Slashdot Mirror

← Back to Stories (view on slashdot.org)

Android Malware Intercepts Text Messages, Forwards To Criminals

Posted by samzenpus on from the stealing-the-grocery-list dept.

An anonymous reader writes "A new piece of Android malware has been discovered that can intercept your incoming text messages and forward them on to criminals. Once installed, the trojan can be used to steal sensitive messages for blackmailing purposes or more directly, codes which are used to confirm online banking transactions. The malware in question, detected as "Android.Pincer.2.origin" by Russian security firm Doctor Web, is the second iteration of the Android.Pincer family according to the company. Both threats spread as security certificates, meaning they must be deliberately installed onto an Android device by a careless user."

137 comments

  1. Is this really news? by Rick+Zeman · · Score: 5, Interesting

    This'd only be newsworthy if it's installed via Google Play or another mainstream source. Otherwise, it's just stupid people paying the price for their ignorance.

    1. Re:Is this really news? by peragrin · · Score: 5, Insightful

      Since the one of the main talking point about android is the ability to side install apps.

      Of course how can you be sure any app you install is genuine? Unless you write, compile and install it yourself and even that isn't 100% trustworthy.

      So define ignorance when the professional have a hard time and the average person isn't smart enough to know what compiling is let alone do it.

      --
      i thought once I was found, but it was only a dream.
    2. Re:Is this really news? by ozmanjusri · · Score: 3, Informative

      Yep, it's another AV vendor beat-up.

      "The Australian Communications and Media Authority has published detailed statistics of malware infections identified by their online security team (AISI). The team scans and identifies and compromised computers on Australian IP addresses and reports daily to around 130 participating ISPs.

      Their breakdown shows about infected 16,500 devices are online at any one time. The malware type for all infections is available on the site."

      http://www.acma.gov.au/WEB/STANDARD..PC/pc=PC_600121

      If you look at the breakdown of malware infected IPs, there are around 16,500 active infections at any one time. Around 20 Windows viruses make up more than 99% of all infections. In the "Other" section, there are around 100 active IPs with rarer Windows viruses, and Mac, iOS, Linux and Android infections.

      In other words, the total of all Android malware is competing with space in the fraction of 1% of malware instances that aren't on Windows.

      --
      "I've got more toys than Teruhisa Kitahara."
    3. Re:Is this really news? by Anonymous Coward · · Score: 0

      that's really a great attitude to have towards the problem..

      considering...

      you don't know if, or which of, your contacts are infected with something.. therefore your own communications is also at risk -- even if you are, indeed, the superior life form that you believe yourself to be (not a chance), and would and could never ever get a bug, trojan, worm, virus, or get caught in a phishing net....

    4. Re:Is this really news? by Anonymous Coward · · Score: 0

      Maybe those stupid people should buy iPhones.

      Maybe.

      And since Apple doesn't allow AV on iOS, they'd never know if they had malware.

      But ignorance is bliss, right?

    5. Re:Is this really news? by donaldm · · Score: 1

      Since the one of the main talking point about android is the ability to side install apps

      That is always a problem with any OS which includes Microsoft Windows although most malware and viruses target that OS. Still to be fair in the majority of cases it is the unaware user that is at fault. Of course the unaware user is going to be the one to complain when in reality it really is their fault for not even taking the time to read up on basic computer etiquette and security awareness.

      Of course how can you be sure any app you install is genuine? Unless you write, compile and install it yourself and even that isn't 100% trustworthy

      You are dead right if the developer (private or commercial) is not very good at programming then the application they write is going to have problems and in a worst case scenario you as the users of said application could stuff up your data. The problem all users face no matter what the OS is, at some stage they are going to have to trust their vendor or they may as well wrap themselves in animal skins, light up a branch and retire to their cave.

      So define ignorance when the professional have a hard time and the average person isn't smart enough to know what compiling is let alone do it.

      Well it's not difficult to type "make" as a normal user then test and when fully satisfied that the application works properly type "make install" as the system admin. But this means using the "command line" or a developer GUI which basically allows the developer to develop and maintain the application. However the average person does not know what the "command line" or even what a development GUI is or if they do think their brains will explode if they attempt it :)

      --
      There ain't no such thing as proprietary standards only proprietary formats. Standards are by definition open.
    6. Re:Is this really news? by Anonymous Coward · · Score: 0

      Or they could use one of the dozens of exploits in the web browser or the core applications that haven't been patched because most Android phones are running extremely old versions that are full of vulnerabilities. Thanks carriers!

    7. Re:Is this really news? by clonehappy · · Score: 3, Insightful

      Well it's not difficult to type "make" as a normal user then test and when fully satisfied that the application works properly type "make install" as the system admin. But this means using the "command line" or a developer GUI which basically allows the developer to develop and maintain the application. However the average person does not know what the "command line" or even what a development GUI is or if they do think their brains will explode if they attempt it :)

      I don't know why people seem to think typing "make" and/or "make install" somehow protects them from malware. Unless you've examined the code, line by line, and actually have the skills to understand it, you're just as vulnerable as someone running a random binary on a Windows machine.

    8. Re:Is this really news? by Anonymous Coward · · Score: 0

      you are only seeing malware that produces active web traffic that can be identified easily. Not saying this still isn't anymore than a blip on the radar, but still that is a terrible set of stats you are using.

    9. Re:Is this really news? by Anonymous Coward · · Score: 0

      It doesn't have AV because AV on a phone is fucking stupid. I use Windows Phone 8 now because Android (Linux) is so insecure. The irony.

      Where are all of the Linux users complaining about needing to run AV now?

    10. Re:Is this really news? by Anonymous Coward · · Score: 1

      that is a terrible set of stats you are using

      Do you have any better stats? Eg, stats that are not from an AV vendor trying to desert from the sinking Windows ship.

    11. Re:Is this really news? by Anonymous Coward · · Score: 0

      Yeah, if you routinely spew your credit card info and social security number to your contacts.

      "Hi John, how are you. By the way, my CC is 1234 5678 9011 1213, exp 01/01/15 and my social security number is 123 45 6789."

    12. Re:Is this really news? by Anonymous Coward · · Score: 0

      After the phone has been connected to some cellular base station, how do you know the OS and/or apps are the trusted ones you installed?

      Besides, how do you even know you can trust the compiler?

      http://cm.bell-labs.com/who/ken/trust.html

    13. Re:Is this really news? by Anonymous Coward · · Score: 2

      There's always a tradeoff with the usefulness of smartphones.

      When you select one, you get to choose between having a really useful phone which allows you (the owner) to do what you want with it, or stopping you doing what you want and also stopping you doing something risky.

      You've just chosen to go a long way towards the useless end of the scale.

    14. Re:Is this really news? by Microlith · · Score: 1

      Since the one of the main talking point about android is the ability to side install apps.

      It's a talking point because on Apple devices it isn't even an option at all. I'm highly doubtful that malware could spread effectively via sideloading.

    15. Re:Is this really news? by Anonymous Coward · · Score: 0

      Hurr durr. Enjoy running a real time scanner on your phone, neckbeard.

    16. Re:Is this really news? by chromas · · Score: 2

      AV on a phone does sound stupid, but a smart phone isn't really a phone—it's a pocket computer with a modem in it.

    17. Re:Is this really news? by chromas · · Score: 4, Funny

      I audit my hardware from the theoretical quantum strings up, plus the source of entire operating system and compiler toolchain, every time there's an update, which I compile myself. I don't use make.

    18. Re:Is this really news? by Anonymous Coward · · Score: 0

      Of course how can you be sure any app you install is genuine? Unless you write, compile and install it yourself and even that isn't 100% trustworthy.

      So define ignorance when the professional have a hard time...

      OMFG I've never seen anyone express it so clearly and compactly. Is this really it? Is this the obvious thing that 70% of people can't see?

      I can answer your question because it really is easy (so easy you already did figure it out, you just re-arranged the information to hide it from yourself), and the professional don't have a hard time. Ready?

      First of all: he said ignorance, but what he really meant was negligence.

      How do you know unless you made sure? You don't.

      You don't know, because you didn't make sure. And you know you didn't make sure. You don't know if it's not malware, but you do know that you don't know it's not malware.

      So how do you act, given that you don't know whether or not it's malware?

      You don't install it, because you think it might be malware.

      What does the negligent person do? He installs it, because he think it might not be malware. :-)

      That's what the difference is, between the negligent and the sensible. Neither knows how bad the malware is, they're roughly about as equally knowledgeable on average. The negligent decides to blow off the risk and installs it. The sensible knows that he doesn't know, so he doesn't install the malware.

      There's no difficulty. It's that simple, to keep free of malware. It has nothing to do with whether or not you're a pro or how technically advanced you are. It merely has to do with now stupidly arrogantly fuckwittedly negligent you are, vs how responsible you are.

      I take 9 oz of the sweetest most awesomely heavenly nectar, and add 1 oz of diarrhea liquishit to it. Do you drink? The guy who needs AV software thinks that drink is mainly sweet nectar. Chuh chug. The guy who doesn't run viruses, think that drink is diarrhea.

    19. Re:Is this really news? by tlhIngan · · Score: 2

      This'd only be newsworthy if it's installed via Google Play or another mainstream source. Otherwise, it's just stupid people paying the price for their ignorance.

      Unlike iOS, Android is sold in far more countries than the store supports (Apple obviously only sells iOS devices in places where they have an iTunes store - which is why some countries only have the App Store and no music, movies nor books).

      One of these countries is... China. Which is a huge population and stuff is shared rather promiscuously, plus the official Chinese app stores are full of infected apps.

      In addition, many of these places also sell Android devices with no Google stuff, so the only way to get apps are unofficial app stores. And unfortunately, everyone calls AOSP devices "Android".

    20. Re:Is this really news? by Anonymous Coward · · Score: 0, Troll

      Android is so buggy that it's useless. Try moving a bunch of apps to external SD card. The device will bootloop. This has been a bug in Android since v2.3.5 and Google doesn't give a shit. That's aside from all of the crap like black screen of death, laggy UI (even after "project butter"), apps that are simply allowed to run perpetually in the background sucking up battery and stuff generally breaking by itself.

      My Windows Phone, on the other hand, actually works and I can count on it to not start acting weirdly all of a sudden. Almost every single application that I used to use on Android has an equal or superior app on WP8. Sure, there are some shortcomings, like not being able to handle MKV containers or not being able to play FLAC files and a small library of games, but those are minor inconveniences compared to the nightmare that I went through with Android.

    21. Re:Is this really news? by Anonymous Coward · · Score: 0

      "Android is so buggy that it's useless."

      Android activations reach 1.5 million per day.

      http://www.gsmarena.com/android_activations_figure_reach_15_million_per_day-news-5865.php

      I'm sensing a slight dissonance with reality here. No wonder W8 makes sense to you.

    22. Re:Is this really news? by Anonymous Coward · · Score: 0

      Logic fail.

      Justin Bieber has millions of fans too. I guess that makes him a fantastic musician.

      Additionally, by the same logic, that makes Windows a superior desktop OS to any of the Linux distros.

    23. Re:Is this really news? by Smauler · · Score: 1

      Well it's not difficult to type "make" as a normal user then test and when fully satisfied that the application works properly type "make install" as the system admin. But this means using the "command line" or a developer GUI which basically allows the developer to develop and maintain the application. However the average person does not know what the "command line" or even what a development GUI is or if they do think their brains will explode if they attempt it :)

      You're missing the point. Even if users could be trained to compile their own utilities, it would not have an effect. No one actually knows the codebase they compile, 99.9% of the time. Even if all users automagically compiled everything they used, it would make no difference, since they'd still be downloading crap from the same crap websites.

    24. Re:Is this really news? by Bert64 · · Score: 2

      You don't need AV. If you're not sufficiently clued up then you shouldn't enable settings intended for developers, in its default setting android won't let you download and execute arbitrary apps from random websites.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    25. Re:Is this really news? by Bert64 · · Score: 4, Informative

      I have moved apps to external sd cards, my devices don't boot loop...
      The problem with android (and this problem occurs on windows as well to a lesser extent) is all the oems/carriers that think they know best and put out heavily kludged versions, introducing all manner of bugs and breaking standard functionality.

      As for background apps, android *allows* background apps because such a feature is useful for users... You just have to choose background apps which are well written. Don't blame the os for shoddy applications.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    26. Re:Is this really news? by Anonymous Coward · · Score: 0

      Dude, just audit make too....

    27. Re:Is this really news? by Anonymous Coward · · Score: 0, Interesting

      The SD card bootloop problem is well known and spread across a large number of devices. Take a look.

      It is not any app causing the problem, it's Android itself. It's suspected that it happens either after a certain number of apps/files are moved or a certain amount of space is used by apps on the SD card.

    28. Re:Is this really news? by Anonymous Coward · · Score: 0

      Sorry, that link should be http://code.google.com/p/android/issues/detail?id=25563.

    29. Re:Is this really news? by Anonymous Coward · · Score: 0

      "Android is so buggy that it's useless."

      I guess that makes him a fantastic musician.

      Spot the logic fail...

    30. Re:Is this really news? by Anonymous Coward · · Score: 0

      The fail is that you honestly believe that popularity is an indicator of quality.

    31. Re:Is this really news? by Anonymous Coward · · Score: 0

      You said: "Android is so buggy that it's useless."

      Now you say: "you honestly believe that popularity is an indicator of quality."

      You're not a clever man, are you?

    32. Re:Is this really news? by Anonymous Coward · · Score: 0

      Put together the two brain cells that you have and learn some basic English comprehension.

    33. Re:Is this really news? by Anonymous Coward · · Score: 0

      Android 2.3 Gingerbread, 38.5%

      Android 4.1 and Android 4.2 Jelly Bean, 28.4%

      Android 4.0 Ice Cream Sandwich, 27.5%

      Froyo 2.2, Eclair 2.1, Honeycomb 3.2 Donut 1.6, 5.6%.

    34. Re:Is this really news? by symbolset · · Score: 1

      Anybody who wants to have a meaningful discussion on this subject needs to read Ken Thompson's 1984 ACM article "On Trusting Trust". In it he describes inserting rogue code into the compiler that recognizes when it's compiling a compiler and replicates into the executable of the compiled compiler - and so becoming persistent across a platform migration. This is just the transport mechanism. The payload is code that recognizes the Unix Login and subverts its security. Obviously, once the first compiler is compiled with this trojan the source code for it can be removed and all subsequent compilers compiled with this trojaned compiler will have the code no matter what platform it migrates to.

      It doesn't just seem like we've been having this discussion for 30 years. We actually have. In order to have a compiler you can actually trust you need to implement its progenitor in machine language using a byte editor, and even then you need to manually compute a checksum for the mini-compiler that can be checked from a system running an OS not derived from it. Fortunately a minimum C compiler is pretty basic and it's not that hard to implement in binary. Starting with a basic assembler is even easier.

      For those who don't know: Ken Thompson's CV includes the phrase: "I invented Unix" among many other valuable contributions. If anybody would be informative on this topic, he would.

      --
      Help stamp out iliturcy.
    35. Re:Is this really news? by Big+Hairy+Ian · · Score: 1

      Like any of the AV on Android are any good! Haven't found one yet that can stop a simple browser hijack :(

      --

      Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

    36. Re:Is this really news? by symbolset · · Score: 1

      Popularity is an indicator of popularity. It is what it is. In this case it is what it needs to be to be popular.

      --
      Help stamp out iliturcy.
    37. Re:Is this really news? by symbolset · · Score: 1

      You guys are digging kind of deep, aren't you?

      --
      Help stamp out iliturcy.
    38. Re:Is this really news? by LordVader717 · · Score: 1

      Well, that seems to require that the compiler could anticipate future languages and compiler architectures. Not completely unfeasible, but it would probably need some massive AI capable of reverse-engineering from a limited set of code.

    39. Re:Is this really news? by Anonymous Coward · · Score: 0

      I don't know why people seem to think typing "make" and/or "make install" somehow protects them from malware. Unless you've examined the code, line by line, and actually have the skills to understand it, you're just as vulnerable as someone running a random binary on a Windows machine.

      I'm sorry, but you have completely misunderstood the point of open source software. Not everybody will audit software. But some can and will do that.

      IMHO, Android is a step back to the 90:s era of small binary .exe:s that everyone installs. Google effectively ripped out all of the good cultural things about Linux, slapped on a fancy GUI and made it a security nightmare. Sure, instant economic success but terrible quality-wise and security wise. I really hope some good open source mobile effort succeeds soon.

    40. Re: Is this really news? by Anonymous Coward · · Score: 0

      Nice. When will you start to use your computer?

    41. Re:Is this really news? by Anonymous Coward · · Score: 0

      Not only that, who cares about my SMS? "Hey, call me back, lol". Give me a break. Even if I text out my bank account number, what's someone going to do, transfer money TO me?

    42. Re:Is this really news? by SoldierII · · Score: 1

      Logic fail.
      Justin Bieber has millions of fans too. I guess that makes him a fantastic musician.
      Additionally, by the same logic, that makes Windows a superior desktop OS to any of the Linux distros.

      lol, but Windows is prefered choice for Desktop.

    43. Re:Is this really news? by TemporalBeing · · Score: 0

      Logic fail. Justin Bieber has millions of fans too. I guess that makes him a fantastic musician. Additionally, by the same logic, that makes Windows a superior desktop OS to any of the Linux distros.

      lol, but Windows is prefered choice for Desktop.

      Only b/c of legacy software.

      --
      Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
    44. Re:Is this really news? by Anonymous Coward · · Score: 0

      You should fuck him in the mouth. Then at least he'd stop singing for a few minutes.

    45. Re:Is this really news? by TemporalBeing · · Score: 1

      The SD card bootloop problem is well known and spread across a large number of devices. Take a look.

      It is not any app causing the problem, it's Android itself. It's suspected that it happens either after a certain number of apps/files are moved or a certain amount of space is used by apps on the SD card.

      Well, my N1 doesn't have an issue - either with stock Android or Cyogenmod7 - where I more heavily moved apps to the SD card than with Stock since stock wouldn't allow some apps to go to SD Card, while a lot more can with C7.

      It's mostly likely due to something that the OEMs/Carriers did by allowing some critical piece of software to be moved to the SD card.

      And the only "boot loop" issue I had was a memory allocation issue by the Activity Manager completely unrelated to whether or not the SD card was present.

      --
      Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
    46. Re:Is this really news? by Anonymous Coward · · Score: 0

      Why isn't it a function of the os to know what app is shoddy and what is not?

    47. Re:Is this really news? by cyberchondriac · · Score: 1

      I don't know why people seem to think typing "make" and/or "make install" somehow protects them from malware. Unless you've examined the code, line by line, and actually have the skills to understand it, you're just as vulnerable as someone running a random binary on a Windows machine.

      While that's very true in essence, and I myself am no programmer, so 99% of code is indecipherable gibberish to me (unless you count basic HTML, hah), the thing is that I figure the odds are very high that someone -if not multiple people- out there with the ability has examined the source, and if it had been found to have had malware, an alarm would've been sounded throughout the community.
      Granted, that's no guarantee of safety, and I realize that, but it's a lot better odds than installing something pre-compiled and closed source. So open source tends to be safer than closed, even if, say, 90% of the users can't read code, thanks to the 10% who can.

      --

      Look back up at my post, now look back down, you're on the Internet. Now look back up. I'm a signature.
    48. Re:Is this really news? by isopropanol · · Score: 1

      Wait, what? you can't write emails or use calender while not connected to the network? what app are you using? I have a stock Nexus 4 with exchange, imap, and gmail accounts and I can use all 3 in airplane mode - just can't sync or send.

      oh nevermind, you're just trolling.

    49. Re:Is this really news? by Anonymous Coward · · Score: 0

      It isn't well known. I regularly keep tabs on android websites, and none of them mentioned this.

      Most likely, you have a few defective units that, when stressed, cause a bootloop (there's even one guy who posted to wait because of SD card thermal temps.)

    50. Re:Is this really news? by Anonymous Coward · · Score: 0

      That's what the permission system is for. An app can only do as much as you allow it to.

    51. Re: Is this really news? by KGIII · · Score: 1

      It is quantum. He was using it before he bought it.

      --
      "So long and thanks for all the fish."
    52. Re:Is this really news? by Anonymous Coward · · Score: 0

      Why do you piece of shit windows phone users even bother? Your fucking pathetic. Your phones are pathetic. You entire ecosystem is a putrid cesspool. Go back to begging for apps you shit stain.

    53. Re:Is this really news? by Anonymous Coward · · Score: 0

      Then why does the problem go away when the apps are moved back to the phone? This is an Android bug.

    54. Re:Is this really news? by Anonymous Coward · · Score: 0

      "Of course how can you be sure any app you install is genuine? "

      I see someone read the Microsoft Shill Manual

  2. I love android by Anonymous Coward · · Score: 0

    I love that Android is so FREE!

  3. Some people could find this useful by approachingZero+ · · Score: 0, Troll

    Attorney General Eric Holder for instance.

    --
    'I don't know what it's called. I just know the sound it makes, when it takes a man's life.' ~ Four Leaf Tayback
    1. Re:Some people could find this useful by lister+king+of+smeg · · Score: 1

      oh come on people that was worth a +1 funny mod not -1.

      --
      ---Saying gnome 3 is better than windows 8 not so much a compliment as it is damning with light praise.
    2. Re:Some people could find this useful by approachingZero+ · · Score: 0

      Now I feel like Dangerfield's bastard step child. No respect.

      --
      'I don't know what it's called. I just know the sound it makes, when it takes a man's life.' ~ Four Leaf Tayback
  4. FUD. Must be a slow news day by thammoud · · Score: 2, Interesting

    From TFA,

    Although Doctor Web doesnâ(TM)t say so, the good news here is that Pincer2 is not likely to be very prevalent. It has not been found on Google Play, where most Android users should be getting their apps, and appears to be meant for precise attacks, as opposed to being aimed at as many users as possible.

    In short, this malware threat isnâ(TM)t one that you will likely be hit with, but it is an interesting example of how Android malware is evolving.

    1. Re:FUD. Must be a slow news day by girlintraining · · Score: 3, Insightful

      In short, this malware threat isnÃ(TM)t one that you will likely be hit with, but it is an interesting example of how Android malware is evolving.

      For suitably uninteresting values of 'you', perhaps. But standing at a bus stop and spotting someone sharply-dressed, I could ask to use their phone to make a quick call for [insert excuse here], and in a few seconds, install similar malware.

      A few weeks later, all your bank accounts zero. Do you remember me?

      --
      #fuckbeta #iamslashdot #dicemustdie
    2. Re:FUD. Must be a slow news day by Anonymous Coward · · Score: 0

      What would be REALLY fun is if the malware would intercept the asinine text messages that have been floating around here in South Florida for junk car dealers who offer to buy your junk car if you call the number in the text message... which isn't the same one that actually sent the message... and isn't even from the same (or even an adjacent) area code...

      Bad enough that I have to pay for every one of these texts (sorry, but I'm still a bit of a Luddite when it comes to texting and, yes, I know I could ask Verizontal to block all texts, but I feel I need to retain the capability in case of a family emergency), but they tend to come in at all hours of the day and night.

    3. Re:FUD. Must be a slow news day by fermion · · Score: 1
      Exactly. As long as you stay in the walled garden you are safe. But if the advantage of Android is to venture out, then what is the purpose of staying in?

      The answer is of course that it is easier to build certain apps on Android, so even if you stay in the walled garden, you end up with more stuff because it is not as well guarded. Which leads to the occasional pest. It is a trade off.

      What I don't understand is how this poses a security risk. Sure your personal discussion and naked photos will be intercepted, but really that has always been an issue. Cell phones and texts should not be considered secure. As far as bank codes, those are pretty useless without more information, and if anything other than the one time code is transmitted in a text message that is security issue with the bank, not an issue with the malware.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    4. Re:FUD. Must be a slow news day by fustakrakich · · Score: 0

      Do you remember me?

      No, but my Oh-So-Smart phone does. Facial recognition put it into 'guest' mode, took your picture, recorded your fingerprint, and ran it across various police databases... Hmm, says here that you... oh no, I can't say that here...

      --
      “He’s not deformed, he’s just drunk!”
    5. Re:FUD. Must be a slow news day by Anonymous Coward · · Score: 0

      Either the people in your city are complete idiots or you are for thinking that someone is going to just lend their phone (or anything) to a complete stranger. In reality, the response you would hear is "I don't know you, you are crazy. Fuck off."

    6. Re:FUD. Must be a slow news day by Microlith · · Score: 1

      But standing at a bus stop and spotting someone sharply-dressed, I could ask to use their phone to make a quick call for [insert excuse here], and in a few seconds, install similar malware.

      You could? Don't you think they'd notice when you're opening the browser and typing URLs rather than making a phone call?

    7. Re:FUD. Must be a slow news day by BrokenHalo · · Score: 1

      I know I could ask Verizontal to block all texts, but I feel I need to retain the capability in case of a family emergency), but they tend to come in at all hours of the day and night.

      I still think it's crazy that you have to pay to receive messages in some countries.

      Don't you have a "Do not Call" registry?

    8. Re:FUD. Must be a slow news day by Anonymous Coward · · Score: 0

      I have prepaid T-Mobile service here in the US and I don't get charged for text messages as long as I never actually open them. The first line of the text appears in my notification bar, which is enough to determine what it is without having to open it.

      The Do Not Call registry is ineffective. Telemarketers and scammers don't care if you're in it and many of them become hostile if you inform them about it. I've gotten rid of an annoying repeat telemarketer once, but only by threatening them and their family. For the rest, I just created contact entries for them, filed under a Spam group, and then set the custom ringtones for them to silence. A few get through every now and then when they start spoofing different phone numbers, but they all get promptly added to "the list".

    9. Re:FUD. Must be a slow news day by Smauler · · Score: 1

      I still think it's crazy that you have to pay to receive messages in some countries.

      In the UK, the mobile companies just charge absolutely stupid amounts to the people calling them. It's much, much cheaper to phone anywhere in the world on a landline than it is to phone a mobile 10 yards away from you (unless you have a "special deal"). That's how they make their money.

      It's the biggest scam of all time - just let the landline customers pick up the tab...

    10. Re:FUD. Must be a slow news day by Anonymous Coward · · Score: 1

      Anyone who uses the term "FUD" is an ignorant twat. Google Play isn't available on Android phones sold in China and many other countries, moron.

  5. Shush! by Anonymous Coward · · Score: 0

    Don't give Facebook ideas.

  6. careless user by EmperorOfCanada · · Score: 3, Insightful

    I thought the word careless was assumed to proceed user. I think that basically every slashdotter has been called to help some "careless" user who has 3 toolbars, 2 AV bloatwares, and countless other bits of crap that came along with all their downloads. Yet they will swear on a stack of bibles that "they never installed nothin' "

    So any malware that depends on users being careless will be a huge success. The other key will be ease of use.

    That being said, I generally stick with my brother's rule: "I wouldn't transmit it electronically if I wouldn't want it on the front page of a national newspaper." My niece texted me her password the other day; I pointed out the error of her ways.

    I did just come up with an app for Google glasses. You send someone encrypted messages that are displayed on their screen as a QR code. Their glasses decrypt it temporarily while it is in view. The phone can't decrypt, the glasses don't store. Glasses can still get hacked though but at least you do not have a plaintext message store.

    1. Re:careless user by Anonymous Coward · · Score: 0

      What generally drives me bonkers, to no fail, is someone who tosses around the phrase, "That being said". It almost always follows some unimportant thought or insignificant point about some meaningless un-newsworthy event or state of affairs for anything and everything under the sun, followed up by some even more uninteresting attempt to drive home the first part of the hopeless oratory.

      That being said, it would be much more instantaneously enlightening to make the main point first and forget the second part altogether.

    2. Re:careless user by KGIII · · Score: 1

      Did you just hurp when you meant to derp?

      --
      "So long and thanks for all the fish."
  7. This is why I hate Android by OhANameWhatName · · Score: 0, Flamebait

    The potential for Malware is just too high. Every geek will 'blame the user' but it's time to take responsibility and blame the platform.

    I constantly, repeatedly and persistently tell everyone who asks to buy an iPhone. The platform is safe. No ifs, ands, buts or blaming the users for their stupidity. If it can go wrong, it will go wrong.

    This is just the leading edge of the wave. If the authors can get this into the Play store, they will. It's just a matter of time before Android phones become infected with premium line diallers and other wonderfully creative nasties. The 'Free' platform is slowly becoming the 'Free for all' platform.

    1. Re:This is why I hate Android by Anonymous Coward · · Score: 4, Insightful

      Kind of funny, isn't it...

      Windows malware? Blame Microsoft.

      Android malware? Blame the user.

    2. Re:This is why I hate Android by Anonymous Coward · · Score: 0

      Android's main problem is that the carriers don't keep it updated so 99.9% of Android users are running around with phones that have known vulnerabilities in the web browser and core applications. It's pretty fucking sad.

    3. Re:This is why I hate Android by Adrian+Lopez · · Score: 1, Informative

      The platform is safe. No ifs, ands, buts or blaming the users for their stupidity.

      If the platform is so safe, why does Apple have to review and sign every app before it's allowed to run? There's no need to do that if your platform is free of exploits.

      --
      "In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
    4. Re:This is why I hate Android by ducomputergeek · · Score: 3, Insightful

      The Apple App Store is not immune to malware, but does offer some level of protection and once a threat is spotted in the wild corrective action can be taken by the platform. I know a lot of people who went to droid and bragged about how "open" the platform was and not limited to any one store and that it was 1985 with Windows vs Mac again only this time with Android playing the Windows role. And I agreed with them. Android will become the windows of mobile devices. Complete with the viruses and malware windows users have come to know and love.

      --
      "The problem with socialism is eventually you run out of other people's money" - Thatcher.
    5. Re:This is why I hate Android by SuperKendall · · Score: 2

      If the platform is so safe, why does Apple have to review and sign every app before it's allowed to run?

      Because trojans can use legal API's to do work, and defense in depth means that there is actually depth to your defense.

      --
      "There is more worth loving than we have strength to love." - Brian Jay Stanley
    6. Re:This is why I hate Android by c0lo · · Score: 1

      The potential for Malware is just too high. Every geek will 'blame the user' but it's time to take responsibility and blame the platform

      Like in real life, security and freedom are two divergent (if not opposed) directions. Assigning the blame is quite a cheap way to avoid assuming the responsibility for one's actions.

      --
      Questions raise, answers kill. Raise questions to stay alive.
    7. Re:This is why I hate Android by Adrian+Lopez · · Score: 1

      Because trojans can use legal API's to do work, and defense in depth means that there is actually depth to your defense.

      This, of course, applies to both platforms. How, then, is running programs from outside the Google Play store is any less safe on Android than running programs from outside the App Store would be if iOS permitted it.

      --
      "In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
    8. Re:This is why I hate Android by Microlith · · Score: 1

      I love the fear mongering. Do you own Apple stock?

    9. Re:This is why I hate Android by Microlith · · Score: 1

      That's an irrelevant angle to argue because Apple has negated it completely. I suspect that having to check a box to load non-Play Store apps is just as effective in curtailing the sources of infection.

    10. Re:This is why I hate Android by OhANameWhatName · · Score: 1

      I love the fear mongering. Do you own Apple stock?

      No. I have no vested interest in the success of any mobile platform whatsoever. How about you?

    11. Re:This is why I hate Android by SuperKendall · · Score: 1

      This, of course, applies to both platforms.

      Not really, because even the Play apps have far greater reach into the Android system than iOS apps.

      running programs from outside the Google Play store is any less safe on Android than running programs from outside the App Store would be if iOS permitted it.

      iOS does permit it, when jailbroken. And it's not as safe - but the system still has the inherent sandbox for apps that you run, and people technically apt enough to handle the ability to jailbreak can also properly assess risk of items installed outside the app store. Anyone installing Android apps from the Amazon app store or other alternate app stores is wide open and has no technical ability to assess risk - not to mention that as I said even some Play apps have the ability to deeply modify the system in ways that iOS App Store apps just cannot.

      --
      "There is more worth loving than we have strength to love." - Brian Jay Stanley
    12. Re:This is why I hate Android by cyber-vandal · · Score: 1

      Any story about Windows malware will have plenty of posts about it being the user's fault and how they have never had a virus blah di blah noscript blah di blah

    13. Re:This is why I hate Android by sacrilicious · · Score: 1

      Kind of funny, isn't it... Windows malware? Blame Microsoft. Android malware? Blame the user.

      If you're trying to point out hypocrisy, you miss. The WIndows OS code is so full of security holes it's pathetic... and yes, that is squarely Microsoft's fault. Android/linux is much much better, and when we're talking about malware that specifically must be cert-installed by a user, yes, the user is most definitely complicit. Get off your high horse.

      --
      - First they ignore you, then they laugh at you, then ???, then profit.
    14. Re:This is why I hate Android by scot4875 · · Score: 1

      Every iPhone that can be jailbroken is also running around with a phone that has known vulnerabilities.

      As far as I know, that means all of them.

      --Jeremy

      --
      Jesus was a liberal
    15. Re:This is why I hate Android by strikethree · · Score: 1

      Very nice troll from an Anonymous Coward.

      Microsoft deliberately obfuscates the controls for their operating system and Android does not.

      To put it another way: You can not defend yourself in a Microsoft world but you can defend yourself in a non-carrier ROM Android world.

      Cheers

      --
      "Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
    16. Re:This is why I hate Android by Anonymous Coward · · Score: 0

      Call me when a 12 year old kid can put malware on an android device with zero user intervention

  8. http://lmgtfy.com/?q=iphone+trojan by Namarrgon · · Score: 1

    16.9 million results.

    No platform is safe from user stupidity.

    --
    Why would anyone engrave "Elbereth"?
    1. Re:http://lmgtfy.com/?q=iphone+trojan by Anonymous Coward · · Score: 0

      Platforms that let the user easily update the phone's software (iOS, Windows Phone, Blackberry?) without going through the carrier are a lot safer. Most people that haven't rooted their Android phone are sitting on versions that have tons of known vulnerabilities.

    2. Re:http://lmgtfy.com/?q=iphone+trojan by Anonymous Coward · · Score: 0

      http://lmgtfy.com/?q=android+trojan

      21.3 million results.

      I guess some platforms are safer than others from user stupidity.

    3. Re:http://lmgtfy.com/?q=iphone+trojan by Anonymous Coward · · Score: 1

      Google result #s, that MUST indicate the security of one platform with another. I don't like iPhone/Apple in the slightest but come on. You insult computer security with such nonsense.

    4. Re:http://lmgtfy.com/?q=iphone+trojan by ozmanjusri · · Score: 1

      Android outsells iPhone globally by about 4 to 1. Given that their search hits are ballpark similar to those of iOS, a sensible person must conclude that Android is around 4 times safer.

      Or that you've chosen a pointless metric to measure by.

      --
      "I've got more toys than Teruhisa Kitahara."
    5. Re:http://lmgtfy.com/?q=iphone+trojan by Anonymous Coward · · Score: 0

      16.9 million results.

      No platform is safe from user stupidity.

      Less knowledge about things that you might know doesn't mean stupidity.

    6. Re:http://lmgtfy.com/?q=iphone+trojan by Anonymous Coward · · Score: 1

      most of those results are for the "trojan" the condom (iphone users get laid more than android users).

  9. Then I guess I don't care by Nethemas+the+Great · · Score: 3, Insightful

    A stupid user is a stupid user. Everyone is so quick to rush to the soapbox and preach how wonderful their platform of choice is and how awful the others are. I say rush to the box and preach how stupid people are. I say rush to the box and demand that basic computing security be taught to everyone just as proper hygiene and safe sex are. We do not need big brothers, we don't need walled gardens, we need people to know what the hell it is that they're doing with their electronics. Teach people to wash their damn hands, avoid disenfranchised Nigerians, stop opening random email attachments, and stop bloody installing apps that require access to your sensitive data.

    --
    Two of my imaginary friends reproduced once ... with negative results.
    1. Re:Then I guess I don't care by Anonymous Coward · · Score: 2, Interesting

      The install-type permissions model for Android has some serious flaws and even though I don't like Apple's strict requirements for getting into the app store, I think the iOS security sandbox is much better.

      For example, I occasionally use Skype on my iPhone for video calls with my folks, but I don't want Skype(MS) to have access to all of my contacts either. On Android, I have no choice but to hand it over because the app requested access to my contacts in its permissions list. On the iPhone, the only way an app can get to my contacts is through an API at runtime, where I can just say "no" once and go on using the application. Same goes for location data, SMS, pictures, music, calendar, etc. I actually have finer grained control of my private data on the iPhone than on Android.

    2. Re:Then I guess I don't care by OhANameWhatName · · Score: 1

      Everyone is so quick to rush to the soapbox and preach how wonderful their platform of choice is and how awful the others are

      Not true. Load of folks on this thread are preaching about how stupid users are. I don't care if my computer is part of a botnet, as long as the thing is still working .. it's not my problem. Want my computer / telephone / answering system / car ECU not to be infected by the random waste of the internet? Make a computer which doesn't get infected by the random waste of the internet.

      You can put in all the effort you want to educate me about your problems, they're still your problems.

  10. No big deal by Charliemopps · · Score: 1

    Since most of my texts are intended for criminals anyway, this doesn't seem to be that big of a deal to me.

  11. my text you can have it by Anonymous Coward · · Score: 0

    penis penis penis ..repeat

  12. Let me PARSE that for you by SuperKendall · · Score: 5, Interesting

    16.9 million results.

    But what can any iPhone trojan actually do? It's limited to sending contacts (and that only IF the user allows it at the time it tries to access the contacts, not on install). It can send the users location IF the user agrees to have the location accessed, at the time the app tries to access location (not on install). It can send your photos to them IF the user agrees to allow access to get to the photos... you get the picture.

    What CAN'T it do? It can't access or send SMS messages. It can't access or send email messages (at least not without the user hitting send on the email). It can't make a phone call without the user saying "why yes I would love to dial that number now which is clearly displayed to me in full".

    The issue is that because Android makes you agree to what it can do up front, most non-technical users will simply agree to anything, and then the app can really DO anything it likes to the user. There are safegaurds technical users can install; but they are exactly the people who do not need protection or help!

    Android is a platform built for the pleasure of the technical elite, with a promise to non-technical users of being their gateway into the new world of mobile computing. But that is a lie; it's simply a PC you can put in your pocket that brings along for the ride every ill ever conceived of on a PC and more besides.

    Android could go a long way by simply grantng permissions for things at the time the app wants them as iOS does; but even then the fundamental problem is that there are so many permissions that extend so deep into the system that it allows apps to do things like intercept SMS. You can't take those away now without technical users crying foul, but the cost to non-technical users is monstrous.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:Let me PARSE that for you by Smauler · · Score: 1

      Android is a platform built for the pleasure of the technical elite, with a promise to non-technical users of being their gateway into the new world of mobile computing. But that is a lie; it's simply a PC you can put in your pocket that brings along for the ride every ill ever conceived of on a PC and more besides.

      This is modded interesting, here?

      Android is in what way a platform for the technical elite? It is outselling Apple's offerings 4:1. It is easy for people to install what they like on it... that's the attraction, not a disadvantage.

      Android has both a large user base of generally satisfied customers and more freedom for those customers. Apple has a tiny market share by comparison, and locks customers into its own software. Claiming that android is for the technical elite is like claiming donuts are for the culinary elite.

    2. Re:Let me PARSE that for you by SuperKendall · · Score: 1, Insightful

      It is outselling Apple's offerings 4:1

      Yes, because it's installed on every cheap phone around - that are mostly being used as phones. I have an Android phone myself because it was an easy thing to pick up when I lived in Europe for a short while, but it was so slow and dysfunctional all I could really use it for was tethering data to my iPhone...

      I mean it's pretty telling that even when you are supposedly outselling another platform by a factor of four, the platform being outsold manages to outUSE you in turn by a factor of four (or more)! Look at any mobile browser stats or money being made by app store developers; in any metric where phones are being used as smartphones the iPhone is still vastly ahead.

      It is easy for people to install what they like on it... that's the attraction,

      It's easier on the iPhone because there is more software people want. The real attraction of Android is being cheap, for someone that needs a dirt cheap phone and you don't even know what a smartphone really is about there it is. That is the reality of sales today, is a huge number of devices that you cannot seriously consider "Android" devices the way Slashdot users think of them. And the percentage of NEW devices shipping with 2.2 grimly illustrates this fact.

      Android has both a large user base of generally satisfied customers and more freedom for those customers.

      Sorry, but iOS users are more free, because they are free from worry about things like these viruses and trojans and negative effects from them. They have more freedom in choice of well built software. They have more freedom to sell old devices because an old iPhone is actually worth something. By any metric a non-technical user cares about, iPhone users have more freedom.

      Apple has a tiny market share by comparison

      And yet again, this thing with a tiny market share is totally blowing the socks of Android in terms of being used as a mobile computing device. If you really opened your eyes here that would tell you something needs fixing. But you'd rather not see that, would you?

      It doesn't help to outsell something if you lose your purpose in life.

      --
      "There is more worth loving than we have strength to love." - Brian Jay Stanley
    3. Re:Let me PARSE that for you by Keen+Anthony · · Score: 1

      I think this is where Android's diversity gets it into a few different categories. At the high-end market, Android is for the technical elite. I can run a python interpreter and do some programming and run some custom apps that take advantage of the more arguably powerful hardware and hardware feature set that high Android phones offer vs iPhone and low end Androids. At the mid to low end market, Android is for consumers who just want to consume media and easily download apps. The statement that Android out-selling iPhone by a large margin requires at least an asterisk. There is only one iPhone, and there are many many Androids with many performance-minded Android owners often buying new Androids multiple times in a year.

      I agree that Android isn't *for* the technical elite. It clearly wears many hats, but I also believe it's a likely a smaller subset of Android customers that actually has any more freedom with their Android than I have on my iPhone. In my social circle for example, no one I know runs custom firmware or do anything that really takes full advantage of their Androids. All that power, and they're mostly just playing Angry Birds and doing Facebook. I have python on my iPhone. I've used my iPhone as practice guitar amp and a synth for composing music (work) when I didn't have access to my regular gear. I'm admittedly more on the techie side of iPhone users.

    4. Re:Let me PARSE that for you by Anonymous Coward · · Score: 0

      If you bought an original i device right now, I'll bet you that your user experience will also be garbage, and it's purpose (if allowed) will only be to tether to another device.

      Users are NOT free of worry; they only think they are (just like their desktops). Have you see Charlie Miller's stock ticker application (and note: the app was banned ONLY BECAUSE he specifically told the world about it)? It was a command and control trojan that could do whatever the hell he wanted. Do you remember the flashlight tethering app (also because it leaked and the world found out about it)? Both of them are malware (according to the store guidelines, as they're doing something that they specifically banned).

      Perhaps if you wanted a better Android experience, you'd avoid the $50-100 disposable phones. I'm not sure where you're getting this copious amounts of new 2.2 devices. On the flip side, a lot of people are getting i-devices because they're ignorant and have no idea what a smart phone really is either (a lot of people just get it because they see someone else do so, or they're forced by their parent company because the higher-ups are fanboys.)

      Regarding usage stats: uh, so you like wasting money on a platform that charges 30% extra just for being on there? (see Drop box subscription costs on web and in app). The funniest stat I've ever read say that i users are using the mobile websites... when it has the most app-replacement versions. Why are people on i devices using the web when there's a (possible) better application? Moreover, why should I "use" it a lot when I have other things to do in life? I'll check my email, play a game, do some stuff... and then go watch a movie on TV or hang out with friends. Why do I NEED to use it a lot?

      There's little on Android that needs fixing, at least to the end user. Malware rarely (if at all) affects any of the billions of users, and if it did make it on -- it gets remotely pulled almost immediately. Most Android users are choosing the Galaxy S4 / the higher end and have no more or no less issues.

    5. Re:Let me PARSE that for you by Namarrgon · · Score: 1

      In terms of internal OS security, both iOS and Android are quite secure. Very few exploits exist for recent versions of each, though older & less-secure Androids are of course more common. In terms of the application stores, both are quite safe, with very low incidences of malware. Apple's store policies are arguably more stringent (though certainly not perfect), but users on either platform are highly unlikely to run into malicious apps, at least if they stick with the default settings.

      It is of course true that Android offers more rope for stupid and/or ignorant users to hang themselves with. That's the design decision that was made. Your point about up-front vs on-the-fly permissions is certainly true, though I would add that for every on-the-fly permission request that iOS makes, there are more numerous implied permissions granted to the app that the user is never made aware of. App installs on Android do at least offer you reliable information about what your app is capable of at install time, whereas most iOS users must trust Apple's (often inconsistent) app-checking to shield them from potential abuses. Still, given that genuinely malicious apps are so uncommon in either store, it is very unlikely to come up for any normal user.

      However - users that allow & then install untrusted apps on Android, or users that jail-break on iOS, can get themselves into trouble a lot more easily. My point was that you can make a platform fool-proof, but you can't make it damn-fool-proof. User stupidity can conquer all. And in fact, given that running non-Apple-approved apps requires a full rooted jailbreak and thus the loss of nearly all platform security, Android users who wish merely to run apps from outside the Play Store (e.g. to access the Amazon Appstore) arguably have a security advantage - they don't need to root anything to do this.

      --
      Why would anyone engrave "Elbereth"?
    6. Re:Let me PARSE that for you by Namarrgon · · Score: 1

      iOS users are more free, because they are free from worry

      You do have some strange definitions, don't you? So long as you define "freedom" to be "anything a non-technical user cares about" which is presumably and far more narrowly defined as "anything an iPhone user is allowed to do", then "worry" about that oh-so-scary malware threat that's rampaging outside the Apple walls (but never ever inside) suddenly becomes the only issue anyone could possibly care about.

      You love to characterise all Android phones as cheap and worthless, while not only ignoring the wide range of flagship phones (Galaxy/Note, One, Optimus Pro, Nexus etc) which together easily match combined iPhone sales, but also ignoring all the freedoms and benefits now available to the many people world-wide (particularly developing countries) who can now afford a genuine smartphone with a full range of capabilities for a fraction of what Apple would charge. What a narrow viewpoint you seem to have.

      I haven't yet decided whether your constant need to denigrate and spread misinformation about platforms other than the ones you personally are invested in is simply an ordinary character flaw or an actual job. I live in hope you'll one day adopt a more mature viewpoint, or at least find a more fulfilling job.

      --
      Why would anyone engrave "Elbereth"?
  13. Why did you even ask? by SuperKendall · · Score: 1

    But standing at a bus stop and spotting someone sharply-dressed, I could ask to use their phone

    You just had to get close enough to have it automatically installed over NFC. No need to have your face ever seen.

    Or just install it under a bench at the bus station and have it email you the targets acquired remotely along with images and recordings of whatever conversations they might have had there.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:Why did you even ask? by Microlith · · Score: 1

      I see we're going to get all secret agent style here. Except that people spreading malware are low-impact criminals, so I don't see this happening either.

    2. Re:Why did you even ask? by BrokenHalo · · Score: 1

      You just had to get close enough to have it automatically installed over NFC. No need to have your face ever seen.

      And does anyone actually trust NFC enough to leave it enabled? Not me, anyway. Same applies to bluetooth.

    3. Re:Why did you even ask? by SuperKendall · · Score: 2

      Lots of people leave Bluetooth enabled because they use it pretty often - car audio, headsets /speakerphones.

      NFC I would think you'd leave enabled if you really used it for payments, otherwise it would be almost as slow as a normal credit card.

      --
      "There is more worth loving than we have strength to love." - Brian Jay Stanley
    4. Re:Why did you even ask? by Anonymous Coward · · Score: 0

      God you're a fucking tool. This is such blatant FUD that even an Apphole like yourself should be embarrassed for sugesting it.

  14. Exactly! by SuperKendall · · Score: 2, Interesting

    What people miss is that iOS is MORE customizable for users by default in the ways that matter most. As you say, Skype having my contact list? Hell no!

    Or Google Maps app having my location or contacts or anything whatsoever? Don't think so! All I have to do is say no, but I'm still using the app.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:Exactly! by scot4875 · · Score: 1

      in the ways that matter most.

      To you, perhaps. What was it you were saying about batteries? Most users don't want to change them? Well most users don't give a shit about Skype seeing their contacts, either. They just want it to work. In fact, Skype having automatic access to their contacts is a beneficial feature to the non-paranoid, because it's very convenient.

      Also, I wonder how long you'll keep this double-think talking point. "Slavery is freedom!"

      And EVERY JAILBREAKABLE iPHONE is vulnerable to malware that can completely bypass any of these restrictions that you're hiding behind, yet you conveniently forget that. In fact, some iPhone jailbreaks are so trivial that simply visiting a webpage puts your device at the mercy of the page's owner.

      --Jeremy

      --
      Jesus was a liberal
    2. Re:Exactly! by Anonymous Coward · · Score: 0

      A gimped app. Who are you going to call without any contacts? LOL

    3. Re:Exactly! by Anonymous Coward · · Score: 0

      Are you retarded? I can manually enter/copy-paste a phone number or email address without having to give up my entire contact list.

    4. Re:Exactly! by Anonymous Coward · · Score: 0

      Yes, most users care about wanting skype to work a hell of a lot more than they care about a OMG FREEDOM != SLAVERY dipshits like you. At least I have a choice on the iPhone, rather than the give-everything-to-google attitude that you're defending AS A GOOD THING! Do you realize how retarded you sound attacking iOS over an issue where you have less of a choice about on Android?

      And I don't believe there has been a safari jailbreak exploit in years... I would even assume that Android has suffered from similar flaws more recently than iOS. Especially since iOS updates itself over the air, and almost no Android phones do.

  15. Like many of the Linux Virii by Anonymous Coward · · Score: 0

    There are many Linux virii like this. You must install the virus yourself, allow execution privileiges, then start it yourself. You could even write your own (this one would wipe out your entire hard disk):
    vi myvirus
    #!/bin/bash
    rm -rf /
    wq!
    then you would have to change the file to give it execute permissions (and while you're at it, change its ownership to root):
      chmod a+x myvirus
    chown root.root myvirus ...then run it: ./myvirus ... Have fun!

    1. Re:Like many of the Linux Virii by Anonymous Coward · · Score: 0

      chowning it to root isn't going to do anything. You need to run it as root.

    2. Re:Like many of the Linux Virii by Bert64 · · Score: 1

      You have to be root in order to chown it...
      Ofcourse you could always chown it to root and make it setuid, then other users could run it too.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    3. Re:Like many of the Linux Virii by KGIII · · Score: 1

      I'm half tempted to come back to this thread in three days and type, "Damn you!" It is, of course, too late for that now.

      --
      "So long and thanks for all the fish."
  16. Good. Maybe now... by Nyder · · Score: 1

    Maybe now they will stop thinking of Cell Phones as a "trusted" device. It's not really. Very easy to lose, very easy to steal, and it's supposed to be a trusted source for two factor authorization?

    --
    Be seeing you...
  17. Not clear - "forward to criminals" by dragisha · · Score: 1

    I would like to know why Google keeps this forward-to-criminals API in their SDK?? I hope they are responsible enough to pull this API and keep only forward-to-police one.

    I don't feel well when my device can communicate with criminals in any way, and I believe Google will address this!

    TIA Google!

    --
    http://opencm3.net, http://www.nongnu.org/gm2/
  18. Re:I guess the available iOS security suites by symbolset · · Score: 1

    Snakeoil salesmen aren't really proof of a need for their product.

    --
    Help stamp out iliturcy.
  19. Non-issue by Anonymous Coward · · Score: 0

    And the criminals quickly shut it down after receiving tons of texts saying "Hey U up?" followed by a phallic image

  20. I have my service provider block 5 digit codes. by cercie · · Score: 1

    I have my mobile service provider block 5 digit codes. Security for android needs to be beefed up.

  21. How to know whether or not it's malware? by tepples · · Score: 1

    So how do you act, given that you don't know whether or not it's malware? You don't install it, because you think it might be malware. [...] There's no difficulty. It's that simple, to keep free of malware. It has nothing to do with whether or not you're a pro or how technically advanced you are.

    But you do need to be "technically advanced" to "know whether or not it's malware". Otherwise, you end up installing nothing, and your device becomes equivalent to a first-generation iPhone running iOS 1, which runs only the included applications and web applications.

  22. The "phone" in smartphone by tepples · · Score: 1
    Anonymous Coward wrote:

    Why isn't it a function of the os to know what app is shoddy and what is not?

    Because the user expects the device to make sure that the "smart" capability doesn't get in the way of the "phone" capability, especially for urgent calls.

  23. Which can mean choosing no app at all by tepples · · Score: 1

    You just have to choose background apps which are well written.

    On Android, it's possible for the only applications that perform a given task to be applications that are not well written. For example, they might all use polling instead of pushing. On one of the more curated platforms, a user doesn't have to worry about several major categories of poorly-written applications because developers can't get the application onto a user's device unless it avoids the known poor practices.