Related
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
the_main_app said:
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
Click to expand...
Click to collapse
There are viruses for Android.....right ?
Besides , if you're smart enough you can check whether an app needs such permissions when installing , through the Mart or an .apk .
I don't like the way iOS works , they give too limited functionality .
Forever living in my Galaxy Ace using XDA App
the_main_app said:
I posted this in another forum but I want to know what you guys here think about android security.
How worried are you all about security on the android platform? Don't you find it a little unnerving that anybody could upload and app to the android market and there is no verification of the app like on IOS platform. Anybody could write an app that looks legit but does devious things. All this along with there are very very few security applications and they are in the infant state. Don't you find it very dangerous? How do you try to maintain security on your android device? Don't download apps? Only download from known publishers? Or do you roll the dice and download anything? If you use a security app which one?
Click to expand...
Click to collapse
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
I think the best thing would be if android embraced that the user can choose which permissions to give to apps. I mean, an app may want to know your location, you denies it, and the app continnues happily without using that functionality, or quits saying its essantial.
cobraboy85 said:
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
Click to expand...
Click to collapse
very well put, unfortunately most dont think like this..
It is always a good habit to check the permissions an app needs before installation.I personally think that a system should be implemented in android market where all apps are erquested to give informaation on "Why they need certain permissions?".Certain apps do that.
An antivirus program is also useful in my opinion.I use Lookout antivirus,as i find it simple to use and does not slow down my phone.I tried avg but it slowed down my phone terribly.
hiitti said:
I think the best thing would be if android embraced that the user can choose which permissions to give to apps. I mean, an app may want to know your location, you denies it, and the app continnues happily without using that functionality, or quits saying its essantial.
Click to expand...
Click to collapse
But, as a matter of degree, this just what we wish. The fact may be far beyond our imagination. Sometimes, malware still run certain functionalities even you cancel it. It's worse that some apps run secretly in system. I'm a little scared about security issue based on my PC.
cobraboy85 said:
i dont use a security app, i use common sense.
a game doesn't need access to my contacts...
notepad app doesn't need access to my private information...
this is why android phones are for the power users and shouldn't be used by soccer moms and grandmas - because they have no clue what they are doing with these phones except for when a phone call or text message comes in... let them have the iphones.
but if you are tech savvy, and want to squeeze every bit of user capability out of your phone, a high end android phone is for you.
the people that are tech savvy also have the awareness because they treat their phone like a computer, and not a phone.
just my thoughts.
Click to expand...
Click to collapse
But a game might ask for internet/network permissions which you would probably accept. How do you guard against this? How can you prevent a malicious app that asks for relavent permissions but abuses them?
I never take the time to study the permissions required when I download an app from the market.
I tend to avoid the low number of d'load apps..... partly as there is less feedback to judge.... and partly as any app thats worth the download will have high stars and many d'loads.
Works for me so far.
Netquins running in the background just in case...... but whose to say they dont upload my contacts for spamming?
Prof Peach said:
I never take the time to study the permissions required when I download an app from the market.
I tend to avoid the low number of d'load apps..... partly as there is less feedback to judge.... and partly as any app thats worth the download will have high stars and many d'loads.
Works for me so far.
Netquins running in the background just in case...... but whose to say they dont upload my contacts for spamming?
Click to expand...
Click to collapse
But what about new apps that may be legit? They won't have any reviews yet or stars. If everybody did the same as you it would never get reviews or stars? There's got to be a better way, don't you agree?
the_main_app said:
But a game might ask for internet/network permissions which you would probably accept. How do you guard against this? How can you prevent a malicious app that asks for relavent permissions but abuses them?
Click to expand...
Click to collapse
That's the only question above that can't be answered by LBE Privacy Guard.
Someone mentioned a game that wants access to your contacts. What if you really want the game? You just don't allow it access to your contacts and then play it anyway.
Most apps ask for access to your IMEI (you'd be surprised how many!) With LBE they don't get it.
Antivirus software is all well and good, but it's not the same as on a PC where pattern matching can be used. AV software on Android basically opens the apk file and has a look round to see if anything looks suspicious. Other than that, there's nothing it can do to stop a clever developer bypassing it.
Seriously, if you have concerns then get LBE and start restricting permissions access on an app-by-app basis.
johncmolyneux said:
That's the only question above that can't be answered by LBE Privacy Guard.
Someone mentioned a game that wants access to your contacts. What if you really want the game? You just don't allow it access to your contacts and then play it anyway.
Most apps ask for access to your IMEI (you'd be surprised how many!) With LBE they don't get it.
Antivirus software is all well and good, but it's not the same as on a PC where pattern matching can be used. AV software on Android basically opens the apk file and has a look round to see if anything looks suspicious. Other than that, there's nothing it can do to stop a clever developer bypassing it.
Seriously, if you have concerns then get LBE and start restricting permissions access on an app-by-app basis.
Click to expand...
Click to collapse
this.
i was JUST about to say the same thing about the android "anti-virus" scam... not really a scam, but a false sense of security. as you said, not the same at ALL. people need to get out of the PC mindset with these phones. this is not windows, it's linux.
and i'm going to give LBE a shot. seems pretty legit.
for all of those running antivirus "software" on your phone, how many of you have actually run a virus scan and had it give a detailed description of a malicious "virus"....
Liking lookout
Sent from my GT-I9100 using XDA App
ummm, anyone ever heard of antiviruses (Kapersky, maybe?)? Or at least look up the app's access to things... If it accesses something you don't want it to access (or think the app doesn't need to access it), don't install it!
I know out-of-the-box Androids aren't so vunerable to viruses, compared to rooted ones... So...?
First look up the developer of the app, then if you trust him, install, if you never heard of him, google it (or look at the comments at where you're downloading from), and if you had experience with the developer before (and if the experience is bad, like trojans, etc.), don't install!
(I don't understand half of what I'm typing XD...Don't blame me for misspellings, please )
Cant say I can rave or not when it comes to the anti virus apps.
Have used Lookout in the past and currently using netquin.... neither of which ever flagged up a virus, malware or whatever.
Its nice to think its running in the background but dont know whether it will do anything if its needed.
I was tempted to download a load of apps in a zip file but 20 secs in my Avast siad there was a virus. I'd like to think the market would have its own precautions but having searched the site, cant see any mention of its security for the apps we download.
Its a different thing altogether but we cant take the fact that its the market and relax...... the worst virus my laptop ever had came in an update from Microsoft...... and another directly from google tools.
Kapersky for Android then? You can pick up free full non-trial versions on the web...
About the Market - yes, that's true. You'd expect them to check if apps are infected or at least leave a bot to do it...
Sorta lame...
The best security is the brain.akp just like brain.exe is on windows - best thing it's free, godgiven and everyone got a copy
Zeze21 said:
The best security is the brain.akp just like brain.exe is on windows - best thing it's free, godgiven and everyone got a copy
Click to expand...
Click to collapse
yeah but not everyone got the full version. A few of my friends got a corrupted exe and then this girl I know got the 30 day trial
not that good
Prawesome said:
It is always a good habit to check the permissions an app needs before installation.I personally think that a system should be implemented in android market where all apps are erquested to give informaation on "Why they need certain permissions?".Certain apps do that.
An antivirus program is also useful in my opinion.I use Lookout antivirus,as i find it simple to use and does not slow down my phone.I tried avg but it slowed down my phone terribly.
Click to expand...
Click to collapse
I have both Lookout and AVG, neither has stopped my phone from getting up to 10 junk downloads, you have won an ipad, iphone etc., a day, not sms or email, I have to have every form of external contact turned off, the moment I get wifi or mobile access it starts downloading spam.
If anyone knows of a way to stop it I would appreciate the feedback
Moved to proper section
Hello everyone.
I've just came up with this thought and I wanted to share it with you. We always hear about how Android is more prone to malware than, say, iOS.
But I'd like to know why. I'm pretty sure that, before releasing an app on the Market (oops, Play Store!), Google makes a thorough validation of it. I find it difficult to believe that Google's guidelines are less stringent than Apple's.
Why, then, or better, whence the malware?
The best answer I could give myself is that malevolent apps are modified versions of pirated software that people download from the Internet. Like, a guy downloads the pirated version of Plant versus Zombies thinking that it's going to be the exact replica of the original (paid) version, but inside the downloaded app there's actually a malevolent piece of code that, then, ends on the webzines.
Hence, two questions for you guys:
Where's the Android malware coming from?
How can Google stop it?
Thank you a lot for your attention, I hope the answers will be numerous!
UltimateGoblin said:
malevolent apps are modified versions of pirated software that people download from the Internet
Click to expand...
Click to collapse
Well, I've never seen malware that was made from an actual app. They are usually small separate apps with familiar icon or name and (sometimes) tons of temp files so that Asphalt7.apk won't be the size of 123 kb.
I'm not sure that Google checks anything before people report about it. There are numerous hello world apps there
Because androids source code can be seen by anyone it makes android an easier target than ios who keep their code a secret.
Google run a general check, they call their software "bouncer", but if the apps don't do anything suspicious until on an actual device it can miss the malware.
How could they stop all malware? They can't, even the very closed ios cannot stop all malware, but the user has ultimate control because we can see exactly what apps can access before installing them and so it makes it easier to spot suspect apps.
Dave
( http://www.google.com/producer/editions/CAownKXmAQ/bigfatuniverse )
Sent from my LG P920 using Tapatalk 2
Nice article to read.. Just thought I would share.. MODS PLEASE DELETE IN CASE THIS IS A DUPLICATE.
http://news.yahoo.com/theres-zombie-...013019842.html
There's a Zombie-like Security Flaw in Almost Every Android Phone
LikeDislike
Abby Ohlheiser 56 minutes ago
Technology & Electronics
.
View gallery
There's a Zombie-like Security Flaw in Almost Every Android Phone
Almost every Android phone has a big, gaping security weakness, according to the security startup who discovered the vulnerability. Essentially, according to BlueBox, almost every Android phone made in the past four years (or, since Android "Donut," version 1.6) is just a few steps away from becoming a virtual George Romero film, thanks to a weakness that can "turn any legitimate application into a malicious Trojan."
While news of a security vulnerability in Android might not exactly be surprising to users, the scope of the vulnerability does give one pause: "99 percent" of Android mobiles, or just under 900 million phones, are potentially vulnerable, according to the company. All hackers have to do to get in is modify an existing, legitimate app, which they're apparently able to do without breaking the application's security signature. Then, distribute the app and convince users to install it.
Google, who hasn't commented on the vulnerability yet, has known about the weakness since February, and they've already patched the Samsung Galaxy S4, according to CIO. And they've also made it impossible for the malicious apps to to install through Google Play. But the evil apps could still get onto a device via email, a third-party store, or basically any website. Here's the worst-case scenario for exploitation of the vulnerability, or what could potentially happen to an infected phone accessed via an application developed by a device manufacturer, which generally come with elevated access, according to BlueBox:
Installation of a Trojan application from the device manufacturer can grant the application full access to Android system and all applications (and their data) currently installed. The application then not only has the ability to read arbitrary application data on the device (email, SMS messages, documents, etc.), retrieve all stored account & service passwords, it can essentially take over the normal functioning of the phone and control any function thereof (make arbitrary phone calls, send arbitrary SMS messages, turn on the camera, and record calls). Finally, and most unsettling, is the potential for a hacker to take advantage of the always-on, always-connected, and always-moving (therefore hard-to-detect) nature of these “zombie” mobile devices to create a botnet.
The company recommends users of basically every Android phone double check the source of any apps they install, keep their devices updated, and take their own precautions to protect their data. But as TechCrunch notes, Android users really should be doing this anyway, as the devices tend to come with a " general low-level risk" from malware. That risk, however, is elevated for users who venture outside of the Google Play store for their apps.
So while the actual impact of the vulnerability is not known, neither is the timeline for fixing it. Manufacturers will have to release their own patches for the problem in order to fix it, something that happens notoriously slowly among Android devices.
Mr_Jay_jay said:
/snip
Click to expand...
Click to collapse
As always, this really boils down to the same thing: don't be a fool in the most non-pejorative way possible. With the exception of the Syrian Electronic Army fiasco awhile back, secured and verified app vendors like Google Play (or Apple's App Store) continue to provide all the services most users will need without exposing the end-user to this kind of vulnerability. If you don't expose yourself, you're not at risk.
That said, this all relies on the notion of the end-user being at least somewhat vigilant, which can be quite dangerous.
Rirere said:
As always, this really boils down to the same thing: don't be a fool in the most non-pejorative way possible. With the exception of the Syrian Electronic Army fiasco awhile back, secured and verified app vendors like Google Play (or Apple's App Store) continue to provide all the services most users will need without exposing the end-user to this kind of vulnerability. If you don't expose yourself, you're not at risk.
That said, this all relies on the notion of the end-user being at least somewhat vigilant, which can be quite dangerous.
Click to expand...
Click to collapse
Not every Android device has access to Play Store though, by-default. I have a tablet now that doesn't have access. If a normal user had such a device, they wouldn't likely go through the process needed to get Play Store, and would just deal with whatever marketplace app existed.
This exploit will likely only ever affect users that by default use devices that do not have Google support. Many of these are distributed among 3rd world nations and are typically a hot bed of illicit activities anyways. Of the first worlders that would be affected, it would be those using black market apps without knowing the risks involved in doing so. Most black market users are knowledgeable enough to know to check their sources and compare file sizes before installing apk's.
Also the notion that 99% of devices being affected has nothing with the OS being flawed (Google reportedly fixed the flaw in March), but rather the OEMs being slow in pushing out (or not pushing out at all) the patched hole.
Also I would be weary of a security outfit that has been around since 'mid-2012' and continues to pride themselves as a start-up mobile security firm.
espionage724 said:
Not every Android device has access to Play Store though, by-default. I have a tablet now that doesn't have access. If a normal user had such a device, they wouldn't likely go through the process needed to get Play Store, and would just deal with whatever marketplace app existed.
Click to expand...
Click to collapse
Granted, but the Play Store reduces the attack surface by a considerable margin. Right now, I consider non-Google blessed Android to be something akin to stock Windows 7 with Defender and Firewall turned off-- you can do just about anything with it, but you're running at a risk by not deploying some vendor-based add-ons (in this case, choosing to use the unit available).
I do understand that many devices sell outside of the Google world, before anyone jumps on me, but it doesn't change how the vulnerabilities play out.
This boils down to:
If users install a virus then they get a virus!!! This affects all Android phones!!!!!!!! Oh Nos!
Sucks that this is being patched. Guess there will be no more modding games for me.
Hello!
I'm making this post to maybe start a discussion about app safety. I come from iOS, so the first thing that caught my attention when installing apps on my new Android device were the permissions. At first I wasn't really paying attention to what they ment and just went along and installed anything that looked awesome.. But as I've been getting deeper into this thing I've been getting more and more paranoid about any App I install..
Now to clarify:
My device has not been rooted.
Galaxy S4, Android Version: 4.3
GT-I9505
Now for the reason why I made this post. I came across Cartoon Defense 4 (I can't put links in my post since I'm new so I had to remove it, it's on Google Play though) yesterday by chance, which seemed cool to me, so I thought I'd install it. But the permissions it needed seemed a little shady to me.. Not all of them, but at least one:
android.permission.KILL_BACKGROUND_PROCESSES
What could this app need this permission for? This is the first time I've seen an app need this permission.. Looking around on the internet to find out what this permission ment brought me to an androidforums post which said this:
Kill background processes
Hardware controls
URI: android.permission.KILL_BACKGROUND_PROCESSES
Risk: HIGH
Protection level: UNKNOWN
Official Description
Allows an application to call killBackgroundProcesses(String).
Details
This permission is a bit of a tricky one. Often this is used by what are called "task killers". These apps supposedly free system resources by closing apps running in the background. However the usefulness of such apps is minimal at best. They can help close an app that is misbehaving, however a user can already do that themselves through the Android settings under "Apps" or "Manage Applications". Conversely this permission has some potential to maliciously close anti-virus or other security related apps. As with anything I would treat this with caution. Few users should ever need an app with this permission. Rather, it could be an indicator of malicious intent (especially if not requested by a task killer or system performance tuning app).
Click to expand...
Click to collapse
So, my question kindof is.. Does this app really need this permission or is it malicious? I've checked the other versions and they all needed this permission from the first one, which has plenty of 5 Star reviews, but still.. It's something that alarmed me..
I hope someone can help me out on this, any input is appreciated!
EDIT: I think I should mention that I'm not trying to run a cracked version or anything. It's the Google Play install I'm talking about.
Hi there everyone,
since I was pretty interested in reading latest XDA article 'Baidu browser found to be leaking. etc', and I was also into the constant research of the best settings for Amplify Xposed Module for my RN2 Prime, running Jan 7 Bule's cm 12.1, I was pretty curious to know more about a massive battery drainer system app named 'ckservice.apk', aka package name Statassistant.
Shortly (read more detail on my on my original post: http://forum.xda-developers.com/showpost.php?p=65566921&postcount=8201), this app constantly asks for position, and, I found it to be a BAIDU app "download advertising without the user's knowledge to the notification bar."
So, I have AdAway since.. always, and that means there is no Advert message ever popping up on my RN2, - yet, its Alarm 'com.ck.services.intent.ACTION_ONEMIN_TICK' was acting obsessively, always topping Amplify stats: initially I gently limited it through Amplify and denied permissions through Privacy Guard: currently, I've frozen this app I've removed it! (cfr http://forum.xda-developers.com/showpost.php?p=65567564&postcount=8206): no collateral effect happened, - only good battery life. And maybe a sip more of privacy.
I do not know if this app is also present in MIUI, but I guess so.
If You know more than me about this app, and I'm sure you do, please, share.
More about my experience, here http://forum.xda-developers.com/showpost.php?p=65566921&postcount=8201
One 'ckservice.apk is a trojan!' here https://github.com/Silentlys/android_device_tcl_q39/issues/4
Peace out.
"it was, download game apks not in foreground, and after some times updating, it has less sharpen within trojan. usually use it as a rom-flash counter..i decompiled this apk before.". It's safe guys. And we can uninstall or freeze it if we want ?
sleizi said:
"it was, download game apks not in foreground, and after some times updating, it has less sharpen within trojan. usually use it as a rom-flash counter..i decompiled this apk before.". It's safe guys. And we can uninstall or freeze it if we want
Click to expand...
Click to collapse
Please, define 'safe'... anyway, it was a total battery drainer, alarms always at top.
Anyway, you can remove it safely, no collateral effects.
I'm amazed that there has not been more posts on XDA given that the Baidu APK / Moplus APK put rooted users at particularly high risk!
http://www.engadget.com/2015/11/02/bunk-baidu-sdk-puts-backdoor-on-millions-of-android-devices/
Things are only partially fixed but I don;t trust Baidu anyhow (or Cheetah, or any of those Chinese app companies due to the govenrment) as it seems quite obvious to me the CHinese Government has got their finger in there and it and other apps are compromised so that the Chinese Government can easily spy/gain data on those people they want to, I've uninstalled one of my favourite apps ES File Explorer due to this.
see updates at the end
https://citizenlab.org/2016/02/privacy-security-issues-baidu-browser/
IronRoo said:
I'm amazed that there has not been more posts on XDA given that the Baidu APK / Moplus APK put rooted users at particularly high risk!
http://www.engadget.com/2015/11/02/bunk-baidu-sdk-puts-backdoor-on-millions-of-android-devices/
Things are only partially fixed but I don;t trust Baidu anyhow (or Cheetah, or any of those Chinese app companies due to the govenrment) as it seems quite obvious to me the CHinese Government has got their finger in there and it and other apps are compromised so that the Chinese Government can easily spy/gain data on those people they want to, I've uninstalled one of my favourite apps ES File Explorer due to this.
see updates at the end
https://citizenlab.org/2016/02/privacy-security-issues-baidu-browser/
Click to expand...
Click to collapse
Yep, I did the same with ES File Explorer, I've been for years a die hard fan of this app, but, then I discovered there was suddenly - after app updates on updates - now a log file (with position and ID) sent to a Chinese server, automatically created each time I would have opened the app, which frankly pissed me off, plus, there was a related Alarm (or wakelock), - at stellar values (dxcore something, and service com.estrongs.android.pop.ESFileExplorer - can't remember exactly right now, since I remove the app), pretty visible on Wakelock detector and un-stoppable through Amplify.
So, bye bye Es File Explorer, and thanks for all the fish.*
*I don't mind if people find this 'little issue with privacy' laughable: I agree fully with what written here http://acurrie.me/2014/11/03/how-to-find-spyware-on-your-android-device/ - pretty underrated as issue, if you want my two cents.
IronRoo said:
I'm amazed that there has not been more posts on XDA given that the Baidu APK / Moplus APK put rooted users at particularly high risk!
http://www.engadget.com/2015/11/02/bunk-baidu-sdk-puts-backdoor-on-millions-of-android-devices/
Things are only partially fixed but I don;t trust Baidu anyhow (or Cheetah, or any of those Chinese app companies due to the govenrment) as it seems quite obvious to me the CHinese Government has got their finger in there and it and other apps are compromised so that the Chinese Government can easily spy/gain data on those people they want to, I've uninstalled one of my favourite apps ES File Explorer due to this.
see updates at the end
https://citizenlab.org/2016/02/privacy-security-issues-baidu-browser/
Click to expand...
Click to collapse
Try Solid Explorer
Sorry for offtop.
oldslowdiver said:
*I don't mind if people find this 'little issue with privacy' laughable: I agree fully with what written here http://acurrie.me/2014/11/03/how-to-find-spyware-on-your-android-device/ - pretty underrated as issue, if you want my two cents.
Click to expand...
Click to collapse
Yes, that fact this has been a known issue for a while but no attempt to fix it 100% (think it was the trendmicro blog that suggested a backdoor would still be able to be opened even after the latest updates, that's why I think it's the government). What I really want to find is a FULL list of all the apps that have been made with the Baidu SDK / Moplus SDK as I'm sure many written by app devs in far east (no doubt some Western ones too) will have them for Chinese advertising etc, I know I have apps from devs in Hong Kong & Korea at the very least, have they used these SDK? Also I have some friends in Hong Kong who I know have made comments against the CCP...... have they been traced, recorded, tracked etc