Slashdot Mirror

← Back to Stories (view on slashdot.org)

Prototype Clickjacking Rootkit Developed For Android

Posted by samzenpus on from the click-attack dept.

ShipLives writes "Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. As part of an effort to identify potential weaknesses in smartphone platforms, the team was able to develop a proof-of-concept prototype rootkit that attacks the Android framework, rather than the underlying operating system kernel."

9 of 51 comments (clear)

  1. Re:And worse by bmo · · Score: 4, Informative

    >And most reasons software does that isn't because of malware.

    The most significant symptom of malware infection to Joe User is "my computer is slow." Basically because once you have *one* malware infection, others soon follow, because you haven't kept up with updates, install software from random untrusted sites, or are the victim of a leveraged vulnerability or all three. All these bits of malware fight over the same resources and kill the device's usability.

    I have personally seen machines with hundreds of infections. This is typical. The user will muddle along until a certain frustration level is met or the computer simply refuses to finish booting, because the virus load is too much for the poor machine to handle.

    "My Computer is Slow" is likely a sign that your system has been compromised for quite a while and there is no malware removal tool that can fix it - a wipe and reinstall of the OS is in order.

    --
    BMO

  2. Re:And worse by Xenx · · Score: 5, Informative

    It's not security model difference between iOS and Android, it's a design philosophy difference. Android isn't designed to keep you in the walled garden. As such, iOS will always be more secure. Giving users a choice invariably leads to some of them making the wrong choice. That isn't a fault of Android, it's a fault in the rest of society.

  3. Re:And worse by bmo · · Score: 2

    >There has to be a balance between free/open and secure.
    >implying that closed source is more secure
    >implying

    No.

    >Apple almost nailed it right on

    No, no they didn't. They are anti-FOSS. The only thing they got right was taking the software repository idea from the FOSS world and calling it a store. Where they failed is that they don't allow other stores/repositories in spite of the fact that the FOSS world has been living with multiple trusted repositories for many, many years now.

    --
    BMO

  4. Re:And worse by bmo · · Score: 2

    >That isn't a fault of Android, it's a fault in the rest of society.

    This.

    The rest of society wants its purple gorillas in spite of the fact that it's badware.

    --
    BMO

  5. Multiple trusted repositories by tepples · · Score: 3, Informative

    Both Google Play Store and Amazon Appstore tend to be trusted by Android users, as do several lesser-known repositories. Do you plan to explain whether or not each deserves that trust and why?

  6. Re:And worse by Xenx · · Score: 2

    My point is that it was a design choice to allow a freedom to install apps. It isn't a situation where you can compare security models and just say iOS is better. You can make arguments about which method is preferred, but not which is better.

  7. Re:And worse by bmo · · Score: 2

    >I love it how this fact only comes up when it's Slashdot's darling OS

    That the there is a problem that sits in the chair that confuses the part in the seat with the part looking at the screen has been brought up time and again with other OSes. I have actually come out and said that encryption and all the security in the world doesn't effin' matter if you can get the user to trade the key for a candy bar, which has actually happened.

    You just have selective hearing, which means you are an asshole.

    --
    BMO

  8. Re:And worse by Anonymous Coward · · Score: 3, Insightful

    You seem to be suggesting that it's impossible for it to be simultaneously true that users are lax about security AND the OS is insecure. But why would there be any conflict between those two claims? It's perfectly possible that many Windows users have poor security practices and Windows itself is less secure than other OSes.

  9. Re:And worse by Billly+Gates · · Score: 2

    It all makes sense, when you realize Slashdot is made of more than one person. There are people on slashdot who are not happy with malware on Windows and advocate more of a walled garden, and then there are people who believe in freedom to install malware if they wanted to. So you have more than one set of people, moderating at different points of time, carrying different opinions at different strengths. And thus you have, what you call, hypocrisy in slashdot, when all individuals are perfectly non-hypocritical.

    Yeah no kidding I was modded down to 0 because I said there is a problem with AV software not having the access in the walled garden to clean up a rootkit infection. Sigh moderators

    There needs to be a balance though. Yes security is important but that does not mean banning all javascript except for the OS browser that came with it IE 10, Chrome, Safari, and no one else. Also at least with things like SecureBoot MS is nice enough to have an API for AV scanners to detect and remove rootkits.

    I think AV software and alternative browsers should be installed. Walled Gardens are only effective if they block 100% of all exploits 100% of the time and protect the dumb user from themselves. Then it is hell as if one gets through the tools are all walled away from doing anything about it and detecting it. That is a bad design if you ask me.

    --
    http://saveie6.com/