“The family of Android malware that slipped past security defenses and infiltrated Google Play is more widespread than previously thought. New evidence shows it was folded into three additional apps and has been operating for at least 10 months, according to security researchers.” Google removed most of it, but not before it was installed anywhere between 2 to 9 million times – finally some figures from Google itself, and not scaremongering by antivirus companies. At 9 million, that’s 1.2% of all Android devices sold.
According to the linked article:
Even after a malicious update is displayed on an infected device, the user must specifically choose to download and install it and must have configured the phone to install apps from third-party sources.
That’s not exactly ‘infiltrating’ the Google Play store. Obviously, anytime you’re running apps not vetted by anyone, there are going to be risks. The question is, do you want a corporation deciding what you are/are not allowed to install in order to alleviate risks?
Some people are willing to give up their freedom for a little security, and I don’t necessarily think that’s a bad thing in all cases. I mean, if all the apps you really want are inside the walled garden, it’s kind of a win/win situation.
I’ve been around long enough to have “enjoyed” the experience of having to re-install Windows or erase/reformat/reinstall the hard drive or having to install a complete new hard drive because of infection by a virus or malware. Even with anti-virus software installed. I’ve lost entire hard drives worth of data in some of those great experiences.
Having enjoyed all those experiences, I gradually came to the realization that I didn’t have to worry about all that in a “walled garden” type of situation, so I slowly migrated and have been quite happy ever since. As the original poster said, if the applications you want and need are within that wall, then fine & dandy, all is well. I have no problem with the walled garden and the experience Apple or anyone else is trying to provide to their customers. If it works for them, great, there is nothing wrong with that.
I have also tinkered with my iPhone, jailbreaking and unlocking the various models I have owned. It was fun and exhilarating but I have left that behind because I know/knew the risks and don’t need to do that any more. As with my computer, all the software I need or want is within the walled garden. This is probably all a function of getting older and having had those “fun” experiences of crashing computers and cellphones and not wanting to have to deal with that any more, but that’s fine. As long as people know the risks, if they want to have that experience, I have no problems with it, just don’t come crying to me when your computer or phone becomes nothing more than a doorstop. Been there/done that/you’ve been warned.
“The takeaway for Android users is to consider running a smartphone antivirus app.”
And we’ll end up with the same problems that people have on Windows: Cell phones everywhere will run slow as anti-virus software sucks up CPU time and RAM, causing false positives like the recent Malwarebytes dud that downed countless computers, and in the end people will still get infected because they will feel “safe” and think they can do anything. Meanwhile, no program will successfully defend against all malware. Meanwhile, we’ll get the added annoyance that this extra resource hogging sucks our batteries dry.
No thanks, that doesn’t sound like the kind of thing I want to go back to. I already have a serious lack of storage space, I can’t even install everything that I want, there’s no way in hell I’ll get an anti-virus program that will continue to get bigger and bigger with no end.
Edited 2013-04-23 01:28 UTC
Which we used to have on MS-DOS, CP/M, Amiga, Atari, Mac OS (<= X), C64, ….
Virus were never Windows specific, rather common to any consumer systems.
Even in more secured systems, the problem still persists given how consumers behave, assuming they can have root/admin rights.
Most people will just install whatever they can put their hands on, without pausing 1 second to think about it, regardless how they got the software.
From magazines, friends, acquaintances, strange looking web sites, you name it.
The only way is for someone else to look after what people are allowed to install on their own systems, but we can all imagine how it ends if taken too far.
C64??? I know there were some proof-of-concept-wannabe viruses, but these required you to load them yourself and after you ran them you shouldn’t reset or power cycle the computer (which people tended to do before loading a new program or game).
These “demo” viruses ran invisible and after a while caused some funny effect.
I guess they could be considered virus simulators and not real ones.
In Portugal most 8 bit software was cloned and sometime it got fatter in the process.
You could only buy legit copies in big cities.
What kind of stuff did they add?
Most cracked games came with cracking crew intros and often “trainers” (cheat options).
It’s hard to imagine any virus kind of software having much effect. It wouldn’t survive a reset or power cycle, which you had to do when changing software. Also there was no boot sector or hard disk to infect.
The Commodore Amiga could catch a number of viruses.
They could affect existing software in the case you were using floppies.
True–viruses were definitely to DOS back in those days as flies are to shit, and no OS is 100% immune to viruses (except, of course, that massive majority written of them written for DOS/Windows…). But I think the “security” companies and their software have only got worse since those days, and I wouldn’t trust them or their software these days much more than the viruses themselves.
I fully agree with you.
On the other hand I sometimes have doubts when on UNIX systems if my firewall configuration is really secure or how far each application is free from exploits.
Having a microkernel OS, capabilities based or with process fine grained sandboxes will improve surely security, but they are no solution for dumb users that install everything from everywhere.
Unfortunately… yup. If someone does something stupid, it will always carry the potential consequence of screwing them over. It’s an unavoidable fact of… well, pretty much everything. I think mounting the /home partition on Linux (or the BSD/UNIX equivalent) with the “noexec” option can go a long way, though. Eliminating sudo and giving them a “secret” root password would help even further–although in some cases this may not be possible. And, of course, have a hardware firewall/router for extra protection. I have to admit, I don’t normally use a software firewall (IMO they’re more trouble than they’re worth), but when I know I’ll be using a potentially-untrusted network (like lately…) I make an exception.
Edited 2013-04-23 19:42 UTC
Speak for yourself. My antivirus does not slow down my computer at all. I also run Avast Mobile on my Android, and I don’t notice any difference in performance.
[emphasis added]
Do you have any benchmarks to prove that your anti-virus software causes absolutely no slowdown whatsoever? And if it is using absolutely no processing power or memory, is it even running and working correctly? Somehow I don’t believe that *any* program can use zero resources while running, especially an active anti-virus program.
I also find it ironic that at 5.4 MB according to the Google Play store, there’s no way in hell that the Avast Mobile program that you mentioned would fit on my phone without uninstalling several *more* programs (as if I haven’t had to get rid of enough already). Give it a few years (months?) and it’ll explode to 10 MB… then 15 MB… just like they all do.
Again, I’ll pass on cell phone anti-virus. But if it really makes you feel safe, then have at it. I, on the other hand, don’t trust those programs or the “security” companies behind much more than the malware that they claim to “eliminate” (but typically fail miserably at, while potentially causing serious problems of their own).
Edited 2013-04-23 18:25 UTC
Here’s a more important question – does he NOTICE a difference in speed when the AV software is running vs when it isn’t? And if the answer is no, then it really doesn’t matter, does it?
Notice the wording:
He did not say a word about not “noticing” anything, he stated it as fact. If he had been a bit more careful with his wording, then I wouldn’t have said a word about that in response.
So, most of the said apps originate from Russia or are Russian-language specific. Why is this a surprise to anyone? Even from the days of searching for files via ftp servers I have avoided .ru ones (as well as Chinese-bases hosts) even where these were apparently attached to legit institutions seemingly, such as in the educational sector.
Also, doing a search for ‘bitdefender’ via Google Play gives one the first option of ‘Bitdefender mobile security’. Take a look at the permissions that programme demands. Is this legit, and if it is, why would Bitdefender need such access to my device? If it isn’t, why is it there and why does Google’s search algorithm present it as the top choice?
I am a reasonably savvy hobbyist user (which means mostly I have absorbed enough information to be on the sanely side of twitchy rather than having become technically expert as such over the years) but getting corroboration of validity and authenticity even when alarm bells start to ring seems to me to be getting gradually harder and harder to achieve with confidence since the advent of smartphones.
I may be rambling here (as an amateur that’s another hit-and-miss risk one takes) so am open to being corrected.
Bitdefender is not made by a Russian company, but by a Romanian one, also it’s one of the top antiviruses on the market.
I wasn’t suggesting it was
Good to know the origin though-not that it makes me feel safer…
“So, most of the said apps originate from Russia or are Russian-language specific. Why is this a surprise to anyone? Even from the days of searching for files via ftp servers I have avoided .ru ones (as well as Chinese-bases hosts) even where these were apparently attached to legit institutions seemingly, such as in the educational sector. ”
They do, however you are ignoring the fact that’s its mostly the rogue ad-network that caused those infections. Of course its the also the fault of those developers for not realizing this. Something similar can happen even with legitimate ad-networks and in result with legitimate websites.
“Bitdefender is not made by a Russian company, but by a Romanian one, also it’s one of the top antiviruses on the market.”
So what you are saying is: its more trust-worthy because the company was founded in Romania?
Edited 2013-04-23 05:42 UTC
Yes, you are right, my conclusion was a bit unfocused of me really since I had read the article fully and had come away with the notion that it explained the complexities of the situation well enough for a layperson to comprehend. Still, there seems to be a fair amount of correlation going on which to me suggests either it’s possibly malicious use of the ad-framework or a lack of rigour on the part of the developers. Neither possibility fills me with any greater feeling of ease regarding apps that originate from that part of the world, unfortunately.
So, are you saying it’s less trustworthy because it’s not made in western Europe or the US?
Not per se but I’d probably have a different take on the particular risks to be managed. There are always risks, some just have different criteria from others.
I would love to know. It kinda like adding up every Windows sale since Windows 95.
No, the takeaway is not to install apps that requires you to allow installation of non-store apps. If you don’t find that suspicious then what the heck are you thinking?
Really, it’s just common-sense although I guess common sense is rather uncommon.