Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Android Cellphones Security Software IT News

More Malicious Apps Found On Google Play 143

suraj.sun writes "We've seen quite a few Android malware discoveries in the recent past, mostly on unofficial Android markets. There was a premium-rate SMS Trojan that not only sent costly SMS messages automatically, but also prevented users' carriers from notifying them of the new charges, a massive Android malware campaign that may be responsible for duping as many as 5 million users, and an malware controlled via SMS. Ars Technica is now reporting another Android malware discovery made by McAfee researcher Carlos Castillo, this time on Google's official app market, Google Play, even after Google announced back in early February that it has started scanning Android apps for malware. Two weeks ago, a separate set of researchers found malicious extensions in the Google Chrome Web Store that could gain complete control of users' Facebook profiles. Quoting the article: 'The repeated discoveries of malware hosted on Google servers underscore the darker side of a market that allows anyone to submit apps with few questions asked. Whatever critics may say about Apple's App Store, which is significantly more selective about the titles it hosts, complaints about malware aren't one of them.'"
This discussion has been archived. No new comments can be posted.

More Malicious Apps Found On Google Play

Comments Filter:
  • Except (Score:4, Insightful)

    by Anonymous Coward on Saturday April 14, 2012 @03:05PM (#39687715)

    >complaints about malware aren't one of them
    So the ones that raid your contacts and send the information to persons unknown are fine?

    • Re: (Score:3, Insightful)

      by devleopard ( 317515 )

      I've never seen or installed such an app on my iOS devices. I'm sure if I spent some time searching the Slashdot archives, there'd be at least one article; I'm sure the apps do exist. (And are no longer on the app store today). However, these articles about Android malware are weekly, or more often. Google needs to shut it all down, and then relaunch Play where all apps are properly vetted.

      Would that destroy the "freedom" concept? Maybe, but such an idea just doesn't work. Would you run any random Windows a

      • Google needs to lock things down

        I think the problem is that people just don't want / cannot be smart about using technology and thus you feel that the makers need to step in an make this stuff safe for us. The unfortunate part about all of this is that we now live in a world were it is perfectly okay to hand someone a device that can ruin them financially, expose every single person they know, track their every movement, and/or watch what they are doing at the time or at least listen in. Somehow, we don't feel that there is any obligat

    • Re: (Score:3, Informative)

      Yep, that was the funny part of the article. "Whatever critics may say about Apple's App Store, which is significantly more selective about the titles it hosts, complaints about malware aren't one of them.'"

      But one of them would be that the assertion is ridiculously incorrect.

      Even weak google-fu turns up this, among many...
      http://nakedsecurity.sophos.com/2011/11/08/apple%E2%80%99s-app-store-security-compromised/ [sophos.com]

      Why do apple people think their products and services are malware proof, even though anyone with

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        I think that anyone with self respecting brain capacity would realize that picking the small handful of issues Apple has had with their vetting model cannot be compared to the thousands of apps that compromise Google's model.

      • Re:Except (Score:5, Insightful)

        by BasilBrush ( 643681 ) on Saturday April 14, 2012 @04:11PM (#39688307)

        You finding an example of malware doesn't disprove the assertion that people are complaining about malware on the iOS App Store. Just as finding one criminal in the country's safest town wouldn't mean people are complaining about crime there.

        iOS App Store has a minuscule amount of malware compared to it's size. There's orders of magnitude more malware on the Android stores.

        • Re: (Score:2, Insightful)

          I too enjoy the random use of immediately made up statistics laid out in terms like 'miniscule' and 'orders of magnitude'. Most of the apps I've downloaded from the app store and from play/market reported all sorts of things they didnt need to know about or report back to some mothership who-knows-where. I've never loaded a malicious app that caused me harm or did something that required repair...from either.

          Yet there are plenty of stories about malware and the ability to enact it on both platforms, in al

          • In fact I'd go with the idea that many iOS apps are just more intelligent parasites then the well-known examples of Android malware. If you sit around all day spamming premium SMS, you kill your hosts pretty quickly.

            iOS can give away all your private information happily, and no one's the wiser. The app store review process is basically encouraging this kind of intelligent evolution.

    • Re:Except (Score:5, Insightful)

      by PNutts ( 199112 ) on Saturday April 14, 2012 @03:39PM (#39688029)

      >complaints about malware aren't one of them
      So the ones that raid your contacts and send the information to persons unknown are fine?

      No, but who could have imaged the apps below would harvest your contacts! It's almost like they were built specifically to share information.

      Foursquare
      Path
      Instagram
      Facebook
      Twitter for iOS
      Voxer

    • Re:Except (Score:5, Informative)

      by BasilBrush ( 643681 ) on Saturday April 14, 2012 @04:19PM (#39688361)

      So the ones that raid your contacts and send the information to persons unknown are fine?

      Clearly not. But they are many times less bad than the Android one described that is costing you serious money by sending premium-rate SMSs.

      • by Kanasta ( 70274 )

        Does anyone send premium-rate SMSs on purpose anyway? They are never covered in any plan, and are always stupid things.
        WHy not just ban them all?

        • The carriers make a lot of money off those, obviously they won’t ban the premium rate sms themselves.

          Google will never do anything to anger or disturb the carrier's revenue stream, so they will never ban all premium-rate SMS on Android.

  • It drives me crazy (Score:5, Insightful)

    by Reed Solomon ( 897367 ) on Saturday April 14, 2012 @03:10PM (#39687761) Homepage

    Why can't they offer a vetting process for apps? Not everything needs the "Google seal of approval", but having a google verified or trusted apps icon appear on an app might alleviate some of the problems, or at least the perception of the google market store (I can't call it google play store, it's just stupid) being a haven for malware and cheap ripoffs.

    In fact, this could be a policy that a third party app store could institute. It would be interesting to see it happen, as they could potentially become more popular than Google's own store.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      There is a "super developer" tag for some developers (adobe, rovio, others), plus there is the "suggested by the team" category, so what you suggest already exists in some form.

      • But does their suggestion imply anything other than they were paid for the endorsement? Are they liable under Google's ToS for any damages if the app turns out to be nothing but a fraud scheme?

        • by cynyr ( 703126 )

          Is apple? do they refund the purchase price if they remove an app?

          I do generally agree with the GGP, and would like to see something implemented as an optional thing. $5 to have your app vetted and get a little sticker next to it for every update you make.

    • by Anonymous Coward

      The idea is pretty simple. Because its an open platform, anyone can start their own app store and each one has different levels of vetting. Sounds like you prefer the Amazon model. It's fairly easy to install the Amazon Appstore if that's what you want.

      • by Microlith ( 54737 ) on Saturday April 14, 2012 @03:39PM (#39688031)

        That's meaningless for the problem at hand, which is that Google's own store is being used as a vector for malware. Google pressing a bit harder on app developers to prevent their store being a hazardous place would have no impact on the openness of the platform.

  • by chrb ( 1083577 ) on Saturday April 14, 2012 @03:16PM (#39687813)
    "some of App Store's shiniest celebrities are among those that beam away your contact list in order to make hooking up with other friends who use the app smoother. " http://m.gizmodo.com/5885321/how-iphone-apps-steal-your-contact-data-and-why-you-cant-stop-it [gizmodo.com]
    • by daveschroeder ( 516195 ) * on Saturday April 14, 2012 @03:37PM (#39688015)

      Apple: App Access to Contact Data Will Require Explicit User Permission [allthingsd.com]

      I guess you forgot that part.

      And the part about how these apps weren't "malware", irrespective of whether they were doing something previously allowable without explicit user permission.

      So it's not at all accurate to say that it's "happening on the App Store too".

      • by chrb ( 1083577 ) on Saturday April 14, 2012 @03:45PM (#39688087)
        And how is that solution different from Android? Android already requires users to authorize apps to read contact details, the problem is that most people don't care. These Android apps are being called malware because they upload the contacts list without permission, which is exactly the same as many ios apps do.
        • And how is that solution different from Android?

          On the one hand you've got iPhone Apps sending contact details - previously without user permission - now with user permission. Although in either case not with malicious intent.

          On the other hand you've got Android apps sending premium rate phone numbers without the users permission.

          And you\re having trouble differentiating?

          Or were you just trying to ignore the type of malicious app mentioned in the summary, because it's bad news for Android?

          • by chrb ( 1083577 )

            On the one hand you've got iPhone Apps sending contact details - previously without user permission - now with user permission. Although in either case not with malicious intent.

            And how would you know that it is without malicious intent? There are many, possibly hundreds, of iPhone apps that grab the contacts, how do you know what happens to those contact details once they are uploaded?

            On the other hand you've got Android apps sending premium rate phone numbers without the users permission.

            That is not what the article is about.

            Or were you just trying to ignore the type of malicious app mentioned in the summary, because it's bad news for Android?

            I was responding to the article, not the summary. The summary has nothing to do with the article. The article is claiming that users contact details can be grabbed by Android apps. The same is true of iphone apps.

            • That is not what the article is about.

              It's in the summary. More importantly it's in Android phones. But you want to ignore it because it's not convenient for your favoured platform.

        • by 93 Escort Wagon ( 326346 ) on Saturday April 14, 2012 @04:56PM (#39688691)

          And how is that solution different from Android? Android already requires users to authorize apps to read contact details, the problem is that most people don't care. These Android apps are being called malware because they upload the contacts list without permission, which is exactly the same as many ios apps do.

          Either you've never looked into this, or you're dissembling. I have an Android phone; and at the time an app is installed Android provides a somewhat generic list of all the things the app will have access to - there are usually a half dozen or so items on that list, and it would be very easy to overlook contact Info since it's somewhat buried among the generic stuff like phone state, network access, and so on.

          With iOS, when an app tries to access Contacts - you get a pop-up at that time telling you that and asking if it should be allowed. It's a dramatic improvement over what it used to be, and over what Android currently does.

          • I would LOOOOOOVE to be able to install Android apps and then click no on that popup after the fact. Because adding unnecessary permissions is a favorite activity of Android developers. Phone owners should be able to change any permissions on an individual basis at any time without rooting the phone.
            • by Electricity Likes Me ( 1098643 ) on Saturday April 14, 2012 @10:33PM (#39690607)

              This, so much this.

              Telling me something wants a bunch of vague permissions is about as useless as the iPhone "This app may read private data" message, since pretty much everything wants to do that.

              What I want is to be able to see exactly what it's planning to do. If an eBook reader app wants SD cart access, maybe I want to only give it access to the "Books" directory on the card, since it has no reason to look anywhere else. If something wants full web access...well I'd like to prevent that, and then see if the app has any actual problems. Or I'd like to be notified about the hostname's being contacted and whitelist/blacklist them selectively.

              Of course, these aren't Android or even smartphone specific problems IMO - it's a problem with providing user security on every single platform in existence. No one's made it suitably simple to tell what an app is doing, or wants to do, and allow or deny that with reasonable, but not owerpowering, fidelity.

              • by damium ( 615833 )
                Some custom builds have this feature on android (CM7 for one) but revoking permissions often leads to the app crashing when it tries to do something it expects to work and doesn't check for failure. I've revoked contact, gps, and/or network permissions for apps that I don't use those features on with no ill effects unless the feature is used.
                • The operating system should be sending "dummy" data instead of no data for these requests.
                  • Pretty much this. If the feature can't be barred off (and by most accounts, it probably shouldn't be since I don't really wants apps checking to see what kind of security environment they're in - let developers figure that one out) then the OS should lie about what's out there. Disallow net access? Then mimic no connectivity. Disallow contacts access? Tell the app I have no contacts, or better - give me an option to send a random dummy list of contacts.

                    It feels like that would be the right step away from fu

                    • by damium ( 615833 )

                      Dummy data wouldn't be good for things like contact info unless you pulled it from known invalid data. What if you get someone's real phone number or email address with random data? Succeeding with no data or reliable fake data is usually better. Evented failures (like no net access available or gps failed to find location) where possible are better. All of these can be detected with enough effort on the developer's part in much the same way that some web developers are detecting ad blocking and script bloc

            • So you're saying you want a phone with the security model that Symbian had for the last ten years? Everything old is new again...
            • by gl4ss ( 559668 )

              I would LOOOOOOVE to be able to install Android apps and then click no on that popup after the fact. Because adding unnecessary permissions is a favorite activity of Android developers. Phone owners should be able to change any permissions on an individual basis at any time without rooting the phone.

              but but.. that would make the security system exactly like j2me was meant to be!

              (no shitting, I wouldn't put it past the patent bullshit that it would be one of the reasons why it's not like that on android..)

              "allow for 24 hours" etc things asked when the app needs a permission would be nice. sms could have just "only this time" too. oh and location etc should have just a "provide fake location" option, to prevent crashing of the app. sure, it would be shit for location based shit games but they're fucked w

          • by chrb ( 1083577 )
            So Android prompts for permissions at install time, and iOS prompts for permissions at runtime. That is not a major difference: it is exactly the same system of explicitly asking the user for permissions, it just happens at a different time. The majority of users are just going to click "ok" anyway. To claim that the iPhone is somehow protected while Android is vulnerable is really stretching.
          • there are usually a half dozen or so items on that list, and it would be very easy to overlook contact Info since it's somewhat buried among the generic stuff

            And there's the crux of it right there. People are prepared to read only the first line of any warning they are getting. But OH MY GOD SIX LINES? My privacy and data aren't worth the 6 seconds it takes to read these!!!

            The reality is that most apps will actually require fairly few permissions, so if I'm downloading a game for instance my alarm bells instantly go off when I see more than 2-3 permissions being requested to begin with.

    • by gstrickler ( 920733 ) on Saturday April 14, 2012 @04:34PM (#39688491)

      5 of those 6 apps listed give you a warning and/or choice before they touch your contacts. Path is the only one that does it without your consent.

      I only have one of those 6 installed (FB), and I did not give it permission to access and synchronize my contacts, and I never will.

      As others pointed out, comparing that to malware is more than a stretch. You could make a case for Path qualifying because it did so without notification or consent. At most, that's one app that qualifies. Even if you do count it as malware, comparing it to malware that sends SMS messages that cost you money is absurd.

      If you want to point out malware on iOS, you should point to the 2-3 actual cases of malware that have been found in the App Store over the years, not 5 applications that notify you they're going to access your contacts.

      • by chrb ( 1083577 )

        5 of those 6 apps listed give you a warning and/or choice before they touch your contacts.

        They only tested 12 popular iPhone apps. Out of the 12 apps tested, 6 uploaded your contact details to a remote server, 1 without any warning. There are 585 thousand apps in the App Store. If you just extrapolate that data, then you can estimate that 48750 apps are grabbing users contacts without consent, and 292500 apps are grabbing contacts with a warning.

        That would just be a very rough estimate, but the problem is obviously not limited to the popular apps that one security researcher happened to analy

        • And 2/3 of the people in my office are orthodox Jews. If you just extrapolate that, there are 200M Orthodox Jews in the USA.

          In other words, the sample size is too small and too selective to be of any use and your comment is complete nonsense.

          • In other words, the sample size is too small and too selective to be of any use and your comment is complete nonsense.

            It is complete nonsense; however it is also completely reasonable to assume that there are tons of apps out there that do this surreptitious data harvesting. And it's the height of naivete to assume that having less information to protect yourself with (in this case, not knowing what permissions an app requires) is somehow better than being able to make an informed choice.

            --Jeremy

            • Agreed. However, as we're all well aware, most users completely ignore the permissions Android apps (and Facebook Apps, etc.) request when installing. That's only useful info to an awake, aware, knowledgeable user. All apps should first be vetted by someone qualified to determine if the requested permissions or behaviors represent an inappropriate level of risk (Apple does some of that, but not enough), before they are placed on a store such as Google Play. Apple's approach is better for 95+% of users, but

      • by X.25 ( 255792 )

        5 of those 6 apps listed give you a warning and/or choice before they touch your contacts. Path is the only one that does it without your consent.

        Android asks you for permission when you're installing the application.

        Is it Android's fault that users are stupid and give permission, then yell "MALWARE!!!"?

  • by pd0x ( 2618075 ) on Saturday April 14, 2012 @03:17PM (#39687829) Homepage
    I think it's worth noting that the new malicious applications found by McAfee researchers were video trailer applications that overtly requested the READ_PHONE_STATE and READ_CONTACTS permissions at install time.

    While it's clear that users have limited comprehension of the permissions requested at install time (for instance see: Android Permissions: User Attention, Comprehension, and Behavior [berkeley.edu]) it is rather suspicious that a trailer application require access to your contact list. From the sounds of it the malware doesn't do much other than siphon off your contact list & some identifying information (Android ID & phone number).

    Should it be removed from the Android market? Yes. Is it the best example of subversive Android applications? Probably not.
    • by chrb ( 1083577 )
      The question is, should apps be allowed to upload your contact data? Both Android and ios apps allow this, and some of the most popular apps do it. [gizmodo.com]
      • Re: (Score:3, Interesting)

        by pd0x ( 2618075 )
        It seems that a good number of apps do this to "find friends" using the app. It would certainly be much better if upon app installation your associated account e-mail was hashed using SHA256 (or some alternative hashing algorithm) and stored by the service. Rather than upload a users entire contact list the apps could then submit hashes of contact e-mail addresses looking for matches without being able to identify users not using the service in question.
    • Re:Permissions (Score:5, Informative)

      by alostpacket ( 1972110 ) on Saturday April 14, 2012 @03:33PM (#39687963) Homepage

      You don't need a permission to read the Android Device ID, however READ_PHONE_STATE gives them access to the ESN, MEID, IMEI, IMSI etc...

      The other worrisome problems with that permission are that:

      1) It is granted by default for any apps targeting 1.5 or below, and the user is not warned about it.

      2) It also allows some access to see incoming and outgoing numbers when a call is taking place.

      • by pd0x ( 2618075 )
        You are 100% right about the Android Device ID but is less of a privacy concern than the ESN, IMEI, etc that is protected by READ_PHONE_STATE. It is randomly generated, and can change with factory reset or by means of root access. The use of the Android Device ID for the purpose of tracking app installations is clearly supported behavior [blogspot.ca] with the caveats I mention outlined.

        Worry #1 is probably not that devastating a concern. The Google platform distribution [android.com] shows only 0.3% of users are running 1.5 or bel
    • it is rather suspicious that a trailer application require access to your contact list.

      When every app with a "social networking" component requires access to the contacts list, it's not really that suspicious.

      If you didn't install any app that required access to your contacts, you pretty much won't install any games, multimedia manipulation apps, etc. The only real thing this malware did to get easily caught was to not supply some sort of lame "recommend" feature. Once an app needs access to your contacts and the Internet, it's basically malware waiting to happen.

      • by pd0x ( 2618075 )
        That's a fair perspective. I suspect my app installation habits differ from most users.
      • by cynyr ( 703126 )

        Yes it is, lots of my apps do not have access to the internet, and some only over wifi. I'm also using ad-away and droid wall along with CM7's permission blocking. There are still i'm sure a few things that get by, I see a handful of ads on "words for friends" for example.

        • I'm also using ad-away and droid wall along with CM7's permission blocking.

          Well, yeah, if you want to void the warranty on your phone and spend a lot of time keeping up with exactly which version of the third-party OS you run will work with your phone, I suppose that will work.

          Unfortunately, it's not really an option for 99% of people.

    • Re:Permissions (Score:4, Insightful)

      by Electricity Likes Me ( 1098643 ) on Saturday April 14, 2012 @10:36PM (#39690619)

      Actually the real problem is you can't hit "no" and continue with the installation.

      Knowing what an app wants to do is one thing, but it doesn't tell me whether it's actually malicious. Getting an intelligent list of what it tried to do would help. Being able to tell my tablet to disallow or just lie about certain things would help more though - i.e. prevent access to contacts data, or, better, pretend I don't have any contacts data.

  • Not only have there been numerous problems with malware on iOS, a recent study (too lazy to search for it) randomly selected a bunch of apple-vetted apps and apps from a jailbreak-only iPhone app store, and found that a larger percentage of apple app store apps are malware than ones from the third-party unvetted store...

    • by PNutts ( 199112 )

      Not only have there been numerous problems with malware on iOS, a recent study (too lazy to search for it) randomly selected a bunch of apple-vetted apps and apps from a jailbreak-only iPhone app store, and found that a larger percentage of apple app store apps are malware than ones from the third-party unvetted store...

      Seems legit.

    • by BasilBrush ( 643681 ) on Saturday April 14, 2012 @04:46PM (#39688607)

      I've seen a recent study (too lazy to search for it) that says that the Queen of England is a Lizard.

      • Heh, the funny thing is that GP is correct; this research did happen, the articles do exist, and there was a nice Slashdot discussion about it that you apparently missed. (oh noes! You failed to white knight for Apple! Are they going to make you revoke your membership card?)

        However, I'm too lazy to do his Googling either -- I honestly don't care if you remain ignorant.

        --Jeremy

    • Yeah and I can't understand why people get all upset over Hitler. After all Stalin killed people too!
  • One argument is that this is simply a market choice, A) a free and open market that is easy to upload malware, or B) a closed market that is difficult to upload malware.

    Perhaps, but I believe you can have both. If a third party was able to find this malware in the market, why can't Google? Google simply needs to make this a priority, and do a better job. Scanning and making sense of the data really is their core strength.

    • Where is their incentive?

    • by nurb432 ( 527695 )

      I tend to agree, not at least doing automated scanning is irresponsible. At least make an attempt..

      I would also hope there is some prosecuting involved when these apps are found and removed.Otherwise, they will just try again.

    • Same reason their customer support is shit and your only point of contact really is a dumb messaging board service. Google, imo, isn't that bothered about looking after people.
  • by Jens Egon ( 947467 ) on Saturday April 14, 2012 @04:10PM (#39688303)

    Yes, there's a significant problem here.

    The problem is that Google does NOT like free apps. Google make their money from advertizing, and on Google Play they're actively hiding whether are apps paid for by advertizing. This means that FOSS is having a hard time there. And cheap rip-offs of various kinds are having a field day. Once a thriving community of rip-off artists have been gathered bad things(tm) happen (even more).

    By the way. Congratulations, the professional anti-Google scaremongers found a semi-reasonable point to criticize. Well done.

    And just enough off-center from the real problems not to bother your Corporate Overlords, nice.

  • by PopeRatzo ( 965947 ) on Saturday April 14, 2012 @04:58PM (#39688709) Journal

    Would it have killed all the "security researchers" who wrote or compiled all the articles behind all the links in this story to maybe list the apps that have been found to have trojans?

    I mean, Android users might find that information useful and it might actually help minimize the damage from these apps.

    Right now, it's like a news story that tells us "Three common home products have been proven to cause deadly forms of cancer" without mentioning which products they are.

  • Google's always been awful about not checking its ads for malware, so I see this as no big surprise. In my experience, the text links at the top of my Gmail page have been about 95% scam and malware sites, akin to the stuff I find in my spam box. (I've since installed a browser extension to disable such ads.) Google has thus shown a previous utter disregard for ensuring the sanitation of their profit centers, so I fully expect this new "app store" (no, I don't care that it's called "Google Play;" I'll ca

  • H'm the freedom to do whatever I want within the law. With the risk of something possibly going wrong.
    Or
    Being ruled with an iron fist. With little chance of anything going wrong. But no guarantee.

  • I'm not sure why this has quickly devolved into a discussion over whether Android or Apple is less safe in regards to the apps available for it. A far more useful discussion would be how can we as end users protect ourselves from these practices. I like to think I'm a cut above the average person (not necessarily the average slashdotter) by being somewhat selective about the apps I install, paying attention to the permissions they request, and running an iptables based firewall to whitelist the apps that
  • It's about time Google is getting serious competition from competitive android distributions. I for one would like very much to be able to store my data on non-google servers (preferably my own) and use a competitors apps store that is trustworth and not laden with (google) ads. It works for Linux, it should work for Android. It's about time we separated the software from the hardware and the service providers. Anti competitive pacts like the US phone companies almost certainly seem to be having should be l
    • by Fri13 ( 963421 )

      Erh.... You clearly don't know that Android has nothing to do with Google services or applications.

      Google services are used trough Google applications, they are called as "gapps".

      Gapps do not belong to Android, as they are third party applications what only Google offers trough Play and operators and Phone OEM preinstall them because people wants Google services (search, maps, navigation, cloud sync to contacts, email etc) and because Google pays to them from every search what is made trough Google Search w

  • If a dev writes a game that needs permissions to look at my address book or send / receive SMS messages then alarm bells should ring in Google land. If a new developer dumps 5 or 6 apps on the market then alarm bells should ring. If a developer pushes out anything with "sexy" in the title then alarm bells should ring. If a dev releases a substantially sized free app which contains no advertising APIs of any kind then alarm bells should ring. And all apps should be subject to a randomized security scan eithe
  • The old "those who trade freedom for security, soon have neither" springs to mind.

    Because believe it or not, iOS and OSX are not immune to malware, virusses and trojans. They just are more hidden, so that when it happens, their users are less prepared for it.

    Android is open, anyone can make an app. It is a free market. Apple is closed, your app has to be be vetted. It is a closed market. Closed markets are ALWAYS easier and safer then free markets. But the vetting takes place outside your control and you ne

  • The problem is "security" companies who make "proof of concept" code and release it into the wild . Instead of helping the companies with which they've found the flaw. This reminds me of the mob asking for protection money they release the code then they say look look android isn't secure UNLESS you buy our product.
  • I'm still chatting with my Nokia 8250. No, seriously, I do.
  • Avast for Android.

    A/V, malware scanning, limited firewall, and theft protections.....

    I use it on every device.

news: gotcha

Working...