pulsar
Lewisville, NC
Moderator
Joined: 12/30/2001
View Profile
Good Sam RV Club Member
|
In a MobileBeat report on the Black Hat Security Conference, John Hering, chief executive, and Kevin MaHaffey, chief technology officer at Lookout, are quoted.
From the article:
The app collects your phone’s SIM card number, subscriber identification, and even your voicemail password. It sends the data to a web site, www.imnet.us. That site is evidently owned by someone in Shenzhen, China. The app has been downloaded anywhere from 1.1 million to 4.6 million times. The exact number isn’t known because the Android Market doesn’t offer precise data. The search through the data showed that Jackeey Wallpaper and another developer known as iceskysl@1sters! (which could possibly be the same developer, as they use similar code) were collecting personal data. The wallpaper app asks for “phone info,” but that isn’t necessarily a clear warning.
Of course, the lesson for Android app downloaders is to pay attention to the permissions a applications requests. Perhaps others more familiar with the Android Market Place can elaborate further.
Tom
|
garym114
Bluff Dale, Texas
Senior Member
Joined: 07/24/2006
View Profile
 Online
|
It is not just one app and it is not just Android.
"Lookout Inc., a mobile-phone security firm, scanned nearly 300,000 free applications for Apple Inc.'s iPhone and phones built around Google Inc.'s Android software. It found that many of them secretly pull sensitive data off users' phones and ship them off to third parties without notification.
The data can include full details about users' contacts, their pictures, text messages and Internet and search histories. The third parties can include advertisers and companies that analyze data on users.
The information is used by companies to target ads and learn more about their users. The danger, though, is that the data become vulnerable to hacking and use in identity theft if the third party isn't careful about securing the information.
Lookout found that nearly a quarter of the iPhone apps and almost half the Android apps contained software code that contained those capabilities."
Your smart phone applications are watchi........— much more closely than you might like.
2000 Sea Breeze F53 V10 - CR-V Toad
Some RV batteries live a long and useful life, most are murdered.
Get a Digital Multimeter and Learn How to Use It
|
VirtualGarage
Vancouver, Canada
Senior Member
Joined: 05/27/2009
View Profile
|
Thanks for the heads-up.
2007 GMC Yukon XL Denali ~ 2010 Keystone Premier 31BHPR ~ Sold: 2009 Tango 289BH
ProPride 3P Hitch ~ RV Modifications ~ Gear & Accessories ~ Road Trip 2010
|
creeper
Deep South
Senior Member
Joined: 12/22/2003
View Profile
|
This is not the first for Android and certainly won't be the last. You have no idea what you are downloading form the Android market place as none of the apps are prescreened by Google. A hacker can post an app and it is available within minutes of submission.
Apple doesn't have a virus problem because third party iphone apps can only be distributed by Apple and the apps run in a segregated sandbox environment, thus they can' effect the system.
Google, well it's a free for all.
Like I've been saying Android Market place is a mess.
Travel Blog
|
LittleBill
Scranton, PA USA
Senior Member
Joined: 08/29/2003
View Profile
 Offline
|
creeper wrote:This is not the first for Android and certainly won't be the last. You have no idea what you are downloading form the Android market place as none of the apps are prescreened by Google. A hacker can post an app and it is available within minutes of submission.
Apple doesn't have a virus problem because third party iphone apps can only be distributed by Apple and the apps run in a segregated sandbox environment, thus they can' effect the system.
Google, well it's a free for all.
Like I've been saying Android Market place is a mess.
Did you even read what was posted? Apple was included in the report.
If MAC doesn't have a virus problem, then why in the world do they offer an AntiVirus package?
|
|
|
pulsar
Lewisville, NC
Moderator
Joined: 12/30/2001
View Profile
Good Sam RV Club Member
|
LittleBill wrote:creeper wrote:This is not the first for Android and certainly won't be the last. You have no idea what you are downloading form the Android market place as none of the apps are prescreened by Google. A hacker can post an app and it is available within minutes of submission.
Apple doesn't have a virus problem because third party iphone apps can only be distributed by Apple and the apps run in a segregated sandbox environment, thus they can' effect the system.
Google, well it's a free for all.
Like I've been saying Android Market place is a mess.
Did you even read what was posted? Apple was included in the report.
If MAC doesn't have a virus problem, then why in the world do they offer an AntiVirus package?
Little Bill,
You do realize this thread is about mobile devices and the programs obtained through their respective app stores? Did you read the Lookout report? Creeper's second paragraph is a paraphrase of what Lookout said about applications from Apples app store.
Apple's iOS platform doesn't have a live virus problem because third party iPhone apps can only be distributed through Apple's curated App Store, and apps are forced to run in a segregated sandbox environment where they can't infect the system.
Tom
|
fj12ryder
Platte City, MO
Senior Member
Joined: 08/19/2003
View Profile
|
How did this mutate into a discussion of viruses? The articles I read were talking about a malicious app that is voluntarily downloaded, not a virus that propagates on your phone/pc.
And it does seem that Apple is concerned about it too:
"Apple changed its terms of service for the iPhone recently because of its concerns about what third-party analytics and other companies were doing with private data."
* This post was
edited 07/29/10 04:38pm by fj12ryder *
Howard and Peggy
"Don't Panic"
|
creeper
Deep South
Senior Member
Joined: 12/22/2003
View Profile
|
fj12ryder wrote:How did this mutate into a discussion of viruses? The articles I read were talking about a malicious app that is voluntarily downloaded, not a virus that propagates on your phone/pc.
There in lies the rub, anyone can put up an app in minutes and have access to millions of unsuspecting users and no way for one to tell. In the past you would have to trick someone into downloading your malicious app. All google did with it's market place is make it easier for hackers to get their malicious apps to the General public faster and easier.
Banking trojan
The developer who sold that trojan also wrote the following and put them on the Android Market place:
Abbey Bank
Alaska USA FCU
Alliance & Leicester (v. 1.1)
Bank Atlantic
Bank of America
Bank of Queensland
Barclaycard (v. 1.1)
Barclays Bank (v. 1.2)
BB&T
Chase
City Bank Texas
Commerce Bank
Compass Bank
Deutsche Bank
Fifty Third Bank v.1.1
First Republic Bank v.1.1
Great Florida Bank
Grupo Banco Popular
HSBC US (v. 1.2)
ING DiBa v.1.1
Key Bank
LloydsTSB
M&I
Mechanics Bank v.1.1
MFFCU v.1.1
Midwest
Nationwide (v. 1.1)
NatWest (v. 1.1)
Navy Federal Credit Union (v. 1.1)
PNC
Royal Bank of Canada
RBS v.1.1
SunTrust
TD Bank v.1.1
US Bank v.1.2
USAA v.1.1
Valley Credit Union
Wachovia Corp (v. 1.2)
Wells Fargo (v. 1.1)
It's funny if you go to some of the Android forums you'll see people calling for Google to vette their apps...LOL
|
creeper
Deep South
Senior Member
Joined: 12/22/2003
View Profile
|
LittleBill wrote:
If MAC doesn't have a virus problem, then why in the world do they offer an AntiVirus package?
FYI, there are no current viruses for the OS X and Apple does not offer a virus program. 3rd parties offer virus protection and they market it to delete windows viruses and be a good net neighbor.
Trojans are another story.....
Back to the mobile topic.....
If you read the article you would see that they are reporting apps that phone home for targeted advertising. A difference between a malicious app and those who phone home for advertising.
Have you ever learned how many of your PC apps phone home? You'd be surprised.
|
VirtualGarage
Vancouver, Canada
Senior Member
Joined: 05/27/2009
View Profile
|
How did this thread become a rah, rah, Apple-cheer routine?
garym114 wrote:
Lookout found that nearly a quarter of the iPhone apps and almost half the Android apps contained software code that contained those capabilities."
I think the message is that all mobile phone users should be careful about the apps they download. Please don't try to convince me that my Android phone is junk, because I will never believe you. Just like you will never understand why I don't think the iPhone is the be-all, end-all smartphone.
|
|
|
