[mnc76]

Open letter to Kevin Michaluk / CB:

Kevin, I think you're great, but I'm very very disappointed in you and the CB staff for not bringing the issue of Android app store trust/security to the forefront.

When you/CB post an article about how to use aptoide, Apktrain, or 1Mobile to download Android apps, your readers assume that it mean's these stores are totally safe (and possibly they are). However, the majority of CB users (based on comments under CB posts about new APK stores) assume that ANY 3rd party Android store is safe. And THAT is just dangerous.

We don't need a BlackBerry security breach to occur. That would be detrimental to BlackBerry right now, particularly when security is one of BlackBerry's remaining differentiators from the competition.

You and the CB editorial staff are the experts, and the fact that you've been so quiet on the subject can only have bad repercussions.

You guys owe it to your users to be honest about the risks around using 3rd party Android stores.

At the very least, let the community know that there IS a risk!

So many have no idea that any risk exists. They're out there downloading APKs from any store they happen to find on Google!!

C'mon CB. Put your loyal users first, and say something (ANYTHING!) definitive about 3rd party Android app stores and the fact that many provide modified APKs containing viruses and malware.

Please!

Thanks,

-mnc76

Edit / Amendment:
Just to be clear: I don't hold CB at fault for anything. They don't have any obligation to do mention anything. I'm just *disappointed* that they haven't been more clear about the dangers of malware.

You'll notice I scratched out the line I had above about CB "owing" the community. CB clearly doesn't "owe" anything. At the end of the day, it is up to individual users to learn about APK saftey themselves.

However, CB has always been a very user-oriented site that does things to help the BlackBerry community on a daily basis. I would have thought they would have done more to inform users about this issue.

It's because CB is such a GOOD SITE that this seems to stand out to me.

Again -- I'm not saying it's CB's responsibility (it isn't).

Just saying I expected more from CB. Just my opinion.

PS: I still think CB is an amazing site and is still best resource for BlackBerry on the entire web.

Cheers

Posted via CB10

[Sith_Apprentice]

I dont understand why you are trying to hold CB at fault for anything the users do with their devices? You do realize any APK you install gives you a warning that it may be potentially unsafe. The device itself offers a disclaimer, why does CB need to as well? These are how to or news stories, and the dangers of Android are well known in the media at large.

[jaydee5799]

I believe anyone who uses a smartphone and downloads apks and Android apps should be well aware of the possibility of problems. I answer questions all day about android apps that don't work. people are responsible adults and should realize that something that is not natively meant for their phone CAN be a danger. I also believe every thread that has apks posted also lists a disclaimer about possible dangers.

[greenberry666]

I believe anyone who uses a smartphone and downloads apks and Android apps should be well aware of the possibility of problems.

Why do you believe that? CB has provided very simple guides for using these features.

[mjs416]

So it's crackberry's fault you download malware? Got it.

Is it Microsoft's fault you download viruses to your PC?

Edit: This thread is the classic example of why I could never run a site like Crackberry or be in any customer service oriented capacity.

Posted via CB10

[MrGlenn]

There is one aspect I think could be emphasized more:
All the third party (Android or browser based) app stores mentioned on the frontpage lately do not connect the user directly to Google Play. Meaning there is no real way to tell if what you download has been altered in any way. I am not saying GPlay is 100% safe, but at least it is the official source for these apps. That is why most users here prefer Snap over an external app source, even it is a bit more work to set up.

Maybe that could be mentioned in the articles more clearly, that users will be downloading from a third party (possibly less secure than downloading from GPlay) repository, not an official source.

[Sith_Apprentice]

There is one aspect I think could be emphasized more:
All the third party (Android or browser based) app stores mentioned on the frontpage lately do not connect the user directly to Google Play. Meaning there is no real way to tell if what you download has been altered in any way. I am not saying GPlay is 100% safe, but at least it is the official source for these apps. That is why most users here prefer Snap over an external app source, even it is a bit more work to set up.

Maybe that could be mentioned in the articles more clearly, that users will be downloading from a third party (possibly less secure than downloading from GPlay) repository, not an official source.

When installing an APK, the DEVICE gives a warning.

Disclaimer
This application is being installed from a source other than BlackBerry World and has not been reviewed by BlackBerry. Applications from sources other than BlackBerry World may pose a higher risk to your device and personal data. You should only install applications from trusted sources.

In addition, while the BlackBerry operating system software is capable of running applications that are designed to run on the Android operating system, this application may make use of services that are not supported by the BlackBerry operating system, or that the BlackBerry operating system may replace with the alternate services (e.g. mapping services).

If you do not with to accept the potential risks and limitations described above, you should not install this application.

Why would there need to be anything else, especially from CB?

[Wiki Cydia]

So it's crackberry's fault you download malware? Got it.

Is it Microsoft's fault you download viruses to your PC?

Edit: This thread is the classic example of why I could never run a site like Crackberry or be in any customer service oriented capacity.

Posted via CB10

You've got it all wrong! CB members are victims of CB's complacency! CB users have suddenly gone from savvy, efficiency-oriented types to mindless, follow the herd lemmings. Or perhaps more to the point. . .

wait for it. . .

blacksheep.

/s

[Wiki Cydia]

When installing an APK, the DEVICE gives a warning.



Why would there need to be anything else, especially from CB?

I don't know what you're doing, I just know it's not enough. As for just how I know it's not enough, I can't talk about it, and I can't talk about why.

/s

[Audux]

I would say thanks to the OP for his concern at CB.

Posted via Q10 10.2.1 (2141-OS/2142-Radio)

[brosee]

Wrap aluminum foil around your head. It will block the tracker bug they've implanted in your brain.
Hurry, don't wait......they are watching.

Posted via CB10

[greenberry666]

Wrap aluminum foil around your head. It will block the tracker bug they've implanted in your brain.
Hurry, don't wait......they are watching.

Posted via CB10

You need to read the news.

[mnc76]

I dont understand why you are trying to hold CB at fault for anything the users do with their devices? You do realize any APK you install gives you a warning that it may be potentially unsafe. The device itself offers a disclaimer, why does CB need to as well? These are how to or news stories, and the dangers of Android are well known in the media at large.

I don't hold CB at fault for anything. They don't have any obligation to do mention anything.

I'm just *disappointed* that they haven't been more clear about the dangers of malware.

CB has always been a very user-oriented site that does things to help the BlackBerry community on a daily basis. I would have thought they would have done more to inform users about this issue.

** It's because CB is such a GOOD SITE that this seems to stand out to me **

Again -- I'm not saying it's their responsibility (it isn't).

Just saying I expected more from CB.

Just my opinion.

Posted via CB10

[MrGlenn]

That is just an easy way out and I am kind of surprised you are treating a member, sharing his concern, so lightly.
That BlackBerry warning is good for showing people BlackBerry does not take responsibility for Android apps ported through BBWorld. But there is a difference between 'official' Android sources (GPlay, Amazon) and third party .apk repositories.
I am not saying CB must add a warning. But users just following the Frontpage articles, especially those without the necessary tech know-how, may assume things like Aptoide or APKTrain are official sources. And they are not.
In fact some of them even promote piracy, but that is another topic altogether.

When installing an APK, the DEVICE gives a warning.

Why would there need to be anything else, especially from CB?

The point is: CB is writing up these app tutorials, BlackBerry is not. So CB could show due diligence by adding a little extra disclaimer.
I do not see the downside?

BlackBerry 10 signed.

[MobileMadness002]

Op, even though you seem to be a seasoned user of CB, I still consider your post to be dumb. Any user of a third party store has to know and assume they are responsible for anything that goes on their devices. Even the threads for leaks all state install at your risk. I for one applaud CB for not holding a persons hands when it comes to stuff like this. It is about time that the users assume responsibility for themselves. For that matter, any person using any application store assumes any and all responsibility for the application they install.

[mnc76]

I dont understand why you are trying to hold CB at fault for anything the users do with their devices? You do realize any APK you install gives you a warning that it may be potentially unsafe. The device itself offers a disclaimer, why does CB need to as well? These are how to or news stories, and the dangers of Android are well known in the media at large.

I've edited my OP above. I shouldn't have said that CB "owes" the community anything. I want to be clear that I DON'T hold CB at fault for anything. I'm just dissapointed that such a good site hasn't said something more about the issue of malware.

CB is STILL a good site. It's just an issue I wish they would address more. Most users just skip such warnings (as we all skip EULA agreements when we install software).

[Sith_Apprentice]

I've edited my OP above. I shouldn't have said that CB "owes" the community anything. I want to be clear that I DON'T hold CB at fault for anything. I'm just dissapointed that such a good site hasn't said something more about the issue of malware.

CB is STILL a good site. It's just an issue I wish they would address more. Most users just skip such warnings (as we all skip EULA agreements when we install software).

Thank you for the edit. As to the part I highlighted above, wouldnt they just skip that warning too

[mnc76]

Op, even though you seem to be a seasoned user of CB, I still consider your post to be dumb. Any user of a third party store has to know and assume they are responsible for anything that goes on their devices. Even the threads for leaks all state install at your risk. I for one applaud CB for not holding a persons hands when it comes to stuff like this. It is about time that the users assume responsibility for themselves. For that matter, any person using any application store assumes any and all responsibility for the application they install.

I can understand why you'd think my post is "dumb" lol. Avoiding potentially sketchy APK stores is not an issue for me (or you) -- I'm well aware of the dangers of malware etc...

However, CB is a site that also caters to smartphone novices who may be getting their first smartphone, or who may come from a phone that has no notion of a "third party app store".

For these novice users, info on the dangers of malware from third-party APK stores could be very very important.

Just my opinion.

[cgk]

Wrap aluminum foil around your head. It will block the tracker bug they've implanted in your brain.
Hurry, don't wait......they are watching.

Posted via CB10

Leaving aside the CB aspect, Is it really Tinfoil hand territory to say that an app store out of china of unknown ownership might have issues? Seems common sense to me.

[mnc76]

Thank you for the edit. As to the part I highlighted above, wouldnt they just skip that warning too

You're right. However, I think they would be more likely to read about the dangers of malware if it were part of a blog post than part of a legal disclaimer.

But you're right. Some users will not get the message no matter what is done to warn them.

[habs_fan]

Leaving aside the CB aspect, Is it really Tinfoil hand territory to say that an app store out of china of unknown ownership might have issues? Seems common sense to me.

Yes, yes it is. Not everyone is out to get you

Posted via CB10

[madman0141]

For what it's worth I understand what you are trying to say.

[web99]

OP,

BlackBerry already displays the following disclaimer everytime a person attempts to download an app from a source other than BlackBerry World.

It has the appropriate warnings, so if a person proceeds beyond it, he or she has accepted the risks.








Attachment 254494

Posted via CB10 from my spectacular Z10

[itzJustMeh]

Step #2: warn all Android users?

[mnc76]

Yes, yes it is. Not everyone is out to get you

Posted via CB10

Here is some recent info on malware.

---

Note that the chances of getting malware from Google Play are very tiny (same goes for the Amazon store). However, as you start to use 3rd party app stores (especially those from Saudi Arabia and India), the chances of getting malware increases.

F-Secure: Android accounted for 97% of all mobile malware in 2013, but only 0.1% of those were on Google Play

---

Scammers take advantage of Flappy Bird's death to push Android malware

Sophos has found infected versions of Flappy Bird in alternative Android markets (users need to sideload these apps, but as always, that hasn’t been a deterrent for most)...

In short, Flappy Bird is dead, but the scams are only beginning. Our advice is the same as always when it comes to Android malware: stick to Google Play and only install apps that you know are safe.

---

One should always have an idea about who is running the app store they are using.

Also, if malware was such a "tinfoil hat" issue, why does even BlackBerry World now show that each app in BBW has been scanned by Trend Micro for malware and viruses? If no threat existed, then no malware scanning precautions would be neccessary. Clearly, BlackBerry is trying to protect its users from 'something'. Do you believe BlackBerry engineers are "tinfoil hat" wearers as well?