Slashdot Mirror
Report: 99 Percent of New Mobile Threats Target Android
MojoKid writes: "Google's open source Android platform has the distinction of being the most popular mobile operating system in the world. That's great in terms of dominating the market and reaping the rewards that come with it, but it's also for that very reason that Android finds itself the target of virtually every new mobile malware threat that emerges. According to data published in F-Secure's latest Mobile Threat Report (PDF), over 99 percent of the new mobile threats it discovered in the first quarter of 2014 targeted Android users. To be fair, we're not taking about hundreds of thousands, tens of thousands, or thousands of malware threats — F-Secure detected 277 new threat families, of which 275 honed in on Android."
fwiw, the NSA has owned all platforms, so it's not like iOS is invincible. For a long tim i've maintained that it's not correct to refer to things as "secure." more precisely, you have to specify secure from what? iOS may by secure from credit card hackers but insecure to government spy agencies. meanwhile, Android is as secure as an umbrella made of lace blocks the rain.
Malware writers always target the "Big Dog" for market dominance. 10 years ago, 99% was written for Windows for the same reason.
When Apple gets the market share that Android has, you'll see that Apple gets as many attacks as Android does.
Android is the only platform on which it is flexible enough to allow for any sort of mobile malware.
This speaks to restrictions of other application types have too.
But even with this taken into consideration, the amount of Android devices infected with mobile malware? Still next to none.
Article is essentially just flamebait.
It isn't incredibly hard to make an OS that:
During a special system boot: You can only install drivers and bootable items.
During a security boot: You can only install software to its own directory, and it can't interact with other software or system files.
There, you can't get a virus. Its up to the OS designer to decide how to share things securely. There are lots of options which can be secure to do that, and isn't worth talking about securing the very system.
It is beyond me why we have modern OSes which aren't 100% virus secure during a security boot... Especially when we're talking about Aps, something people assume should be running in a sandbox mode.
God spoke to me
It turns the red 'X' into a green check mark.
It isn't incredibly hard to make an OS that...
If it was easy, we wouldn't have so many viruses.
Deal with reality - the world as it is - rather than ideality - the world as you would like it to be.
Get real. Android is a little over 50% and Apple (iOS) is a little under 50%.
Windows occupies a large percentage of the market, thus most malware target that platform. According to the summary, Android occupies a large percentage of the market. Couple that with carriers that do not push any firmware updates known to close security gaps, is anyone the least surprised that mobile malware targets this platform over all the others? I'm not.
a lot of open source code, fragmented platform, vendor (carrier and/or handset manufacturer) updates slow or non-existent, google fails at policing its 'app store' allowing malware in quite easily, inexperienced 'developers' with dreams of big money release shitty code...... a perfect storm for malware to thrive in, and users are mostly unaware (captcha text)
Although everyone seems to rejoice at Blackberry's troubles their new Z/Q phones are not only the most secure on the market they are also a pleasure to use. I've had an android and used iPhone's before and they do not compare. The ease of multi-tasking, the Hub, and the generally reliable performance are a pleasure. With the latest BB OS they also run Android apps with ease. It's not 100% compatibility but I've gotten Google Navigate and others installed with one click.
There, you can't get a virus
Unless it finds a way to disguise itself as a driver or bootable item and interact with other files (which is what malware does).
Or a font.
Everyone always forgets that virus can travel in fonts too.
Android doesn't. Yes, there have been a few.
But the malware being talked about has to be installed by the user. And they are Trojan applications.
Security flaws weren't what made Windows the prime target for attacks. It was market share. So it makes sense that Android is being targeted, it has the market share (phones and tablets).
Therefore, this should come as no surprise.
All software has security flaws (bypassing software you have hardware vectors as well).
Most any app could be malicious based upon the OS features it requests access to.
Apples iOS ecosystem seems pretty secure, a big part of that is app review/rejection.
BlameBillCosby.com
what about regular boots that aren't special system boots or security boots. and what about privelage escalation where a virus gets access to do a special system boot?
It ain't inherent security so much as it is inherent refusal to patch on the part of manufacturers and carriers.
It would be like putting up a Redhat 9.1 box with all default settings, giving it a public IP addy, and plugging it in directly to the Internet - sure it was very secure for its time, but unpatched and obsolete, it'll become just another victim.
Until manufacturers and carriers realize this (and stop thinking strictly like a damned CE company), this will continue to be the state of things.
Quo usque tandem abutere, Nimbus, patientia nostra?
Android does not have a curated market, so it's relatively easy to get Malware out, and then when it gets detected there's no one guy who can say "everyone with this bugged app and auto-update on is safe." Now if iOS was still the dominant OS that wouldn't matter. All Malware authors would be spending all their time trying to crack that shit because there was nothing else worth cracking. It's somewhat analogous to that brief period when OS X had enough market share that people started caring about it, but also had worlds better security then those versions of Windows because it was a BSD flavor and Windows meant XP. Cracking BSD would have been fucking hard, and with all those pretty Windows boxes to infect why bother?
Since then MS has improved, so that Macs are only slightly more secure then Windows boxes, and OS X market share has improved. Now Macusers actually have to pay attention to security (FYI fellow Macusers: do NOT install MacKeeper. It is a scam. A scam that I see at least twice a month, which means some asshole keeps downloading the damn thing).
I have no idea whether iOS Malware with ever catch up with Android. It will probably depend on a bunch of factors: can Apple keep the AppStore monopoly, and stay successful at suppressing malware in said store? Does some clever googler figure out a magical way to make the freest phone OS much harder to abuse? Does Droid's market share remain so huge that bothering with non-Droid malware is a dumb business move?
Even if it's not a virus it can be malware anyway.
Comic Sans, anyone?
Get free satoshi (Bitcoin) and Dogecoins
It's nice to be the popular girl at the dance for a change . . . I think.
Of note:
1- F-Secure have no "security suite" for iOS- because that's not possible, Apple disallows it-. Guess what, they find threats where they have product to sell
2- Listing a grand total of Android viruses is very biased, most people are neither rooted nor using stores outside of Google Play. That takes aways almost all the viruses..
In the end, alarmist bullcrap with no basis in reality.
The Cloud - because you don't care if your apps and data are up in the air.
That's great in terms of dominating the market and reaping the rewards that come with it,
Hmm, I guess you've not seen the $ that Androids competitors bring in directly and for their developers.
All boots are security boots unless the user is changing start up programers or changing viruses. In System boot, the user knows that is his only place he can get a virus.
God spoke to me
of course it's riddled with malware and other bullshit
Its much easier to not even try at all. Remember Windows was written before the Internet was easily accessible by the public. Why do an expensive rewrite of an OS, when you can just sell your customers computers a sneeze away from getting a virus. Hey maybe even some of them are dumb enough to buy new computers and windows products when their last one gets slow.
God spoke to me
The more used ANY OS is on any given platform, the more it will be attacked. Why? Simple. Human nature. The bogus side of it. Criminals, are criminals. No matter the place, & they always act the same, using the same general modus operandi.
Take pickpockets for instance (a favorite example of mine to equate by analogy). Same as the online scammer/malware in general maker: Neither operates on "crowds of 1" really. They seek crowded spots like busy city streets, malls, tran & bus stations + other heavily packed throughfares to operate, since greater numbers generally means better "take" of loot (more potential victims). The best return on invest of their time is the crowded spots.
In this case, it's Android on smartphones, like Windows is on PC's & Servers combined. This all makes you realize the YEARS OF CRAP spewed by many here on /. of "Linux = Secure, Windows != Secure" is completely blowing up in their faces - why? Again - once Linux (yes, ANDROID IS A LINUX) got a "top spot" on a computing platform, all that "fud" crap went to where it belongs - the shiiter.
Those who spouted it initially? NOW, they have to "eat their words"... no doubt about it.
APK
P.S.=> It's the inevitable truth coming to, as per it's usual, STOMP on years of bullshit lies spewed around here... apk
Microsoft has been caught executing code in fonts before, so what you intended to be a joke isn't one. Where I work, we think this issue: https://technet.microsoft.com/... is what shutdown our Windows servers last fall the day after we installed a font we used when generating PDF files. Fortunately, the virus writers were incompetent and crashed Windows, or we probably would have never found the exploit. All of the servers handled credit card transactions and one did ACH transactions so the problem could have put my employer out of business.
Then again, I consider myself part of the "white noise". I don't surf for kiddie-porn, don't download (excessively large) amounts of copyrighted video and audio content, and I already know how to manufacture explosives (thus not needing an updated version of The Anarchist's Cookbook). I'm actually a law-abiding US citizen - but I'm perfectly happy to function as white noise for those who believe (quite correctly) that governments everywhere should be kept on their toes - and allowed or even hastened to fall if they fail in this requirement.
I find browsing even 'legit' websites on my Android phone brings up malicious pop up ads warning my phone has a virus, and need to download. Clicking on the link would start a download for the malicious app to try and side-load it onto the phone. A recent site which tried to this was slickdeals.net, but there have been more than a few others.
During a special system boot: You can only install drivers and bootable items.
During a security boot: You can only install software to its own directory, and it can't interact with other software or system files.
There, you can't get a virus.
Sure, now just don't have any errors in any of your user space code, or don't allow multiple programs to share code (all static links) -- Every program will need its own image decoding software, no two programs will interact, so the camera app won't be able to pass off an image to the QR code app which passes the data to your browser or price checking, or etc. apps, etc. So long as you keep the bits of each program in 100% (virtualized) isolation from each other, and NEVER allow outside data in to exploit them then you'll be ALMOST protected against getting viruses.
One the problems I ran into when porting my OS to ARM is that ARM only gives you a single bit of execution permission level. That means monolithic kernel only, which is just stupid. Only having user-space or kernel space means no driver-space between kernel or users, and no agent-space for plugins below user space. x86 gives me 2 bits (4 execution permission ring levels), in addition to hypervisory mode, which is essentially another bit of execution ring level. So, you have either trusted or untrusted code running in the OS, but that's daft. With at least one more layer between root and code you download and run in your browser, you could actually have hardware supported sandboxing.
Fast, Cheap, Convenient, or Secure. Pick Only Two.
The monolithic kernel design isn't designed for security, it's just the quickest and dirtiest design (read: dumbest). Compare this with 16bit DOSes unified memory space where any program can fuck with any other part of memory... Any kernel module can screw with any other part of the kernel, same problem different level. Since everyone's using the dumb monolithic kernel design the (ARM, PowerPC, MIPS, etc) hardware vendors do not give us the required additional security features in hardware (see: ARM's User Mode, Supervisor Mode [, and interrupt modes, but that's not where the bulk of your OS code is]). Restricted memory access does a lot to isolate processes, but the fact is that the way we are using software and OSs is not in line with the current hardware capabilities (which are lacking in some areas, and under utilized in others, e.g., hypervisor).
Contrary to popular belief software and hardware are inexorably linked. Features in hardware (or lack thereof) can enable, promote, prevent, or suppress certain types of program constructs, primarily those to do with security. I do not JIT compile JS into machine code and execute it in user space, that would be daft, but there you are.
Is the claim that 99% of mobile malware that targets the OS itself directed at Android, or are they also counting exploits against the pandemic of terrible apps brought on by the absence of any significant obstacle to publishing crap on the Play Store?
I'm sorry, but are you joking, or are you just stupid?
with moderator points!
The Microsoft TTF backdoor was pretty hard to cleanup. Our FAX server got it. The .NET library we were using that converted .doc files to .tiff files was the problem. It deleted ~/AppData/Local/Temp to try to cover its tracks which broke several other things.
I install things willy nilly all the time on 5 different phones. Dozens and dozens of apps get installed and de installed regularly. I have used 10 top rated different AV scanners at various times and NONE of them have ever picked up anything.
Apple is doomed.
In other news, you're an idiot.
What this article fails to point out is that virtually nobody actually gets infected by mobile malware. Multiple studies confirm this:
http://www.cc.gatech.edu/~traynor/papers/lever-ndss13.pdf
http://asokan.org/asokan/research/MobileMalware.pdf
Real science, based on measurement studies, shows that this is simply not relevant.
The issue is further confused by the mobile ecosystem itself. In a lot of cases, whether an app is "trojan malware" or "legitimately ad-supported product" has become a question of destination rather than behavior: the former will send your phone number, email addresses and/or contact list to some strange server in the far east, the latter will send them to AdMob et al... both major platforms have the same philosophy, it's not an Android/iOS fanboy issue.
any other system is just as insecure,
Even though Android has overtaken Windows in marketshare and installed base, there are several orders of magnitude more Windows malware variations and actual infections in the wild than Android malware.
That means Windows is demonstrably less secure than Android.
Seriously, the moderation here simply does not work.
By that argument all computing devices should be locked down and not allowed to be general purpose.
So what you are saying is that NO platforms should exist that are locked down, so that non-technical users can be fucked every day all so that you can more easily install animated wallpaper.
Why is not NOT OK to have a real choice, where people can choose a more open Android or a platform that ships with defaults that are vastly better for 98% of people that will own mobile devices?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I use Windows Phone and get 0% malware. The 1% goes to IOS.
Windows is indeed getting better. ;)
Live your life each day as if it was your last.
This was not news when /. reported on it over a month ago. Is Apple paying the bills around here these days?
On the basis of publicly available financial reports the only Android maker who is making a profit on Android phones is Samsung. The rest have revenue streams that do not produce a profit.
Microsoft's position is anomalous as they appear to be making more profit on their Android IP licenses than they are losing on their Nokia Android phones.
Recent commentary on Redmond's situation seems to suggest that the only way to have mobile devices make a positive contribution to the bottom line is to stop selling them.
On the subject of malware, Google trying to emulate a "free" Linux environment has led to a situation where they have attracted the Linux hackers but have alienated them with the need for profit (a dirty word in the Linux world). This had led to the birth of so many Android markets of dubious quality and a hotbed of malware due to the absence of Google's control.
Even Apple's been caught napping a couple of times so what's it going to be like when Microsoft gains traction? A culture of shoot-the-messenger and slow response is not going to work in mobile.
For every 1 iPhone, there are 6 android phones. That is all the further you need to read into what this article is seeming to imply.
Its up to the OS designer to decide how to share things securely. There are lots of options which can be secure to do that
Could you explain how that's done? Because as far as I can tell, Android already runs in "security boot" mode where each publisher's apps run in a separate user account and can share data only through the Intent mechanism.
Is there an application for iOS comparable to WiFi-Where for Android? I haven't been able to find one since all the Wi-Fi utilities were pulled from the App Store when Apple decided to keep its network configuration API private.
So of course you need to have a PC of some sort
The only PC you need for AIDE is an Android tablet; pair your keyboard and start coding. There's no way Apple will port a subset of Xcode to iPad in the foreseeable future.
Application developers care about installed base, and the biggest part of the rate of change in installed base is "Share of units".
99% of malware targeted Android. Neat, but it doesn't really mean anything.
What percentage of mobile malware infections did Android account for? What is the infection rate for those devices? How serious have most breaches been? These are all more meaningful security metrics than "number of times targeted". In particular the rate is extremely telling: if there are, say, 100 infections per 100,000 for Android, and 85 per 100,000 for iOS, that is certainly troubling for Android, but hardly damning.
Try not to take me more seriously than I take myself.
This "99%" statistic for Android comes up every now and then, and what makes up for most of it, is the hazy third-party app repositories. If you stay in the selection of Google Play, you will mostly have your ass covered.
So that means about 3 new malware samples came from the official store based on their sample. Also keep in mind that the android situation was sampled by their anti malware app which is installed on the phone while the IOS thread was discovered by an external security analyser and submitted to them so there is a certain skew based on methods/platform spread that should be factored in when looking at the numbers.
And 98% of that is trojans there to steal your data. Watch what permissions you give apps. If you don't know why it wants to access your content, don't install it.
Nice to have some good news. If Apple ever decides to start innovating their products again instead of giving us slight variations on the iPhone over and over, it will make Apple the clear leader.
Wouldn't you be much better off running that on a desktop OS?
If I'm contributing to a collaborative database of hotspots, it's far more convenient to log seen SSIDs and their locations with a 4" device than with a 11-17" device. I can put the former in my pocket and hop on my bike; I'd have to secure the latter to the rear rack somehow.
If you're maintaining someone else's Wi-Fi network, why don't you bring your laptop with you?
Why should it require a laptop? That would mean someone who gets called to help troubleshoot the wireless network of a friend or relative relative in town would have to 1. buy a laptop if he doesn't already own one, and 2. carry it there.
An average Android app makes 5 times less money per download than an iOS app.
I can think of two possibilities for why Android apps are more likely to be $0. One was an expectation of free apps arising from early attempts to reach Android Market (now Google Play Store) users in countries where Google had not yet deployed Checkout (now Wallet). Another is that perhaps fewer small-time Android developers feel the need to recoup the minuscule costs of starting out with Android development, compared to iOS which costs $650 (if your primary computer happens to be something other than a Mac) plus $99 per year. True, this cost is a rounding error to a full-time developer at an established company, but it isn't to a hobbyist.
Money per download isn't the whole story. As the Forbes article points out: "there is much work to be done to increase monetization of free apps. And that may be the next growth opportunity for any developer as it presents an opportunity that is substantially larger than the existing one." While trying to project their brands in countries whose Android Market had no payment method, Android application developers learned to use other revenue sources such as advertising. Are there statistics on paid downloads plus ads for Android compared to paid downloads plus ads for iOS?
Also, using a smartphone as a Wi-Fi diagnostics tool is pretty niche.
It's a niche that Apple has made a business decision not to serve, and it's not the only such niche.
it has all the basic functionalities a smartphone needs
Until your functionality needs end up growing to encompassing one of the forbidden categories.
I don't see the point of programming on a smartphone.
That item is probably more relevant to the iPad than to the iPhone.
A month seems like a reasonable minimum period for a subscription.
If a Blockbuster store (back when it still existed) couldn't offer movies and console games for rental for periods shorter than a month, how could it keep enough stock in front of customers to stay in business?
forceful proselytization
I'm having trouble understanding what you mean by forceful.
In short, none of these look like things I'd do on a mobile device.
From the page: "Fans of these iProducts defend Apple's practices, claiming that almost nobody demands the functionality that the Guidelines ban. Even if this is true of each individual item, there are still a lot of people who want one or more items on the list as a whole." Someone might start by choosing iOS, thinking the same way you do, and then his needs grow to include forbidden functionality. That would require buying an Android tablet and a tethering plan to connect the Android tablet to the Internet.
I'm just speaking from the average consumer's point of view.
The problem here is the word "consumer". If a device is capable only of "consumption", or viewing works created by others, it encourages people to remain "consumers" as opposed to hobbyist authors.
Apple requires anyone who wants to run self-signed software on an iPod touch, iPhone, or iPad to pay a recurring fee of $99 per year for the iOS Developer Program.