[Tre Lawrence]

Sorry, guys, but Android malware is a serious problem:

Malware may have infected thousands of Android devices - Times Of India

Android Malware could hit the 1 million mark in 2013 - *xinmsn tech & gadgets

The Next Generation Of Android Malware | Fast Company

Massive Android malware op may have infected 5 million users - Computerworld

The Mother Of All Android Malware Has Arrived: Stolen Apps Released To The Market That Root Your Phone, Steal Your Data, And Open Backdoor

You don't see these stories about other smartphone OSes, because Google's design decisions have led to a uniquely vulnerable OS that has already infected tens of millions of users.

Which is why choice is a very, very good thing.

[reeneebob]

And also why user common sense is.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[SDTRMG]

The SG3 is not FIPS certified. The SG2 global and the Galaxy 10.1 tablet are certified.

Thanks for a informed answer to me question, as that's all it was and some people take it out of hand. One of the main reasons I gave up android was security so it was a logical gestion to ask.

[reeneebob]

FYI the attack in every one of those news reports happened in March.

2011.

Almost 2 YEARS AGO.

Anything more recent?

I mean I can dredge up all the outages rim had about 5 years ago and say that rims current infrastructure is weak. Doesn't make it applicable to now.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[SDTRMG]

There seems to be some misconception about FIPS certification. It does not make your phone impenetrable.
The Playbook was FIPS certified at launch, yet a vulnerability was found and exploited resulting in Dingleberry.
A Samsung SG2 running Gingerbread is FIPS certified and can be run securely and IS being run securely within certain DOD components.
A Blackberry Torch which was FIPS certified had a vulnerability that was exploited during a pawn2own event.

FIPS does not guarantee an iron clad OS. It meets requirements but it does not ensure the OS is impenetrable.

A BB can be compromised by loading junk apps.

http://forums.crackberry.com/blackbe...-world-727830/

The key are the apps. They are, in the majority of cases, the means by which malware is introduced into devices, except for drive bys.

FIPS does not guarantee the absence of malware nor does it guarantee an impenetrable device; it means it's gone to the nist labs or nist certified labs and has been tested and standards have been met. Had FIPS meant a guarantee of impenetrability, you would have no Dingleberry.

All that said, Android has more opportunity for the introduction of malware due to the huge assortment of apps. Does it keep me from running my SGIII? Not at all. I run mine in a very judicious manner; I have no apps from sources I don't know. Example, I wanted a notification light app like BeBuzz....when I read the permissions, I did not feel comfortable. Consumers need to learn to read. Ultimately, the responsibility is on the user.

****for the record, and before anyone attempts the GOTCHA and claims I'm being hypocritical.....I have no banking apps on any device except my BB.....that means no banking apps on any of my Androids, iPhones, or iPad. Because the Android browser kills the browser on my 9900, I am more concerned about drive bys and clicking on something by accident that can get me into malware territory. THAT is the reason.

By the way, the day the BB browser catches up to Android, as it seems BB10 has, the same possibility for drive bys will occur. That will be a concerning day for me and my banking apps.

Do I wear a tin foil hat???? well.....it's part of my job.

Thanks for your reply, I'm aware it doesn't protect against malware, but I'm more concerned about hackers etc, I keep important, confidential banking and business infomation/passwords etc in my bb and gave up android for that reason. I have a banking app on my Iphone but rarely use it.

I don't ware a tin hat but stay aware to the possibility of anything happening.

[eve6er69]

the commercial boasts 256 AES encryption. to someone that has never set up a router or troubleshot a wireless problem i bet that sounds pretty nifty. lol

to post on all the other ramblings on this thread the os itself is stable for mail and other basic stuff. as im sure some of you know when you have a corporate phone you can only download certain apps for security purposes. i have a work iPhone and we are only able to download comcast apps because that is who my employer is. if you download a weird uncertain app and you accept and allow all permissions access to your devices data thats where the problems lay.

its just a side affect of having an "open source" app store and allowing many apps to be added without a constant big brother style ecosystem like apple has.

[Tre Lawrence]

I always say use the platform you feel safest using. I know I do.

My hidden rule: never download any app with a body part in the title, regardless of platform.

Now, that sms vulnerability was nasty. Wow.

[SDTRMG]

I'm been thinking about something regarding these new Samsung ads.

In the previous Samsung ad they took a couple pokes at Blackberry. Nothing too heavy, but Samsung was just trying to build up their own business credentials.

Now, in this ad here, they again refer to Blackberry (the black guy), but note that they do not slam him (or his phone) at all. If anything they imply that his phone is more secure than a Samsung.

Why would Samsung go soft on Blackberry???!!! I see two options:

1. Samsung is considering licensing BB10 so they don't want to slam it too hard. We already know that Lenovo had at least had preliminary discussions with RIM, so it is quite possible that Samsung at least considered this possibility too. As a matter of fact, I can almost garuntee that Samsung has considered licensing BB10. But of course, we don't know if they will actually do this.

2. The second possibility is that they are concerned about BB10 so they want to start demonstrating their superiority to it. However, since Blackberry is viewed poorly in the States, they don't want to be seen as trying to bully the little guy. That would only create sympathy for the underdog. Initially this seems more likely, but it doesn't fit with acknowledging that Blackberry is a more secure platform that Samsung.

The key point for me is that Samsung is treating Blackberry a little bit differently, and I don't know what to make of it.

I have the same feeling there adds went from basing apple and iOS to a sudden interest in blackberry and security, they've already released 3 ads and you don't put money into a campaign without reason, am I not correct.

[Branta]

Has anyone actually seen the ads live? (i.e. broadcast) Or is this a cheap viral marketing campaign reliant on youtube circulation?

[reeneebob]

Has anyone actually seen the ads live? (i.e. broadcast) Or is this a cheap viral marketing campaign reliant on youtube circulation?

I saw the first one live during the golden globes. Also during a few nhl games.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[brmiller1976]

And also why user common sense is.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

Sorry, but "if you downloaded malware from our official store, it's your fault for being so darned stupid" is NOT good user experience.

[brmiller1976]

FYI the attack in every one of those news reports happened in March.

2011.

Incorrect. Most of the articles talked about how Android will have 1 MILLION malware titles by the end of 2013.

Think about that -- the largest category of apps for Android, and a MAJORITY of all Android apps -- will be malware.

That means that users have a 50% chance of being infected, simply by downloading any given app, on Android's official app store. And if you are that poor, unfortunate soul, you'll be told "you're stupid and DESERVED to get infected."

Yeah, that really improves user confidence...

[howarmat]

Incorrect. Most of the articles talked about how Android will have 1 MILLION malware titles by the end of 2013.

Think about that -- the largest category of apps for Android, and a MAJORITY of all Android apps -- will be malware.

That means that users have a 50% chance of being infected, simply by downloading any given app, on Android's official app store. And if you are that poor, unfortunate soul, you'll be told "you're stupid and DESERVED to get infected."

Yeah, that really improves user confidence...

you realize there are about 700k apps in the playstore right now and to get 1 million MALWARE apps you would need to add over 1 million apps by the end of the year probably? Sorry but i think you are just trolling lol

[reeneebob]

Sorry, but "if you downloaded malware from our official store, it's your fault for being so darned stupid" is NOT good user experience.

And that vulnerability... 2 OS VERSIONS AGO AND LONG SOLVED... was bad. And fixed pretty quickly.

Oh look here's an alert from RIM from 2 months prior to that.

http://m.infoworld.com/d/security-ce...rabilities-371

Doesn't mean it's at all relevant to NOW. You cannot harp on a vulnerability from 2 years ago (a lifetime in tech) and make it apply to your agenda now. If that's the case, then let's let loose with all the outages of the RIM NOC, and those two security vulnerabilities from two years ago... I mean, clearly it still applies now, right? What will you say or do if there's a security flaw in BB10 that isn't caught and rears it's ugly head? It's tech. It happens. No system is totally secure. Some are more than others. I'm the first to admit BB is more secure but I use common sense and don't live in fear.

So again. I'll ask. Do you have a recent article about Android market and massive security issues with examples? I'll wait. Not something long patched from a few years ago.



I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[reeneebob]

Incorrect. Most of the articles talked about how Android will have 1 MILLION malware titles by the end of 2013.

Think about that -- the largest category of apps for Android, and a MAJORITY of all Android apps -- will be malware.

That means that users have a 50% chance of being infected, simply by downloading any given app, on Android's official app store. And if you are that poor, unfortunate soul, you'll be told "you're stupid and DESERVED to get infected."

Yeah, that really improves user confidence...

Using research from companies with a vested interest in selling security apps, I'm sure. I'm sorry, but you have no idea about what you are talking about. Point blank and end of story. What howarmat said. It's fanbois trolling over the top ridiculous opinion as fact with poor resource material to back you up.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[SDTRMG]

Using research from companies with a vested interest in selling security apps, I'm sure. I'm sorry, but you have no idea about what you are talking about. Point blank and end of story. What howarmat said. It's fanbois trolling over the top ridiculous opinion as fact with poor resource material to back you up.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

Either way you guys went far off topic, malware wasn't even mentioned, this was about androids security to being hacked mainly and if it was as safe as bb, witch after extensive research I found it isn't. Bb and iOS users can use there phone almost as they see fit, android users have to be carefully on which apps they download, texts they reply to, and can easily be hacked. Twitter actually hired the guy who hacked an android though its NFC a few months ago.

Should have been clearly, brand new, from the store, right out the box is android anywhere as near as safe as blackberrys.

[reeneebob]

Either way you guys went far off topic, malware wasn't even mentioned, this was about androids security to being hacked mainly and if it was as safe as bb, witch after extensive research I found it isn't. Bb and iOS users can use there phone almost as they see fit, android users have to be carefully on which apps they download, texts they reply to, and can easily be hacked. Twitter actually hired the guy who hacked an android though its NFC a few months ago.

Should have been clearly, brand new, from the store, right out the box is android anywhere as near as safe as blackberrys.

I have never once had to "be careful" and I've used all os's for years now. I don't get spam texts. I don't download third party apps from unsecured sources because that's common sense. I've been jailbroken, rooted, both things that can open one up to attack and nada. I think this picture you are painting of living in fear for all Android users is a bit over the top and fear mongering.

And no. I don't have an anti virus on my phone.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[brmiller1976]

you realize there are about 700k apps in the playstore right now and to get 1 million MALWARE apps you would need to add over 1 million apps by the end of the year probably? Sorry but i think you are just trolling lol

Did you actually read the articles?

No?

Didn't think so.

[brmiller1976]

I have never once had to "be careful" and I've used all os's for years now.

You're like my grandfather who smoked every day of his adult life and insisted that smoking was safe because *he* never got lung cancer.

[Tre Lawrence]

You're like my grandfather who smoked every day of his adult life and insisted that smoking was safe because *he* never got lung cancer.

LOL.

To quote what I said earlier, Android is safe enough for a good number of people... even for RIM's chief, who was able to use it without getting sniffles.

Do I take precautions? Yes. If one wants to view it as as trade-off for the superior functionality that Android gives me, then there it is.

I admit the sms vulnerability was one I just heard of, but I can say, with all confidence, that the dangers of Android, as presented by some, are somewhat overblown. This week alone, I rooted and/or updated 4 devices. I bank, manage websites and run an organization's email system mostly from my device. I'm not special; just careful.

Again, not trying to change your mind; you have to use what makes you feel safe. But Android appeals to a lot of people, and they are not stupid. If Android malware is so prevalent, people wouldn't use it, and that includes the anti-virus exec I mentioned that carries a Sammy device.

I think Samsung is making a play for Enterprise, and may be trying to do it without wasting money on FIPS-hardened devices.

[Tre Lawrence]

Sorry, but "if you downloaded malware from our official store, it's your fault for being so darned stupid" is NOT good user experience.

I actually don't disagree with this. Google needs better controls. Till then, folks shouldn't download babe apps with low feedback and dodgy developers.

Peer review is the strongest tool of all the app markets, IMHO.

[reeneebob]

You're like my grandfather who smoked every day of his adult life and insisted that smoking was safe because *he* never got lung cancer.

The fact that you questioned howarmat and insinuated he doesn't know what he talks about is laughable at best. You are blowing the actual threat to Joe blow off the street using Android COMPLETELY out of proportion.

I have a feeling that Thorsten Heins , who uses android devices himself, could come out tomorrow and say that the malware scare tactics in some aspects of the tech media (call them the fox news of tech) are overblown and while it's not as secure as BB for some purposes, it's perfectly safe for everyday use for most people, and you would call him a liar. You are that entrenched in your opinion.

It's called the 'lalala I can't hear you' argument.

I'm still waiting on recent proof of this widespread malware running rampant in play store. Something not written by analysts with ties to mobile security companies who profit off this fear mongering.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[reeneebob]

LOL.

To quote what I said earlier, Android is safe enough for a good number of people... even for RIM's chief, who was able to use it without getting sniffles.

Do I take precautions? Yes. If one wants to view it as as trade-off for the superior functionality that Android gives me, then there it is.

I admit the sms vulnerability was one I just heard of, but I can say, with all confidence, that the dangers of Android, as presented by some, are somewhat overblown. This week alone, I rooted and/or updated 4 devices. I bank, manage websites and run an organization's email system mostly from my device. I'm not special; just careful.

Again, not trying to change your mind; you have to use what makes you feel safe. But Android appeals to a lot of people, and they are not stupid. If Android malware is so prevalent, people wouldn't use it, and that includes the anti-virus exec I mentioned that carries a Sammy device.

I think Samsung is making a play for Enterprise, and may be trying to do it without wasting money on FIPS-hardened devices.

Stop with that pesky rationality.

I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2

[brmiller1976]

I actually don't disagree with this. Google needs better controls. Till then, folks shouldn't download babe apps with low feedback and dodgy developers.

Or you could just use the Apple App Store, BlackBerry App World, or Windows Phone Store and be confident that the apps you're downloading aren't 50% malware.

2/3 of the technical support I provide to my Android-using friends is helping them figure out which top-rated app they downloaded that is hijacking their Twitter account and using it to send spam to their contacts, or turning their Android phone into a spam hub and sending out 4 gigs of spam per month.

[brmiller1976]

The fact that you questioned howarmat and insinuated he doesn't know what he talks about is laughable at best. You are blowing the actual threat to Joe blow off the street using Android COMPLETELY out of proportion.

Nonsense. The threat is well-documented by companies who specialize in malware detection.

Your conspiracy-theory stuff, which claims that all the reports are "false and overblown," doesn't hold water, since the malware detection companies aren't making similar claims about other ecosystems.

Android is incredibly insecure, which is why it's such a dangerous, toxic OS to have on corporate networks. All it takes is one side-loaded malware app to compromise the entire corporate network and all confidential data.

And Android has hundreds of thousands of confirmed malware apps, will hit over 1 million by the end of the year, and was the hub for everything from SMS hijacks to the CarrierIQ scandal.

It offers poor security and a poor user experience that consists primarily of hoping that well-reviewed apps aren't malware (when they often are). It's junk.