A few blog and newspaper are reporting the discovery disclosed by 2 Apple hacker at blackhat conference. (if they are not apple fanboy then they sure look like they are)
http://mobile.venturebeat.com/2010/...-steals-your-data-was-downloaded-by-millions/
As much as I do care about data security and think that some people may not be careful enough about what they carry on their phone, I dislike reading such story without much proof, I truly hope Google will put an end to this by posting something about it.
The funny part is that the application made by their company (lookout) is asking for MUCH MORE right than the wallpaper they are pinpointing, I am also wondering about their genome project and I am wondering if they used that "virus scanner" to gather application info from the people who used it (that being said without any proof, just my gut feeling exactly like their theory on those wallpaper)
On a more positive side I hope this will raise some people awareness about what they install on their phone even rom's could one day get compromised but I do not think we are there yet...
So the whole point of this post is to ask all the blogger around to get back to those 2 security researcher and ask them to provide proof (source code) of the malware they found so that we can put an end to this story either way...
The more people will switch from the Apple to Android, the more hate and dirt there will be about Android.
It's just getting started.
Personally, it's fun to watch, they gonna lose anyway.
DarkDvr said:
The more people will switch from the Apple to Android, the more hate and dirt there will be about Android.
It's just getting started.
Personally, it's fun to watch, they gonna lose anyway.
Click to expand...
Click to collapse
I do respect apple for bringing some great innovation but I am concerned about the lack of quality coverage I see in some blog and online news paper, I mean nobody seem to have asked proof or a second opinion on quite a few recent post (like the 80% of android user would not buy another one story...)
As for the winner or looser, as long as user win I am fine with this war...
I saw this and it seems like propaganda....they took all the time to write the article but neglected to mention the application name.
britoso said:
I saw this and it seems like propaganda....they took all the time to write the article but neglected to mention the application name.
Click to expand...
Click to collapse
They did publish the name of the app, In fact a LOT of different one since this is simply a program that download wallpaper from various theme. the guy have flooded the market with all of the different theme he offer.
http://www.androidcentral.com/rogue-android app-stealing-data-according-security-firm#comments
If you look at the update they wrote to change a bit the story of what the application does, the developer seem to be a bit lost about this.
Either way if this app is really a malware then they should have contacted google, and they should have published the EXACT description of what they do, instead they talk about their market analysis ...
Some fact, about time!
http://blog.mylookout.com/2010/07/mobile-application-analysis-blackhat/#more-1380
Here's the developer answer so android central http://www.scribd.com/mobile/documents/35072457
Now let's see if Google has something to say about this WallPaperGate... in the mean time it look like they SUSPENDED all the developer app
Personally I have no problem with those wallpaper app, I do not use lookout tho since I believe it's asking for too much right and I am not convinced it does something at all
How about "flickey wallpaper" ? I use that one, and it rhymes with the listed application.
adambenjamin said:
How about "flickey wallpaper" ? I use that one, and it rhymes with the listed application.
Click to expand...
Click to collapse
Hey thanks for pointing this program (flikie) it's great!
The right requested by flikie are quite normal so I installed it, I do not use picture as wallpaper usually but I do like to watch them!
Back to the topics, I think the developpers in general should review their apps and make sure they do not ask for undue right!
Application to protect yourself
I personally use aSpotCat to screen what the application are using as right on my nexus one, it is free and allow you to revise the right of installed app
If you know of other app that can prevent malware from spreading please post them
thats how it is in an open system. some people will exploit it.
thats a trade off of the android market.... we will get spyware eventually.
I agree with antikryst... this happens on any platform. Don't look like iPhans and deny the truth and deflect the blame. These guys may or may not have an agenda, but they didn't "seem" to make this stuff up.
I call partly BS
The wallpaper apps in question cannot access your contact's phone numbers, SMS messages or personal information.
Check out the manifest permissions on the apps in question. It is the last item that is the problem.
!Storage
modify Delete
!Your location
coarse (network-based) location
!Network communication
full Internet access
!Phone calls
read phone state and identity
The permission only allows the app to read the IMEI number of your phone (your hardware's unique identifying number), your phone number, and your currently programmed voice-mail number. If you hard coded your voice-mail password as part of your voice-mail number, then they have that too.
They shouldn't be stealing this info, and Google should separate "read phone state" from "read identity", but the stories on this app stating that your SMS's and contacts being stolen and sent to China just plain wrong.
johnp263 said:
They shouldn't be stealing this info, and Google should separate "read phone state" from "read identity", but the stories on this app stating that your SMS's and contacts being stolen and sent to China just plain wrong.
Click to expand...
Click to collapse
And, unfortunately, that stemmed from the original article written at VentureBeat being incorrect. The presenters never actually said SMS and browser history were compromised. I know that at least Engadget was contacted and informed that the article at VentureBeat was incorrect, and VentureBeat also corrected their article to indicate that SMSs and browser histories were not being compromised. But at the start, it was too late, and from there, it was a game of telephone.
Here is a blog post by one of the presenters to clarify everything.
http://blog.mylookout.com/2010/07/mobile-application-analysis-blackhat/
amnigo said:
And, unfortunately, that stemmed from the original article written at VentureBeat being incorrect. The presenters never actually said SMS and browser history were compromised. I know that at least Engadget was contacted and informed that the article at VentureBeat was incorrect, and VentureBeat also corrected their article to indicate that SMSs and browser histories were not being compromised. But at the start, it was too late, and from there, it was a game of telephone.
Here is a blog post by one of the presenters to clarify everything.
http://blog.mylookout.com/2010/07/mobile-application-analysis-blackhat/
Click to expand...
Click to collapse
What a douche bag. The initial commentary about the apps was essentially "It's stealing you babies and your babie's babie's babies".
But I guess actually telling what the app actually does is a little less exciting than what they did.
Related
Hello!
I´m interrested in Android as well as in the tm G1.
Now the G1 is announced here in Germany for the second of february.
My problem at the moment is, that I have read and heard, that google is collecting data (everything)! So if you read the "terms and conditions", what do you think about that or don´t you care? I mean they have the rights over everything you load/send/post/get....and more!
How do you handle that fact personally for you?
Greetings!
Carter
That's just the nature of the emphasis on cloud computing. Personally my stance is simply to not conduct any business on my G1 that I would mind Google knowing/datamining. Regardless of what companies claim in their privacy policies, the very best way to 100% guarantee your data will be misused is simply to not willingly give it out.
Edit: also keep in mind that the (potentially) datamining portions of Android generally revolve around those apps and services which are closed-source apps provided by Google that are not a part of the Android Open Source Project. These include for example the Market, GMail, GTalk, and so forth.
ok, I get your point, but what is the G1 without Gmail/Calendar etc.
And thats all google.
Because of the poor response on my question I think that the majority doesn´t care about google´s data collecting hype.
In my eyes their acting is scary....imagine the details they know about you and many many other people....
just my opinion...
Greetz!
They don't collect any personal information. Not only that but they don't have people looking at these records. A computer does all the work, and is only used to find keywords.
Look at this site's search (the one on xda not google) it works by taking every word and putting it in a database and when you search the word it shows the corresponding posts. so post1 has wordA and post2 has wordA and wordB, and when you search for wordB you only get post2. The same concept is in place for google... except it goes one step further. The spider takes out words that are not needed. Well they have been using this for your GMail for sometime as well. It is why they have excellent spam control and it is why google is so awesome. They use the same process to check emails when you click links. Basically they are just trying to find out who uses what sites for what reasons. If they figure out all this they can better help you and the company you were visiting.
Chances are if you are on a site that is doing something illegal Google already knows it exisists.
someone can always watch if they want, on a g1 or PC, or anything connected. Just don't do anything dumb.
i think its obscene and absurd how gung hoe they are with it. If you want access to the playstore gawdam they better have every member of your family and every person you've ever met profiled as well as around the clock location tracking with a serial # and every keystroke on your device. And dont you dare make any attempts to disable any of their spyware or you can kiss YouTube apps and the play store goodbye. Its pathetic what they've done to Android and its users. And the reason it pisses me of the most is because I don't even really use free apps. They're all either paid for or open.
I have come to a point where I can no longer sit back and watch our system be bombarded with spam apps. It hurts android as a system and will be its downfall, open or not.
I sent tips to Gizmodo, Engadget, BGR, and all others that have can reach a large audience.
I for one am sick and tired of all the bull**** I see in the market. Open system or not, its getting out of hand. I can't be the only one fed up with the situation. To all android users please voice your hatred of people abusing the rules. Just because its not illegal does not make it ethical or allowable
These are a few links to help people realize how bad this problem is and how bad it will become.
Who cares if we have 50,000 apps and upwards of 15,000 are complete crap. There are 20 real offenders with about 1,000 apps each. 1,000!! each. Thats ridiculous.
Almost 50% of our applications do nothing. Absolutely nothing. I love my N! and have been an Android user since the G1. I have watched our open system is being abused and ransacked by idiots.
Anyone else fed up with this do something to fix it rather than sit back.
I know this is not so much about the N1 than it is Android in general, but I wanted people to see it and spread the word.
These are some websites to look at
http://www.reddit.com/r/Android/comments/bwemj/pocket_empires_spamming_android_market/
http://www.google.com/support/forum/p/Android+Market/thread?tid=511e1703b32ce3a5&hl=en
http://www.eurodroid.com/2010/02/an...he-day-zeitmann-and-its-deluxe-clock-widgets/
http://www.google.com/support/forum/p/Android+Market/thread?tid=608e9ca3fc7a80fb&hl=en
http://forum.xda-developers.com/archive/index.php/t-635400.html
I'd noticed a lot of reviews mentioning Pocket Empire, all across the Market, earlier today, it's a pain in the arse, and highlights the fact that you really can't read just a few comments left, and assume they'll be accurate.
Yes it is totally our of hand. The Pocket Empire developers have been encouraging their users to go to the market and download any and all Free apps they dont have to pay for. Then to leave feedback score of 5 for the unrelated app with a comment promoting their Pocket Empires and a referral code. So as well as the comments being BS so are the star ratings they are leaving, which do not reflect the underlying application.
Here are some threads discussing it.
Nexusone Stop spamming the Android Market Pocket Empire players
People advertise everywhere for "pocket empires"- can this spam be curtailed somehow?
How about all the people who were getting their knickers in a knot about the sentence "this message was not sent by tapatalk" sink their teeth into this one.
It is of far greater significance and has the potential to undermine the android market. The lack of action by google to date on this issue (ie not banning PE) suggests to me that they want the market to self regulate.
So lets get together and do something about this Pocket Empire mob.
Yeah the stupid spam comments about "join pocket empires and receive 100 credits" is really getting annoying, not to mention the complete random and totally useless apps that have been coming onto the market lately.
You can at least use appbrain as an alternative, because it filters out the vast majority of Spam apps. But it cannot filter all the PE Spam comments.
Well yesterday, the dev of Pocket Empires sent an ingame message out saying the following:
Hey everyone. We are laying down a new "dont spam other games" policy due to the amount of spame that's been being spread around. Starting May 1st any comments past that date will have their referral code banned for a week. Thanks for your assumed cooperation and enjoy!
Click to expand...
Click to collapse
Seems like the dev is trying to put a stop to it at least for now.
Sistum Id said:
Well yesterday, the dev of Pocket Empires sent an ingame message.....
Seems like the dev is trying to put a stop to it at least for now.
Click to expand...
Click to collapse
Yes but they are just going through the motions of saying the right thing. Crying Crocodile Tears. How do you honestly think they are going to police their threat of one week bans?
If they were serious about it, they would
1) be telling their users to go back and undo the damage they have done. Which would involve removing spam comments left for other apps AND setting ratings stars to average.
2) removing the referral code system altogether, so that once they no longer can Spam the market they do not just move to every other forum know to man. Such as some smart arse adding a PE referral in this very thread which will no doubt happen soon enough.
I would really like to see Google pull PE from the market altogether for some time as a penalty. But probably wont happen as they want the market to self regulate.
POCKET EMPIRES = POX it must be eradicated
Quick add me on pocket empire!
My code is [email protected]
I'll pay that one ;-)
KnightMAREcrow said:
These are some websites to look at
http://forum.xda-developers.com/archive/index.php/t-635400.html
Click to expand...
Click to collapse
Yeah, I opened that thread over there. What bothers me the most is how easy it would it be for google to give us the tools to crush spam.
From where I see it, there are two distinct problems right now:
1) the spam apps (those by Michael Quach, Zeittman, etc).
The easy solution: allow the users to filter out specific words and developers. Then, if a given number of users filter out a developer, consider him "uninteresting" and relegate his apps to the bottom.
2) the PE spam in other apps and games.
The easy solution: if a given number of users report a given number of posts as spam (e.g. 50 individual users report 50 individual messages) consider them spam and filter out every message that is 90% similar to them (e.g. they have mostly the same words but the referral code changes).
These would be completely automatic and would require absolutely no human interaction on part of Google. It's so easy it makes me want to go to their offices and slap the person in charge in the neck.
I reckon a simpler solution to the PE SPAM with referral codes is as follows:
Restrict feedback entries to known words. So if a user enters anything that is not a word, such as a referral code, serial number or email, then it would get rejected. There is absolutely no reason for legitimate feedback to contain any word or string of characters that is not in a dictionary.
logger said:
There is absolutely no reason for legitimate feedback to contain any word or string of characters that is not in a dictionary.
Click to expand...
Click to collapse
What about diminutives, etc? Also, What if I want to point to a related app that is better in my opinion? I have done that in the past.
Fair point.
However, for simplicity, blocking non words would go a long way to fixing the referral code issue, while allowing most feedback. It may be better to point out the shortcomings of an application, than to refer readers to an alternative. I know if I was a developer, I would be annoyed if feedback pointed to a competitors product. I trust I got my point across here, using only common words and no diminutives. Common diminutives could be added to the dictionary in any case.
logger said:
However, for simplicity, blocking non words would go a long way to fixing the referral code issue, while allowing most feedback.
Click to expand...
Click to collapse
The operative word here being "most". I get your point, but I think self-regulation would be better on the long run. I don't think the best way to fix an annoying situation is to introduce another annoying situation, even if it's less annoying than the first one; and I sure would be pissed if I was writing a comment and the Market rejected it because one of the words I used was not in the dictionary.
logger said:
It may be better to point out the shortcomings of an application, than to refer readers to an alternative. I know if I was a developer, I would be annoyed if feedback pointed to a competitors product
Click to expand...
Click to collapse
I would be too, but honestly: I don't write comments to please developers, I do it to give other users good advice. Isn't that precisely the point of the comments system?
http://www.appbrain.com/
If you refuse to use it after I've showed you this, or knew about it already and didn't use it, then don't start another thread like this. You have your out.
And please don't use the "we shouldn't have to use a 3rd party app." This is mother####### XDA, we use what we have to in order to get things done quickly and smoothly.
ATnTdude said:
And please don't use the "we shouldn't have to use a 3rd party app." This is mother####### XDA, we use what we have to in order to get things done quickly and smoothly.
Click to expand...
Click to collapse
Yeah, let's leave the rest of Android users on their own. We're mother####### XDA, we don't care about things working right or not if we can make them work for US!
Who cares about the health of the Market? Who cares if it deters people from using Android? We're mother####### XDA!
ATnTdude said:
http://www.appbrain.com/
If you refuse to use it after I've showed you this, or knew about it already and didn't use it, then don't start another thread like this. You have your out.
Click to expand...
Click to collapse
Of course we know about appbrain. Before you go sprouting off, Just read some the feedback comments in http://www.appbrain.com/browse/apps/?apps=free for example Shazam and you will immediately see they are not filtered and that the SPAM comments we have been discussing reside there as well.
Any yes I have asked appbrain if they would consider filtering the SPAM comments from their site. Hopefully they will.
In this instance, I believe the market should regulate itself. There has been enormous growth and with it comes the BS. I'm of the mind to believe this will be addressed.
Legalize it. Don't criticize it.
1) the spam apps (those by Michael Quach, Zeittman, etc).
The easy solution: allow the users to filter out specific words and developers. Then, if a given number of users filter out a developer, consider him "uninteresting" and relegate his apps to the bottom.
Click to expand...
Click to collapse
i agree.. i think the user should be able add any developer to their personal 'blacklist' that will just simply hide them from view in the market.
also, a more in depth search is needed. filter by keywords you want, keywords you dont want, categories, rating, total downloads, active installs, developers country, downloads to time in market ratio, etc, etc... i mean come on how hard is this to implement when your the top search provider in the entire world.
edit: also, this spam crap is hurting the legit devs. without proper filters or search, it is an uphill battle to not fail. i mean, how will the casual user even know your app exists when 50 apps above it and 50 apps below it are all spam.
Read this link. Read it carefully. It's not just about Google being able to run whatever code they like on your devices, it's about Google DOING it, remotely, without any user intervention/confirmation.
What's next ? Let me throw some wild and far fetched guesses...
* Applanet like apps being killed off on the devices to fight piracy...
* Anything not from the market being wiped out from time to time, for the same reason...
* Users are hunted down and being prosecuted for piracy based on their devices content...
* The system is rigged/updated to block inappropriate content, such as pedophile sites...
* Users are being prosecuted for possessing and/or visiting inappropriate content/providers...
* The "inappropriate" extends to warez sites and regular porn sites, "bad" users are still prosecuted...
* The "inappropriate" extend to the "wrong" political sites, "bad" users are still prosecuted...
* .......
I bet you get the idea. And yea, i know i am taking it too far, but still
PS: Let me add something... the builds we are running on our HD2 are often partially illegal (gaps) etc... hint hint
maybe a little paranoid, ok, well maybe a lot
InfX said:
* The system is rigged/updated to block inappropriate content, such as pedophile sites...
Click to expand...
Click to collapse
not sure why you mentioned this, anyone in their right mind would welcome this particular point.
kam333 said:
maybe a little paranoid, ok, well maybe a lot
Click to expand...
Click to collapse
A lot, exaggerated to the max, of course. But that doesn't turn what Google does right.
kam333 said:
not sure why you mentioned this, anyone in their right mind would welcome this particular point.
Click to expand...
Click to collapse
Thats EXACTLY why i mentioned it.
InfX said:
A lot, exaggerated to the max, of course. But that doesn't turn what Google does right.
Thats EXACTLY why i mentioned it.
Click to expand...
Click to collapse
personally, i think google already knows tooooo much about its users, but in the case of malware, google is definitely the lesser of the 2 evils
let me ask you this, would you rather the big G have some remote access to your device or hackers collecting your personal info. Its the connected world, there's no turning back!!!
only real solution for anyone worried about companies interfering with their device... remove the sim card... for ever.
gnight & dont have nightmares
kam333 said:
would you rather the big G have some remote access to your device or hackers collecting your personal info.
Click to expand...
Click to collapse
Guess what... neither of those
Also, there are terrorists under the bed,chemtrails in the sky, bromine in the water,drug dealers at the school gates, drunks on fones in cars, bondage freaks at work,human traffickers, religious zealots bent coppers paedo nursery workers racists fanatics and plain clothes Google operatives spreading FUD in forums cos its cheaper and gets more results than million pound lawsuits. Oh and bloody clowns.
Just a random outpouring,please continue.
Infx may sound paranoid, and no person of any kind of moral decency would condone anbody using pedophelia porn or any other form of content that causes any kind of harm to anyone. But those are matters for the authorities to deal with, not google. If the internet's morality policies were enforced by a huge internet based company, wouldn't that be considered some kind of a conflict of interests somehow? I mean imagine if Disney were the biggest internet company, we'd never see so much as a single cuss-word or titty. Big companies shouldn't be able to impose their own commercialized morals upon users, the internet will inevitably grow more and more watered down. I don't consider myself a paranoid person, but this type of issue stinks of denial of 1st amendment rights, one step closer to completely government/corporate filtered news-tainment, and corporate control of the masses.
Huggs, i totally agree, thata why i posted this, not because i am actualluly that paranoid (would i still use Internet if i was ?). What i tried to do in my post is to demonstrate a worst case scenario, how would google start with somethimg that should be totally accepted by everyone (fighting pedophily) yet slowly move to fighting things we no longer want it to fight (political opinions).
PS: This little remote control thing is the first step for a corporate giant to become a corporate government, a corporate dictator. And the onlu things corporations care for is money, not their users.
PPS: Just my personal opinion, feel free to disagree.
I like that idea: http://code.google.com/p/open-android-alliance/
InfX said:
Guess what... neither of those
Click to expand...
Click to collapse
you really dont have a great deal of options
android, rim, ios & wp7 all have the ability to "spy" on their users to some degree,
mostly its just basic info such as: gps location, installed apps & how often they're used, crash logs, etc
some apps on ios have been caught out sending even more personal data. The point is, whilst i dont disagree fully with your concerns, i do see your post as somewhat hysterical.
There was no suggestion in the article you linked (or any other that ive read) that google is planning any of things you mentioned, so why mention them, as doing so only makes you a part of the current media trend of FUD as samsamuel put it.
this isnt about deny that all companies are in it 1st for the £$€, then customer welfare further down the list, im talking about being realistic. at this moment in time i cannot see google taking the path that you suggested, i also have far more immediate and real life things to focus on.
im all for a good conspiracy theory, fema detention camps springing up all over the usa (REX 84), the western so called "powers" planting the seeds of unrest in africa & the middle east so they can insert more puppets to secure natural resources (be it oil, gold, diamonds...), i could go on, but this isnt the place.
so let bring it back to google, you are in denial if you think cyber crime isnt going on, and with the rise of the smartphones we will see a rise of cyber crims trying to gain access. so i ask again who would you rather have access to your device?
if you still think or say neither, il know for sure you have lost the plot or you have taken my advice & binned your sim card cause thats the only other option you have.
@huggs, normally your post are quite informative & rational, that last post wasnt imho
no one was talking about censorship, the 1 point about google blocking access to child porn is something i would vote for, this has nothing to do with internet policing, you say thats down to the authorities, but they are not all seeing (no yet anyway) hence the use of informants by law enforcement the world wide, n thats all i would support. yes its possible that you give them a small mandate they will take it further but il worry about that IF the signs arise.
ppl who get there kick this way should have no rights, & should be actively hunted by whatever methods are available & taken out of the general population.
P.S.
Man i would love to have such a care free life that i need to start imagining then stressing about what may or may not happen, but i dont, my concerns are here & now, What you are talking about ISNT.
sorry for the lengthy post but your suggestions/posts are a subtle form of propaganda and a 1 line response really wouldn't cut it.
all the best
Kam
I say if we are doing something wrong and get caught that's our own fault.
How is it illegal? Isn't android open license ie freeware?
Sent from my HTC HD2 using XDA App
@kam333, i may be way less paranoid than you may think, mind the fact i've posted this as a VERY far-fetched and unrealistic speculation that only got slim to nil chance of actually happening, but it does demonstrate a possibility of undoubtedly good things becoming a base to slowly advance into nasty control-it-all direction. And, yea, your suggestion about binning the SIM card won't work. I still got WiFi
@dung8604, search the net about why Cyanogen mod no longer includes Google apps.
Well, I'm running a cooked rom without a Google account set up. So I can cross that off of the paranoid list.
I can't say I'm surprised by anything written in the article.
Did a quick search and from what i can tell, only Google apps are proprietary. Nothing about the OS itself though
Sent from my HTC HD2 using XDA App
Seems Treve was right about CIq FBI law enforcement involve so here's the link check for your self
http://www.muckrock.com/news/archives/2011/dec/12/fbi-carrier-iq-files-used-law-enforcement-purposes/
Edit:UPDATE the a video of Sen. Franken Questioning FBI Director Mueller about Carrier IQ in the Senate Judiciary Committee
http://youtu.be/WiQcYKmU-yg
This is how you know there is nothing wrong with it. After all, the government has our best interests in mind and would never do anything that could potentially harm is.
Tin foil hat firmly affixed for this one...
Very interesting. Thanks
OstrichSak said:
This is how you know there is nothing wrong with it. After all, the government has our best interests in mind and would never do anything that could potentially harm is.
Tin foil hat firmly affixed for this one...
Click to expand...
Click to collapse
Well if u say so, then again they are great liars in my opinion. They spray the skies and say its nothing harmful, u have kids and some new "disease" is born but they said its not harmful.
another little article on this
http://venturebeat.com/2011/12/12/carrier-iq-fbi/
This stuff is just creepy. 2011 is 1984. No joke.
edit: this is the Carrie IQ rebuttal
http://venturebeat.com/2011/12/13/carrier-iq-fbi-rebuttal/
And everyone thought I was crazy when I said CIQ sounded like part of the alphabet soup :-/
Sent From My EViLizED-iCS-EVo4G
.Elite_The_King. said:
Well if u say so, then again they are great liars in my opinion. They spray the skies and say its nothing harmful, u have kids and some new "disease" is born but they said its not harmful.
Click to expand...
Click to collapse
You must not have sensed the sarcasm. I was laying it on pretty thick.
[sarcasm] THIS JUST IN...CarrierIQ useless when used in conjunction with aluminum hats. Basement dwellers rejoice!![sarcasm/]
My opinion:
If Carrier IQ doesn't have anything to hide, I would like to see the following information released from them:
a) Disclose EXACTLY what data they collect and display formatting and reports associated with them.
b) Disclose EXACTLY what improvements has come from the data collected.
c) Disclose EXACTLY what security measures they have been using to protect privacy
d) Disclose EXACTLY how many people have access from their side, and to what department they get delivered AND what security measures are being used in the process of delivery to the end user (companies that work with them)
e) Disclose EXACTLY WHY they don't have an Opt-Out option if they are really not doing anything shady.
f) Based on the YouTube video that proved that they are collecting more than anonymous information, they should prove beyond reasonable doubt to the public that their software doesn't collect / send this data to them.
This will not keep everyone (or myself) at peace but its a start in the right direction....
Going along the lines of what megabiteg said ..
I would add that - So, if 160+ million devices with CarrierIQ were set to communicate or "call home" all at once there would be no Denial of Service on whomever is collecting whatever.. /sarcasm
After all, at first it was said that no data was being transmitted, then it changed to no personal data was being transmitted, then the "blame game and finger pointing" began.. next week it will be no financial data is being transmitted.
So which is it?
The other question I have is for AV (AntiVirus/Security) vendors who make a lot of claims against Android and call it unsecured.. Why didn't your product (paid or free) catch and remove CarrierIQ as it was discovered months ago and by most "modern" standards is a Rootkit?
megabiteg said:
My opinion:
If Carrier IQ doesn't have anything to hide, I would like to see the following information released from them:
a) Disclose EXACTLY what data they collect and display formatting and reports associated with them.
b) Disclose EXACTLY what improvements has come from the data collected.
c) Disclose EXACTLY what security measures they have been using to protect privacy
d) Disclose EXACTLY how many people have access from their side, and to what department they get delivered AND what security measures are being used in the process of delivery to the end user (companies that work with them)
e) Disclose EXACTLY WHY they don't have an Opt-Out option if they are really not doing anything shady.
f) Based on the YouTube video that proved that they are collecting more than anonymous information, they should prove beyond reasonable doubt to the public that their software doesn't collect / send this data to them.
This will not keep everyone (or myself) at peace but its a start in the right direction....
Click to expand...
Click to collapse
+1 on that man
OstrichSak said:
You must not have sensed the sarcasm. I was laying it on pretty thick.
Click to expand...
Click to collapse
Okay I thought that the bottom line was like ur signature got it now I'm sorry man my bad
Jus read this earlier check it out what does this sound like to you elite
The Technology is Helping Repressive Regimes Spy
TrevE Supporter!
I think ciq is really just a front for the government to spy on citizens. No wonder why their statements are just bull****. I don't doubt it.
Support TrevE !!
infamousteeboy said:
Jus read this earlier check it out what does this sound like to you elite
The Technology is Helping Repressive Regimes Spy
TrevE Supporter!
Click to expand...
Click to collapse
Ha I know what you mean. It is what it is you always have to protect your self especially from gov that sells your info for cash. I believe there is an app that shreds your text messages, using a third party app instead of the manufactures one to protect urself against ex.(tigerwoods) ex mistress, company, and etc, that u dont want them to find out. Always be one step ahead of what your intentions are.
Remember laws are not laws but simply codes and statues that "everybody" agreed upon. You should always defend your self.
I'm just saying.
Isn't all this irrelevant for those using custom ROMS?
lightiv said:
Isn't all this irrelevant for those using custom ROMS?
Click to expand...
Click to collapse
Well thanks to Treve it is now but it wasn't before and I think the sense kernels and maybe some AOSP too out there right now aren't up to date with what treve recently discover so yup check it get his app then check to see if ur kernel is update or is it still sending that info man.
Some useful updates and information regarding the situation:
http://franken.senate.gov/?p=press_release&id=1891
This was an important remark from the US Senator:
"I appreciate the responses I received, but I'm still very troubled by what's going on," said Sen. Franken. "People have a fundamental right to control their private information. After reading the companies' responses, I'm still concerned that this right is not being respected. The average user of any device equipped with Carrier IQ software has no way of knowing that this software is running, what information it is getting, and who it is giving it to-and that's a problem. It appears that Carrier IQ has been receiving the contents of a number of text messages-even though they had told the public that they did not. I'm also bothered by the software's ability to capture the contents of our online searches-even when users wish to encrypt them. So there are still many questions to be answered here and things that need to be fixed."
I hope the Senator keeps the strong track he's fighting, we should all support him!
megabiteg said:
Some useful updates and information regarding the situation:
http://franken.senate.gov/?p=press_release&id=1891
This was an important remark from the US Senator:
"I appreciate the responses I received, but I'm still very troubled by what's going on," said Sen. Franken. "People have a fundamental right to control their private information. After reading the companies' responses, I'm still concerned that this right is not being respected. The average user of any device equipped with Carrier IQ software has no way of knowing that this software is running, what information it is getting, and who it is giving it to-and that's a problem. It appears that Carrier IQ has been receiving the contents of a number of text messages-even though they had told the public that they did not. I'm also bothered by the software's ability to capture the contents of our online searches-even when users wish to encrypt them. So there are still many questions to be answered here and things that need to be fixed."
I hope the Senator keeps the strong track he's fighting, we should all support him!
Click to expand...
Click to collapse
Here's the a video of Sen. Franken Questioning FBI Director Mueller about Carrier IQ in the Senate Judiciary Committee
http://youtu.be/WiQcYKmU-yg
I dont think there is anything wrong with carrier IQ. Like if your doing nothing wrong you have nothing to be worried about* but with that being said, it is not right for our phone companies, service providers, CIQ, or even the FBI, to leave us in the dark like this. There really is so much in question and so many assumptions, I just dont see why they cant fill us in, and at least let us know what is going on while we sort out this whole mess...
So, guys..
I was going through some blogs, which stated that there are so many malicious apps in android market. Recently, Avast, which has launched an app in market, reported to google about some malicious apps.
Here is the article:-
https://blog.avast.com/2011/12/13/android-malware-in-the-open-marketplace/
So, what i was thinking is that do we really need an Antivirus app, to protect our android phone??
Using an antivirus app will mean that, it will consume RAM continuously, and so will consume battery too.
I am starting this thread, so that we can discuss, here ,if we really need it.
So, share your views, experiences with any malicious app in the market place, and also suggestions about which antivirus app should we use, if this kind of thing exists in android.
Of course you do, i use Lookout Mobile Security and it has caught a few trojans which were potenially harmful to my phone, not too many but it did quarantine a few since ive had it.
Basically anyone who doesn't have any type of protection on their dog and bone is taking a big chance.
The answer is NO.
I've posted an article from tech2.com in Indian thread where someone from Google said it while talking about Trozan AV apps.
ithehappy said:
The answer is NO.
I've posted an article from tech2.com in Indian thread where someone from Google said it while talking about Trozan AV apps.
Click to expand...
Click to collapse
Did u read the link i posted?
It really shows the possibility of some malicious apps, co-existing in Android Market. Don't we need to be protected?
ithehappy said:
The answer is NO.
I've posted an article from tech2.com in Indian thread where someone from Google said it while talking about Trozan AV apps.
Click to expand...
Click to collapse
Well if you ever get a trojan on your SGSII don't come crying on here, ever heard of better be safe than sorry!!
jonny68 said:
Well if you ever get a trojan on your SGSII don't come crying on here, ever heard of better be safe than sorry!!
Click to expand...
Click to collapse
Thats what i am trying here "Better be safe than sorry"
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Chris DiBona, Google's open-source programs manager stated in a blog post, “No major cell phone has a 'virus' problem in the traditional sense that Windows and some Mac machines have seen. Virus companies are playing on your fears to try to sell you bulls***protection software for Android.”
Click to expand...
Click to collapse
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
ithehappy said:
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
Click to expand...
Click to collapse
You forgot the rest of this story:
"Honestly, anti-virus software are not needed on mobiles, just as long as you don’t download random apps you should be just fine" ...
Most people in here download and install tons of apps, modifications and tweeaks on rooted phones ... LOL
Why not just instal a free one?
Better safe than sorry...
Send from my GT-I(OVER-9000) using XDA App.
ithehappy said:
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
Click to expand...
Click to collapse
M sorry, if it hurted u.
Everyone has absolute right to express their views.Be it wrong or right.
Sent from my GT-I9100 using XDA App
Well Google are hardly gonna freely admit the fact that there are some rogue apps in the Android Market which contain trojans as this will put off many people (not just talking anti-virus here), the simple facts are despite the nonsense by Chris DeBona or whoever is the fact that you are taking a calculated rick by not having some type of protection on your phone, this is even more so if you do happen to download apps from other sources but even in the Android Market you can never be totally sure, Lookout Mobile Security is totally and utterly 100% legit and used by many thousands of people and business' alike,clearly there are some rogue apps masquerading as anti-virus apps but also others too.
Smartphones are like pc's now. What you can do with your computer your smartphone does it for you on the go. You have so many apps you browse over the net even if you are using the wireless one from home say for example anything can come through..Say if you are downloading a rom or a leak you never know what might be in them...As the OP and Jonny said above.."always be safe than sorry" that is how i see things
http://androidship.com/2011/05/29/the-android-anti-virus-epidemic/
Read that.
If you plan on downloading apps without looking at who makes them or looking at any reviews, then yes, there's a chance you can get an app that causes issues.
And that applies for ALL os's. How many apple laptop/desktop users run an antivirus? Android is built on the same type of platform, unix.
That doesn't mean an 'antivirus' app will do anything special. It uninstalls apps the same way you do under manage applications.
Sent from my páhhōniē
I all true sense you need to have read the permission that the applications needs when you install a app. If your are lazy enough to not do that have application like LBE security installed to monitor what each applications is up to ... i believe rather then a antivirus a good app fire wall is needed.
You probably don't need one, just as any power Windows user doesn't. That said you'd be crazy to not have one in Windows. Difference being a desktop has a tremendous amount of resources and allocating some to an antivirus program is no big deal. Not so on a phone. Plus there's the consideration of battery impact.
In a nutshell I'd say you'd be just fine without one.
I feel much the same way about antiviruses on Android as I do about hand-holding paid antivirus programs on Windows. If you know what you're doing, you don't need them at all. On the other hand, if you're going to download hundreds of dodgy applications at random and pay no attention to reviews/permissions/odd behaviour, then more fool you, get an antivirus app.
LBE privacy guard is a different story, since it performs a rather different function, and allows you to enjoy apps like Facebook without giving them access to the likes of text messages and phone ID.
You guys know Samsung have their own lightweight security suite in Samsung apps, yeah?
Sent from my GT-I9100 using xda premium
ithehappy said:
Well you should've created this thread without the 'Do' and '?'. Everyone is entitled to his/her own opinion. You didn't like my post IGNORE it, don't quote me and advice me what I need to do. A '?' thread should only be created where everyone can share his/her opinion and then it's up to the Thread starter what he/she will take from all the answers.
Anyway, keep using what you are using.
@jonny68- Have you seen such a thread like that in this 8 + months?
This is what Chris Dibona, Google's Open Source Program Manager said,
Source:
http://tech2.in.com/news/android/go...-antivirus-apps-in-android-marketplace/260952
Sorry I had to BOLD the line for you guys, it's a shame to modify some other comments.
Another thing, if someone even said that Antiviruses are needed for Android I would never use it.
The story is exactly the opposite when I use my Desktop PC fyi.
Regards.
Click to expand...
Click to collapse
I totally agree, like task killers and power managers, useless...
I hate the kind of pseudo-logic that is thrown around in these discussions, which paraphrase to look something like this...
LogicLord221 said:
<insert random bull**** about why their point is valid> there's a million million trojans out there and platform x is so insecure, I read this and this which says we're all in danger!
Click to expand...
Click to collapse
Basically, the point people are trying to make is that danger lurks everywhere, and you need to protect yourself, or you'll be sorry later. Scare tactics at best.
While I am an advocate for protection by prevention, that doesn't automatically lead to the conclusion that you need antivirus software for your device! It's that kind of bull**** logic that annoys the **** out of me. To quote the Oxford English Dictionary:
"Prevention"
Pronunciation: /prɪˈvɛnʃn/
noun
[mass noun]
The action of stopping something from happening or arising.
Phrases:
Prevention is better than cure.
Click to expand...
Click to collapse
Do you see the problem here? It doesn't say "The action of installing an antivirus", it says to stop something from happening. There are many ways to go about preventing infection of your device:
1) Check what you're downloading comes from either a) a reputable source, b) is backed by a reputable source, or c) is backed by numerous (>50-100) positive comments, reviews, etc. This means, don't download that app that has a bunch of one-star reviews, and has people screaming "TROJAN!" in the comments field.
2) Stick to the Market. While it's true that a lot of the infected content will indeed come from the Market itself, Google do a good job of removing offending apps, so compared to other sources of content (e.g. just downloading the APK from a server), it's a lot safer.
3) Don't pirate ****. This is probably the number-one source of malware on Android. Don't be a cheap dumbass.
4) Stay away from 'questionable' material. This includes, but isn't limited to:
- porn
- pirated content
- file sharing sites
5) Have some common sense! I can't stress this one enough, you can have the most advanced piece of software in the world, but if you're acting like a reckless child, you don't deserve to use the device, and you're bound to find yourself neck-deep in malware. Apart from the above, take some active steps to secure yourself. Change your browser settings to run Flash content on-demand instead of automatically, (if possible) set it to have you manually accept cookies, etc. Perhaps the best use of common sense would be in checking the permissions you allow an app access to when it's installed. Look, if an app that is designed to parse a line of text is requesting full internet access, access to SMS capabilities, etc., it'd be best to leave it alone, don't you think? Moreover, if something's requesting superuser permissions, it'd better have a damn good reason why. Read the permissions, and understand what you're allowing.
...because in the end, that's the hard truth -you're the one allowing access.
If you follow these simple steps, you'll protect yourself from 99% of malware. If you're worried about that 1%, don't be. Android malware hasn't progressed to the point where it's a major threat yet, so even if something does get through, it'll more than likely be nothing too major, and you'll figure out something's up pretty quick anyway. This may not be the case in say 12 months, but for now, it's fine.
If you're really paranoid, keep an app on standby, and run a scan every week or two, but disable any background process it has, it's more of a waste of time anyway. On a final note, keep in mind that it's been shown multiple times that Android antivirus software is, to be blunt, rubbish at detecting even the most common pieces of malware.
Remember, prevention is better than a cure
Im using kasperky mobile security cause i got a 1 year licence from a magazine.. But i never got an alarm until now (1,5 months), so i think atm its not necessary to use it .. Perhaps in some months when there are more viruses out in the web^^
Sent from my GT-I9100 using Tapatalk
screamworks said:
3) Don't pirate ****. This is probably the number-one source of malware on Android. Don't be a cheap dumbass.
Click to expand...
Click to collapse
Most Android apps are of such low quality they don't deserve to be purchased.
Sent from my SGH-I897