[bobauckland]

I don't see anyone denying Android has issues with malware.
You won't find me arguing.
But I will say I think a lot, A LOT of that is down to user error and choices.

And my simple point is, Google Play isn't 100% for avoiding malware. But it's better than nothing.
And no other major OS is pushing sideloading other systems apps as a way to deal with app shortages.
BB10 allows for this. Heck CrackBerry is pushing it on their front page.

Pushing people to give up their email for an app like Open WhatsApp, that's a security problem waiting to happen.
Giving up your email for Viki, same deal.
Sideloading apps where you haven't been involved with every part from the obtaining of the apk to the conversion to bar, to loading it up, that there is a huge security problem.
So what you have is the potential security risks from Android apps, amplified by sideloading because even the limited protection of the Play store is, in most cases, nullified.

I'm not arguing Android has problems.
I'm saying sideloading opens BB10 up to bigger problems.

And when they hit, you can bet people will, perhaps rightly, blame user error and choices for the storm that comes.

BB has made this choice because it sees consumers are not really bothered about security.
And they're probably right.

But people talking Android down for it's security don't realise the huge part Android plays in BB10, where this was not the case in OS7 or previous.
And brmiller's comments are really really annoying because every week the Android apps he claims to have encountered become worse than they were the previous week, and we never ever get a name. Ever.
There are plenty of problems without needing people to cheapen the argument by simply making things up.

[brmiller1976]

If you're sideloading Android apps from a dodgy website, you've got the technical knowledge and knowhow to do so and are inherently accepting the risks.

If it becomes a serious security problem, BES 10 administrators will simply turn off the ability to sideload remotely and protect corporate infrastructure. Can't do that for Android.

And, of course, it's likely that a larger proportion of Android users will be infected through "legitimate" Google Play apps this month than BB10 users will be infected by sideloaded apps, ever.

[reeneebob]

Exactly. They will have you believe that anyone who uses Android has had their bank accounts drained, their homes broken into, and are now living in a box.

I'd post, but I'm living in a box. Now if you'll excuse me, I'm off to pay bills...ON MY ANDROID DUN DUN DUN *RUSSIAN ROULETTE*

Seriously, I get apps from Play store. If someone gets 'infected' by a 'virus' or 'malware' from a sideloaded pirated, stolen app, they deserve what they get.

[reeneebob]

I love how the Android Brigade got super-quiet when Shao shared his story.

I'm ALWAYS removing malware from friends' Android devices. I have a RAZR MAXX HD that I run as a daily driver in addition to my WP, and I only use "approved, known apps." I've seen friends complain that their phone suddenly was eating 2 gigs of data per day (turned out that the game they were running was a host for a botnet rootkit that transformed their phone into a spam distributor). I've seen friends have their e-mail accounts and passwords stolen. And you know all the Twitter spam (e.g. "there's a photo of you that looks stupid, go here to see it")? That's almost entirely from Android malware hijacking people's Twitter accounts.

Oh hey, it's like a month later and we're STILL WAITING for you to provide names of apps.

Either **** or get off the pot. Names. Prove it.

The Fandroid brigade is out in full force.

"Ignore the facts! Facts are trolling!"

Then, after asserting that Android is completely secure and every experience, malware research report, or personal story to the contrary is a "lie" or "trolling," they proceed to attack BB (or Windows Phone) with hilariously ridiculous security claims, essentially trying to argue that not only is Android secure, but BB isn't secure because... it can sideload Android apps.

But I thought there was no Android malware... that it's all a lie and trolling. So how can sideloading Android apps be a security risk?

Ahhhh.... fandroids.

Facts would be NAMES.

Since this is apparently a daily occurrence for you, may I ask that you have a pen and paper handy to provide names of these oh so dangerous apps? I guess I'm just super duper lucky that in several years and several devices that run Android, I've never been infected by these super malicious and common apps.

I will flat out tell you, point blank, that I don't believe you. I think you are lying and then throwing yourself on a cross when you get called on it in an attempt to martyr yourself and avoid having to provide proof. So again, either provide names of these apps so your fellow BB users don't run the risk of sideloading them onto a BB10 device (and for the hundreds of members of this site that also own Android devices), or just stop with the pie in the sky claims.

Surely you would want to protect your BB brethren, right?

[recompile]

Oh hey, it's like a month later and we're STILL WAITING for you to provide names of apps.

Either **** or get off the pot. Names. Prove it.

You can pretend that the MASSIVE malware problem on Android doesn't exist, or you can accept the facts.

The only reason you want a list of specific apps is so you can argue over each item and feel like you've proven something. Don't pretend it's to help "protect" BB10 and Android users. There are FAR too many malicious apps to make any such list practical.

The malware problem on Android has been, and continues to be, studied by real security researchers putting in real work. Not only have they identified the problem, they've determined its extent and even how that's changed over time.

Trend Mirco (easy read)
Android Malware, believe the hype. | CounterMeasures - A Security Blog

F-Secure (Full reports. Lots of detail.)
How To - Whitepapers - Threat Reports | F-Secure

You'll find the FACTS in the above reports, not a nonsense list of names.

[bobauckland]

You can pretend that the MASSIVE malware problem on Android doesn't exist, or you can accept the facts.

The only reason you want a list of specific apps is so you can argue over each item and feel like you've proven something. Don't pretend it's to help "protect" BB10 and Android users. There are FAR too many malicious apps to make any such list practical.

The malware problem on Android has been, and continues to be, studied by real security researchers putting in real work. Not only have they identified the problem, they've determined its extent and even how that's changed over time.

Trend Mirco (easy read)
Android Malware, believe the hype. | CounterMeasures - A Security Blog

F-Secure (Full reports. Lots of detail.)
How To - Whitepapers - Threat Reports | F-Secure

You'll find the FACTS in the above reports, not a nonsense list of names.

Actually you've just posted links from 2 companies that have a vested interest in claiming there is a huge security problem, because they make money from selling 'protection'

You do see the problem there I hope?

If someone spends all their time deleting malicious Android apps, they should be able to name at least one. Not make laughable claims like 'Tweet something' or 'bubble something'. That's why people are waiting for names, but none will come.

Personally, I have downloaded a bunch of Android apps on my Android device when it was my daily runner, and not had any problems. None.
I have not had any problems on my Z10 either now that it's my daily runner, with Android ports, or native apps, security wise.
But I do recognise I have put myself in much more vulnerable positions since I got my Z10. And that's despite my insistence on not sideloading Android apps.

I'm still not that bothered about it, but as a consumer, I certainly wouldn't go about telling people about security when I try and sell them on a Z10, cos I don't think I'd get far.
I'd probably go with the UI, which is pretty much it's raison d'etre.

[kbz1960]

Actually you've just posted links from 2 companies that have a vested interest in claiming there is a huge security problem, because they make money from selling 'protection'

You do see the problem there I hope?

If someone spends all their time deleting malicious Android apps, they should be able to name at least one. Not make laughable claims like 'Tweet something' or 'bubble something'. That's why people are waiting for names, but none will come.

Personally, I have downloaded a bunch of Android apps on my Android device when it was my daily runner, and not had any problems. None.
I have not had any problems on my Z10 either now that it's my daily runner, with Android ports, or native apps, security wise.
But I do recognise I have put myself in much more vulnerable positions since I got my Z10. And that's despite my insistence on not sideloading Android apps.

I'm still not that bothered about it, but as a consumer, I certainly wouldn't go about telling people about security when I try and sell them on a Z10, cos I don't think I'd get far.
I'd probably go with the UI, which is pretty much it's raison d'etre.

Yes the same companies that sell protection for windows computers. Are you saying malicious programs and code do not exist or only exist because these companies secretly put the malicious items out in the wild themselves so they can make money on selling software to protect you?

I've removed plenty of malicious things off of friends and families computers.

[reeneebob]

You can pretend that the MASSIVE malware problem on Android doesn't exist, or you can accept the facts.

The only reason you want a list of specific apps is so you can argue over each item and feel like you've proven something. Don't pretend it's to help "protect" BB10 and Android users. There are FAR too many malicious apps to make any such list practical.

The malware problem on Android has been, and continues to be, studied by real security researchers putting in real work. Not only have they identified the problem, they've determined its extent and even how that's changed over time.

Trend Mirco (easy read)
Android Malware, believe the hype. | CounterMeasures - A Security Blog

F-Secure (Full reports. Lots of detail.)
How To - Whitepapers - Threat Reports | F-Secure

You'll find the FACTS in the above reports, not a nonsense list of names.

In the same way people at CB do not buy into articles by analysts with a vested interest in bad news for BB, I don't buy into a fear mongering interview with a company that sells 'mal ware protection'. They sure would benefit from scare tactics... I never said there isn't male are, I said that brmiller is overstating and making things up and crying bullying when called on it.

The best protection is common sense from users. It's served me well since 2009 with Android devices.

I had one virus once on a computer. That's it. I do not use AVG. I don't use Macafee or Norton. I use the built in defender and common sense.

But I am getting real tired of this drum one user is beating without ever providing proof. A twitter client called tweet something. Wow. That's a slam dunk right there.


SENT FROM TAPATALK 2 - Anything I say in no way represents the view of my employer, amd please do not PM me regarding account information or questions. Thanks.

[Omnitech]

Shao, my comp has number of events 0. so my computer has not been accessed. any other place I should check?

Doesn't prove anything, sorry to say. The first thing a good hacker does is erase all the log entries pertaining to what they were doing.

[nappp]

Doesn't prove anything, sorry to say. The first thing a good hacker does is erase all the log entries pertaining to what they were doing.

thanks. any other place I should check?

[Omnitech]

And brmiller's comments are really really annoying because every week the Android apps he claims to have encountered become worse than they were the previous week, and we never ever get a name. Ever.

I'm actually pretty impressed with the thorough foundations that Mr Miller provides for his POV in this thread. Whereas his philosophical opponents in this discussion that I've read through so far seem to be mostly saying "na na na, you can't prove it, na na na, give us names, na na na, the users are infecting themselves because they're stupid, bla bla bla"

Mr Miller has no need to provide you with names, the names of thousands of different variants of Android malware are published all over the world by all sorts of organizations who specialize in fighting malware.

I do also agree that the Android runtime in BB10 is an accident waiting to happen, it is my most "feared" part of the OS. To add insult to injury, empirical evidence I've seen on the forums suggests that crappy sideloaded Android apps are responsible for a huge portion of the crashes and instability that some users are complaining about on their new Z10s.

That said, I still support Blackberry's choice to include it, because without that their ability to launch a new smartphone platform amongst the existing "software ecosystem duopoly" would have been a way tougher row to hoe than what they've already faced. Kind of amazing that even with 70,000 apps at launch, people laugh at you as if that's nothing.

[Omnitech]

thanks. any other place I should check?

There are lots of places to check. Way way WAY beyond the scope of a single forum post to try to give someone a complete education on computer forensics. There are all sorts of free tools out there to search for and remove malware, or look for evidence of compromise - many of them quite good.

[sentimentGX4]

Easy if you can get people to sideload apps from third-party sources rather than get them from the Google Play store. With flexibility and power come responsibility, and learning basic lessons like you must point the gun away from your head when firing.

What? Google Play isn't secure like competitor marketplaces. It's a well known distributor of Android malware and Google has been criticized profusely for it.

[raysgrumpy]

I have 103 apps on my Nexus 4 right now, my family and I have had Android phones for years and have never encountered a problem. I've never met anyone or heard of anyone that ever had a problem. The only reports we ever hear about are from companies that sell security software. I used an anti virus software program for about 6 months and it never found a thing. It scanned every update and app and everything was always fine. There are hundreds of millions of Android devices in the wild. His many have actually been infected in the "real world?"

[richardat]

It is funny. I suspect BB10 users ARE more vulnerable. Not to mention the piracy issue already noted by Alec Saunders. I am a tinkerer that loves to play around with devices, but the BB sideloading culture gives me pause.

Pandora's box, I tell ya.

The thought has occurred to me in passing....what if hacker(s) decided to go after the sideloading BB specifically....I think they could really cause some havoc....albeit to a small group - which may be what's saving them!

[Omnitech]

Actually you've just posted links from 2 companies that have a vested interest in claiming there is a huge security problem, because they make money from selling 'protection'

You do see the problem there I hope?

No. That's a stupid old trope that's been around for as long as the antivirus products have existed. No one with any security field credibility believes that the anti-malware companies just make everything up to sell product. Yeah, like any other company, they might release press releases or white papers detailing risk factors and so on, but that is not anything remotely like "inventing" threats that don't exist.

FWIW, I also own an Android device. I like it fine. But I also have no illusions that it's immune to security issues or that any weaknesses it might have are necessarily all under a typical user's control.

[Omnitech]

I should clarify "like it fine" in regards to my Android tablet.

I refuse to own an Android smartphone because I have no interest in Google datamining everything I do and all the data I possess. I use the tablet for limited things, as a learning platform, to play some simple games, try out system admin utilities and so on. I don't trust Google with my data and that is a key reason I am a Blackberry supporter.

(Neither am I interested in wasting half my life rooting Android devices and tweaking the OS for the primary purpose of unwinding all of Google's intrusive tentacles from the platform and locking it down from a security standpoint. Life is too short for such things. I have too many other computing platforms that I need to stay current with for professional reasons to waste time on those things.)

[sentimentGX4]

I have 103 apps on my Nexus 4 right now, my family and I have had Android phones for years and have never encountered a problem. I've never met anyone or heard of anyone that ever had a problem. The only reports we ever hear about are from companies that sell security software. I used an anti virus software program for about 6 months and it never found a thing. It scanned every update and app and everything was always fine. There are hundreds of millions of Android devices in the wild. His many have actually been infected in the "real world?"

The overwhelming majority of antivirus programs merely use signature-based malware detection and not heuristics. Somebody has to literally "report" being infected before the antivirus can detect the particular malware program. For this reason, most antivirus programs actually can't detect any malware that is non-disruptively running in the background (or even disruptive malware that hasn't been updated into the security company's database). They are absolutely useless and, even if you were infected, you would never know.

The approach I use is that I reserve an OS on my computer that I only use for my bank account, etc. (Obviously not Windows.)

[raysgrumpy]

I should clarify "like it fine" in regards to my Android tablet.

I refuse to own an Android smartphone because I have no interest in Google datamining everything I do and all the data I possess. I use the tablet for limited things, as a learning platform, to play some simple games, try out system admin utilities and so on. I don't trust Google with my data and that is a key reason I am a Blackberry supporter.

(Neither am I interested in wasting half my life rooting Android devices and tweaking the OS for the primary purpose of unwinding all of Google's intrusive tentacles from the platform and locking it down from a security standpoint. Life is too short for such things. I have too many other computing platforms that I need to stay current with for professional reasons to waste time on those things.)

I assume you don't use Gmail, YouTube, Chrome, Bing, Hotmail, Facebook or Websites like Crackberry that make money off of the data they "mine" from you? Save the holier than thou attitude, you aren't impressing anyone with your isolationist musings!

[randall2580]

You folks do understand that Trend Micro and F-secure make absolutely zero money if people believe there is nothing to worry about so why download an anti-virus program/app etc. I ,as the others here have said understand that Android has problems, it does there is no doubt in my mind. But I also know that Trend Micro et al want every Android user to believe the mere pushing of the on button subjects their phones to attack. I never fault anyone from selling their own goods, but is it any stretch at all to believe that they might just exaggerate the point to make a sale?

You cite your anecdotal evidence I have my own as do others here, many others who use both BB's and Android phones. In the last 2 years I have owned the GNote, GNex, and GNote II bought 1 month ago. Not one instance where I felt my phone had been compromised, ate excess data, needed a factory reset (except one time when I screwed up a return from CM). I work in a small office and am the un-official "fix my phone" guy. No one puts an app on their phones without talking to me first. 3 other Androids two GSIII and a N4. Not one virus on any of those as well, not one need for a factory reset and unlike me who likes to play around a bit - the others are bone stock and only download from GPlay.

I know BB has to climb up from where it's been but pulling Android down by throwing tar at it isn't going to work, especially when you consider that Android has become beta testing for 40% of BBWorld. Just think of how much development you would lose (he says with tongue firmly planted in cheek).

Android has the most malware. Windows has the most Malware. And yet both are #1. No speaking for folk's judgement I guess. But there must be something there folks like?

[Omnitech]

I assume you don't use Gmail, YouTube, Chrome, Bing, Hotmail, Facebook or Websites like Crackberry that make money off of the data they "mine" from you? Save the holier than thou attitude, you aren't impressing anyone with your isolationist musings!

You are correct about all of those services, for the most part.

The "holier than thou" is your own projection and (apparently defensive) response, I am simply stating why I will not use that companies platform for sensitive data. You can make what you want of it, spin it for days if you want..

[kbz1960]

You folks do understand that Trend Micro and F-secure make absolutely zero money if people believe there is nothing to worry about so why download an anti-virus program/app etc. I ,as the others here have said understand that Android has problems, it does there is no doubt in my mind. But I also know that Trend Micro et al want every Android user to believe the mere pushing of the on button subjects their phones to attack. I never fault anyone from selling their own goods, but is it any stretch at all to believe that they might just exaggerate the point to make a sale?

You cite your anecdotal evidence I have my own as do others here, many others who use both BB's and Android phones. In the last 2 years I have owned the GNote, GNex, and GNote II bought 1 month ago. Not one instance where I felt my phone had been compromised, ate excess data, needed a factory reset (except one time when I screwed up a return from CM). I work in a small office and am the un-official "fix my phone" guy. No one puts an app on their phones without talking to me first. 3 other Androids two GSIII and a N4. Not one virus on any of those as well, not one need for a factory reset and unlike me who likes to play around a bit - the others are bone stock and only download from GPlay.

I know BB has to climb up from where it's been but pulling Android down by throwing tar at it isn't going to work, especially when you consider that Android has become beta testing for 40% of BBWorld. Just think of how much development you would lose (he says with tongue firmly planted in cheek).

Android has the most malware. Windows has the most Malware. And yet both are #1. No speaking for folk's judgement I guess. But there must be something there folks like?

And why do you think they have the most? It's because they have the largest audience to gain whatever they are after from.

[Omnitech]

I know BB has to climb up from where it's been but pulling Android down by throwing tar at it isn't going to work,

Last I checked, none of the people arguing with each other in this thread officially speak on behalf of RIM/Blackberry.

[randall2580]

@ Omnitech - Understood and agreed I am talking about the faithful, not BBRY and it could have been said better. I don't think it takes away from the point I am trying to make that in spite of this "glaring weakness" Android is number one and standing on a proverbial street corner saying the sky will fall someday for Android hasn't delayed it's ascent to #1.

In the end it will be the strength or weakness of the entire BB10 platform that makes RIM/BBRY's future. Security is part of that picture but BB7 phones are more secure than Android and how much did that contribute to the success of RIM/BBRY?

[raysgrumpy]

You are correct about all of those services, for the most part.

The "holier than thou" is your own projection and (apparently defensive) response, I am simply stating why I will not use that companies platform for sensitive data. You can make what you want of it, spin it for days if you want..

I'm correct "for the most part"? Do you have a sliding scale for how much you tolerate websites and services making money off of the data that mine from you?

It's not a defensive response, I just find it amusing that people think Google is evil for mining data and making money from it. Everybody does it! I'll give you that Blackberry is more secure, but the vast majority of people do not care. Stand on your soapbox all you want (go ahead and use another clever anecdote for my comments) but the rest of the world isn't sitting around and waiting for you.