[sam_b77]

Saw this article in the times of India. Confirms the worst about Android. But still there will be people who say folks don't care about security. Till they lose money....
http://toi.in/uVtxWb

Posted via CB10

[MC_A_DOT]

http://forums.crackberry.com/blackbe...y-joke-779220/

Double thread.

[Omnitech]

Fairly well-known fact amongst the knowledgeable, though keep in mind that the overall popularity of a platform makes it far more likely that the miscreants will target it too. Not nearly as fun or lucrative to write malware for platforms that don't have as many victims available.

[darkehawke]

What I'd like to see is how many android users have actually been infected with malware.

Posted via CB10

[sam_b77]

Fairly well-known fact amongst the knowledgeable, though keep in mind that the overall popularity of a platform makes it far more likely that the miscreants will target it too. Not nearly as fun or lucrative to write malware for platforms that don't have as many victims available.

True. But iOS also is very popular but still has a far lower threat level than Android. And let's not forget that BlackBerry might have been losing market share but the still have 80 million subscribers. So its not as if it's not worth to hack BlackBerry. Maybe the reason is that it's not as easy as android.
It's like having a security system in your car. Doesn't mean it can't be stolen but it just makes the cars with no security more attractive to steal. Return on effort.

Posted via CB10

[Tre Lawrence]

What I'd like to see is how many android users have actually been infected with malware.

Posted via CB10

Or, uh, lost money.

[TgeekB]

Or, uh, lost money.

Exactly. They will have you believe that anyone who uses Android has had their bank accounts drained, their homes broken into, and are now living in a box.

[JasW]

Maybe the reason is that it's not as easy as android.

Easy if you can get people to sideload apps from third-party sources rather than get them from the Google Play store. With flexibility and power come responsibility, and learning basic lessons like you must point the gun away from your head when firing.

[Omnitech]

Easy if you can get people to sideload apps from third-party sources rather than get them from the Google Play store. With flexibility and power come responsibility, and learning basic lessons like you must point the gun away from your head when firing.

tbh, that is precisely the thing that worries me the most about BB10. The blessing and curse of the Android runtime.

I'd love to know what QNX did to firewall that d*mn thing off from the rest of the OS.

[Shao128]

I have an example from just last month where I was victim to some Android malware. I was trying out some RDP (Remote Desktop) apps by sideloading them on to my Dev Alpha. The next day I was on the PC I was using to test them with when all of a sudden I got disconnected by someone logging into my computer remotely. I immediately pulled the ethernet cable on that PC and then went through the Windows event logs. I found multiple connections coming form China!

Fortunately the PC they gained access to had nothing of real importance. But just goes to show there is a real threat of your information and data being stolen.

[SlcCorrado]

tbh, that is precisely the thing that worries me the most about BB10. The blessing and curse of the Android runtime.

I'd love to know what QNX did to firewall that d*mn thing off from the rest of the OS.

Its a little different though since its basically a virtual machine, not the core operating system

[Tre Lawrence]

I have an example from just last month where I was victim to some Android malware. I was trying out some RDP (Remote Desktop) apps by sideloading them on to my Dev Alpha. The next day I was on the PC I was using to test them with when all of a sudden I got disconnected by someone logging into my computer remotely. I immediately pulled the ethernet cable on that PC and then went through the Windows event logs. I found multiple connections coming form China!

Fortunately the PC they gained access to had nothing of real importance. But just goes to show there is a real threat of your information and data being stolen.

http://i456.photobucket.com/albums/q...ps6c1347dd.png

Shao: could you explain a bit more? The Android app potentially gave them access to the whole computer? Or did I comprehend that wrong?

What Android app was this?

[Shao128]

Shao: could you explain a bit more? The Android app potentially gave them access to the whole computer? Or did I comprehend that wrong?

What Android app was this?

Ok well with a remote desktop app you have to enter in your computers IP address and login/password. So what I'm figuring is that when I entered that info into the app it sent that info to their server. The app has to be granted internet permissions based on the nature of the app (connecting to your home computer from your phone). So yes, they would have complete access to everything on the computer.

Unfortunately I don't know which one it was because I tried a few of them.

[nappp]

where can I check for this on my own computer? I have windows 7

[RubberChicken76]

I have an example from just last month where I was victim to some Android malware.

Scary story! Sorry you had to go through that. Regardless of platforms, a good reminder for me and other to remain somewhat diligent about security.

[Shao128]

where can I check for this on my own computer? I have windows 7

Control Panel > Administrative Tools > View Event Logs > Application and Services Logs > Microsoft > Windows > TerminalServices-RemoteConnectionManager > Operational

[Omnitech]

Regarding the RDP thing, all that tells me is that someone used RDP to login to your PC, instead of you logging in from the Android device. Honestly I don't see how that automatically implicates the Android app.

Yes, it's possible the Android app was a trojan that was sharing account info somewhere, but on the other hand if you had a PC that was open to the world via RDP on standard ports, if I'm not mistaken the mean time to scanning popular open ports like that these days is on the order of minutes.

RDP's default encryption is vulnerable to man-in-the-middle attack, and if you're using a weak password...

[Omnitech]

Its a little different though since its basically a virtual machine, not the core operating system

Even if it's a virtual machine, you're not going to be able to do much of use with it if you wall it off to the point that it doesn't have access to networking, doesn't have access to storage, doesn't have access to various other services, etc.

For example, I have a funny feeling that a large percentage of people reporting "horrible battery life" or "high memory usage" on Z10s are running either sideloaded or otherwise crappy Android apps that cannot be managed by QNX the way native apps can in terms of resource sharing, CPU cycles, etc. What happens for example if an Android app that would normally prevent an Android tablet from sleeping, tries to do that on BB10? Do you give it that kind of control over the OS? What if it gets "stuck" in that state and kills the Z10's battery in an hour? Etc.

[Omnitech]

FWIW, I really like the "2X" RDP client on Android. I have no idea how well it might work under the Gingerbread Android runtime on BB10. It's free too, and no ads either.

[Tre Lawrence]

Ok well with a remote desktop app you have to enter in your computers IP address and login/password. So what I'm figuring is that when I entered that info into the app it sent that info to their server. The app has to be granted internet permissions based on the nature of the app (connecting to your home computer from your phone). So yes, they would have complete access to everything on the computer.

Unfortunately I don't know which one it was because I tried a few of them.

It would be hard to pinpoint the root cause though. An acquaintance had the similar happen to him (RDP hijack sans smartphone), and we never really figured it out. Not to discount your experience.though

Wish we could get the name of the app from the Play Store.

[Shao128]

Regarding the RDP thing, all that tells me is that someone used RDP to login to your PC, instead of you logging in from the Android device. Honestly I don't see how that automatically implicates the Android app.

When it happened I went back through all the logs and the connections started happening the day after I tried the RDP apps. The only connections previous to that day were ones I had initiated.

[Bold_until_Hybrid_Comes]

Based on shao's experience you Clearly have to watch out with these android apps

[Sqoon]

Exactly. They will have you believe that anyone who uses Android has had their bank accounts drained, their homes broken into, and are now living in a box.

You clearly didn't hear about euro grabber

Posted via CB10

[Omnitech]

When it happened I went back through all the logs and the connections started happening the day after I tried the RDP apps. The only connections previous to that day were ones I had initiated.

Yep well it does look awfully suspicious, no doubt about it.

There's other possibilities too. Like the entire Android device was already trojaned and they were monitoring every keystroke you made on there.

But yeah, in general, it's not hard to understand why Android is going to be full of holes. Someone at a client the other day proudly showed me her shiny new Galaxy Note II... and the first thing I said to her was: "You have an antivirus utility installed on there, right?" "Oh... no, should I???" "Better believe it."

[TgeekB]

You clearly didn't hear about euro grabber

Posted via CB10

Did that have something to do directly with Android?