[TgeekB]

It was compromised by a rogue app with funds going missing a little at a time.

Posted via CB10

First of all I feel bad for anyone who has had their personal property compromised. I know I have recently become more diligent with the passwords I use for banking, etc. They are complex and difficult to "guess". I don't have extensive knowledge of these things but how does an app break into a bank account? Honest question. Can it see me typing in my password?

Posted via my Nexus 10.

[crackbrry fan]

First of all I feel bad for anyone who has had their personal property compromised. I know I have recently become more diligent with the passwords I use for banking, etc. They are complex and difficult to "guess". I don't have extensive knowledge of these things but how does an app break into a bank account? Honest question.

Posted via my Nexus 10.

Read the link please.

https://uk.news.yahoo.com/made-in-ru...111403600.html




Posted via CB10

[Phi Nguyen]

Review that info, my bankers security department informed me that I should refrain from using it. Of course they will not let this be publicized, they have since added new protocols to avoid this occurring again. Here is a little hint.

https://uk.news.yahoo.com/made-in-ru...111403600.html


Posted via CB10

I suggest you read the article again they actually suggest you use official stores like apple and Google play

And not to sideload which ironically bbry actually supports side loading apps
And not to fall for social engineering tricks like random reseting your password or downloading an app via email ala sideloading

"Apple and Google stores have very good vetting proccess"
"Its only when you use untrusted sources"

Posted via CrackBerry App

[TgeekB]

Read the link please.

https://uk.news.yahoo.com/made-in-ru...111403600.html




Posted via CB10

OK, read it. So people got a fake email to update an app and the link infected their phone? I believe that can happen but I would never do it or blame android. Again, my point is if it was easy to infect every Android user, because people on here make it sound like that, then it would happen to everyone. I go back to my point of being smart. No matter what computer or smartphone you use.

I totally agree with you that people should safeguard against this stuff. I find it sad that people take advantage of others. Blackberry, at this point, certainly has less issues with malware, etc. I can't argue with that.

Posted via my Nexus 10.

[crackbrry fan]

OK, read it. So people got a fake email to update an app and the link infected their phone? I believe that can happen but I would never do it or blame android. Again, my point is if it was easy to infect every Android user, because people on here make it sound like that, then it would happen to everyone. I go back to my point of being smart. No matter what computer or smartphone you use.

I totally agree with you that people should safeguard against this stuff. I find it sad that people take advantage of others. Blackberry, at this point, certainly has less issues with malware, etc. I can't argue with that.

Posted via my Nexus 10.

You missed the fact that the rogue apps are actually IN Google Play, my advice is simple though many may not know what to look for, the easiest way to check if an app is legit is if there is only one copy available, if you see that more than one is there, report it to your appstore DONT download it and contact your institutions security department. Apart from the Monetary loss your accounts including email account and passwords could be compromised. After a lengthy investigation my losses were reversed but it's a real ordeal

Posted via CB10

[vrud]

My friend wanted to root a nexus 7 and apparently it's as easy as visiting a Web page. No device restart is required. Here is the link to the article if you are interested:
http://www.androidauthority.com/veri...geohot-393714/


Posted via CB10

[TgeekB]

You missed the fact that the rogue apps are actually IN Google Play, my advice is simple though many may not know what to look for, the easiest way to check if an app is legit is if there is only one copy available, if you see that more than one is there, report it to your appstore DONT download it and contact your institutions security department. Apart from the Monetary loss your accounts including email account and passwords could be compromised. After a lengthy investigation my losses were reversed but it's a real ordeal

Posted via CB10

I bet it was, not fun. They mentioned the BBM app when there were multiple copies. Who in their right mind would think that is legit? Common sense dictates what to do in those situations. You advice is wise.

Posted via my Nexus 10.

[crackbrry fan]

I bet it was, not fun. They mentioned the BBM app when there were multiple copies. Who in their right mind would think that is legit? Common sense dictates what to do in those situations. You advice is wise.

Posted via my Nexus 10.

Yes common sense would dictate that but if given a link to update not many will do the check thinking it's legit, they go and download without first checking to see if there's more than one. Just be aware and careful. The criminal mind knows no boundaries.

Posted via CB10

[vrud]

If my memory serves me right, then folks on forums claimed that one of those BBM apps was legit and gave the link. Yeah I used common sense and waited. BlackBerry app store is not free from fake apps but at least their names start with 'app for xxx' or 'guide for xxx' and I haven't seen a fake company name in BlackBerry store. One of those phony BBM apps was claimed to be developed by BlackBerry.

Posted via CB10

[crackbrry fan]

I suggest you read the article again they actually suggest you use official stores like apple and Google play

And not to sideload which ironically bbry actually supports side loading apps
And not to fall for social engineering tricks like random reseting your password or downloading an app via email ala sideloading

"Apple and Google stores have very good vetting proccess"
"Its only when you use untrusted sources"

Posted via CrackBerry App

Reread the article again. Again I have had the issue so I'm commenting first hand, I don't allow ANY Android apps on my BlackBerry devices either so that point of side loading is mute for me.

Posted via CB10

[Troy Tiscareno]

My friend wanted to root a nexus 7 and apparently it's as easy as visiting a Web page. No device restart is required. Here is the link to the article if you are interested:
Simple root for Verizon/AT&T Galaxy S5, Note 3, and more released by geohot!

And? A Nexus 7 is a developer device that is intentionally made easy to root. Rooting can be necessary to run alternative OSs or even certain applications during the development process. This is hardly a secret, or anything bad.

[Phi Nguyen]

Reread the article again. Again I have had the issue so I'm commenting first hand, I don't allow ANY Android apps on my BlackBerry devices either so that point of side loading is mute for me.

Posted via CB10

Side loading is not limited to android apps
So the vulnerability exists you have to sideload leaks
Do you expect any trustworthy app from unknown sources like troy pointed out
If you read the very article you quote it tells you exactly what to do
Do not sideload apps
Downloading an app from a website or email is sideloading
Unless you request to open Google play for the source
"Download only from official stores" from the article
Sideloading is not on by default and must be put in developer mode on eother android or bbry which is how you sideload leaks on bbry
Did you sideload an app or was the rogue app from play ?
What do you think happens when you fail to load a leak on a bbry and it bricks the phone? You cannot call bbry for a fix
FYI what thenarticle is talking about is social engineering
The emails were designed to trick you by saying they want to check your creditientals either entering the password at a phishing site (most common for fake bank of America emails I sometimes get ) or download a "updated" app from an unknown source which can't be done unless you sideload
No amount of bbry protection will protect you from a phishing site as it is not an app you download but a disguised website

Posted via CrackBerry App

[TgeekB]

I go back to saying, it's not the OS it's the user. That's exactly what the posted article says also. Nowhere does it say Android is evil.

Posted via my Nexus 10.

[Nicholas Kathrein]

Having had the first hand experience of this happening to me, just say thank god and take note. Its a big issue My bankers are top25 World rated and it was not good.

Posted via CB10

I've been doing banking from my android phone for over a year now. There are 1 billion active users on Android. If their was a problem / security hole in android or the banking apps that would be in the news and the banks would no longer make apps for Android. Remember the bank doesn't want to write off any money and if there was a problem with banking apps every bank would pull it. Show me one creditable article saying banks are pulling Android apps due to problems with android security.

[Nicholas Kathrein]

Yes common sense would dictate that but if given a link to update not many will do the check thinking it's legit, they go and download without first checking to see if there's more than one. Just be aware and careful. The criminal mind knows no boundaries.

Posted via CB10

This is fishing. When people get emails with links then they are looking for people who don't know any better to click the link and do something. Normally its a copy of a ebay page asking you to update your information meaning you give them all your info not knowing this is fake. People who don't have ebay would just delete it but if you have ebay then you might get tricked. So now they are emailing links to apps. If you CHOOSE to turn off the security in Android which you have to uncheck an option to only install from KNOWN SOURCES then you have DONE THIS not Android. YOU CHOOSE THIS. Being an open system as Android is they don't make you root the phone to sideload. If you can't figure out that you are turning off the security and tell Android you want to bypass the security then you should use a phone that doesn't allow this.

"With great power comes great responsibility."

[celticmagick]

Android can become the most secure platform on the planet but let's not forget that Google itself IS malware

emPowered by ?

[crackbrry fan]

This is fishing. When people get emails with links then they are looking for people who don't know any better to click the link and do something. Normally its a copy of a ebay page asking you to update your information meaning you give them all your info not knowing this is fake. People who don't have ebay would just delete it but if you have ebay then you might get tricked. So now they are emailing links to apps. If you CHOOSE to turn off the security in Android which you have to uncheck an option to only install from KNOWN SOURCES then you have DONE THIS not Android. YOU CHOOSE THIS. Being an open system as Android is they don't make you root the phone to sideload. If you can't figure out that you are turning off the security and tell Android you want to bypass the security then you should use a phone that doesn't allow this.

"With great power comes great responsibility."

When it occurs DONT say you weren't warned note I said When not if. And no BANKS will NOT let the public know, when it's brought to their attention, it's handled quietly and changes are implemented. Do you know how much Banking Fraud goes unreported? In some cases it's by their own employees,it's kept under raps so that there is no consumer fallout.

Posted via CB10

[crackbrry fan]

Side loading is not limited to android apps
So the vulnerability exists you have to sideload leaks
Do you expect any trustworthy app from unknown sources like troy pointed out
If you read the very article you quote it tells you exactly what to do
Do not sideload apps
Downloading an app from a website or email is sideloading
Unless you request to open Google play for the source
"Download only from official stores" from the article
Sideloading is not on by default and must be put in developer mode on eother android or bbry which is how you sideload leaks on bbry
Did you sideload an app or was the rogue app from play ?
What do you think happens when you fail to load a leak on a bbry and it bricks the phone? You cannot call bbry for a fix
FYI what thenarticle is talking about is social engineering
The emails were designed to trick you by saying they want to check your creditientals either entering the password at a phishing site (most common for fake bank of America emails I sometimes get ) or download a "updated" app from an unknown source which can't be done unless you sideload
No amount of bbry protection will protect you from a phishing site as it is not an app you download but a disguised website

Posted via CrackBerry App

Really? Go read again and try to understand without blinkers or Spin machinery

Posted via CB10

[crackbrry fan]

I go back to saying, it's not the OS it's the user. That's exactly what the posted article says also. Nowhere does it say Android is evil.

Posted via my Nexus 10.

OK wonderful it's the user, it's also the user when the Security Experts say it's a cesspool. Really I WONT stop saying this to anyone DONT do your banking on an Android, PERIOD. Till you have it happen to you you will not appreciate what is being said and please avoid the fanboism. Your personal data is very important and once it gets compromised you truly feel violated.,this is apart from the inconvenience involved.

Posted via CB10

[notafanboy]

80 Percent of the world on is Android. If it was a bad with security and malware people would have moved off it and it would be in the news daily. The fact that Android active users DOUBLE yearly goes to show some people make a mountain out of an ant hill. The fact that Android will be on every screen means they are focused on Android everywhere. Every company in this space should be worried.

I like androids and they are great for the average Joe but for security there is no way governments and corporations are going to use NSA/hacker friendly androids . I know a couple of hackers who wants everyone to use either iphones or androids.

Posted via CB10

[Phi Nguyen]

Really? Go read again and try to understand without blinkers or Spin machinery

Posted via CB10

It's not spin machine it is clearly written like everyone is pointing out to you in your article
You can clearly pick to choose to sideload and fall for phishing that is dilberate
No one can stop you but you
That is why banks won't warn people against using phones they do however say do not touch unknown emails or links asking for passwords or installing unknown updates in your article are you even reading your own article or are you just reading headlines? Because everyone told you your answer
Lack of Common sense and user error like user action by using unsafe links

"Google and apple have the best vetting stores " that is written in your article
And" download only from the said stores" how many times do people have tonpointnthat out to you from your own article?

Posted via CrackBerry App

[crackbrry fan]

It's not spin machine it is clearly written like everyone is pointing out to you in your article
You can clearly pick to choose to sideload and fall for phishing that is dilberate
No one can stop you but you
That is why banks won't warn people against using phones
Lack of Common sense and user error like user action by using unsafe links

"Google and apple have the best vetting stores " that is written in your article
And" download only from the said stores" how many times do people have tonpointnthat out to you from your own article?

Posted via CrackBerry App

Good we will see.
Google?s Play store isn?t hand-vetted, unlike Apple?s - as with YouTube, the company removes ?bad? content in response to complaints.

Kevin Morgan, chief technology officer at app security company Arxan, which conducted the research, said that on Play, it?s perfectly possible for anyone to upload an app with the name and logo of a real bank - Lloyds, say, or Barclays.

[Phi Nguyen]

When it occurs DONT say you weren't warned note I said When not if. And no BANKS will NOT let the public know, when it's brought to their attention, it's handled quietly and changes are implemented. Do you know how much Banking Fraud goes unreported? In some cases it's by their own employees,it's kept under raps so that there is no consumer fallout.

Posted via CB10

That is actually illegal dispite what you think and they would lose their license

Public disclosure laws prevent that
If they have a major breach they must legally let their customers know

FYI they do but not in the way you think

Everytime I login into my banking site and even during telebanking they warn you not to download from unknown links or enter info on a site asking for a password reset unless it was you asking for it
That is a public service against phishing

Google phishing it is what is making bank fraud happen
Millions is lost due to social engineering
People use unknown links which can happen even on a bbry because it doesn't check links

Posted via CrackBerry App

[Nicholas Kathrein]

Android can become the most secure platform on the planet but let's not forget that Google itself IS malware

emPowered by ?

Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems.[1] It can appear in the form of executable code, scripts, active content, and other software.[2] 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software.[3]

Malware includes computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. As of 2011 the majority of active malware threats were worms or trojans rather than viruses.[4] In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. states.[5][6] Malware is often disguised as, or embedded in, non-malicious files.

Malware is something that your not aware of what it's doing meaning the terms of service doesn't list what the app is really doing. Google spells it out in it's Terms of Services. I know you posted this to TROLL but I don't mind posting the facts.

"Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

If you have a Google Account, we may display your Profile name, Profile photo, and actions you take on Google or on third-party applications connected to your Google Account (such as +1’s, reviews you write and comments you post) in our Services, including displaying in ads and other commercial contexts. We will respect the choices you make to limit sharing or visibility settings in your Google Account. For example, you can choose your settings so your name and photo do not appear in an ad.

You can find more information about how Google uses and stores content in the privacy policy or additional terms for particular Services. If you submit feedback or suggestions about our Services, we may use your feedback or suggestions without obligation to you."

Nothing is FREE. People have to be paid to make great software and services. Let's not forget if they weren't great people would have switched years ago. People watching tv see ads which pay for the tv content. You think a cable box doesn't monitor every little bit it can of your tv habits? Welcome to world.

Comcast
"What kind of information do you collect and use to improve your cable services and deliver relevant advertising?

Our cable systems may collect anonymous and/or aggregate information using set-top boxes and other equipment. We use this information to determine which programs are most popular, how many people watch a program to its conclusion, and whether people are watching commercials, for example. As described below under “How does Comcast use personally identifiable information and CPNI?”, we may provide subscriber lists or certain anonymous and/or aggregate information to third parties working on our behalf such as audience measurement or market research firms, for example. These firms may combine this information with other aggregated or non-aggregated demographic information (such as census records) to provide us with audience analysis data though we will require them to remove personally identifiable information about our subscribers from this data. We use this information to improve our cable television service and other services and make programming and advertising more relevant to our subscribers. We may also use this information to distribute and deliver relevant programming and advertising to you without disclosing personally identifiable information about you to programmers or advertisers. In addition to this privacy notice, we may provide additional notices to you regarding specific advertising or other initiatives. These notices will describe the initiatives in greater detail and may, as appropriate, contain information you can use to choose to participate, or not participate, in these initiatives."

[qbnkelt]

Let's go by facts, shall we?
NVD - Results

http://web.nvd.nist.gov/view/vuln/se...pe=all&cves=on

http://web.nvd.nist.gov/view/vuln/se...pe=all&cves=on

Android has the most vulnerabilties. BlackBerry has the least. Is this a surprise? No.

Therefore, since I've got the least vulnerable platform why would I introduce apps from the most vulnerable via a third party site which is not as safe? Considering that this issue is clearly one that is social engineering?

Folks, caveat emptor.

As always the factor that introduces the most danger to the health of any platform is the user. You can take a BlackBerry with the least vulnerabilties and introduce the possibility of exploits via unsafe practices.

For those who choose to do so, each one does so as an adult fully aware of the implications. Those few few few of us who will not, such as me, that is the reason why.

I use an SGIII and I am VERY careful as to how I use it. No problems since 2010.