[TgeekB]

Based on shao's experience you Clearly have to watch out with these android apps

I believe he said he sideloaded an app which I never do.

[bobauckland]

My biggest concern is Android gets a lot of bad rap for malware etc, and yet people who get their apps from Google Play only are significantly less likely to suffer this happening than people who load, invariably pirated apps, from other sources.
On BB10, a lot, and I mean a lot, of people, are pushing Sideloaded apps, and no one has any clue where they are coming from.
Lots of BB10 solutions, in theory, are far far more vulnerable than anything else being heavily pushed.

[Tre Lawrence]

My biggest concern is Android gets a lot of bad rap for malware etc, and yet people who get their apps from Google Play only are significantly less likely to suffer this happening than people who load, invariably pirated apps, from other sources.
On BB10, a lot, and I mean a lot, of people, are pushing Sideloaded apps, and no one has any clue where they are coming from.
Lots of BB10 solutions, in theory, are far far more vulnerable than anything else being heavily pushed.

It is funny. I suspect BB10 users ARE more vulnerable. Not to mention the piracy issue already noted by Alec Saunders. I am a tinkerer that loves to play around with devices, but the BB sideloading culture gives me pause.

Pandora's box, I tell ya.

[Tre Lawrence]

Yep well it does look awfully suspicious, no doubt about it.

There's other possibilities too. Like the entire Android device was already trojaned and they were monitoring every keystroke you made on there.

But yeah, in general, it's not hard to understand why Android is going to be full of holes. Someone at a client the other day proudly showed me her shiny new Galaxy Note II... and the first thing I said to her was: "You have an antivirus utility installed on there, right?" "Oh... no, should I???" "Better believe it."

Nah... those anti-virus apps don't do anything that good common sense can't, IMHO. But if she feels better...

[TgeekB]

My biggest concern is Android gets a lot of bad rap for malware etc, and yet people who get their apps from Google Play only are significantly less likely to suffer this happening than people who load, invariably pirated apps, from other sources.
On BB10, a lot, and I mean a lot, of people, are pushing Sideloaded apps, and no one has any clue where they are coming from.
Lots of BB10 solutions, in theory, are far far more vulnerable than anything else being heavily pushed.

At least when you get an app from a source like Google Play, you can read reviews to see if anyone is having problems. Just downloading and sideloading from anywhere on the Net and you are on your own. I agree that BB has a problem as they (not directly mind you though allowing) are relying on sideloaded apps to make up for their short comings.

[TgeekB]

Nah... those anti-virus apps don't do anything that good common sense can't, IMHO. But if she feels better...

Agree. I have had antivirus software on my SGS2 Skyrocket for a year and it has never found anything. Nothing can work better than good common sense.

[Tre Lawrence]

Agree. I have had antivirus software on my SGS2 Skyrocket for a year and it has never found anything. Nothing can work better than good common sense.

I review apps for a living now. I had the opportunity to sit down with an executive for a major anti-virus company, one that makes an Android app and publishes malware reports every so often. He used an Android, and didn't have his own company product on the phone.

I pointed this out. He smiled.

I ended up NOT publishing that particular review.

I agree with you: peer review is such a powerful tool. It makes it tougher on smaller development houses, but the only time I ever sideload is when testing apks sent directly from the developer for review OR when trying out XDA apps (and the boys and girls on XDA are way tougher than the ones on Google Play with regards to feedback). All on rooted testing devices, not main driver.

[Omnitech]

Nah... those anti-virus apps don't do anything that good common sense can't, IMHO. But if she feels better...

I don't believe that for one second. Sorry.

And that's coming from someone who hasn't run an A/V app on any of his personal computers for years. But I would NEVER suggest someone else do that. Ever.

(Edit: And FWIW, I'm now considering installing anti-malware on some of my machines. The web-delivered stuff is getting extremely difficult to avoid these days, and the days when I could even pretend that it was practical to block all javascript and active content by default everywhere are many years gone. Life's too short to browse the web as if it was 1985 using Lynx on a VAX terminal.)

-er, maybe more like 1990. I think 1985 was def before Berners-Lee released anything to the public.

[Tre Lawrence]

I don't believe that for one second. Sorry.

And that's coming from someone who hasn't run an A/V app on any of his personal computers for years. But I would NEVER suggest someone else do that. Ever.

I say if it makes one feel safer, use it.

My personal opinion is that if one uses devices responsibly, and avoids apps that have body parts in the title and sticks to apps with plenty of feedback in the approved app stores, the risk is nullified.

My contact at the anti-virus company said something interesting. He said the vast majority of Android users do not even have access to their app. He didn't give me numbers, but it does say something.

[Omnitech]

My personal opinion is that if one uses devices responsibly, and avoids apps that have body parts in the title and sticks to apps with plenty of feedback in the approved app stores, the risk is nullified.

Forget about apps, the web really is a much bigger threat. The most respected websites in the world are getting malicious code injected to them on a daily basis. It's not a matter of simply avoiding the pr0n and warez sites and thinking that'll keep you safe any more. That stopped being true at least 5 years ago.

My contact at the anti-virus company said something interesting. He said the vast majority of Android users do not even have access to their app. He didn't give me numbers, but it does say something.

I can't parse that. What do you mean "do not even have access"?

You realize that some of the highest-profile Android security apps were found to be basically useless in a test last year, right? I do try to avoid those.

[Tre Lawrence]

Forget about apps, the web really is a much bigger threat. The most respected websites in the world are getting malicious code injected to them on a daily basis. It's not a matter of simply avoiding the pr0n and warez sites and thinking that'll keep you safe any more. That stopped being true at least 5 years ago.

I can't parse that. What do you mean "do not even have access"?

You realize that some of the highest-profile Android security apps were found to be basically useless in a test last year, right? I do try to avoid those.

Can't argue with the dangers of websites. That risk continues to rise with better mobile browsers.

The latent point I got (not one that he was necessarily trying to make) was that most Android users don't have access to anti-virus apps (meaning,, they can't download them due to geographic issues.

We agree on the last point LOL.

[nappp]

Control Panel > Administrative Tools > View Event Logs > Application and Services Logs > Microsoft > Windows > TerminalServices-RemoteConnectionManager > Operational

Shao, my comp has number of events 0. so my computer has not been accessed. any other place I should check?

[nappp]

the only remotes I use are kalemsoft and splashtop, but that doesnt mean another android app could be sneaking around somehow. although I have never installed another client on the pc except for those two

[brmiller1976]

I love how the Android Brigade got super-quiet when Shao shared his story.

I'm ALWAYS removing malware from friends' Android devices. I have a RAZR MAXX HD that I run as a daily driver in addition to my WP, and I only use "approved, known apps." I've seen friends complain that their phone suddenly was eating 2 gigs of data per day (turned out that the game they were running was a host for a botnet rootkit that transformed their phone into a spam distributor). I've seen friends have their e-mail accounts and passwords stolen. And you know all the Twitter spam (e.g. "there's a photo of you that looks stupid, go here to see it")? That's almost entirely from Android malware hijacking people's Twitter accounts.

[Tre Lawrence]

I love how the Android Brigade got super-quiet when Shao shared his story.

I'm ALWAYS removing malware from friends' Android devices. I have a RAZR MAXX HD that I run as a daily driver in addition to my WP, and I only use "approved, known apps." I've seen friends complain that their phone suddenly was eating 2 gigs of data per day (turned out that the game they were running was a host for a botnet rootkit that transformed their phone into a spam distributor). I've seen friends have their e-mail accounts and passwords stolen. And you know all the Twitter spam (e.g. "there's a photo of you that looks stupid, go here to see it")? That's almost entirely from Android malware hijacking people's Twitter accounts.

And you get super quiet -- for weeks at a time -- whenever you are asked for the names of the malware apps you have supposedly removed from your numerous friends devices. The difference is that Shao is clearly trying to help spread awareness, which I welcome. Why don't you do the same?

So you actually use an Android device yourself? Why, with all the risks?

[brmiller1976]

And you get super quiet -- for weeks at a time -- whenever you are asked for the names of the apps you have removed. The difference is that Shao is clearly trying to help spread awareness, which I welcome. Why don't you do the same?

I am NEVER quiet.

And I reply to your message, all the time, noting that I don't remember, but you keep demanding that I "name the apps" and essentially accuse me of lying, which isn't very nice.

The reality -- stat -- is that Android is a VERY risky OS for end users versus iOS, BB 7/10 and Windows Phone, and you (and several others) keep trying to gloss over that reality.

The best help that one can provide a user who is considering Android is warning them to avoid "popular" apps that aren't made by top companies, since malware is so rampant on that platform. You're now looking at several hundred thousand confirmed malware apps -- many of which appear and reappear on the Android market.

[TgeekB]

I love how the Android Brigade got super-quiet when Shao shared his story.

Really? I thought the conversation continued quite civilly until now.

What kind of things are your friends downloading? Where did they get them from? Did they sideload? People get malware and viruses on their PC's. Should no one own a PC? It's about being smart, like locking your door when you go to work, though someone could still break into your house if they really want to. Most of the IT department at our hospital now uses Android and none of them have had a problem. It's just not as wide spread as some people say.

[TgeekB]

I am NEVER quiet.

And I reply to your message, all the time, noting that I don't remember, but you keep demanding that I "name the apps" and essentially accuse me of lying, which isn't very nice.

The reality -- stat -- is that Android is a VERY risky OS for end users versus iOS, BB 7/10 and Windows Phone, and you (and several others) keep trying to gloss over that reality.

The best help that one can provide a user who is considering Android is warning them to avoid "popular" apps that aren't made by top companies, since malware is so rampant on that platform. You're now looking at several hundred thousand confirmed malware apps -- many of which appear and reappear on the Android market.

But if you "ALWAYS" remove malware from your friends devices, you should be able to remember the name of just one of them.

[brmiller1976]

Your reply is pretty typical of the Android mindset -- "blame the user."

On any OS other than Android, a user can download an app from the app store without worrying about whether it will compromise his device. Meanwhile, tens of thousands of malware apps lurk on Google Play, waiting to be discovered before they're nuked and reappear again under a separate account.

Users should be able to install apps from the "official store" without having to worry. (PS -- you can do that on Windows and Mac OS, too, so the comparison to PCs is also a tad silly).

I suspect that one reason why Android hasn't taken off as a "primary development platform" is because so many users are wary of "new players" due to that OS's malware problem.

[brmiller1976]

But if you "ALWAYS" remove malware from your friends devices, you should be able to remember the name of just one of them.

Ooooooh, you got me. Shao and I were lying when we said we don't remember which one is the culprit.

Android has no problems whatsoever. You're totally right. /eyeroll

[TgeekB]

Ooooooh, you got me. Shao and I were lying when we said we don't remember which one is the culprit.

Android has no problems whatsoever. You're totally right. /eyeroll

Don't include Shao, I bet he could.

[brmiller1976]

Funny how the topic always shifts from the content to personal attacks by "true platform believers."

It's a lame way to try and change the subject.

[Tre Lawrence]

I am NEVER quiet.

And I reply to your message, all the time, noting that I don't remember, but you keep demanding that I "name the apps" and essentially accuse me of lying, which isn't very nice.

The reality -- stat -- is that Android is a VERY risky OS for end users versus iOS, BB 7/10 and Windows Phone, and you (and several others) keep trying to gloss over that reality.

I don't gloss over anything. I actually get paid to write about technology, and I am quite able to see that Android is not a bed of roses. I don't have loyalty to technology. Google needs to streamline its app vetting process, for one.

Also, I don't recall you ever saying you don't remember. I could be wrong. Correct me. I recall you not answering.

Anywho, telling us the name of the apps allows the community to know about the poisonous apps, and to avoid them. I can say "Oh my goodness, I have removed tons of malware from my iPhone!" Well, the prudent thing to do is to make a note of all this malware, no?

You can't gloss over the inadequacies of Android. It's a tool, and when tools are used unwisely, they create trouble. Yes, you could argue that other tools need less care, but hey, that is a concession I am currently willing to make. The day Android legitimately burns me, you best believe I'll be shouting from EVERY rooftop I can find.

The Twitter spam thing is an Android issue? Wow.

[TgeekB]

Funny how the topic always shifts from the content to personal attacks by "true platform believers."

It's a lame way to try and change the subject.

Actually, as I said above, the conversation was quite good until "someone" joined in and name called (I love how the Android Brigade got super-quiet when Shao shared his story). Remember that?

Many of us use more than one platform....we are not a brigade. I find good and bad with both Android and Blackberry but don't find the need to knock either. Does Android have more malware than Blackberry? Yes. Are there ways to avoid it and still enjoy the experience? Yes. That is all that I am saying.

[brmiller1976]

If you insist, however:

1) A friend's HTC Rezound was starting to send out "there's this bad picture of you on X link" messages to his Twitter contacts. We tried changing his password, and that didn't help. Finally isolated it to his device and removed a "fast, fun" Twitter client and the problem went away.

2) A neighbor's Galaxy S III on T-Mobile kept crashing and rebooting. It would be "warm in the morning" when she woke up. She hit her data cap of 2 gigs/month on T-Mobile within a couple of days and got throttled to EDGE. Turns out that a game about popping balloons was the culprit... we had to factory-reset the phone to get rid of the problem.

3) My buddy Dylan in Tucson had his Galaxy S II start to "act funny." He complained about it and then noticed that -- yep -- he was using all of his data allotment in just a couple of days. He tried using his anti-virus program and it's been "disabled." It won't work or scan. Hmmmm. Anyway, I'm sending him a T-Mo S III from my phone drawer. On his Facebook profile, there was quite a debate by other Android folks as to how to "help fix the problem that they had too" by going to WiFi. Most didn't know that suddenly using gigs of data a day is probably a bad sign.

And so on and so forth. These are all just from the last five months or so.

None of the users sideloaded apps or used apps from any source other than the official Play Store.

(Waits for the "video or it didn't happen" retort).