[anon(9607753)]

Well this is interesting....

https://www.theregister.co.uk/2017/0...allow_overlay/

I wonder if BlackBerry will issue a patch before Google does? We shall see...

[Bla1ze]

tl;dr: Don't install dodgy apps from 3rd party stores and understand what it is you're installing from Google Play.

[Bla1ze]

I wonder if BlackBerry will issue a patch before Google does? We shall see...

BlackBerry has no ability to really do so unless it's on their side of the software fence, which, it's not. It's a core Android function, which they cannot change. Even asking the question gives the impression they could... they can't.

[Ment]

BB can't do anything as this specific permission where you don't have to change system settings is done by Google for apps thru the Playstore. I suppose they could update DTEK with apps that don't use the permission properly but Google would have removed the apps already by then and from user devices ie BB doesn't have the resources to do what Google is already doing.

[anon(9607753)]

tl;dr: Don't install dodgy apps from 3rd party stores and understand what it is you're installing from Google Play.

Perhaps...but in all seriousness, is this a line we are going to use every time an Android vulnerability comes up? Whether BlackBerry does anything about it or not, which they probably won't (but who knows right?) it doesn't seem too cool that Google would sit on this until O is released, as the article alleges. I think a little heat on Google is probably justifiable. IMHO of course, lol.

[Bla1ze]

Perhaps...but in all seriousness, is this a line we are going to use every time an Android vulnerability comes up? Whether BlackBerry does anything about it or not, which they probably won't (but who knows right?) it doesn't seem too cool that Google would sit on this until O is released, as the article alleges. I think a little heat on Google is probably justifiable. IMHO of course, lol.

Yes, because it's the real answer. I literally have never come across a single person infected with ANY of this garbage. It's scare tactics and crap headlines. The details are almost always buried behind the fact that you need to download certain apps, or you need to have root access or you have to have physical access to the device or some other small detail that gets overpassed due to the fact that it makes it LESS of a compelling story. I'm not even sticking up for Google or BlackBerry or Android as an OS here, I'm sticking up for the fact that people should use their brains more, have some common sense and actually read beyond the freaking headline.

[meilenstein]

Yes, because it's the real answer. I literally have never come across a single person infected with ANY of this garbage. It's scare tactics and crap headlines. The details are almost always buried behind the fact that you need to download certain apps, or you need to have root access or you have to have physical access to the device or some other small detail that gets overpassed due to the fact that it makes it LESS of a compelling story. I'm not even sticking up for Google or BlackBerry or Android as an OS here, I'm sticking up for the fact that people should use their brains more, have some common sense and actually read beyond the freaking headline.

Don't harsh his mellow, man. Don't bring facts into this.

Posted via CB10

[Ment]

Its like Ebola. Yes billions are 'vulnerable' to it so it makes headlines but the chance for any individual person is super small.

Yes SYSTEM_ALERT_WINDOW can be abused for apps in the Playstore but your chance for exposure is so low it doesn't rate.

[meilenstein]

Perhaps...but in all seriousness, is this a line we are going to use every time an Android vulnerability comes up? Whether BlackBerry does anything about it or not, which they probably won't (but who knows right?) it doesn't seem too cool that Google would sit on this until O is released, as the article alleges. I think a little heat on Google is probably justifiable. IMHO of course, lol.

"Alleges." Alleges without attestation.

Posted via CB10

[anon(9607753)]

Seems like a pretty touchy subject for something that is not deserving of any serious attention. Of course, it must be the same for stupid stuff like this http://m.crackberry.com/blackberry-p...urity-bulletin and only complete idiots (like me, apparently Lol) would ever install this crap on their devices.

[Ment]

Don't ever go outside you'll get hit with lightning. Everything needs perspective, take note of it use common sense measures and move on.

[conite]

it doesn't seem too cool that Google would sit on this until O is released, as the article alleges.

Google is not sitting on it. They are now scanning for it in the App Store, and will update Google Play services on the device to look for it as well.

Android O will simply revert to how they dealt with this permission in the past, thus removing a convenience feature which brought about unintended consequences.

[Bla1ze]

Seems like a pretty touchy subject for something that is not deserving of any serious attention. Of course, it must be the same for stupid stuff like this Priv security update patches sixteen holes for safety's sake | CrackBerry.com and only complete idiots (like me, apparently Lol) would ever install this crap on their devices.

Now you're just being dramatic.

[anon(9607753)]

Now you're just being dramatic.

Geez! Its as if people think I posted this intending to raise some kind of dire apocalyptic polemic slamming Android. It was just a discussion topic! But sure everybody, let's join in and take a swing at kputock for being such a fear-mongering-alarmist-fake-news-troll.

[Bla1ze]

Geez! Its as if people think I posted this intending to raise some kind of dire apocalyptic polemic slamming Android. It was just a discussion topic! But sure everybody, let's join in and take a swing at kputock for being such a fear-mongering-alarmist-fake-news-troll.

[anon(9607753)]

Mocked with cartoons on a BlackBerry forum. It doesn't get much lower than this, Lol.

[thurask]

I'm not even sticking up for Google or BlackBerry or Android as an OS here, I'm sticking up for the fact that people should use their brains more, have some common sense and actually read beyond the freaking headline.

But that's haaaaaaaaaard!

[Tsepz_GP]

Yes, because it's the real answer. I literally have never come across a single person infected with ANY of this garbage. It's scare tactics and crap headlines. The details are almost always buried behind the fact that you need to download certain apps, or you need to have root access or you have to have physical access to the device or some other small detail that gets overpassed due to the fact that it makes it LESS of a compelling story. I'm not even sticking up for Google or BlackBerry or Android as an OS here, I'm sticking up for the fact that people should use their brains more, have some common sense and actually read beyond the freaking headline.

Yep!

I've been on Android since it's "Wild West" Days, from Android 1.6 Cupcake, when it had next to no security and we've been reading and seeing these scare tactics since then with nobody actually getting affected.

[Jerry Hildenbrand]

I expected better from The Guardian. They left out one very important tidbit of information:

Every app downloaded and installed from Google Play is scanned when it's installed. If the application has an odd behavior, like displaying a screen overlay with no user-visible activity or input (screen overlays are harmful because they can display transparent buttons) it won't be installed without you being notified of its questionable behavior or won't be installed at all. Then it gets removed from the store altogether. This is a feature of Play Services, so every single Android phone with access to google play is covered here.

Apps not downloaded from a Google Play Store server require permission to draw over your screen. Read before you click yes.

And Bla1ze is right. It's all a bit of a scam to suck you in. Writing about Android malware is sort of like writing about "the death of BlackBerry" because it's guaranteed to get people to click and keep coming back so they can fight in the comments.

We should totally do more of it, Bla1ze. We could buy yachts with all that malware money and sail to islands where clothes are optional and drinking at 10 am is encouraged.

[DrBoomBotz]

Mocked with cartoons on a BlackBerry forum. It doesn't get much lower than this, Lol.

Is this what rage quit looks like?

[cribble2k]

Why didn't anyone's DTEK software warn them about this vulnerability before it was reported?

Thought the point was to protect against current and future threats.

🤔

[conite]

Why didn't anyone's DTEK software warn them about this vulnerability before it was reported?

Thought the point was to protect against current and future threats.

🤔

DTEK monitors the integrity of the OS.

This situation is simply an app that will display malware.

[bakron1]

Yep!

I've been on Android since it's "Wild West" Days, from Android 1.6 Cupcake, when it had next to no security and we've been reading and seeing these scare tactics since then with nobody actually getting affected.

Same here, common sense, don't download third party apps and using strong passwords goes a long way.

Most of the folks I know who get hacked use simple passwords and download to much crap off the web and open attachments they shouldn't be, just asking for trouble.

As I have said many times, common sense goes a long way and it surprises me how many folks forget about that until it's too late.

[Tsepz_GP]

Same here, common sense, don't download third party apps and using strong passwords goes a long way.

Most of the folks I know who get hacked use simple passwords and download to much crap off the web and open attachments they shouldn't be, just asking for trouble.

As I have said many times, common sense goes a long way and it surprises me how many folks forget about that until it's too late.

Exactly!

Funny thing, one of our colleagues has had her Skype account hacked after opening a dodgy message from a friend elsewhere who was hacked, her account sent weird messages to all in the office today. Most of us picked up on it and avoided clicking, butba few fell right into it.

Many people lack commonsense and just click away.

[jyoule2017]

Sense is not common btw.