"Bill Shocker" Malware Controls 620,000 Android Phones In China

← Back to Stories (view on slashdot.org)

"Bill Shocker" Malware Controls 620,000 Android Phones In China

Posted by timothy on Thursday January 31, 2013 @02:26AM from the it's-ok-they're-calling-the-premier dept.

Orome1 writes "A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the 'Bill Shocker' (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide. Bill Shocker downloads in the background, without arousing the mobile device owner's suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a "zombie," the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user's bundling quota, which subjects the user to additional charges."

138 comments

Min score:

Reason:

Sort:

Follow the money by Anonymous Coward · 2013-01-31 02:27 · Score: 0

It overruns the text bundle and causes extra charges... Sounds like an enterprising feature for a phone company to deploy.
1. Re:Follow the money by GiantMolecularCloud · 2013-01-31 02:33 · Score: 1
  
  They have so many other ways to screw people, would they really resort to this?
  Nevermind, I know the answer.
2. Re:Follow the money by grub · 2013-01-31 02:37 · Score: -1
  
  They have so many other ways to screw people, would they really resort to this?
  
  The scale of the scam is what makes it so lucrative.
  
  --
  Trolling is a art,
3. Re:Follow the money by fermion · 2013-01-31 03:11 · Score: 2
  
  Back in the day of 900 number, it was clear that the phone companies were using them as a profit center. The average phone user did not want the feature, yet it was turned on by default. If you do not think about turning off the 900 number, and wait too long, the phone company can charge for the service.
  Of course the high profit venture has gone from 900 numbers to texting. The phone companies are once again in a position to help, but they won't.
  
  --
  "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
4. Re:Follow the money by TimeandMaterials · 2013-01-31 03:26 · Score: 1
  
  If this occurs in China, not sure it is malware.
5. Re: Follow the money by noh8rz10 · 2013-01-31 03:32 · Score: -1
  
  The problem is the platform is so vulnerable. We're applying a PC mentality to phone operating systems. The theme of this discussion is "it could happen to anybody" or "it's the users fault". But the fact of the matter is this only happens on sndroid, and the biggest mistake the users made was using an insecure os.
6. Re:Follow the money by Anonymous Coward · 2013-01-31 03:56 · Score: 0
  
  When I worked for Sprint, I wrote the office of the CEO regarding how ashamed I was that "premium messaging" was on by default, even when we knew the phone to be a child's phone. It's quite the scam, text a 6-digit number and be billed $9.99/mo or even some were $0.99 or $1.99 per day. A not insignificant portion of a Tier-1 tech's shift was explaining and reversing these charges, but despite paying that person to do it, there were enough subscribers that either didn't notice inside the 90-day window (after 90 days the reply was something like "too bad, so sad) or just blamed the kids who's phone had the charges and the company made bank.
  
  I got a BS form reply (no surprise) but considering how scathing my examples were, I am in retrospect surprised that they did not decide to be complete douches and fire me. I am glad to not be there any more.
7. Re: Follow the money by Anonymous Coward · 2013-01-31 04:00 · Score: 0
  
  How many times do you plan on posting this ignorant and blatantly wrong post? Once is too many, more than once is ludicrous.
8. Re:Follow the money by interkin3tic · 2013-01-31 04:55 · Score: 1
  
  Why don't they follow where the money for these advertisers is supposed to go? I'm guessing it's not trivial. Is it safe to assume that money from morons who get the ads and want to buy goes to a shady bank in a country with lax laws, and if domestic law enforcement calls said bank for who owns the bank account, they'll be told to fuck off?
9. Re:Follow the money by mabhatter654 · 2013-01-31 07:45 · Score: 1
  
  It's simple. $2-$3 of that $9.99 went to the boss... And that INCLUDED charge backs.. So the phone company was dipping in both sides ... It was free money either way.
  If State Attorney Generals forced phone companies to be half as honest as they forced Apple to be we wouldn't have these little chats.
No smartphone for me by Anonymous Coward · 2013-01-31 02:31 · Score: 0

I'll stick with my dumbphone
1. Re:No smartphone for me by Joce640k · 2013-01-31 02:42 · Score: 1
  
  Or just don't install every single app that promises you free bikini-clad-screencursors.
  
  --
  No sig today...
2. Re:No smartphone for me by Anonymous Coward · 2013-01-31 03:14 · Score: 0
  
  That only come on Android.
3. Re:No smartphone for me by Anonymous Coward · 2013-01-31 05:06 · Score: 0
  
  So? The point was, "don't install it". Go away you braindead monkeywanker.
4. Re:No smartphone for me by Ol+Olsoc · 2013-01-31 06:25 · Score: 1
  
  So? The point was, "don't install it". Go away you braindead monkeywanker.
  Might be a monkeywanker, but there is a bit of truth to it. THe problem is that not everyone is a technical and OS security genius like you or me.
  So yes, they do allow third party downloads - many of them have heard about them from the very salesmen who sold them their Android phone. I know I have. Free Software! ZOMG! Wait til I tell all my BFF"S! I had a salesman use the third party repositories as a selling point over iPhone because Apple wouldn't allow it.
  I've spent a of of time cleaning up computers where the ignorant have downloaded and installed all kinds of nasty stuff. And of course the stuff they didn't know about, but picked up on their surfing. But the point is, those people didn't go away, nor did they learn much. I had repeat customers and they or their kids managed to bollix up their computers all over again. And again.
  So now they've moved on to smartphones. But their habits haven't changed, so they will download and install those awesome free programs. And they will bitch up their smartphones.
  But shouldn't we be able to move on from this? It's all so easy to just call the users idiots and assholes, but it also takes a bit of asshole to make smartphones that all it takes is unchecking a box and suddenly you can get all the bad stuff you want. That's vulnerablilty. An attractive nuisance.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
5. Re:No smartphone for me by node+3 · 2013-01-31 08:15 · Score: 1
  
  Or just don't install every single app that promises you free bikini-clad-screencursors.
  "Apple is bad because they don't allow porn. Google is better because they do. Oh, btw, don't install porn apps."???
Nope by The+MAZZTer · 2013-01-31 02:31 · Score: 2

There are phone numbers you can dial that result in an addition to your bill and money being paid to the guy you dialed... 1-900 numbers or whatever in the US.
The idea of making malware to forcibly call these numbers to the profit of the number owner is not new.
1. Re:Nope by Joce640k · 2013-01-31 02:38 · Score: 1
  
  The idea of making malware to forcibly call these numbers to the profit of the number owner is not new.
  It used to happen back in the days when we had modems in our PCs.
  
  --
  No sig today...
2. Re:Nope by Anonymous Coward · 2013-01-31 03:02 · Score: 0
  
  "It used to happen back in the days when we had modems in our PCs."
  These _are_ computers with built-in modems.
3. Re:Nope by Joce640k · 2013-01-31 03:19 · Score: 1
  
  I don't really think of them as a "PC" though. I'm sure most other people don't either.
  (Yes, I know what the literal meaning of the acronym "PC" is...)
  
  --
  No sig today...
4. Re:Nope by poetmatt · 2013-01-31 03:24 · Score: 3, Insightful
  
  the also unsurprising factor is that this is happening in China, where the same responses for how to prevent this have been sent every week:
  download things from official trusted sources only.
5. Re:Nope by Anonymous Coward · 2013-01-31 03:30 · Score: 0
  
  I think you just agreed with him: "an enterprising feature for a phone company."
6. Re:Nope by Anonymous Coward · 2013-01-31 03:34 · Score: 0
  
  Can you name one that is available and reliable in China?
  sources that aren't available and reliable:
  amazon
  google
7. Re:Nope by noh8rz10 · 2013-01-31 03:34 · Score: -1
  
  The problem is the platform is so vulnerable. We're applying a PC mentality to phone operating systems.
  The theme of this discussion is "it could happen to anybody" or "it's the users fault". But the fact of the matter is this only happens on sndroid, and the biggest mistake the users made was using an insecure os.
8. Re:Nope by macs4all · 2013-01-31 03:51 · Score: 1
  
  The problem is the platform is so vulnerable.
  That is A problem; but not THE problem.
  
  The REAL problem are the entities (Banks, Telcos and Governments) that are all standing under this money fountain, being WILLFULLY BLIND to all these transactions.
  
  Not to shamelessly self-promote; but I covered this in a comment further below.
9. Re:Nope by Runaway1956 · 2013-01-31 03:53 · Score: 1
  
  Pasted below is the same advice from TFA. Question is - who the hell do you trust? Unfortunately, Android opened the doors to all sorts of idiots developing crap, and there are no "trusted repositories". I guess it's safer to trust the phone company than some random developer from some random site. But, I'm not one to trust a phone company!
  To avoid becoming a victim, please follow common-sense guidelines for smartphone security:
  1. Only download applications from trusted sources, reputable application stores, and markets, and be sure to check reviews, ratings and developer information before downloading.
  2. Never accept application requests from unknown sources. Closely monitor permissions requested by any application; an application should not request permission to do more than what it offers in its official list of features.
  3. Be alert for unusual behavior on the part of mobile phones and be sure to download a trusted security application that can scan the applications being downloaded onto your mobile device. NQ Mobile Security users are already fully protected from the Bill Shocker threat.
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
10. Re:Nope by Mister+Whirly · 2013-01-31 03:56 · Score: 1
  
  Anytime you think of an operating system as your security, you have already lost the battle. Security is a process and procedures, not a product, not software, and not an operating system. Android can be locked down securely as well as iOS. Just don't uncheck the box allowing third party software to be installed and you thwart this type of attack.
  
  --
  "But this one goes to 11!"
11. Re:Nope by Dunega · 2013-01-31 04:05 · Score: 1
  
  Your point? or are you just being an ass? Oh AC, that answers that.
12. Re:Nope by milkmage · 2013-01-31 04:56 · Score: 2
  
  ...or google could just section off the store - devs can submit, or submit for review and approval. wild west over here.. anything goes. these have been reviewed. they're safe.
  i don't see a downside. the relative lack of app dollars going to google (vs. Apple) has to be at least partially because some people don't feel "safe"
  if you get too many warnings from this.. http://www.androidpolice.com/2012/10/11/apk-teardown-the-play-store-is-getting-a-built-in-malware-scanner-theres-more-wish-list-progress-and-more/ - some people will stop using the store. makes no sense.. scan apps on the way IN.. not on the way out.
  Installation has been blocked
  why would you ever show that to the user. reject the app until those messages aren't even triggered.
13. Re:Nope by Ol+Olsoc · 2013-01-31 06:06 · Score: 1
  
  Just don't uncheck the box allowing third party software to be installed and you thwart this type of attack.
  You do realize that is a big selling feature for the Android phones don't you? It "opens up a whole new world" for the user. The when the user gets owened, we can all blame it on the user.
  Really, it's so much like the Windows world that I'm so happy to have abandoned. It's always someone elses fault. Always the customer's mistakes. The OS is secure, except when it isn't.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
14. Re:Nope by Anonymous Coward · 2013-01-31 07:34 · Score: 0
  
  Yeah it is so difficult to want to install a third-party app and then secure your phone again. I would have to uncheck the box allowing me to install the app, install the app, and then re-check the box again to be secure. Boy I don't know if I can handle the pressure.
15. Re:Nope by mabhatter654 · 2013-01-31 07:37 · Score: 1
  
  Actually THAT was one of the biggest shifts that Apple pushed on the telcos. In the pre-iPhone days ALL SALES went through the phone company at exorbitant up charges.
  When Apple introduced iPhone everybody made their online purchase with a separate iTunes account, not with their phone bill. Combine with the "all in one" plans that eliminated most common overages such scams mostly went away for normal, careful folk.
16. Re:Nope by Mister+Whirly · 2013-01-31 07:42 · Score: 1
  
  So say I sell you a house with a door with locks. The door locks by default when you shut it, but you decide to change it, and leave your door unlocked all the time, and as a result, get robbed. Obviously this is my fault for selling you a house with a "known security defect", the manufacturer of the door for allowing it to be unlocked, the lock manufacturer, and anybody in the else in the world you can think of but yourself. Sorry, but at some point the user has to take some responsibility for his own actions. Even with it's walled garden an iPhone user could still leave his phone on the bus. Is that Apple fault for making a phone you can put down? Hardly. Any Android user who gets owned by a third-party app has allowed that to happen by playing with the default security. If you don't know what you are doing, you have no business changing the security settings in the first place.
  
  --
  "But this one goes to 11!"
17. Re:Nope by node+3 · 2013-01-31 08:06 · Score: 1
  
  Anytime you think of an operating system as your security, you have already lost the battle. Security is a process and procedures, not a product, not software, and not an operating system. Android can be locked down securely as well as iOS. Just don't uncheck the box allowing third party software to be installed and you thwart this type of attack.
  That's a nice theory, but why doesn't it match reality?
  iOS has never had anything like this on non-jailbroken iPhones, while Android has, even on non-rooted phones that disallow apps from outside the Play Store/Android Market.
18. Re:Nope by node+3 · 2013-01-31 08:12 · Score: 1
  
  the also unsurprising factor is that this is happening in China, where the same responses for how to prevent this have been sent every week:
  download things from official trusted sources only.
  "Android is better than iOS because it has a 'Freedom' button. Oh, also, never press that 'Freedom' button. kthxbye!"
19. Re:Nope by Mister+Whirly · 2013-01-31 08:18 · Score: 1
  
  If this is the case, you posting a citation proving it should be trivial. Or maybe your theory is nice, but it doesn't match reality...
  Considering right in TFA it states this particular malware was installed using infected third-party apps, saying this would work even on a phone set to not install third party apps seems a bit inaccurate.
  
  --
  "But this one goes to 11!"
20. Re:Nope by yuaggyta · 2013-01-31 08:36 · Score: -1, Flamebait
  
  http://www.cloud65.com/ Micah. if you, thought Ryan`s blog is surprising... last week I bought Citroën DS after I been earnin $6353 this last four weeks and-over, ten-grand this past month. with-out any question its my favourite-job I have ever had. I began this nine months/ago and almost immediately started earning minimum $71... per hour. I went to this web-site,,
21. Re:Nope by node+3 · 2013-01-31 08:41 · Score: 1
  
  If this is the case, you posting a citation proving it should be trivial. Or maybe your theory is nice, but it doesn't match reality...
  
  You're right, it is trivial.
  Citation 1
  Citation 2
  These were at the top of a simple google search, and are recent news items.
  So yeah, maybe my "theory" (I presented no theory, just an observation of facts. You presented a theory. Please learn the difference) matches reality a bit better than yours.
22. Re:Nope by Anonymous Coward · 2013-01-31 09:05 · Score: 0
  
  From your first citation - "We decided to skip the story since it wasn't clear how much of these threats were in the official Google Play Store; in fact "Google Play" was only mentioned once in the whole PDF."
  "This means most users, at least in countries where Google Play is available, won't ever see these malicious apps."
  
  Not really what you would call the "smoking gun" to your argument.
23. Re:Nope by Mister+Whirly · 2013-01-31 09:16 · Score: 1
  
  My observation of facts was - "Just don't uncheck the box allowing third party software to be installed and you thwart this type of attack ."(Emphasis added)
  (If this is in fact a theory, you certainly haven't disproved it.) Which is true in the case we are actually talking about. I never claimed that having that box checked would prevent ALL types of malware, but it certainly will prevent third party apps form being installed. If you can cite a source showing that an un-rooted Android phone somehow installed a third party app when the box was checked, you may have something. Posting articles saying a few malicious apps made it into the Google Play store is a strawman at best. That isn't what we were talking about originally, and changing the subject isn't helping your arguments any. And considering TFA states explicitly that this particular malware WAS installed using a third party app, you really have no argument.
  
  --
  "But this one goes to 11!"
24. Re:Nope by dimeglio · 2013-01-31 09:19 · Score: 1
  
  Funny thing is, even using land lines, you can get hacked. Steve Jobs and Wozniak first product was a blue-box that allowed you to make long distance phone calls for free. At least they were sticking it to the man and not to the consumers.
  I wonder, what they would be working on if they were 18yo today.
  
  --
  Views expressed do not necessarily reflect those of the author.
25. Re:Nope by node+3 · 2013-01-31 10:29 · Score: 1
  
  The first citation lists: "146 of the 28,398 malware samples were found on Google Play"
  And: "23,049 were potentially unwanted software (PUA), 13,639 of which came from Google Play."
  Hell, even the title says "0.5% came from Google Play"
  And your quote? "This means most users, at least in countries where Google Play is available, won't ever see these malicious apps."
  Again, by saying "most", that means there will be some who do. Re-read my post and you will see I never came close to implying most, just that it happens on Android, and doesn't happen on iOS.
26. Re:Nope by node+3 · 2013-01-31 10:34 · Score: 2
  
  No, your *theory* was that the OS can't be relied upon for security.
  Your words:
  
  Anytime you think of an operating system as your security, you have already lost the battle.
  The Android OS has a feature by which a user can completely bypass the most fundamental security involved.
  
  I never claimed that having that box checked would prevent ALL types of malware, but it certainly will prevent third party apps form being installed.
  No, you said the exact opposite, you said that an OS *can't* provide sufficient security. So, obviously your claim wasn't that there is no Android malware, quite the opposite!
  iOS *doesn't* have a malware problem, due to the security mechanisms of the OS being tied to a curated App Store. Based on your words, this cannot happen. Perhaps your wording was... loose?
  If we can agree that iOS has reliable security, while Android has only a very loose security, then there's nothing more for us to discuss, we are in agreement as far as the important bits go. But if you think an OS cannot provide security, then you'll have to explain how iOS isn't an example of this.
  
  And considering TFA states explicitly that this particular malware WAS installed using a third party app, you really have no argument.
  That would only be true if the malware in TFA was the only malware that existed for Android. Sadly, that is far from the truth.
27. Re:Nope by Ol+Olsoc · 2013-01-31 11:23 · Score: 2
  
  If you don't know what you are doing, you have no business changing the security settings in the first place.
  But that doesn't stop them from doing it. And yes, it's their fault. That gets us nowhere.
  Putting dangerous things in the hands of people who don't know what to do with them is in itself dangerous.
  Car analogy time. A friend of mine one time bought a performance vehicle and he was a gearhead. So he wanted to tune it a bit. He put together a box with which he could alter the timing, the fuel injectors, the turbo boost, and other params from his console. Pretty awesome, but by 50K miles, the engine was toast.
  He knew what he was doing, and wasn't all that surprised, and was willing to put up with the downsides.
  But now should every person who buys one of these vehicles have access to say the turbo boost? If you don't know what you are doing, you are in the market for a new turbocharger at best, and as likely as not, a new engine. It won't take long either.
  And yes, it would be their fault. So there is a good reason that car manufacturers don't allow everyone unfettered access to the vehicle's computer system. People would destroy their vehicles, and decide to go with a different vehicle.
  So back to the phones. People are going to do what they are going to do, whether you or I think they are being stupid assholes or not. And the salesperson will probably even show them how to allow those third party software installations, I know one was squawking to me all about them while he was touting the superiority of the Android phones over that "Kiddie Sandbox" that the stupid iPhone users were stuck in. "You're not a stupid user are you, sir?" So not only are they ignorant of the possible issues, they might in some cases be encouraged by a salesperson who want's some of that higher commission they'll get from the Android device.
  But eventually, people are going to demand that their devices be a little safer. Once smartphone addiction wears off, and the Darwinistas who cannot put their phones down ever and walk into traffic, go away, it will be just like cars. People want something that will last, and will just work. They are idiots and make mistakes on tehir Android phones. They'll want a phone where they don't make those stupid mistakes.
  And I'm all for that. I can get as much hands-on computer goodness on any of my 5 other machines. I want my telephone to just work.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
28. Re:Nope by Anonymous Coward · 2013-01-31 12:50 · Score: 0
  
  Hey I'm an Anonymous Coward and I'm pretty cool and definitely not an ass. You Named Ones and your sense of superiority! We're people too you know, with real anonymous feelings and anonymous tears. Keep your pie hole shut for 10 seconds and think about us Nameless Ones who circulate in the forums.
29. Re:Nope by Plumpaquatsch · 2013-01-31 19:39 · Score: 1
  
  I don't really think of them as a "PC" though. I'm sure most other people don't either.
  Yeah, the fact that they actually have higher computing power than the PCs back then obviously doesn't matter.
  
  --
  Of course news about a fake are Fake News.
30. Re:Nope by poetmatt · 2013-02-04 03:43 · Score: 1
  
  amount of things this has to do with freedom in correlation to IOS or android = zero.
  please leave slashdot.
Karma by Anonymous Coward · 2013-01-31 02:39 · Score: 0

It says there's malware and you should only download apps from trusted source, then promptly offers an app to download to fix it!
Ha ha,
China forked Android and stuck their own Baidu and apps on it, and their own store. They've made minimal attempt to catch hackers, they reap what they sow.
1. Re:Karma by Anonymous Coward · 2013-01-31 02:47 · Score: 0
  
  This isn't a forked version of Android that's being infected. In china you can't always get to the playstore and not all apps are listed if you do get there, so the chinese have to use a different store
2. Re:Karma by Anonymous Coward · 2013-01-31 03:20 · Score: 0
  
  Welcome to open.
  You must take the good with the bad.
  Where ANYone can:
  sudo apt-get install git-core wget && mkdir -p ~/bin && export PATH=$PATH:~/bin \
  && wget http://android.git.kernel.org/repo && chmod a+x ./repo \
  && mv ./repo ~/bin && mkdir android && cd android \
  && repo init -u git://android.git.kernel.org/platform/manifest.git \
  ; repo sync ; make
3. Re:Karma by Anonymous Coward · 2013-01-31 03:46 · Score: 0
  
  AOSP isn't what's loaded on these phones though.
4. Re:Karma by Anonymous Coward · 2013-01-31 03:59 · Score: 0
  
  That's the point.
  They can get the source code, modify it any way they like.
  And then you get this situation.
All worried until... by Kagato · 2013-01-31 02:39 · Score: 5, Insightful

Upon further reading the infection vector is infected pirated Android apps sold/distributed in black market Android marketplaces. Cry me a river folks.
1. Re:All worried until... by tepples · 2013-01-31 02:46 · Score: 2
  
  So if someone lives in a country where most devices come without Google Play Store, a country where even the manufacturers and carriers preload "black market Android marketplaces", where should he get apps instead?
2. Re:All worried until... by Guppy06 · 2013-01-31 02:52 · Score: 1
  
  So if someone lives in a country where most devices come without Google Play Store... where should he get apps instead?
  Amazon.
3. Re:All worried until... by Anonymous Coward · 2013-01-31 02:55 · Score: 0
  
  Are Amazon, SlideME, Opera, GetJar and others banned there?
4. Re:All worried until... by Joce640k · 2013-01-31 03:23 · Score: 1
  
  where should he get apps instead?
  I wasn't aware that "apps" were mandatory. I guess I must be doing it wrong (again...)
  
  --
  No sig today...
5. Re:All worried until... by Kagato · 2013-01-31 03:28 · Score: 1
  
  It's the largest Android customer base in the world. They have legal marketplaces provided by the carriers. My understanding is most phones are pre-loaded with MM (Mobile Market). Now if you're an English speaker you've got some problems with the market place, but you could root the phone and download a legit market app from Samsung or other reputable player.
6. Re:All worried until... by ZiakII · 2013-01-31 03:33 · Score: 2
  
  So if someone lives in a country where most devices come without Google Play Store, a country where even the manufacturers and carriers preload "black market Android marketplaces", where should he get apps instead?
  
  He should install the Google Play Store .apk?
7. Re:All worried until... by Anonymous Coward · 2013-01-31 03:44 · Score: 0
  
  Yeah, that seems reasonable for the average user...or not.
  App market is insecure!
  Root your phone and install custom app market!
  It's sure to be more secure!
  Just make sure you don't get a fake secure app market!
  It's your own stupid fault for not doing all this research!
  Wait, there are no secure official app markets in China?
  Why don't you just move, you idiot!
8. Re:All worried until... by Anonymous Coward · 2013-01-31 03:44 · Score: 0
  
  Dude, if they had the option they'd STILL not pay. It happens in all non-first-world countries that do have Google Play. So stop being so naive.
9. Re:All worried until... by wmac1 · 2013-01-31 03:53 · Score: 1
  
  You may install a free software from that market and still get infected.
  Android market is not available in every country. Two months ago I traveled to a specific country and Google Play would not allow login to me. When I asked why people said it has never been working in the country.
10. Re:All worried until... by Anonymous Coward · 2013-01-31 03:56 · Score: 1
  
  Doesn't work, at least not on the last 3 Android phones I have had. I've been in China for 3 years now. I assume it might work on a rooted phone. Besides that, i can't even get the google play website to load half the time.
11. Re:All worried until... by robbo · 2013-01-31 04:11 · Score: -1, Flamebait
  
  Isn't it a point of pride for l33t slashdotters to jailbreak their phones and side load apps? The fact that on threat family has 600k victims suggests that millions, probably tens of millions of users are using rogue app stores.
  
  --
  So long, and thanks for all the Phish
12. Re:All worried until... by tepples · 2013-01-31 04:44 · Score: 1
  
  I wasn't aware that "apps" were mandatory.
  If you didn't want apps, you would have bought a dumbphone instead of a phone that comes with Android.
13. Re:All worried until... by node+3 · 2013-01-31 08:23 · Score: 1
  
  where should he get apps instead?
  I wasn't aware that "apps" were mandatory. I guess I must be doing it wrong (again...)
  So, now you're doing it wrong if you install apps on Android?
  Why is it that, somehow, China counts for Android, where all the non-Play, low quality Android phones are sold, but then when they get malware, all of a sudden they don't count? You want the good (numbers, "freedom") you gotta take the bad the comes along with it (crap phones, malware). People act like the ~70 of phones running Android are all Samsung Galaxy SIII's and Note 2's, and that if you install malware it's entirely your fault for not reading the source code of the software you just installed.
  I really like Android a lot, Jelly Bean is a great system. Samsung makes some nice phones, as well as other hardware manufacturers. But let's be honest about our ability to have our cake and eat it too.
14. Re:All worried until... by 0123456 · 2013-01-31 09:26 · Score: 1
  
  Installing random apps from untrusted source can cause malware infections. News at 11.
15. Re:All worried until... by Anonymous Coward · 2013-01-31 09:40 · Score: 0
  
  Guess how many trusted sources are available in China?
  I'll give you a hint. Zero.
16. Re:All worried until... by node+3 · 2013-01-31 10:39 · Score: 1
  
  Installing random apps from the Google Play store can cause malware infections. But more to the point, in China, the Play Store isn't even available.
  I'm just pointing out the blatant hypocrisy here. Android is "better" because it's open. But anyone who uses that openness gets blamed for anything bad that results from it. Android is touted as being used by more people so developers should write more apps, but a large portion of those people can't even use the Play Store to address that significant market segment!
  That doesn't mean Android is bad, it just puts some perspective into some of the claims that a vocal minority of Android fanboy types like to rattle on and on about.
17. Re:All worried until... by BasilBrush · 2013-01-31 11:38 · Score: 0
  
  If you didn't want apps, you would have bought a dumbphone instead of a phone that comes with Android.
  And if you didn't want malware, you'd have bought an iPhone rather than an Android.
18. Re:All worried until... by Anonymous Coward · 2013-01-31 19:49 · Score: 0
  
  Installing random apps from the Google Play store can cause malware infections. But more to the point, in China, the Play Store isn't even available.
  I'm just pointing out the blatant hypocrisy here. Android is "better" because it's open. But anyone who uses that openness gets blamed for anything bad that results from it. Android is touted as being used by more people so developers should write more apps, but a large portion of those people can't even use the Play Store to address that significant market segment!
  That doesn't mean Android is bad, it just puts some perspective into some of the claims that a vocal minority of Android fanboy types like to rattle on and on about.
  Living in China... Using an S3.
  Play store is available. However you can't really buy apps, since anything that isn't free won't be available to you.
  so whenevr it comes to the point where you want the payable version of anything you have to resort to another repository.
  I used to use Appchina, but after 15 years over here, I wouldn't trust any of them. On that note, its not like I would trust google a single iota more than the local govt here. all the same, different sheep costumes.
19. Re:All worried until... by Joce640k · 2013-01-31 21:57 · Score: 1
  
  Maybe I just wanted a big screen, decent camera, mp3 player and Angry Birds for less than the price of an iPhone
  (actually my phone company gave me my Samsung Galaxy for free...)
  
  --
  No sig today...
Not true by Joce640k · 2013-01-31 02:40 · Score: 5, Informative

"Bill Shocker downloads in the background"
Not really true. You have to install an infected app to get it started.

--
No sig today...
1. Re:Not true by Anonymous Coward · 2013-01-31 03:29 · Score: 0
  
  Do they also have to click on the Install button with the "SERVICES THAT COST YOU MONEY" / Send SMS Messages?
Malware... by Anonymous Coward · 2013-01-31 02:46 · Score: 0

Uncovered by NQ Mobile, the 'Bill Shocker' (a.expense.Extension.a) virus ...
Let's call the next one Bill O'Reilly...
what they should do on this by RobertLTux · 2013-01-31 02:48 · Score: 1

since the PHONE COMPANY gets a cut then the PHONE COMPANY should be on the hook for the profits.
it should be LAW that you must get Positive Confirmation for any charges either above 3(money units) or that are multiple charge type things.

--
Any person using FTFY or editing my postings agrees to a US$50.00 charge
1. Re:what they should do on this by Anonymous Coward · 2013-01-31 03:16 · Score: 0
  
  This whole thing could also be circumvented if for every call initiated by an app, there would be a non-circumventable confirmation dialog shown, telling you which app wants to make the call, which number it wants to call (bonus points it it automatically warns about high-cost numbers), and what it tries to do (initiate voice call, send a message). For messages, you also should have the option to view the content of the message.
2. Re:what they should do on this by Runaway1956 · 2013-01-31 04:03 · Score: 1
  
  Wait, wait, wait. Let me get this straight.
  We gots us a malware thingy. The thingy acquires permissions to install itself. It's not quite clear that it is using "root" permissions, but it does have elevated permissions. Elevated enough to install software, at any rate. We've already bypassed everything on the phone, except possibly root, and probably BIOS.
  Kindly explain WTF this "non-circumventable confirmation dialog" thingy might be. And, explain HOWTF it works. There's a special chip in the phone, that is anaccessible to root and/or user, that is going to always and forever question you regarding expensive calls?
  Dude - the frigging app will dismiss the damned query before it ever registers on screen. Geeez, Louise. You just turned on your first ever computer last night, right?
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
3. Re:what they should do on this by MarkGriz · 2013-01-31 07:28 · Score: 1
  
  "We don't care. We don't have to. We're the phone company"
  
  --
  Beauty is in the eye of the beerholder.
It's OK though by Anonymous Coward · 2013-01-31 02:50 · Score: 0

A "Researcher" wrote this code and when the cell maker didn't fix their phones, he released it in the interest of complete disclosure and information transparency.
We are all better off now...especially if you are in China and have one of these infected phones.
1. Re:It's OK though by Anonymous Coward · 2013-01-31 03:13 · Score: -1
  
  What utter bollocks. You google apologists will bend over backwards to put this sort of thing in a positive light. You're hilarious.
  Thanks for the laff.
  That researcher is an antivirus company using proprietary software
  http://www.prnewswire.com/news-releases/nq-mobiletm-threat-alert-bill-shocker-mobile-malware-takes-remote-control-of-more-than-600000-users-phones-to-send-costly-messages-188991261.html
2. Re:It's OK though by drc003 · 2013-01-31 03:48 · Score: 1
  
  Recognizing sarcasm isn't really your thing I suppose.
3. Re:It's OK though by Anonymous Coward · 2013-01-31 03:53 · Score: 0
  
  Having read this sort of thing said in all seriousness, it's hardly surprising the poor bastard didn't see the sarcasm. No shortage of people who think google can do no wrong
4. Re:It's OK though by Anonymous Coward · 2013-01-31 04:55 · Score: -1
  
  Pardon me but HOW THE FUCK can you miss the sarcasm in this part:
  
  We are all better off now...especially if you are in China and have one of these infected phones.
  I guess some things really can be too obvious.
5. Re:It's OK though by sycodon · 2013-01-31 07:02 · Score: 1
  
  I would say "Whoosh!"
  But in this case, I think it actually took his head clean off.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
Which Android releases? by Anonymous Coward · 2013-01-31 02:52 · Score: 0

Newer Android releases include app scanners and do not allow (by default) app installation from unauthorized sources.
1. Re:Which Android releases? by Anonymous Coward · 2013-01-31 04:04 · Score: 0
  
  Those aren't sold in China.
  So what are they supposed to do?
  Buy and suffer the consequences or buy something else.
  There's a reason Android phones are so cheap in China...
Trojans? In my Chinese pirate app store? by 0xdeadbeef · 2013-01-31 02:54 · Score: 4, Funny

It's more likely than you think!

the infection uses the device to send text message to the profit of advertisers
So it's just like this article, then?
1. Re:Trojans? In my Chinese pirate app store? by Anonymous Coward · 2013-01-31 03:42 · Score: 0
  
  Testing!
And the infection vector? by bickerdyke · 2013-01-31 02:58 · Score: 3, Insightful

Let me guess... you have to manually install an apk from an untrusted source?

--
bickerdyke
1. Re:And the infection vector? by h4rr4r · 2013-01-31 03:07 · Score: 2
  
  Yup.
  Could just as easily infect a jailbroken iPhone this way.
  This sort of infection vector is nothing to get excited about.
2. Re:And the infection vector? by NatasRevol · 2013-01-31 03:22 · Score: 1
  
  Can you name a reliable, trusted source for an Android phone in China?
  Sites that are out, as they're not reliable or completely unavailable:
  Google
  Amazon
  
  --
  There are two types of people in the world: Those who crave closure
3. Re:And the infection vector? by Savage-Rabbit · 2013-01-31 03:50 · Score: 2
  
  Yup.
  Could just as easily infect a jailbroken iPhone this way.
  This sort of infection vector is nothing to get excited about.
  Last time I looked (a few months ago) some 38% of Chinese iOS users had jailbroken their phones and the trend was declining. China must be a small market for Apple since globally, only 10% of iOS users had bothered to jailbreak.
  
  --
  Only to idiots, are orders laws.
  -- Henning von Tresckow
4. Re:And the infection vector? by smash · 2013-01-31 06:03 · Score: 1
  
  Apple has only been officially selling in China for a very small period of time as I understand it - like the last year or so?
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
5. Re:And the infection vector? by node+3 · 2013-01-31 08:28 · Score: 1
  
  Yup.
  Could just as easily infect a jailbroken iPhone this way.
  This sort of infection vector is nothing to get excited about.
  Except in China that's the only way to get apps, while on iOS you can get apps from the App Store.
  So, what you are saying, is that Chinese people should not buy Android phones, and instead should buy iPhones, at least until Google opens the Play Store in China? Or just that they should buy Android phones and not install apps?
6. Re:And the infection vector? by AkkarAnadyr · 2013-01-31 12:13 · Score: 1
  
  Better fix it then by downloading the app from that link in the article ... oh wait ...
  
  --
  I bought this house and you know I'm boss
  Ain't no h'aint gonna run me off
7. Re:And the infection vector? by Anonymous Coward · 2013-01-31 22:29 · Score: 0
  
  Play Store is available in China. You just can't pay for an app - so free apps only. However there are a number of other reliable app stores you can use (like Amazon Appstore)
On "Smart" Phones by arogier · 2013-01-31 03:06 · Score: 1

I think of them more as Modems that happen to have computing and voice messaging capability...

--
http://www.aaronrogier.net
China not on Amazon's list yet by tepples · 2013-01-31 03:08 · Score: 1

Amazon Appstore for Android debuted in the United States, and a United States address was required to buy apps. It added five countries in Europe at the end of August of last year, and Japan appears to have since been added to the list of supported countries. When will China be added?
Android attacks are indicators by Anonymous Coward · 2013-01-31 03:12 · Score: 0

Of what'd happen to Linux if a "Linux's year of the desktop" occurred's all since Android is a Linux variant.
1. Re:Android attacks are indicators by Runaway1956 · 2013-01-31 04:11 · Score: 2, Interesting
  
  Android is not a "Linux variant". Android uses a Linux kernel, but it's not a Linux distro. It most certainly is not an established, trusted distro, such as Debian, Suse, or Redhat.
  Various dope smoking fools, working for various companies have rolled their own flavors of Android, seldom consulting with real Linux enthusiasts. Each and every manufacturer rolls his own dope-soaked version of Android, then alters that dopey version to suit the whims of the telcos that are actually purchasing them.
  If Android is a Linux distro, then BlackXP, available via torrent, is a valid Windows release.
  (Note that I've actually used BlackXP inside of VM's - it's actually pretty solid, but it's damned sure not Microsoft!)
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
2. Re:Android attacks are indicators by smash · 2013-01-31 06:05 · Score: 2
  
  I'd actually argue that Android has had more thought put into application security than the typical linux distro has.
  Especially after it's been fucked up by idiots doing this sort of thing
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
3. Re:Android attacks are indicators by node+3 · 2013-01-31 08:31 · Score: 1
  
  "Android is better because it's free. Any use of that freedom doesn't count."???
  
  If Android is a Linux distro, then BlackXP, available via torrent, is a valid Windows release.
  Only MS, and those they have agreements with, are allowed to modify and distribute customized versions of Windows. Android (and Linux) are licensed such that everyone is allowed to modify and distribute it.
  You can't go around calling something has more freedom, then bitch when that freedom is exercised!
4. Re:Android attacks are indicators by HiThere · 2013-01-31 13:13 · Score: 1
  
  I'm not certain whether to call Android a linux distro or not. It clearly could be. And even were it one, there is NOTHING about linux that would prevent this same thing from happening. We aren't talking about a virus here, or a worm, we're talking about an application that the user installs. And no linux distro that I'm aware of prevents you from installing applications from untrusted sources. I frequently install software from a relatively unknown source. (Less so now that Sourceforge and GitHub have come into existence, admittedly...but how thoroughly do *they* vet the applications that they host?) The fact that I need to compile an application doesn't make it safe.
  So, there's nothing about this story, except popularity, that wouldn't apply to ANY linux variant.
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
5. Re:Android attacks are indicators by Runaway1956 · 2013-01-31 14:00 · Score: 1
  
  Didn't the Librarian just pass a ruling, that cellphones are NOT free? Suddenly, it's against the law to "jailbreak" or "unlock" a cellphone. Android has more in common with Apple than with Linux, in the "freedom" arena.
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
As Much As I'd Like To Poke Fun At Android... by macs4all · 2013-01-31 03:13 · Score: 2

I think there is a LARGE measure of culpability (yes, I know that's the CRIMINAL term) for this on the part of the "Money Launderers" (the Banks, Telcos, and Governments involved in the "chain of custody" of these funds). Once alerted to this, the Police/"Justice Departments", not to mention the Telcos and Banks, in the country(ies) where the money is "landing" should be seizing bank accounts, taking down internet access, and generally making life a living Hell for whoever is PULLING THE DEPOSITS.

This CANNOT be legal under ANY Country's "fraud" laws. So why aren't these people being sued/prosecuted out of existence?

Qui Bono ("Who Profits?"). If the Banks, Telcos, and to some extent (through "fees" and "taxes") the "host Country(ies)" would actually go on an MPAA-style Jihad with these TRUE Racketeers, instead of actually AIDING AND ABETTING this Criminal Enterprise, perhaps there wouldn't be so much of it, regardless of the fact that the Android "mindset" makes this kind of thing ALL too easy, and Google is totally incapable of stopping it (without resorting to the "Walled Garden" approach that a small minority of Android users (but a vocal subset of /.ers) seem to value so highly).

Yes, I understand that "The price of "freedom" (in quotes) is vigilance"; but ya gotta admit, if the Governments and Police in the Country(ies) where this money was ENDING UP spent as much effort on this as they do "watching for terrists" or "stopping piracy", not many (true) Criminals would even ATTEMPT something like this.

I mean, every single frickin' penny of this money can be tracked; so why is it SO hard to stop??? Something's fishy here.
Not a virus; virus self-replicate by enriquevagu · 2013-01-31 03:20 · Score: 2

This is NOT a virus; viruses infect a system, typically by modifying other existan executable files, and then self-replicate themselves. These are malware applications which have been installed by the users. In this case he notice, not covered in the summary, is that these applications are not designed to be malware, but rather they employ a free (as in gratis) SDK, which converts the phone in a zombie.
However, note that simply removing the applications should remove the "infection". The Android security model does not allow an application to "infect" the OS, unless the user has rooted the phone and runs the application as root (in this case, it's your fault).
1. Re:Not a virus; virus self-replicate by tlhIngan · 2013-01-31 04:45 · Score: 1
  
  However, note that simply removing the applications should remove the "infection". The Android security model does not allow an application to "infect" the OS, unless the user has rooted the phone and runs the application as root (in this case, it's your fault).
  Well, it's also entirely possible that the malware roots the phone for the user (it has happened before). Plus there are many apps in the Play Store that require root - enough so that 4.2 includes sudo now and a way to manage it (it's called "device administrators") so users don't have to root their phones themselves, and can allow/deny individual apps access to the capability.
Happy to have a Windows Phone by DogDude · 2013-01-31 03:35 · Score: -1

At times like these, I'm happy to have a Windows Phone. I don't know if it's because the security is better, or because it's a tighter "walled garden", or it's such a tiny market segment, I don't care. I'm just happy that I don't have to worry about phone viruses.

The whole point to using a phone instead of a computer is because of simplicity. If Android or Android users can't figure out how to keep it *simple* to use a cellphone, users are going to flee to Apple or Microsoft or (Blackberry?).

--
I don't respond to AC's.
1. Re:Happy to have a Windows Phone by LodCrappo · 2013-01-31 03:48 · Score: 3, Interesting
  
  "At times like these, I'm happy to have a Windows Phone."
  Ok... but what about all the rest of the time? I was given an HTC 8x at work and asked to research the platform.. trying to use it as a daily driver and its just so frustrating coming from Android. You never realize how important a thriving app ecosystem is until you try to live with WP. I can deal with the wonky notifications and the limited "live tiles" vs widgets.. I guess. But looking through the app store is just depressing.
  
  --
  -Lod
2. Re:Happy to have a Windows Phone by smash · 2013-01-31 06:00 · Score: 1
  
  Yeah that's a fair assessment, and why i have avoided android this far and stuck with the "walled garden" of iOS.
  It is an appliance, like a toaster or a fridge. We've gone through decades of malware on PCs, and it doesn't need to be that way.
  I'll gladly trade the ability to pay a nominal development kit fee for a security cert and tools in order to have a more secure locked down device. Whether that means iOS, Windows Mobile, or whatever new platform provides a nice slick UI, good performance and an decent application library.
  In practice, open vs closed is not that relevant to my interests.
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
3. Re:Happy to have a Windows Phone by DogDude · 2013-01-31 09:33 · Score: 1
  
  What "apps" do you need that you can't get through Windows? I haven't run into anything that I needed that I couldn't get. I grabbed MS's PDF reader, Facebook, Spotify, Netflix, and Twitter. The phone does everything else out of the box (also HTC 8X).
  
  --
  I don't respond to AC's.
4. Re:Happy to have a Windows Phone by Rich0 · 2013-01-31 15:24 · Score: 1
  
  Considering that the apps involved aren't in the Android Market you get the same benefit from just buying from the Android Market - it is just a lot less walled. Having the freedom to install anything you want doesn't mean that you should just run any exe file Aunt Tilly sends you.
5. Re:Happy to have a Windows Phone by LodCrappo · 2013-01-31 16:31 · Score: 1
  
  Let me start by fully admitting I am new to the device and may just not be finding things that do exist.
  Things I used to do daily on my Android phone and haven't found an app for:
  SSH client that works on WP8
  RDP client that works on WP8
  Google Talk client that actually works (found gchat but it disconnects a lot and never manages to bring in chat history so you just lose whatever messages happened while its d/c)
  IRC client that stays connected while using other apps.. It seems they *all* lose connection the minute you switch away.
  WiFi analyzer/basic networking troubleshooting tools
  Google Voice client, or any reasonable alternative client+service
  Audio book player (not just a music player, but a player that is designed for audiobooks.. Bookmarking, intelligent back/forward controls, speed adjustment etc)
  Several amateur radio related apps, psk31 rtty sstv websdr etc.. These are sort of a niche I guess but Android has lots of great tools for hams.
  Games in the style of kairosoft.. Building/strategy type. Basically haven't found a good time waster.
  Maybe I am just looking in the wrong places.. Maybe these things will come. There are many things I do like about wp8 so I hope so.
  
  --
  -Lod
6. Re:Happy to have a Windows Phone by DogDude · 2013-02-01 04:09 · Score: 1
  
  Oh wow. You DO use your phone like a small computer. I run a medium sized business with mine, but I have a large collection of both desktops and laptops always near me, so I use those for everything else. I use almost all of the built-in features in the phone, and that really covers my needs (added the free MS PDF reader and a flashlight, and that's all I need).
  
  In your particular case, I think that those apps will be coming soon for the Windows Phone. MS just cut off the Windows Phone 7 platform just recently (6 months ago), so lots of app developers obviously didn't bother doing anything else for it for a while. I think that now it's pretty obvious that MS is committed to Windows Phone 8, and maintaining compatibility from here on out for at least a good bit, so I think the app developers will continue to jump on board onto Windows Phone 8 in the near future. While I don't have the need for technical apps that you do on my phone, personally, I'm pretty confident that a similarly robust "app" environment for Windows Phone 8 is probably right around the corner, since MS has invested so much money into the new Windows Phones, and because quite honestly, I'm seeing people start to get really interested in the Windows Phone. Every time I pull mine out, I get lots of "ooohs" and "aaahs" from people who've seen the marketing, but have never seen one in action. They're pretty slick.
  
  --
  I don't respond to AC's.
7. Re:Happy to have a Windows Phone by smash · 2013-02-02 04:51 · Score: 1
  
  So if I am only installing from a market, what's the advantage again? Other than me fact that the android market has had a heap more malware found on it?
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
8. Re:Happy to have a Windows Phone by Rich0 · 2013-02-02 06:41 · Score: 1
  
  So if I am only installing from a market, what's the advantage again?
  The advantage of what? Buying a phone that is easier to use, more useful, less expensive, better designed, and more attractive? Or the advantage of being able to run whatever you want on it? Or were you just referring to the advantage of owning the phone that you paid for?
Can someone explain how is it... by mark-t · 2013-01-31 03:49 · Score: 1

... that a program can evidently send a text message to someone else without that text showing up in the message history?

--
File under 'M' for 'Manic ranting'
1. Re:Can someone explain how is it... by Anonymous Coward · 2013-01-31 04:11 · Score: 0
  
  They are called system level SMS.
  SMS messages are used for all types of things and you never now about them.
2. Re:Can someone explain how is it... by mark-t · 2013-01-31 05:27 · Score: 1
  
  Like what? And is there ever any reason for a user to legitimately *NOT* know about it?
  
  --
  File under 'M' for 'Manic ranting'
3. Re:Can someone explain how is it... by smash · 2013-01-31 05:55 · Score: 1
  
  Diagnostics by the mobile operator maybe. And by using your device on their network you have no doubt agreed to terms of service which allow them to do this sort of thing.
  
  --
  I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
4. Re:Can someone explain how is it... by Anonymous Coward · 2013-01-31 07:24 · Score: 0
  
  It's also used for carrier services like Sprint's Total Protection app, or 3rd party apps like WheresMyDroid, where a server sends your phone an SMS to activate the phone location / ringer to help you find it. The message itself is masked by the app. There's nothing nefarious about those services, I'm just providing examples.
5. Re:Can someone explain how is it... by Rich0 · 2013-01-31 15:32 · Score: 2
  
  Easy - the history is implemented by the App, not the OS. If you ask the OS to send a message, it just sends it.
  That is why if you send a text from messaging App A you don't see it in the history of messaging App B.
  The real place to monitor history is at the provider level anyway - then it will cover history even across multiple phones, OS resets, etc.
  The bigger issue here is that mobile providers are allowed to sell you a service you don't want to buy. If I were grand dictator one of my first edicts would be that for ANY service the person buying the service could dictate the maximum amount they're wiling to pay per month (down to the lowest amount mentioned in any ad). The subscriber would then not be responsible for ANY charges in excess of this amount for any reason. The provider could of course refuse to deliver a service that cost more than their budget (cutting off calls when you're out of minutes, not delivering texts, blocking data, etc). However, if they provided the service they'd have to eat the cost if you told them you didn't want to spend that money. The result would be an end to $500 surprise bills - at most you could DOS yourself, and providers would really have no incentive to let you do that since it just lowers satisfaction and doesn't make them any more money.
  Oh, and any increase to the limits has to be by phone call or in writing to customer service. No API on the phone that just lets you up your limit/etc which is then subject to abuse.
  Phone companies are like the guys who run out and wash your windows while you're stuck in traffic and ask for money.
Then don't buy it. by Anonymous Coward · 2013-01-31 04:14 · Score: 0

He shouldn't. If the device is not supported in his country, it wouldn't make sense to buy it. Or things like this occur.
RICO prosecutions by swb · 2013-01-31 04:41 · Score: 2

RICO prosecutions would help. It's what should have been done with Spam in the early days when it started to become profitable.
Drag in the banks, the ISPs, and the other supposedly reputable service providers into the RICO prosecutions. Once a couple of well-known institutions get caught like this it would cut off the air supply of the illegal action and make it much, much more difficult.
By not doing this, we only encourage our supposedly legitimate institution to keep providing services to people who actually committing crimes.
1. Re:RICO prosecutions by macs4all · 2013-02-01 14:46 · Score: 1
  
  RICO prosecutions would help. It's what should have been done with Spam in the early days when it started to become profitable.
  Drag in the banks, the ISPs, and the other supposedly reputable service providers into the RICO prosecutions. Once a couple of well-known institutions get caught like this it would cut off the air supply of the illegal action and make it much, much more difficult.
  By not doing this, we only encourage our supposedly legitimate institution to keep providing services to people who actually committing crimes.
  My thoughts exactly.
I guess it's a bit too hard for some people ... by Anonymous Coward · 2013-01-31 04:58 · Score: 0

http://i.stack.imgur.com/yuJnum.jpg
This is stock Android (I'm sure there's a chinese version of this, though nobody's taken a screenshot of it)
Just to balance out convenience with functionality, it doesn't notify on every message.
I don't know what idiot would want to constantly click on "ok, send" for EVERY automated message - legit or no. I suppose they might own another platform that like YES/NO authorization popups interrupting their experience (for new wifi networks found, for adding FB integration from the Settings on pad, etc.).
I guess it's too hard to read plain language...
Flamebait for Linux Fan boys by Ravaldy · 2013-01-31 05:13 · Score: 1

This is once again proof that an OS is only as good as it's implementation, configuration and install software.
Ta30 by Anonymous Coward · 2013-01-31 05:21 · Score: -1

I thought it was my TOWEL UNDER THE MORNsING. NOW I HAVE core team. They users', BigAzz, than this BSD box, of playing your Many of us are it was fun. If I'm at death's door
woot by smash · 2013-01-31 05:54 · Score: 1

Running unsigned code from anywhere is awesome!
30+ years of this shit on desktop computers, and so it repeats on mobile.

--
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
Another reason to avoid all Fuckle Assdroid by Anonymous Coward · 2013-01-31 05:58 · Score: 0

devices and go with iOS devices instead.
Wvery new malware that is released for Fuckle Assdroid just proves that Fuckle is the new M$ and Fuckle Assdroid is the Windoze of the mobile world. Apple iOS is far more secure than Windoze phone and Fuckle Assdroid could ever be. Don't think it can't happen in the US? Think again. With this the data usage will be causing users to be throttled due to hitting their data caps. Naturally this will get modded down because Slashdot is filled with Fuckle Assdroid Fanbois that love to get fucked in the ass, hence the term Fuckle Assdroid. So go ahead, flame on you Fuckle Assdroid loving, fudgepacking, twinkie sucking fucktarded shills of Fuckle.
Not even wrong by Anonymous Coward · 2013-01-31 06:39 · Score: 1

Noooo, having the option of flipping the switch that says "WARNING: You're making me insecure" right there and then allows owner to do whatever he wants - even if it's not good for him - is extremely baaaaaaad thing.
Don't forget that Larry, Sergei and Eric stand behind your shoulder and basically push you to do it, because otherwise your Android device is useless, useless, I say.
We don't need choice, it's bad for security and requires us to - what gall! - to think and be responsible for our actions. Also, microwaves should only allow verified things to get cooked and cars should only drive no faster than 5 mph.
1. Re:Not even wrong by Anonymous Coward · 2013-01-31 08:05 · Score: 0
  
  otherwise your Android device is useless, useless, I say.
  So you mean exactly like an iPhone? That is what we are talking about here - locking down app installs from only one source. So if Android is useless without that feature, what does that make an iPhone? Even less than useless because you can't change this.
2. Re:Not even wrong by node+3 · 2013-01-31 08:11 · Score: 1
  
  Your sarcasm doesn't change the fact that iOS is more secure specifically due in large part that it does the very thing you are mocking.
  To rephrase, you are saying that Android isn't less secure, and then say how good it is that the user has the option to make it less secure...?
  Yes, Android provides a bit more freedom. But that freedom comes with a cost, and you can't just mock that cost away.
3. Re:Not even wrong by Plumpaquatsch · 2013-01-31 19:46 · Score: 1
  
  Noooo, having the option of flipping the switch that says "WARNING: You're making me insecure" right there and then allows owner to do whatever he wants - even if it's not good for him - is extremely baaaaaaad thing.
  You are ignoring that Larry, Sergei and Eric already have made that decision for the Chinese users, with no way for those users to go the opposite way.
  
  --
  Of course news about a fake are Fake News.
China is a Cyperpunk Novel by jd.schmidt · 2013-01-31 09:47 · Score: 1

The hacking, the spying, the amoral corporations/pseudo-governments, the omnipresent smog. China is looking more and more like neo-Shanghai.
William Gibson was right!
iPhone 5 coming to China later this year by tepples · 2013-02-01 03:25 · Score: 1

"Bill Shocker" Malware Controls 620,000 Android Phones In China
And if you didn't want malware, you'd have bought an iPhone rather than an Android.
I thought the iPhone wasn't officially out in China yet. That won't happen until later this year.
1. Re:iPhone 5 coming to China later this year by BasilBrush · 2013-02-01 05:28 · Score: 1
  
  Apple's been selling iPhones in China since the iPhone 3. And yes, they sell the iPhone 5. Your rumour link is about a new model, not the already existing models.