Mid month critical patch for Linux kernal
- It seems like every time I read articles on smartphones and Android in particular another critical patch or security update is being released. So damn thankful to be using BlackBerry 10 on QNX. It has to chap BlackBerry faithful and those that adopted the Priv does it not?
The White Knight-BlackBerry Passport03-19-16 12:16 AMLike 0 - 03-19-16 01:52 AMLike 5
- 03-19-16 03:21 AMLike 6
- It seems like every time I read articles on smartphones and Android in particular another critical patch or security update is being released. So damn thankful to be using BlackBerry 10 on QNX. It has to chap BlackBerry faithful and those that adopted the Priv does it not?
Meanwhile, BB10 waits for the 10.3.3 security updates patch.
Oh sorry, I've realised that wasn't what you wanted me to take away from your post...03-19-16 04:47 AMLike 4 - How many vulnerabilities did we find out BBOS have, that we didn't find out till
later.... And that are still there.
The way I see it, if the BB10 development team has so many issues with the Contact App and other minor annoyances... I have to wonder if BB10 received the attention from these security testers, how it would hold up. Especially the browser and the runtime... Which is Android.03-19-16 08:42 AMLike 0 - UziRetired ModeratorHow many vulnerabilities did we find out BBOS have, that we didn't find out till
later.... And that are still there.
The way I see it, if the BB10 development team has so many issues with the Contact App and other minor annoyances... I have to wonder if BB10 received the attention from these security testers, how it would hold up. Especially the browser and the runtime... Which is Android.03-19-16 08:44 AMLike 0 - It seems like every time I read articles on smartphones and Android in particular another critical patch or security update is being released. So damn thankful to be using BlackBerry 10 on QNX. It has to chap BlackBerry faithful and those that adopted the Priv does it not?
The White Knight-BlackBerry Passport03-19-16 11:03 AMLike 5 - I am not trying to knock Android too hard. Check out Android Central and Jerry Hildenbrand's thoughts on these matters and the deplorable job most OEM's do with applying these patches and or even updating the Software. Head to Android Central and read his take about Microsoft's recent Win 10 update. It's insightful. (especially his comments in posts) I have 4, read 4, Samsung Tab Pro tablets that I spent a lot of money on that remain unsecure and not updated thanks to Samsung. It seems to me reading so many articles here that many think BlackBerry is on an island in making mistakes and that's just not true. I have a '13 Z10 that is more up to date than my Android tablets.
The White Knight-BlackBerry Passport03-19-16 12:21 PMLike 0 - You bought a Nexus 6, which market wise does not have that great a share but gets updates due to affiliation with Google. If you had bought a Note 4, G3, S5, G4 or even S6 would you even remotely be of the same thought?
The White Knight-BlackBerry Passport03-19-16 12:27 PMLike 0 - I am not trying to knock Android too hard. Check out Android Central and Jerry Hildenbrand's thoughts on these matters and the deplorable job most OEM's do with applying these patches and or even updating the Software. Head to Android Central and read his take about Microsoft's recent Win 10 update. It's insightful. (especially his comments in posts) I have 4, read 4, Samsung Tab Pro tablets that I spent a lot of money on that remain unsecure and not updated thanks to Samsung. It seems to me reading so many articles here that many think BlackBerry is on an island in making mistakes and that's just not true. I have a '13 Z10 that is more up to date than my Android tablets.
The White Knight-BlackBerry PassportTgeekB likes this.03-19-16 12:45 PMLike 1 -
Just my two cents though.03-19-16 02:02 PMLike 3 - It is an inherent weakness in the Linux kernal and Android OS overall due to the sheer number of OEM's and models that remain in use and unsecure. I am not saying Android cannot and does not work as we all know it does. It just has so many inherent weaknesses and there is no easy fix, especially for those leased carrier branded devices. (read what the editors and contributors at Android Central are saying)
This article although not AC was just a couple of weeks ago. Many of these users are probably not even aware.
New Malware, Accessibility Clickjacking, affects 65% of Android devices
http://n.mynews.ly/!EB.DiyTZ
The newest member....Cobalt Classic03-19-16 03:20 PMLike 0 - Here is another supporting article related
http://www.digitaltrends.com/mobile/...e-ever-fix-it/
The newest member....Cobalt Classic03-19-16 03:28 PMLike 0 - It is an inherent weakness in the Linux kernal and Android OS overall due to the sheer number of OEM's and models that remain in use and unsecure. I am not saying Android cannot and does not work as we all know it does. It just has so many inherent weaknesses and there is no easy fix, especially for those leased carrier branded devices. (read what the editors and contributors at Android Central are saying)
This article although not AC was just a couple of weeks ago. Many of these users are probably not even aware.
New Malware, Accessibility Clickjacking, affects 65% of Android devices
New Malware, Accessibility Clickjacking, affects 65% of Android devices
The newest member....Cobalt Classic
And that setting is on all android phones regardless of who the OHA OEM is. The UI might change but that setting and more importantly that step is always there.
Here is the original source of the article.
https://www.skycure.com/blog/accessi...-clickjacking/
The article pretty much said that in order for your phone to be infected you have to:
- Run kitkat (which was released in 2013)
- Change your security settings in order to allow for downloads from 3rd party apps store. And ignore all warnings/prompts telling the user if they wish to change the setting.
- Actually head to malicious websites sites and download corrupted content or in this case a "game" and ignore the warnings generated by that action as well
And here is symantec's writeup of the malware that was linked on the article you posted.
https://www.symantec.com/security_re...209-99&tabid=2
It even state that for the malware to work:
"Functionality
The malicious app must be installed manually by the user before the Trojan can perform any activities."
Last edited by Ronindan; 03-20-16 at 08:03 AM.
03-19-16 05:30 PMLike 5 -
- It is an inherent weakness in the Linux kernal and Android OS overall due to the sheer number of OEM's and models that remain in use and unsecure. I am not saying Android cannot and does not work as we all know it does. It just has so many inherent weaknesses and there is no easy fix, especially for those leased carrier branded devices. (read what the editors and contributors at Android Central are saying)
This article although not AC was just a couple of weeks ago. Many of these users are probably not even aware.
New Malware, Accessibility Clickjacking, affects 65% of Android devices
http://n.mynews.ly/!EB.DiyTZ
The newest member....Cobalt Classic
Yes, Android is open source, which means it is not as tightly wrapped as other os's. It also means it creates innovation through third party devs. Many people on here want to believe that Android is a "mess", but what it is is the leading smartphone OS because of what it can do.03-19-16 08:00 PMLike 0 - The article that you linked is one of those click bait articles about android malwares. These articles and always have the same pattern, they make bold claims that billions of potential android users exposed to a new malware.... etc. But later in the article it always state the user has to download the malware app from a 3rd party app store. And more importantly change the setting on their phones to allow downloaded apps from an 3rd party app store to be installed on their device.
And that setting is on all android phones regardless of who the OHA OEM is. The UI might change but that setting and more importantly that step is always there.
Here is the original source of the article.
https://www.skycure.com/blog/accessi...-clickjacking/
The article pretty much said that in order for your phone to be infected you have to:
- Run kitkat (which was released in 2013)
- Change your security settings in order to allow for downloads from 3rd party apps store. And ignore all warnings/prompts telling the user if they wish to change the setting.
- Actually head to malicious websites sites and download corrupted content or in this case a "game" and ignore the warnings generated by that action as well
And here is symantec's writeup of the malware that was linked on the article you posted.
https://www.symantec.com/security_re...209-99&tabid=2
It even state that for the malware to work:
"Functionality
The malicious app must be installed manually by the user before the Trojan can perform any activities."
The White Knight-BlackBerry Passport03-19-16 09:04 PMLike 0 - And how many of these users were actually affected by these malwares? Not "potentially", "might be" or "could be" but actually affected?* The reason that you won't find articles that actually provide that information is that there actual measures that prevent android users from downloading malicious apps. One of them is that users actually have to change a very important setting - which is to allow their phone to download and install apps from 3rd party sites. And if the user decided not download the app or even install it then they don't get the malware. And as I posted before this setting and prompts are in kitkat as well.
Also the article that you posted only offered one solution to the problem while neglecting to mention the rest of the solutions listed from their source article which were:
"The following is a list of user behavior recommendations to better protect end users from mobile threats:
- Update the operating system to the latest as soon as an update becomes available
- Do not click on any dialogue boxes popping up on your phone unless and until you are sure about the action that caused them to appear
- Do not install applications from third-party app stores if you do not trust them (while in many cases this is not a realistic option, try to switch off the setting that allows third-party app installation)
(a) Step 1 – Open “Settings” app.
(b) Step 2 – Navigate to “Security” settings
(c) Step 3 – Uncheck “Unknown sources”
- Check for apps that utilize accessibility permissions on your device and turn this option off if you don’t recall turning it on or if you do not require that functionality.
(a) Open “Settings” app.
(b) Navigate to “Accessibility” settings
(c) Make sure there is either no there is no group named “Services”, or the group has no enabled entries."TgeekB likes this.03-19-16 11:42 PMLike 1
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
Mid month critical patch for Linux kernal
« What John Chen is worth?
|
When I try to validate my email account on my BlackBerry,it won't allow me to. Why? »
Similar Threads
-
10.3.3 for BlackBerry z10 stl100-3??
By pshrbaiabsbeidban18373 pq in forum Ask a QuestionReplies: 1Last Post: 03-18-16, 11:31 PM -
Stocks app for BB10
By maxpowerxiii in forum BlackBerry 10 AppsReplies: 0Last Post: 03-18-16, 10:49 PM -
Vote for the Classic on TechnoBuffalo!
By conbrio29 in forum BlackBerry ClassicReplies: 1Last Post: 03-18-16, 09:58 PM
LINK TO POST COPIED TO CLIPBOARD