Tag Archive | "bouncer"

In Depth: Android security apps: do you need them?

In Depth: Android security apps: do you need them?

Android security apps: do you need them?

Malware, malware, viruses, attacks, phone numbers being stolen, lives put at risk, solar flares wiping out the communications grids and so on. All of those scenarios have been blamed on Android recently, as anti-virus companies pitch Google’s mobile OS as the next worst thing that’ll ruin your life.

But is Android malware an actual real thing? Or is it largely a myth, proven only in exploits performed under laboratory conditions?

Chet Wisniewski, from anti-virus firm Sophos, told us: “It is not terribly widespread outside of China, but the number of malicious apps is increasing dramatically.”

You might also like…60 best free Android apps 201260 best free Android apps 2012

“In 2010 we saw around 40 threats, in 2011 more than 400. Evidence for 2012 suggests that number will continue to increase. To date the majority of threats are on unofficial/pirate markets, but we have seen several apps make it onto the Google Play store, only to later be discovered and deleted.”

Why is Android vulnerable?

“The ability for users to load software ‘off market’ opens the door for malicious applications to be distributed without the need for a vulnerability,” says Wisniewski, meaning anyone can write an app and anyone can install anything on their Android phone, granting it permission to go wild with their personal data.

Google’s main defence is the Android Permissions notifier, which tells you exactly which phone features an app will be able to access once installed. The problem is, no one reads these permissions. It’s a boring list of things most of us don’t understand. How is the everyday man expected to know if it’s right or wrong for a particular app to require access to his contacts details?

There’s also the problem of software updates, which has been the bane of Android over the last year or two, as Google relentlessly releases new OS versions and the networks struggle to keep up.

Google Play

“The other factor that increases the risk for Android users is the lack of patches that fix the vulnerabilities that are discovered,” says Wisniewski. “Even if Google fixes the flaws in the core version of Android, most carriers and phone makers lag far behind integrating the fixes, if they bother at all.”

Which all sounds very worrying, but then again it’s common practise and advice throughout the tech world – always update to the latest version of any software. If you’ve been stranded with an unsupported Android model that’s sitting on version 1.6 of the software, you may well be more vulnerable. The hackers have had longer to work on exploits.

Do you need an Android security app?

Wisniewski thinks so, explaining: “Not all security applications are the same, some are more of a marketing effort than a true security application. As the number of attacks increase it is likely we will need to provide protection on the device as well as more carefully screening applications submitted to the marketplaces.”

At the other end of the spectrum, a famous rant published on Google+ by Google man Chris DiBona, who’s the Open Source Programs Manager at Google, said: “Virus companies are playing on your fears to try to sell you bs protection software for Android, RIM and IOS. They are charlatans and scammers.”

Chris DiBona

Most Android malware scare stories are based around one of two extreme premises – theoretical breaches discovered by researchers in their offices but not actually spotted in the real world, or apps that spawn numerous pop-up adverts designed to pull in ad revenue for the few days they’re allowed to run riot on Google’s Play Store.

The latter is by far the most common. In the run up to the Android launch of iPhone smash Temple Run, numerous clones popped up on the Play Store. Some were rather malicious, redirecting users’ browsers to ad-covered web sites and inserting bookmarks, but they didn’t have the power to break your phone beyond repair – nor were they technically malware, as they were only doing what users had granted them permission to do so.

No security or anti-virus app will stop something you’re specifically handing permission to, so they are, in cases like this, entirely useless.

So while there’s certainly a lot of boundary-pushing, invasive software that can legitimately take its place on Google’s Play Store, actual reports of phone-breaking data-thievery are extremely rare to come across.

Is my phone infected?

Sophos’ most recent Android malware report concerned a game called ‘The Roar of the Pharoah’ which, it claimed, contained a trojan that could gather your phone number and IMEI code, with the ability to send SMS messages to premium rate services.

Only problem is, this app wasn’t found on the Google Play Store. Sophos found it on unnamed “unofficial download sites,” so it’s entirely possible that no users whatsoever were infected by this apparent threat that gained a lot of internet column inches over the past month.

Another common Android malware fighter and evangelist is McAfee. Its 2011 threat update [PDF] made for worrying reading, claiming that two new viruses – Android/NickiSpy.A and Android/GoldenEagle.A – were found on Android phones in the last quarter of 2011.

Android Nikispy

Symantec supplies some data on the number of infections, which show that the Android.Nickispy trojan, which is claimed to have the ability to record users’ phone calls, has infected between 0-49 devices. Which is statistically about zero when Google’s selling 700,000 Android gadgets every day.

Will it get worse?

Anti-virus firms say yes it will, while Google has recently introduced an app-scanning tool it calls Bouncer, designed to detect common forms of malicious code uploaded to its Android Market and delete them before they can inflict pain on users.

With over 200 million Android devices out there today, and a rather patchwork approach to updating their software, it’s inevitable that some older models will be exploited and found more

The rule of thumb is to keep it official, only downloading apps through Google’s Play Store, as at least that way you have some form of safety net and the backing of Android’s own army of app-checking reporters. And check those permissions when installing an app, as boring a task as it may be. They’re your first indication that something’s trying to work its way a little too deeply into your phone.

And while anti-virus apps from the big name PC software protection companies are on the rise on Google’s Play Store, they won’t stop the adware spam apps and fakes, as they rely on you granting them permission to run.

As with most things in life, the sad fact is you’re going to have to start paying more attention to the small print if you want to stay exploit free.

Posted in Computing, Gadgets, Internet, Mobile Phones, Open Source, Security, SoftwareComments Off

Exclusive: BlackBerry promises updates while you work

Exclusive: BlackBerry promises updates while you work

RIM has announced that its upcoming BlackBerry 10 mobile operating system will allow users to continue using their device while OS updates are being downloaded and installed.

Speaking to TechRadar, BlackBerry’s Head of Software Vivek Bhardwaj explained the new system is a unique feature on the BlackBerry platform.

“We’re the only platform where you can be watching a movie in the background while you’re downloading and installing the update,” he said.

“You don’t have to leave it and watch a clock till it’s done, you don’t have to leave it for an hour the way you do with other phones – or with BlackBerry today.”

As if by magic

This is possible thanks to the QNX kernel which is used in the operating system allowing the download, install and even testing of new software to occur in the background. All the user is required to do is reboot the device to seal the deal.

Although this will be rolled out officially with BB10 later in the year we can expect to see it in action in the Playbook 2.0 OS update which will be available soon.

Bhardwaj goes on to say that the new system will allow carriers to push out OS updates to future BlackBerry devices running BB10 a lot quicker.

“It’s going to help us speed up carrier certification,” he added. “If we’re trying to trying to tweak something and the radio needs updating for the carrier too, now we can separate those. That leads to faster upgrades, less regression testing and more stability”.

Bhardwaj believes this feature make BB10 handsets and PlayBook (which is also set to run BB10) stand out from the crowd – offering super quick OS updates in a world where we are still waiting for the likes of Ice Cream Sandwich to hit devices.

Posted in Computing, Software, WirelessComments Off

Samsung cancels MWC press conference?

Samsung cancels MWC press conference?

PC Mag has reportedly received an email from Samsung notifying it that the smartphone giant will not be holding a press event at MWC 2012.

Samsung went on to say that it will still have a presence in Barcelona and will be holding new product introductions, but away from the bright lights of the big stage.

Early rumours stated the brand was looking to hold an event on Sunday evening, but congestion with other press conferences forced it into a re-think.

We have been in contact with Samsung and it’s looking into this report – but will still certainly have a large stand presence at the event.

Going into hiding

This seems a very strange move as Samsung had used the conference in past years to put on large-scale glitzy announcements. Only last year did we see the Galaxy S2 break cover in a flashy event.

It is now being suggested that Samsung’s focus at MWC will be geared towards the merge of its Bada OS and the linux based Tizen software.

We will be at MWC 2012 to find out what Samsung is actually bringing to the event. We are keeping our fingers crossed for new tablets – but preparing ourselves for disappointment.

Posted in Computing, Mobile Phones, SoftwareComments Off

Free Samsung Galaxy S2 with T-Mobile USA this Saturday

Free Samsung Galaxy S2 with T-Mobile USA this Saturday

T-Mobile USA is giving away its entire range of 4G smartphones and tablets for a one-day sale, this Saturday.

If you sign-up to a two-year contract, you can snag a free Samsung Galaxy S2, HTC Amaze 4G, BlackBerry Bold 9900 or the Nokia Lumia 710 Windows Phone devices.

The T-Mobile SpringBoard Android tablet is also up for grabs, free of charge, when you sign up for a data plan.

The carrier hopes to inspire a little of the Cupid spirit by labeling this a Valentine’s Day sale in an attempt to snare loved-up smartphone buyers.

‘Sweet deal’

“T-Mobile has a commitment to make the 4G experience affordable and accessible to everyone, so this sweet deal on smartphones and tablets is our Valentine’s gift to consumers,” said T-Mobile’s marketing boss John Clelland.

“No matter where loved ones live, T-Mobile wants to bring them closer with unlimited talking, photo sharing, video chatting, texting, and more.”

The event hopes to by-pass the perception among non-smartphone owners $200 for a top-of-the-range handset, on top of an expensive two-year contract, is a little too much of a burden.

Posted in Computing, Mobile PhonesComments Off

Exclusive: Radical new Windows Phone designs uncovered

Exclusive: Radical new Windows Phone designs uncovered

A leaked video might have already outed the fact four new form factors will be coming to Windows Phone 8 designs, but it seems Microsoft may have already revealed how these will look.

The leaked video explaining Windows Phone 8 to Microsoft partners refers to new screen resolutions, but it doesn’t say what size they will be.

However Albert Shum, the General Manager of the Windows Phone Design Studio, showed TechRadar a slide at Nokia World where today’s Windows Phone becomes just one of six devices.

Claiming this was “something we’re still working on,” he said “you want an ecosystem that’s not just about having just one or two things; you want diversity.”

Tablets on the roadmap

Explicitly positioning Windows Phone alongside PCs and tablets, he added: “If you do well not just on phone but on PC and on tablet, then your ecosystem can really live and breathe” – so it’s unlikely that the largest device on this slide would be a Windows Phone tablet.

Windows phone 8

That would be confusing for Windows 8 on ARM, and would contradict what Steven Sinofsky told TechRadar; “for us the phone is uniquely focused on the small form factor”.

From the relative sizes on the slide, the largest is a 5-inch tablet, discounting the largest as a separate Windows 8 tablet.

Although HTC has two 4.7-inch Windows Phone devices already, the 480 by 800 screen resolution isn’t enough to make the most of the screen.

Adding a higher resolution for larger screens will make Apollo better placed to compete with 5-inch and 7-inch devices like the Samsung Note and the Kindle Fire.

A Windows Phone Nano?

The other three form factors look like a smaller phone (enabling cheaper Windows Phone handsets for the developing world) and two devices with squarer screens, one with a facing keyboard (to satisfy business users) – and a smaller device that may be suited for the youth markets.

If the devices are in proportion, that’s a screen just larger than 1-inch; perfect for the Windows Phone equivalent of the iPod nano or competing with current fitness devices.

If Microsoft thinks that’s going to be the next big (little) thing, it could be part of the “time-critical opportunity” for Windows Phone that Steve Ballmer sent former Windows Phone president Andy Lees to look after.

We’ve yet to hear any confirmation over whether these devices are indeed the new form factors mentioned by Microsoft – but it seems an awfully large coincidence at a recent Windows Phone event otherwise.

Posted in Computing, Mobile PhonesComments Off