option can go a long way, though. Eliminating sudo and giving them a "secret" root password would help even further--although in some cases this may not be possible. And, of course, have a hardware firewall/router for extra protection. I have to admit, I don't normally use a software firewall (IMO they're more trouble than they're worth), but when I know I'll be using a potentially-untrusted network (like lately...) I make an exception.

Edited 2013-04-23 19:42 UTC

Reply Parent Score: 0