[GendelPrime]

Two critical bugs and more malicious apps make for a bad week for Android | Ars Technica

Apparently this family of malware was sitting in the play store since April and had been downloaded 2.5 million times. I only post this to make people aware that turning off installing apps from unknown sources is no magic inoculation from the ills of Android. The play store has malware on it and has since it's inception.

Posted via the CrackBerry App for Android

[BB-JAM215]

An alarmist post about an alarmist article which mentions one specific app by name. That app was designed for game cheaters who had to give it permission to enable the malware.

[skibnik]

I believe the main point of the article was to point out a very good point which is. Quote: The vulnerabilities, which are similar in severity to theStagefright family of bugs disclosed last year, have been fixed in*updates Google began distributing Tuesday. A large percentage of Android phones, however, aren't eligible to receive the fixes. Even those that do qualify don't receive them immediately (the September updates are currently not available as over-the-air downloads for either of the Nexus 5X devices in my household). That gives attackers crude blueprints for exploiting vulnerabilities that remain unpatched on millions of devices.

Posted via the CrackBerry App for Android

[zocster]

Good read...

Sent from mTalk on Win 10 Phone

[Allan Milo]

Does the security on the Blackberry Androids protect against this in any way?

Posted via CB10

[Bla1ze]

Does the security on the Blackberry Androids protect against this in any way?

Posted via CB10

The ones that have the September update, yep with the exception of DressCode which was only recently discovered. But common sense is the best prevention there, it was packed into junk apps that looked shady anyway, and there's still no clarification if Google's Verify Apps was disallowing them from running, because you know that doesn't fit the scary headlines lol.

[Tsepz_GP]

An alarmist post about an alarmist article which mentions one specific app by name. That app was designed for game cheaters who had to give it permission to enable the malware.

What is truly hilarious is the Thread Title. These Android haters who come in post an article about apps that were already dealt with and use sensationalist Thread Titles and then disappear, almost like they are trying to start something.

[rt2567]

"Most secured android smartphone"... come on its android, it's meant to be insecure otherwise how to mine those those information

Posted via CB10

[BerrySoul]

Android crap. BB10 rocks!

Posted via CB10

[conite]

"Most secured android smartphone"... come on its android, it's meant to be insecure otherwise how to mine those those information

Posted via CB10

Security, and agreeing to targeted ads in return for a huge number of services are two very different things.

[crackbrry fan]

Android and GP is the safest out there! No rogue apps .this article only is full of conspiracies. Who would want to exploit any of these " vulnerabilities"? Besides Google has the MOST STRINGENT security in place to vet apps and Android is VERY secure.

Posted via CB10

[conite]

Just another "proof of concept" vulnerability that has never been exploited in the wild, and has already been patched. Nothing to see here.

[crackbrry fan]

Just another "proof of concept" vulnerability that has never been exploited in the wild, and has already been patched. Nothing to see here.

Indeed!

Posted via CB10

[bb10adopter111]

Security, and agreeing to targeted ads in return for a huge number of services are two very different things.

I agree completely. However, I would like to see much better documentation of apps and their use of permissions. This isn't only an Android issue. I am also annoyed at the lack of transparency for update and quick launch programs in Windows that auto-start and eat up memory and CPU cycles. In Windows, at least, I can track them down easily and turn them off and KEEP them off, even if that's at the expense of performance when I wish to launch them later.

What is difficult to discern is whether this lack of transparency is a "growing pain" of mobile OSes, or whether it is going to become the new normal. My attitude is that it's my CPU, so I should decide what runs on it, even if my preferred approach is suboptimal by some measures.

Posted via CB10

[Prem WatsApp]

Android and GP is the safest out there! No rogue apps .this article only is full of conspiracies. Who would want to exploit any of these " vulnerabilities"? Besides Google has the MOST STRINGENT security in place to vet apps and Android is VERY secure.

Posted via CB10

/s

;-P

�   "Chenterprise. We are the future. Resistance is futile. Prepare to BBe... "   �

[FF22]

I agree completely. However, I would like to see much better documentation of apps and their use of permissions. This isn't only an Android issue. I am also annoyed at the lack of transparency for update and quick launch programs in Windows that auto-start and eat up memory and CPU cycles. In Windows, at least, I can track them down easily and turn them off and KEEP them off, even if that's at the expense of performance when I wish to launch them later.

What is difficult to discern is whether this lack of transparency is a "growing pain" of mobile OSes, or whether it is going to become the new normal. My attitude is that it's my CPU, so I should decide what runs on it, even if my preferred approach is suboptimal by some measures.

Posted via CB10

I just got a new tablet-laptop combo. It comes with Win10 Home. I had a hell of a time turning off Automatic Updates. I would find MY computer busy downloading and Installing another update without any permission on my part. It happened about 3 times in about a week. It is not possible to turn off in Win10 Home edition but after visiting about 50 sites I found a way.

Then I tried downloading the Netflix App from the MS Store. "This item cannot be downloaded since Win Update is turned off. Turn it on to continue..." So unless you are willing to have Win10 update, you cannot download from their store. Probably not a major constraint but it is one more point of frustration.

[FF22]

Whether or not this one was a major threat - I would like more control over MY phones, MY computer, MY tablet and MY laptop. They all don't need access to everything on my computer or phone. They don't need my contacts nor my calendar nor my location. They don't need access to my wifi or data connection. And if they do, inform me as I run it and then tell me what is needed if it can't run.

[gebco]

Whether or not this one was a major threat - I would like more control over MY phones, MY computer, MY tablet and MY laptop. They all don't need access to everything on my computer or phone. They don't need my contacts nor my calendar nor my location. They don't need access to my wifi or data connection. And if they do, inform me as I run it and then tell me what is needed if it can't run.

This is why I waited for MM to be out for the Priv before buying it and why I bought unlocked. I wanted control over permissions. I've been looking at Android tablets too with the similar provisos.

Posted via the CrackBerry App for Android

[bb10adopter111]

I just got a new tablet-laptop combo. It comes with Win10 Home. I had a hell of a time turning off Automatic Updates. I would find MY computer busy downloading and Installing another update without any permission on my part. It happened about 3 times in about a week. It is not possible to turn off in Win10 Home edition but after visiting about 50 sites I found a way.

Then I tried downloading the Netflix App from the MS Store. "This item cannot be downloaded since Win Update is turned off. Turn it on to continue..." So unless you are willing to have Win10 update, you cannot download from their store. Probably not a major constraint but it is one more point of frustration.

Windows 10 pretty much requires you to update, though you can delay the process by a few months. But they are very clear about that in the license agreement, so if you activated Windows 10 you already agreed to that. And Microsoft's patches are incredibly well documented for anyone who wants to know.

So that actually wasn't what I was talking about. I was referring to all the third party software (Adobe, GoToMeeting, BlackBerry Link, etc. that want to load their update scripts and quick-launch scripts during startup. At least in Windows, every one of those can be tracked down and permanently defeated quite easily. In Android, not so much.

Posted via CB10

[3Dee]

Meanwhile, the same BB10 users who make out that Android is virus ridden are excited about downloading third party APKs via Snap, and don't see the irony.

Posted via CB10

[kvndoom]

Meanwhile, the same BB10 users who make out that Android is virus ridden are excited about downloading third party APKs via Snap, and don't see the irony.

Posted via CB10

"That's different."*

*Every ex-girlfriend ever, after I pointed out she possessed the same traits she considered "faults" in men...

Blackberry Poptart SE - Cricket Wireless

[bb10adopter111]

"That's different."*

*Every ex-girlfriend ever, after I pointed out she possessed the same traits she considered "faults" in men...

Blackberry Poptart SE - Cricket Wireless

I am still very happy with BB10, and I agree that, if security is an issue, then it's absurd to open up so many additional security vectors for possible exploitation.

But I wonder if it's really the same users saying those things.

I think there are several categories of BlackBerry users still using BB10:

1) Users tied to their enterprise devices, including users for whom security certifications really are a top priority

2) Users who value the efficient work flow and UI

3) Users who dislike the app-based data-mining economy

4) Hobbyists who like to tinker

5) Users loyal to the Blackberry brand who are hesitant to try new things

6) Nonconformist users who like to be different

7) Conspiracy theorists who see Blackberry as the lesser evil.

Theses categories are not complete, and they are not mutually exclusive, but it's obvious that some would be comfortable side loading Android apps, while others would never think of doing that.



Posted via CB10

[3Dee]

I am still very happy with BB10, and I agree that, if security is an issue, then it's absurd to open up so many additional security vectors for possible exploitation.

But I wonder if it's really the same users saying those things.

I think there are several categories of BlackBerry users still using BB10:

1) Users tied to their enterprise devices, including users for whom security certifications really are a top priority

2) Users who value the efficient work flow and UI

3) Users who dislike the app-based data-mining economy

4) Hobbyists who like to tinker

5) Users loyal to the Blackberry brand who are hesitant to try new things

6) Nonconformist users who like to be different

7) Conspiracy theorists who see Blackberry as the lesser evil.

Theses categories are not complete, and they are not mutually exclusive, but it's obvious that some would be comfortable side loading Android apps, while others would never think of doing that.



Posted via CB10

Can we add:

8) Users who've not owned anything other than a BlackBerry for years, and base all of their opinions about Android on their mate's two year old Samsung Grand Prime which they used once

Because that seems to account for at least 50% of the commentators on CB

Posted via CB10