07-26-13 07:42 AM
54 123
tools
  1. winter_hat's Avatar
    07-04-13 01:04 AM
  2. MartyMcfly's Avatar
    Doesn't bother me one bit...


    Sent From My New IPad using Tapatalk
    07-04-13 01:13 AM
  3. Saiga's Avatar
    Clicked link, read "Mobile security company" and had read enough.

    Just another company trying to profit off of scaring people.
    07-04-13 01:16 AM
  4. raino's Avatar
    Does anyone get to present at Black Hat, though?

    Edit: some more information, courtesy of Engadget: http://www.engadget.com/2013/07/04/b...vulnerability/
    Last edited by raino; 07-04-13 at 02:28 AM.
    BergerKing likes this.
    07-04-13 01:24 AM
  5. GG1's Avatar
    Yay!! Another Android security thread.
    Elite1 likes this.
    07-04-13 08:55 AM
  6. spotmark's Avatar
    So, you're not going to swap to Android, when BB folds?
    07-04-13 09:00 AM
  7. BergerKing's Avatar
    Ok, a Mobile Security company reporting a problem that is endemic to off-base app stores. And could be a vulnerability if one does not use reasonable caution.

    That’s a disaster for users, particularly because many Android users, particularly those in Asian and Eastern countries, use the*500+ independent Android app stores*that have little or no authentication or verification procedures to ensure that apps that pass through their services are legit, forming a perfect opportunity or unscrupulous and technically-inclined thieves and spies to gain control of your phone.
    Seems like one of the best answers would be: Don't download from spotty sources.
    Last edited by BergerKing; 07-05-13 at 09:52 AM.
    07-04-13 09:15 AM
  8. rnhld's Avatar
    Mostly an issue to users that sideload apps on their android devices...
    07-04-13 09:35 AM
  9. spotmark's Avatar
    Mostly an issue to users that sideload apps on their android devices...
    And to BB fanboys, apparently.
    mikeo007 likes this.
    07-04-13 09:38 AM
  10. BergerKing's Avatar
    Ah, I've seen similar stories on other sites, too. Apparently, in this how do we scare the pants off someone today world, that's the way things are.

    Sent from my SPH-L710 using CB Forums mobile app
    Last edited by BergerKing; 07-05-13 at 12:54 AM.
    07-04-13 09:48 AM
  11. Crackberry Brian's Avatar
    Security I don't think so it doesn't have security at all

    Posted via CB10
    07-04-13 09:55 AM
  12. the_sleuth's Avatar
    This article is from Bluebox, a security provider. It reminds me of Lookout articles. Let's scare the beejesus of Android users so our security app gets downloaded. If one downloads apps from Google Play and not third party providers then this is not an issue. Besides, a good virus app like Avast! is extra protection. I think the article is correct in that security updates are not being implemented properly by all users due to fragmented Android OSes. All Android users should be using Jelly Bean.
    07-04-13 10:18 AM
  13. raino's Avatar
    I'm not entirely sold on Bluebox's motive being to cash in on a scare. Afterall:

    1. They've notified Google about it, who's (un?)surprisingly tight lipped about it, but working on a patch for the Nexus devices.
    2. They've IDed the Galaxy S4 as the only immune device
    3. They're presenting at Black Hat (which is a convention of...prestige, right?)

    Also, if you read the comments in the OP's article, the author states,

    According to Bluebox, even Google Play would theoretically not be totally safe, since infected apps would look just fine to Google. The challenge there would be for hackers to upload their modified apps, because Google has at least some verification around who is uploading an app, and not allowing duplicate apps from different authors.
    But what happens if it's a rogue author uploading the primary APK for his rogue app?
    07-04-13 11:19 AM
  14. Astro_Man's Avatar
    So, you're not going to swap to Android, when BB folds?
    Never. I would rather pay to use a trac phone than use a free android with a year's worth of service thrown in.
    yellowhammer and MarsupilamiX like this.
    07-04-13 11:22 AM
  15. Kris Erickson's Avatar
    By the time BB folds, phones will have advanced to the stage they are in our skin.
    07-04-13 11:43 AM
  16. raino's Avatar
    07-04-13 01:43 PM
  17. TgeekB's Avatar
    Never. I would rather pay to use a trac phone than use a free android with a year's worth of service thrown in.
    Enjoy your trac phone then.
    07-04-13 01:55 PM
  18. the_sleuth's Avatar
    This thread is about FUD. Android Jelly Bean has security features to block this: Settings > Security > Unknown sources (should not be checked)

    If you install cracked Android apps, then you are at fault for not using Google Play.
    pantlesspenguin likes this.
    07-04-13 03:14 PM
  19. raino's Avatar
    But what about the Bluebox guy's claim that even Google Play is not completely impervious to this flaw?
    07-04-13 03:22 PM
  20. rnhld's Avatar
    But what about the Bluebox guy's claim that even Google Play is not completely impervious to this flaw?

    If any apk is at risk of being modified, then Google play, being an apk, is at risk of being modified. However, I don't think many people (at least in the US) are going to be illegitimately installing the Google play store on their Google certified (**** already comes installed) devices.

    Now, I wonder if BB10 and PB users are also vulnerable to this exploit, given all the rampant side loading and sense of invulnerability...

    Posted via CB10
    07-04-13 04:13 PM
  21. the_sleuth's Avatar
    Google Play is not impervious. But Google has a very good track record in catching malware.

    Besides, please reread this from Hillebrand:
    If you don’t have the infamous “Unknown Sources” permission box checked off in your settings, this all means nothing to you. Carry on, and feel free to be a little smug and self-righteous — you deserve it for eschewing sideloading all this time in case something like this could happen. If you don't know what this means, ask someone.

    For the rest of us, read past the break.
    Android Central | Android Forums, News, Reviews, Help and Android Wallpapers

    But what about the Bluebox guy's claim that even Google Play is not completely impervious to this flaw?
    07-04-13 04:19 PM
  22. raino's Avatar
    If any apk is at risk of being modified, then Google play, being an apk, is at risk of being modified. However, I don't think many people (at least in the US) are going to be illegitimately installing the Google play store on their Google certified (**** already comes installed) devices.

    Now, I wonder if BB10 and PB users are also vulnerable to this exploit, given all the rampant side loading and sense of invulnerability...
    Sorry...I didn't mean the GP apk per se, but apps downloaded from the GP store.
    07-04-13 04:19 PM
  23. raino's Avatar
    Google Play is not impervious. But Google has a very good track record in catching malware.

    Besides, please reread this from Hillebrand:
    I read that. Can I install apps from the Amazon appstore if I have that box unchecked?
    07-04-13 04:28 PM
  24. howarmat's Avatar
    I think the AC article mention that google already patched the play store so this wont be an issue. Its only really if you sideload or get apps outside of google play
    pantlesspenguin and raino like this.
    07-04-13 04:40 PM
  25. howarmat's Avatar
    I read that. Can I install apps from the Amazon appstore if I have that box unchecked?
    if its unchecked you can intsall from amazon appstore. If you check the box that amazon appstore is blocked from installed or updating apps
    the_sleuth likes this.
    07-04-13 04:42 PM
54 123

Similar Threads

  1. New BBOS7 Device - It might be a good move
    By Chicago777Guy in forum BlackBerry 9720
    Replies: 66
    Last Post: 07-09-13, 10:05 PM
  2. Photos look bad for being 8MP
    By eldorado01 in forum BlackBerry Q10
    Replies: 14
    Last Post: 07-04-13, 06:03 PM
  3. How do I get Android app off GooglePlay
    By Ken Napier in forum BlackBerry Z10
    Replies: 2
    Last Post: 07-03-13, 10:04 PM
  4. (PLZ!) App request: Android Central
    By cbeez1100 in forum BB10 Android App Sideloading
    Replies: 4
    Last Post: 07-03-13, 09:30 PM
  5. Blackberry Q10 "android.process.acore has stopped unexpectedly"
    By juanpgar in forum BB10 Android App Sideloading
    Replies: 2
    Last Post: 07-03-13, 05:17 PM
LINK TO POST COPIED TO CLIPBOARD