Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

More Malware-Infected Apps Found In Android Market

samzenpus posted more than 3 years ago | from the one-bad-app-spoiling-the-barrel dept.

Android 195

Trailrunner7 writes "For the third time in the last few months, Google has had to remove a slew of malware-infected apps from the Android Market and suspend some publishers. Ten Android apps in the Official Android Market are known to be infected, but many more could be victims of the Plankton Trojan. Researcher Xuxian Jiang claims that early variants of the Trojan have evaded detection for as long as two months."

cancel ×

195 comments

Sorry! There are no comments related to the filter you selected.

How about... (4, Insightful)

Skarecrow77 (1714214) | more than 3 years ago | (#36453790)

you post a list of the infected applications in the freakin summary, so when TFA gets slashdotted, we know what the hell they were?

I'm just saying...

Re:How about... (3, Informative)

Sylak (1611137) | more than 3 years ago | (#36453796)

They aren't listed in TFA either

Re:How about... (1)

Skarecrow77 (1714214) | more than 3 years ago | (#36453808)

I managed to get through to the article, and noticed that myself.

Wow, what useless journalism.

Re:How about... (1)

Azmodan (572615) | more than 3 years ago | (#36453828)

Wish there was a way to mod down an article!

Re:How about... (0)

Anonymous Coward | more than 3 years ago | (#36453838)

R.I.P Journalism.

Re:How about... (-1)

Anonymous Coward | more than 3 years ago | (#36453868)

Alternatively, instead of trying to obligate others to spoon feed you a list of infected apps, you could just get iPhone and be assured this kind of thing does not happen.

Re:How about... (1)

Skarecrow77 (1714214) | more than 3 years ago | (#36453990)

Actually, I'm very torn whether to replace my original Droid with a Droid 3 or an Iphone 5 when the two do mortal battle later this year... The Iphone 4s I've used are pretty snazzy, and my wife's ipad is sweet, but dammit I LIKE android.

Re:How about... (1)

NatasRevol (731260) | more than 3 years ago | (#36454316)

Well, apparently, Android doesn't like you :-)

Re:How about... (1)

SuperKendall (25149) | more than 3 years ago | (#36454622)

Get an iPhone and jailbreak it. Technical nirvana.

Re:How about... (1)

FrootLoops (1817694) | more than 3 years ago | (#36454328)

There's a list in one of the comments to TFA. I would reproduce it here if I had any reason to trust its authenticity, but I don't.

Ha Ha Ha (-1)

Anonymous Coward | more than 3 years ago | (#36453798)

Where your Messiah now Android losers. Do worry can can still install all these infected apps on the side.

Re:Ha Ha Ha (2)

localman57 (1340533) | more than 3 years ago | (#36453844)

Did you send this from an Android phone? It appears that a trojan is stealing some of the words out of your sentences and sending them to a server somewhere.

Re:Ha Ha Ha (1)

sakdoctor (1087155) | more than 3 years ago | (#36454050)

This is valid grammar 2.0

QC Required (3, Insightful)

Microlith (54737) | more than 3 years ago | (#36453822)

Sooner or later Google will need to do some sort of Quality Control on their store, or they'll just keep making the Marketplace look even less trustworthy and push people to the Amazon store.

Re:QC Required (2)

localman57 (1340533) | more than 3 years ago | (#36453864)

You can have a "best of both worlds" solution by have a "code reviewed" icon for app developers that want to do it. May cost money for the review process...

Re:QC Required (1)

PickyH3D (680158) | more than 3 years ago | (#36454060)

All that does is create an even bigger divide people the people that do it and the people that don't. And people that download half of the malware (the junk apps versus at least legitimate looking apps) are probably too stupid to recognize it anyway, thus negating the purpose unless it's done across the board.

I agree that it is better than nothing, but creating a market where the big fish will probably get rubber stamped anyway, I feel uncomfortable with the idea of suggesting a system where the little fish has to pay even more to be on equal footing.

Re:QC Required (2)

localman57 (1340533) | more than 3 years ago | (#36454206)

The malware scare is going to knock the little guy off equal footing anyway. Right now the malware apps are obvious, because it's cheap and easy to create crap that morons will download. But eventually, as people get a bit smarter, the malware apps will start to look more and more like normal, decent apps. At this point, when you can't easily tell a malicious app from a non-malicious app , some users will stop downloading from little guys all together, and only trust downloads from brands they recognize.

Some sort of independent code review option will help, not hinder, the little guys in the long term. But it needs to be optional to maintain the open aspect of the Android market.

Android needs to get a lid on this now, or it will loose the mass market, because most non-tech people would find fear of malware a much bigger driver of purchasing decision than other merits.

Re:QC Required (1)

cavreader (1903280) | more than 3 years ago | (#36454594)

"Right now the malware apps are obvious" Pray tell how can you determine something is obviously malware unless you actually download it? And wouldn't that pretty much make everyone a moron by your definition?

Re:QC Required (0)

Anonymous Coward | more than 3 years ago | (#36456154)

Previous Android malware apps required user permissions to execute system programs (that is, native executables). If they didn't have the "system tools" perm (iirc; I don't own an Android phone anymore) then they couldn't run the included binary which performed the escalation.

From TFA: (1, Insightful)

PopeRatzo (965947) | more than 3 years ago | (#36454204)

Google has historically taken a hands-off approach to policing the Android Marketplace. It will suspend and remove suspicious or malicious applications when they're reported, but does not vet applications prior to posting them, as Apple does with its AppStore.

Ah, that's what the story is really about. I'm surprised it took them so many paragraphs to get to their real agenda.

localman57 has the solution. And who's to say that Google has to be the one doing the code reviewing? Why couldn't a group of Android developers get together and set up a reviewing panel that will certify apps as threat-free? Before I download an app, I can see if the reviewing panel lists it or not and have that one extra data point with which to make my decision. If the panel's work is done in a transparent manner, people would trust it and they would have a measure of safety without having to be walled inside.

Re:From TFA: (3, Insightful)

localman57 (1340533) | more than 3 years ago | (#36454308)

It doesn't have to be Google. But there really needs to be a single reviewer source. Think "Underwriters Laboratories" for software. Otherwise, the malware writers just setup their own review boards, and stamp it quality. As Tommy Boy once said:

I can take a shit in a box, and mark it guaranteed, but then all you'll have is a guaranteed box of shit.

You (and your friends) can't be allowed to stamp your box.

Google would be the obvious choice, though, since they have the biggest investment to lose if this all goes to hell.

Re:From TFA: (1)

gumbi west (610122) | more than 3 years ago | (#36454368)

And the reviewing panel would probably do a great job for 2 months or so... and then they push back against crap code (because it would be harder to detect trojans in it if you can't tell what the heck it is doing) and then the developers would push back because the panel isn't supposed to comment on their code, just certify it as trojan free. Then they would either stop being a clearing house or would approve an app with a trojan in it, and by this time everyone would have just purchased an iPhone.

Selfish idea (1)

SuperKendall (25149) | more than 3 years ago | (#36454404)

Why couldn't a group of Android developers get together and set up a reviewing panel that will certify apps as threat-free? Before I download an app, I can see if the reviewing panel lists it or not and have that one extra data point with which to make my decision. If the panel's work is done in a transparent manner, people would trust it and they would have a measure of safety without having to be walled inside.

The only people that would protect are the people who don't need protection.

You are trying to solve the problem of how to make life easier for YOU, not the average user who would have no clue the panel existed and would not care if they did.

Any kind of "seal of approval" faces the same issue, that most people would not care and continue to run the other stuff anyway.

A better approach is Amazons, to make a market of wholly vetted apps where probably Amazon does more verification of who a publisher is. Then non-technical users can stick to that market.

Re:From TFA: (2)

H0p313ss (811249) | more than 3 years ago | (#36454756)

But then you have to worry about who guards the guardians [wikipedia.org] ?

Re:From TFA: (1)

PopeRatzo (965947) | more than 3 years ago | (#36455878)

But then you have to worry about who guards the guardians?

Sure, but that's what transparency is for. And there will be a lot of eyes on them.

It will become clear pretty quickly if the "guardians" can be trusted.

Re:QC Required (1)

tripleevenfall (1990004) | more than 3 years ago | (#36454040)

I agree. I know most slashdotters are relatively savvy users and aren't going to install the ZOMGFREEMONEY$$ app, the expanding user base guarantees that malware will get more sophisticated over time.

Sure, we could only install applications developed by a corporation we already deal with and should have an interest in keeping us happy and keeping our business by not installing malware on our devices (Sony jokes aside), but doesn't this suppress the audience for "little guy" developers? Isn't that contrary to the spirit of FOSSetc?

There definitely needs to be some review and testing on Google's part. The end.

Re:QC Required (1)

Microlith (54737) | more than 3 years ago | (#36454396)

Sure, we could only install applications developed by a corporation we already deal with and should have an interest in keeping us happy and keeping our business by not installing malware on our devices (Sony jokes aside), but doesn't this suppress the audience for "little guy" developers? Isn't that contrary to the spirit of FOSSetc?

Google's Marketplace has nothing to do with FOSS. So long as they don't try to lock users out of their own devices (by barring sideloading) then it's a non-issue.

Re:QC Required (1)

tripleevenfall (1990004) | more than 3 years ago | (#36454536)

I know that on /. you always have to couch every post with a defense for every possible pedantic reply, but in this case, I thought "FOSSetc" would encapsulate the spirit of the vaguely "open" android platform and the spirit of the enterprise as a whole.

Re:QC Required (0)

Anonymous Coward | more than 3 years ago | (#36454180)

What I don't get is why Google doesn't go after the author of the apps hard. What good does suspending an account do? Jail time and a multimillion dollar fine sounds better.

Re:QC Required (1)

localman57 (1340533) | more than 3 years ago | (#36454602)

They have better things to do. The international nature of this sort of stuff makes investigations, as well as civil and criminal court actions exceptionally difficult. Google is a technology company. They're better suited to come up with a technological solution. Most of the big wins against Spam and the like come from counter-attacking the bot-nets, not from going after the people.

Re:QC Required (1)

Ash Vince (602485) | more than 3 years ago | (#36454454)

Sooner or later Google will need to do some sort of Quality Control on their store, or they'll just keep making the Marketplace look even less trustworthy and push people to the Amazon store.

Alternatively those of us who do not mind researching apps using the internet before we install them will carry on buying Android phones. I treat my phone like my home PC, I install stuff I trust after some basic research. Since Apple are not infallible I am more willing to trust my own judgement than theirs. If I screw up, I know to blame and can learn from my mistakes, if Apple screw up I just have to trust them learning their lesson on blind faith.

Re:QC Required (1)

localman57 (1340533) | more than 3 years ago | (#36454648)

Alternatively those of us who do not mind researching apps using the internet before we install them will carry on buying Android phones.

We need the unsophisticated users to buy the Android phones, or there won't be any. The economy of scale has to be there. If Android phones alienate the average user, then they'll end up like the N900: kick ass, but expensive and a relative hassle to get.

Re:QC Required (3, Insightful)

tlhIngan (30335) | more than 3 years ago | (#36455110)

We need the unsophisticated users to buy the Android phones, or there won't be any. The economy of scale has to be there. If Android phones alienate the average user, then they'll end up like the N900: kick ass, but expensive and a relative hassle to get.

There will always be Android phones.

However, the problem is if the perception of the Marketplace is that it's full of malware ready to steal your phone's data and cost you a fortune in long-distance and premium phone number calls, then people may shy away from downloading any app from it. (or alternative app stores for that matter, since you can't trust that they aren't sending you malware either).

Which means to most users, Android is the phone and what it comes with - the Marketplace will simply be a "never touch" zone. Which means Android devs have a harder time.

Heck, carriers may see this and demand that Amazon be the primary marketplace allowed on the phone as a safety measure. And if that's the case, Android devs may have to submit to Amazon's even more restrictive terms.

Re:QC Required (1)

Aeros (668253) | more than 3 years ago | (#36455096)

No no no..If they start doing some type of quality control on apps that go through their 'app store' then Apple might sue since they would claim that they came up with that process.

Android malware market (1)

goombah99 (560566) | more than 3 years ago | (#36455116)

Google announced today that to avoid lawsuits from apple over the app store name and to better describe the products offered, they are changing the name to the "malware market". They were immediately sued by Microsoft who claim to have copyrighted malware infected operating systems.

I realize I'm going to get torn to shreds... (4, Insightful)

NitzJaaron (733621) | more than 3 years ago | (#36453836)

...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process. There's a lot of controversy about apps getting blocked from the iTunes App Store, but so far there haven't been any significant outbreaks of malware/trojans like the Android platform has had. Caveat: I actively develop for both platforms, so I have no "stake" in either side. Just making a point about the open vs. closed issue in related to PII leakage risks. Let the flaming begin!

Re:I realize I'm going to get torn to shreds... (4, Insightful)

vux984 (928602) | more than 3 years ago | (#36453936)

...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process

Nobody has ever really said otherwise.

The complaints about the apple store are not that its closed. The complaint is that its the only store you are allowed to use. (both as a consumer and as a developer)

False, There Is Another (1)

SuperKendall (25149) | more than 3 years ago | (#36454488)

The complaint is that its the only store you are allowed to use.

Well then there are no complaints to be had because the technical people that actually want alternate stores, can jailbreak and use Cydia.

Android people don't like to acknowledge this is possible because as you say that's the only argument they have.

Re:False, There Is Another (2)

vux984 (928602) | more than 3 years ago | (#36454694)

Well then there are no complaints to be had because the technical people that actually want alternate stores, can jailbreak and use Cydia.

What about non-technical people who want alternate stores?

Why should people have to jailbreak their phone?

Why should jailbreaking be a violation of the EULA?

Why should we have to put up with Apple imposing any barriers whatsoever to using a non-Apple store?

As I see it, there are still lots of complaints about the status quo. The fact that I can hack my way to a semblance of what I want, by violating my EULA, and defeating Apple's software to get it to do what I want isn't a solution.

I want the law on my side.

Re:False, There Is Another (0)

pkinetics (549289) | more than 3 years ago | (#36455046)

This always cracks me up when people make these arguments about the Apple model.

They want it open and available to everyone. But they want it secure and safe.

I want it open, safe, and secure.

If it is open, it is not safe.

If you want it secure, its not open.

So far both models have tried their choice and are failing at making EVERYONE happy. Hence the reason they target one side of the equation and make just those people happy.

As long as their is an audience, there will be complaints.

Re:False, There Is Another (1)

WhitetailKitten (866108) | more than 3 years ago | (#36455428)

I think you misunderstand GP's point. Apple is actively hostile against jailbreaking (bricked device, anyone?). What GP wants is the ability to choose, and be left alone if he does jailbreak his iOS device. Shelter in the safety of Apple's curated store, or brave the Wild West without interference from King Jobs. Android does the latter (bootloader lockdowns by individual manufacturers notwithstanding), but not the former. Amazon is starting to supply the former for Android. GP is saying that Apple should consider following their example.

Re:False, There Is Another (1)

Duradin (1261418) | more than 3 years ago | (#36455696)

Define "actively hostile".

Is Apple actively hunting down jailbroken devices and hacking in to them to brick them or are people who have jailbroken their device updating the device without finding out if the update shouldn't be used with their jailbreak of choice?

Re:False, There Is Another (1)

WhitetailKitten (866108) | more than 3 years ago | (#36455850)

Remember that the first updates after the first jailbreaks would brick peoples' iPhones. Now, that's arguably a consequence of poorly-made jailbreaks, and I'll concede that, but some people did end up with shiny paperweights, and Apple (rightfully, according to their EULA) did not do much to help them. They also try and lock down any avenues that jailbreaks use to prevent simple re-jailbreaking after an update. Perhaps "actively hostile" was not the best term, but the point is, Apple certainly could facilitate jailbreaking with ease and with little additional drain on their own resources. Instead, they do everything they can (short of becoming a malicious actor and bricking devices when they detect jailbreaks, which would be a PR armageddon for them) to restrict and prevent it with no compromise offered.

I personally choose not to be a part of Apple's annual obsolescence cycle, but if Android didn't exist I'm afraid that I would have an iPhone.

Wrong, misinformation (1)

SuperKendall (25149) | more than 3 years ago | (#36456266)

Apple is actively hostile against jailbreaking (bricked device, anyone?)

Apple has NEVER bricked a jailbroken device.

WIth the VERY FIRST iPhone, a few iPhones had issues with unlock hacks (which is not the same as jail breaking) interacting poorly with firmware updates, because they had re-written parts of the firmware...

What GP wants is the ability to choose, and be left alone if he does jailbreak his iOS device.

Which is what you get from jailbreaking.

brave the Wild West without interference from King Jobs

Unlike you 90% of the populace does not wish to be gunned down in the streets, which is the world you would have them live in against their will - because you are against the CHOICE by users to live in that walled area if they they find it safer and more pleasant.

bootloader lockdowns by individual manufacturers notwithstanding

Such hypocrisy... astounding.

Re:False, There Is Another (1)

bonch (38532) | more than 3 years ago | (#36455854)

What about non-technical people who want alternate stores?

Non-technical people don't want alternate stores. Your premise is flawed right from the start.

Re:False, There Is Another (1)

SuperKendall (25149) | more than 3 years ago | (#36456132)

What about non-technical people who want alternate stores?

Who are they? Seriously?

Jailbreaking has had a pretty widespread adoption mostly because people want more customization of devices, the non-technical people don't really care about it for the alternate store as much...

But the answer to your question is there are many, many people who will jailbreak phones for you now. Go into just about any small independent phone or computer store and you can have it done.

Why should people have to jailbreak their phone?

Why should 99% of the population have to suffer through significantly greater security risks because YOU want side loading?

Why should jailbreaking be a violation of the EULA?

It's not. If you have any doubts just restore system settings before you go to have it serviced.

Why should we have to put up with Apple imposing any barriers whatsoever to using a non-Apple store?

Because the security benefits for non-technical users are HUGE.

The fact that I can hack my way to a semblance of what I want, by violating my EULA, and defeating Apple's software to get it to do what I want isn't a solution.

You can stick your head in the sand (or somewhere darker) as long as you want but it don't mean the sun ain't shining for those that choose to look.

I want the law on my side.

It is, jail breaking was declared explicitly legal. But again that's something you choose to ignore because it goes against preconceptions you refuse to let go of.

Re:I realize I'm going to get torn to shreds... (0)

Anonymous Coward | more than 3 years ago | (#36455384)

...but there's something to be said for iOS being a "closed" platform with a (mostly) strict approval process

Nobody has ever really said otherwise.

You must be new here.

Re:I realize I'm going to get torn to shreds... (2)

bonch (38532) | more than 3 years ago | (#36455842)

The complaints about the apple store are not that its closed.

What Slashdot have you been visiting?

Two flaws in your argument (4, Insightful)

Brannon (221550) | more than 3 years ago | (#36456090)

1. There are alternatives, you can buy an Android phone.

2. If IOS devices made it easy to use another store, then non-technical users would be at more risk. They would get an email that said, "Hey try out this fun app" which would take them to the non-curated store, they would blindly click-through all warnings from the OS and voila, you've got a mobile experience every bit as toxic and unusable as the Windows PC experience--and you've just destroyed Apple's value proposition and their $100B market cap.

What it really boils down to is that most of Apple's critics (a) don't care at all about non-technical users and (b) really want Apple to fail anyway so are happy to argue for Apple to adopt flexibility that would lead to financial disaster for them. Apple fundamentally disagrees on both points so you aren't going to sway them.

But you have other options, see #1.

Re:I realize I'm going to get torn to shreds... (-1, Flamebait)

shadowfaxcrx (1736978) | more than 3 years ago | (#36454002)

I'm not going to flame you because you're right. But you're also wrong:
The closed iPhone store is a great advantage to have when you sell phones to morons. The "app store" for PCs and Macs has never been closed. People are either smart about what they install on their computer, or they install any random crap they see in a popup ad and find out what it's like to get a virus or a trojan.

I view smartphones as no different from PCs in that regard. The dumb users are going to install "cool sexy japanes walpapr!!" and other obvious malware, and then they're going to pay the price for being dumb. The smart users are going to check what permissions the app is grabbing, and then realize that a scientific calculator does not need to read your contacts or see your location, and not install it. In other words, even if you download Android malware, if you look at the permissions, you can recognize the malware as malware and decline to install it.

I'm not really a fan of the "short circuit Darwin" approach to consumer electronics in which developers try to anticipate any dumbassed thing some idiot might do with the device, and then build walls to prevent the dumbassery. (and to be fair, as the latest Mercedes commercials featuring drivers crediting the car for bailing them out from being idiot drivers demonstrates, it's not just in electronics). I'm more of a proponent of the idea that smart phones should live up to their name. Android phones are not meant for abject morons.

If Apple wants to market their phones to morons by basically saying "don't worry, we'll protect you from your own stupidity," that's up to them, but I don't think that necessitates a similar strategy in response from the Android camp. If you're basing a phone-buying decision on security, and you think you're too dumb to avoid installing hentai porn applications that end up jacking your phone, then buy an iPhone. If you think you're smart enough to handle elementary security dialogs, then get whichever phone you like better.

Your arrogance marks YOU as the real moron (4, Insightful)

DavidinAla (639952) | more than 3 years ago | (#36454132)

Your comment is indicative of the kind of arrogance that makes people hate so many technically proficient people. Do you even realize how arrogant you are to call people "morons" because they don't happen to have the kind of technical understanding and knowledge that we have? I'm sorry, but it's YOUR ARROGANCE that marks you as the real moron. People have different skills and knowledge. Yours (and mine) happens to be in a technical field, among others, presumably. But you have areas where you don't know anything, too. Everybody does. Just because people don't value YOUR subject area above all others doesn't mean they're morons who are "dumb users." Just as a person who doesn't want to be an auto mechanic isn't a moron when he simply wants his car to work without him futzing with it. You really need to climb down from the high horse and realize that people aren't necessarily morons just because they don't know everything about IT that we know.

Re:Your arrogance marks YOU as the real moron (0)

Anonymous Coward | more than 3 years ago | (#36454262)

I'll second that emotion!!

Re:Your arrogance marks YOU as the real moron (1)

flibuste (523578) | more than 3 years ago | (#36454336)

I think you're jumping way too high in calling your OP Arrogant or anything.
I am sorry, but the last batch of apps that were removed from the Market contained applications with names such as "Screaming Japanese Girls". If you install those kind of apps on your phone, no one else than yourself can be blamed if you get a malware with it. And in all honesty, the category of people who would download those could fit in the "moron" category - nothing to do with being tech-savvy or not.
The aformentioned tech-savvy people spent YEARS trying to explain to the general public that there is a danger in downloading random crap from anywhere to any device. Some people will never learn. "Moron" is a good term for the later IMHO.

Re:Your arrogance marks YOU as the real moron (1)

TheCRAIGGERS (909877) | more than 3 years ago | (#36454462)

But he's also quite right.

To tack onto your car analogy, people who know a lot about cars often mod them to their desires. People who don't know a lot about cars don't normally tweak their shocks, install aftermarket sensors, NOS, or any of the other crazy shit people do nowadays. Or if they do, they hire somebody to do it for them. The day I install a NOS into my jeep is likely the day before my fiery death and I thankfully know this. People need to realize that installing random shit onto their phones without at least consulting the security screen are asking for pain.

To put it bluntly, these smartphones are computers. They are now no longer different than a PC, except for possibly the fact that they contain even more personal data than a typical computer does. iPhones are not immune to this either, as evidenced by the story earlier today where the app was sending passcodes to the guy's server. Don't you think a code review would have turned that up?

I would say that this is something that Google will likely have problems with in the future, but PCs are still going strong and Android is stronger than ever. Virus scanners have already come out, and I'm sure more are on the way. Google will likely tweak their OS in some attempt to limit the damage these apps can cause. But in the end, consumers need to get smarter. I'm not going to call them morons, but they are figuratively playing with fire when they do their banking on the same device they download porn apps on. Eventually, as the decades pass and the baby boomers begin leaving us, this problem will probably lessen and a new one will pop up in its place.

Re:Your arrogance marks YOU as the real moron (1)

shadowfaxcrx (1736978) | more than 3 years ago | (#36454522)

I understand that today's society encourages us to tell everyone that they're special and smart and wonderful, even when they're not. I don't subscribe to that theory, however, and object to being labeled as arrogant because of it.

You're right. There are plenty of areas that I know next to nothing about. I am, however, smart enough to know that I don't know much about those areas, and so I ask questions if it's an area I plan to get into.

Your post is like suggesting that someone who doesn't know how to swim is not stupid for cliff jumping into the ocean.

There are things in life that, if you want to do them, you need to learn about them. If you want to drive a car, you must first learn how before unleashing yourself on the road. If you want to cliff-dive, it's a really good idea to find out about that swimmin' thing before you do it. To do otherwise would be stupid.

Your auto mechanic is actually a really good example to my point. I certainly am not suggesting that everyone who drives should learn how to fix their car. I am, however, suggesting that maybe reading the owners manual, especially the part where it says "get the oil changed every X miles to avoid engine damage" would be a really good idea. By your logic, someone who buys a car, doesn't change the oil for 50,000 miles, and then bitches that his car don't work no more, should be viewed as gifted. I reject that logic entirely.

And it's the same with technology. If you want to play with computers, then you need to learn a few basics. If you want to download tentacle porn apps for your phone, you should know how to check for basic permissions. Does tentacle porn need to read my contacts? Gee, why would tentacle porn need to know my whereabouts? Huh, tentacle porn wants permission to email people? I wonder why that could be.

If you get into a field that you don't know much about, and then get upset when you get burned because you couldn't be bothered to find out about it, then yes, you are a moron.

Re:Your arrogance marks YOU as the real moron (0)

Anonymous Coward | more than 3 years ago | (#36454896)

I understand that today's society encourages us to tell everyone that they're special and smart and wonderful, even when they're not. I don't subscribe to that theory, however, and object to being labeled as arrogant because of it.

You're right. There are plenty of areas that I know next to nothing about. I am, however, smart enough to know that I don't know much about those areas, and so I ask questions if it's an area I plan to get into.

Your post is like suggesting that someone who doesn't know how to swim is not stupid for cliff jumping into the ocean.

There are things in life that, if you want to do them, you need to learn about them. If you want to drive a car, you must first learn how before unleashing yourself on the road. If you want to cliff-dive, it's a really good idea to find out about that swimmin' thing before you do it. To do otherwise would be stupid.

Your auto mechanic is actually a really good example to my point. I certainly am not suggesting that everyone who drives should learn how to fix their car. I am, however, suggesting that maybe reading the owners manual, especially the part where it says "get the oil changed every X miles to avoid engine damage" would be a really good idea. By your logic, someone who buys a car, doesn't change the oil for 50,000 miles, and then bitches that his car don't work no more, should be viewed as gifted. I reject that logic entirely.

And it's the same with technology. If you want to play with computers, then you need to learn a few basics. If you want to download tentacle porn apps for your phone, you should know how to check for basic permissions. Does tentacle porn need to read my contacts? Gee, why would tentacle porn need to know my whereabouts? Huh, tentacle porn wants permission to email people? I wonder why that could be.

If you get into a field that you don't know much about, and then get upset when you get burned because you couldn't be bothered to find out about it, then yes, you are a moron.

Stop being so arrogant. Even you trust things will work without learning about how they work. It happens everyday. It's the principle of abstraction, the very same principle that allows us to have computers with software in the first place. It works at every level.

Part of your fallacy is thinking others have the same interests as you. For instance: are you a moron when you get sick for not knowing how to prevent it?

Re:Your arrogance marks YOU as the real moron (1)

shadowfaxcrx (1736978) | more than 3 years ago | (#36455048)

Depends. If I pick up a jar labeled "biohazard" and open it without finding out what the stuff inside might do to me, or finding out how to properly handle jars with such labels, then yes, yes I am.

There's no fallacy here. People complain when their phone gets jacked. People use their phone. People don't bother learning the basics about using their phone so it doesn't get jacked. That's dumb.

You are a moron (2)

Brannon (221550) | more than 3 years ago | (#36455992)

Thousands of engineers labored for years to build the hardware and low-level software so that you can prance about writing your Ruby code or whatever the fuck you do that makes you think that you are some sort of tech genius. Those engineers put a lot of effort into making sure that you didn't have to be a semiconductor physics expert in order to use computers and that you weren't going to accidentally set the thing on fire with the wrong set of keystrokes. Compared to those engineers and relative to their turf, you are a moron.

There is value in abstraction. There are a hundred things that you rely on everyday that required some skilled profession to baby-proof and they were happy to do it, because that's what engineers do--and they don't look down their noses at those users as though they are some sort of inferior lifeform.

Re:Your arrogance marks YOU as the real moron (1)

tooyoung (853621) | more than 3 years ago | (#36456190)

I understand your point (and the other replies at this level). I would say, it is becoming harder and harder to justifiably recommend an Android phone to a non-technical user. I would say, "try Android, it is a better choice than an iPhone, as you avoid the walled garden." However, based on many of the comments I've read on /. lately, I'm not sure this is a good thing:

-if they buy most Android phones, they find themselves locked into an even worse experience because of the crapware and lock-in that most every Android handset maker provides.
-they could unlock the phone. As trivial as this seems to you and me, if they can't do it with a single click button that is provided by default on the phone, it is likely too confusing.
-once they do unlock the phone, what are they supposed to do with it? Load cool apps that they find on the internet? As you point out, they lack the technical knowledge to understand the consequence.

The end question becomes - what does a non-technical user gain from us recommending that they buy an Android phone? What is the benefit over an iPhone? Are we trying so hard to stick it to Apple that we lose sight of the fact that the iPhone may really be the best choice for the non-technical user? Not trolling at all here, I'm curious what justifications people are using.

Re:Your arrogance marks YOU as the real moron (1)

element-o.p. (939033) | more than 3 years ago | (#36454568)

Elitism certainly is a black mark upon technical fields, you're right. But I'm not entirely sure I disagree with shadowfaxcrx. Here's the rub: if you want to use *ANY* product, there is a minimum skill set required to use it. Ever see toys with the label "Warning: not for use by children under three (or five, or seventeen) years of age!" or household appliances that say "Adult supervision required"? Or, to drive a car, you must first prove to the DMV that you have the necessary skills and judgment to do so safely. At some level, a smart phone -- or any networked computer, for that matter -- shouldn't really be any different. If you want to use the device, you should take the time to learn at least a little bit about how it works and what potential hazards there are to its use.

I'm not saying that everyone who wants to use a smart phone should obtain a professional network admin-level skill set before they are allowed to purchase one, but as shadowfaxcrx said, understanding that "a scientific calculator does not need to read your contacts or see your location" to work isn't exactly rocket science.

Re:Your arrogance marks YOU as the real moron (1)

david_thornley (598059) | more than 3 years ago | (#36454884)

Okay, when was the last time you saw a computer with a warning sticker? Or a requirement to show a license and insurance? Heck, does it say on the Google Apps Mart (or whatever) that the apps may be dangerous?

If we're going to market computers and smartphones as if they were completely safe, people will use them as if they were completely safe. There's too many complicated things out there for everybody to keep track of all dangers themselves. I know something about the dangers of software, but there's a whole range of dangers out there I don't know of, and in a situation I'm not familiar with I'm likely to do something that any expert would consider dumb.

Re:I realize I'm going to get torn to shreds... (0)

Anonymous Coward | more than 3 years ago | (#36454194)

The closed iPhone store is a great advantage to have when you sell phones to morons."

Unfortunately, "morons" buy phones from all manufacturers and platforms.

Let's even go away from any derogatory words. Try searching the Android Marketplace for Angry Birds. You'll find apps with the same exact icon as the legitimate app. They pose as "extra levels", "cheats", or newer versions. Imagine walking into Best Buy and seeing those items. You'd imagine the software was authentic because the store (Best Buy) indirectly legitimizes them.

Google and the Android Marketplace, for now, have the benefit of legitimacy. Unless Google intervenes in a more direct way, instead of just waiting for the malware to pop up, then they will eventually lose the trust users have in their store.

Re:I realize I'm going to get torn to shreds... (1)

iluvcapra (782887) | more than 3 years ago | (#36454198)

The closed iPhone store is a great advantage to have when you sell phones to morons.

No flames there.

(and to be fair, as the latest Mercedes commercials featuring drivers crediting the car for bailing them out from being idiot drivers demonstrates, it's not just in electronics).

You're right, we'd all be better off if these people and their passengers were dead, or better yet, quadriplegics on disability.

If Apple wants to market their phones to morons by basically saying "don't worry, we'll protect you from your own stupidity,"

God grant me the serenity to accept the stupidity we cannot change, the courage to change the stupidity I can, and the wisdom to not consign people who don't meet my standard of intelligence to ruin, misery, and death.

Re:I realize I'm going to get torn to shreds... (1)

shadowfaxcrx (1736978) | more than 3 years ago | (#36454610)

I'm probably dumb to reply to this, because I somewhat suspect you're trolling but...

(and to be fair, as the latest Mercedes commercials featuring drivers crediting the car for bailing them out from being idiot drivers demonstrates, it's not just in electronics).

You're right, we'd all be better off if these people and their passengers were dead, or better yet, quadriplegics on disability.

How about we'd be better off if they paid attention to their driving instead of texting or talking or whatever else they were doing to require electronic overrides to prevent their stupid driving?

The rest of your reply just indicates you need to look up the definition of "flame."

Re:I realize I'm going to get torn to shreds... (1)

swb (14022) | more than 3 years ago | (#36454904)

Real World Data Point:

I drive a Volvo S80 with "Collision Avoidance" which is very similar to the Mercedes technology; it uses some kind of radar, coupled with the car computer to figure out if your current speed/acceleration might result in a collision with the object in front of you, using the radar to measure its distance.

If you meet the criteria, it sounds an audible and visual warning and pre-charges the brakes

I thought it was kind of BS, but there have been a couple of incidents where I think it has saved me from rear-ending the car in front of me.

Both times it was in stop-and-go traffic where you'd speed up to about 40 before you had to come to a near complete stop, usually quickly, and in kind of overcast, flat lighting making the distance in front of you hard to judge, especially at low speeds with quick stops.

Does it enable jacking around with your cell or something? No, it only "works" when you're legitimately about to nail someone and it doesn't give you enough breathing room unless you're actually paying attention.

Re:I realize I'm going to get torn to shreds... (1)

Xaedalus (1192463) | more than 3 years ago | (#36455126)

I agree with you. Morons are morons, shadowfaxcrx. But you're talking about someone's loved ones who aren't as smart as we are (possibly including yours). Hearing that your father, mother, brother, sister, son, daughter, grandfather, grandmother, etc are stupid morons who deserve the fates they get is really, really harsh. If you're willing to look your family member/friend in the face and call them a stupid moron for downloading what they thought was a reasonable app (let's just concede that anyone who downloads tentacle porn apps or screaming Japanese girls does get what they deserve - it's not a zero sum game here), then yes, you are perfectly entitled to tell the whole world that approximately half of its population is on the wrong side of the bell curve.

Just be ready to pay the emotional price of hurting someone's feelings, pride, or undermining their sense of self-confidence. It's a bitter price to pay, because I've done it. And I've regretted it ever since. Sometimes the illusion of competence is the only comfort one has.

Re:I realize I'm going to get torn to shreds... (2)

element-o.p. (939033) | more than 3 years ago | (#36454742)

(and to be fair, as the latest Mercedes commercials featuring drivers crediting the car for bailing them out from being idiot drivers demonstrates, it's not just in electronics).

You're right, we'd all be better off if these people and their passengers were dead, or better yet, quadriplegics on disability.

There's a problem with that. I was reading an article recently -- I think it was in the most recent issue of Motorcyclist magazine -- that claimed that accident and accident fatality statistics don't seem to support the claim that improved technology actually makes the roads any safer. According to the article, safety equipment like seat belts, ABS, traction control, helmets, neck braces and body armor (the last three more for motorcyclists than drivers, obviously) can certainly have a pronounced affect upon motor safety IF PEOPLE DON'T CHANGE THEIR DRIVING HABITS . Unfortunately, the increased perception of safety causes people to drive in such a way as to escalate the risk back to approximately the same level it was before the safety equipment was installed. Now that people feel like they have a safety net that will "keep them out of trouble", they will tend to push the envelope harder, which ends up putting the risk level more or less back to where it was before the safety equipment was installed.

In other words, you can try to find a way to protect stupid people (and to be fair, I've been one myself more often than I'd like to admit) from themselves, but you're probably not going to be able to stop someone who is sufficiently stupid and/or motivated.

Re:I realize I'm going to get torn to shreds... (1)

ColdWetDog (752185) | more than 3 years ago | (#36455098)

I'm really suspicious of the statement that improved crash technology doesn't 'work'. I'm too busy to go look up the US stats but I'm under the impression that auto fatalities ARE dropping. Part seems to be clamping down on drunk driving, part seems to be the newer vehicles. I work as an ER doc and I've seen some really trashed vehicles result in very minor injuries. I know that's anecdotal but I've seen lots of car wrecks over the years.

Now, I think the accident rates haven't changed that much and there well may be something to your assertion that people are using the new technology as a crutch, but once you've gone over the edge, crumple zones, harnesses and air bags do work to keep you out of my clutches.

Re:I realize I'm going to get torn to shreds... (0)

zonky (1153039) | more than 3 years ago | (#36454010)

There have been trojans in the iOS store too- for example, unofficial tethering inside flashlight apps...

Re:I realize I'm going to get torn to shreds... (2, Funny)

Anonymous Coward | more than 3 years ago | (#36454066)

That's not a trojan. That's an easter egg.

Re:I realize I'm going to get torn to shreds... (1)

zonky (1153039) | more than 3 years ago | (#36454092)

Let's just agree to call it totally unvetted functionality that apple didn't have a clue about?

Re:I realize I'm going to get torn to shreds... (0)

Anonymous Coward | more than 3 years ago | (#36454792)

Hmm. That's an illusion of security. Check this out - http://www.macrumors.com/2011/06/15/passcode-collecting-app-pulled-from-app-store/ .

Recent happening - app was able to harvest users' pass codes, it became a news item, then Apple realized it and pulled the app. So no flaming is required that Apple's closed app store can't prevent malware.

What the (4, Informative)

vajorie (1307049) | more than 3 years ago | (#36453924)

Why do you not link to the original [ncsu.edu] article?!

Re:What the (2)

Pollardito (781263) | more than 3 years ago | (#36453996)

That doesn't have the list of apps either. The internet is broken.

Re:What the (0)

Anonymous Coward | more than 3 years ago | (#36454078)

Some malware has even gone so far as to prevent its detection by removing references to itself on the internet.

Re:What the (1)

idontgno (624372) | more than 3 years ago | (#36454220)

I can see this malware has also downmodded your analysis of its behavior to +0 and converted your helpful post into an anonymous coward post. That is some kind of powerful malware!

Bot related? (1)

munozdj (1787326) | more than 3 years ago | (#36453988)

TFA says that this malware leaks a list of granted permissions and prompts the user to install a .jar in his/her device. If the user does install it, the device becomes a zombie. What would the course of action be if your Android phone is infected? Keep in mind that smartphones are kind of the ideal botnet zombie for a DDoS attack since they are always on and, presumably, have access to the network. I think it's time for a good Android antivirus/malware/spyware/thingware or for a tighter app publication process from Google.

Re:Bot related? (1)

zonky (1153039) | more than 3 years ago | (#36454532)

Dialling premium rate numbers, obviously. Malware apps are totally useless anyway - if they rely on signature-based detection.

Same as for regular computers (2)

TyFoN (12980) | more than 3 years ago | (#36454006)

You wouldn't install Schkype from Mr Hong on your PC and you should not do that on the phone either!

Re:Same as for regular computers (4, Funny)

idontgno (624372) | more than 3 years ago | (#36454126)

Good point. I usually prefer Panaphonic products, especially since I'm boycotting Sorny and generally unhappy with the product quality from Magnetbox.

Re:Same as for regular computers (1)

Freultwah (739055) | more than 3 years ago | (#36454902)

On a similar note, my last Recbok sneakers broke in half and the Neki sweatshirts were conspicuously tissue-thin. It's a good thing I found Adibass to replace it. Now if I could find a BAFS or DTK tape for my Panascanic personal cassette player...

Re:Same as for regular computers (1)

the_psilo (592055) | more than 3 years ago | (#36455576)

You, my friend, need a Carnivalé.

15 Seconds Quality Time with Google... (3, Informative)

idontgno (624372) | more than 3 years ago | (#36454024)

turns up Sophos' analysis [sophos.com] of this "Plankton" malware.

The sample of the EULA associated with the malware app (yes, malware EULAs) lists "Angry Bird Cheater" by name, so there's one of the candidates. Also, quoting the article:

The code suggests that it is a platform, but it does not disclose its purpose. Descriptions of the apps pulled from the Android Market contain the text:

This application is brought to you free sponsored by Choopcheec Platform. It adds a search shortcut on the home screen or application screen.

So, "Choopcheec" seems to be a common codeword for the apps. Whatever that is.

Re:15 Seconds Quality Time with Google... (1)

idontgno (624372) | more than 3 years ago | (#36454074)

AAaaaand, another 10 seconds with Google tells me "choopcheec.com" has sample EULA text like the one above for one other product that Google can find: "Can You Drive".

Re:15 Seconds Quality Time with Google... (2)

idontgno (624372) | more than 3 years ago | (#36454344)

OOOH, the off-market AndroidZoom app website seems to not have pulled any apps down in response to this fiasco. Searching the site for "Choopcheec" returns this: [androidzoom.com]

Angry Birds Cheater by Crazy Apps
Chit Chat by Crazy Apps
Snake Kaka by Phill Dig
Angry Birds Rio Unlock by Crazy Apps
Favorite Games Backup by Crazy Apps
Gun Bros Helper by Crazy Apps
Call Ender by Crazy Apps
Angry Birds Multi User! by Crazy Apps
Bring Me Back My Droid! by Crazy Apps
Shake To Fake (Fake call) by Crazy Apps

That's 10 apps... maybe that's the rogues' gallery?

ats;dr (2)

NotSanguine (1917456) | more than 3 years ago | (#36454042)

In case you're wondering, that's "Author too stupid;didn't read"
When I saw that the author apparently didn't know the difference between 'affect' and 'effect' I gave up.
IMNSHO, If you can't get that right, you don't deserve to be read.

opibaipastbi (1, Insightful)

UmbraDei (1979082) | more than 3 years ago | (#36454938)

In case you're wondering, that's "Original poster is being an inconsiderate prick and should totally be ignored"
> People make typos. You do too. I'll bet you a 100 dollars, euro's or whatever currency you use on that. And with spelling correction these days valid words in a wrong context are even easier to miss...

Also, as an advance warning for possible future rants (and this may come as a shock. I suggest you find a nice and comfortable seat first before reading on):
[SPOILER]Not everyone on the internet is a native English speaker. The 'INTER-' part might be a subtle hint for that.[/SPOILER]

makes ya wonder (0)

Anonymous Coward | more than 3 years ago | (#36454076)

if you really need a phone "smart" enough to catch malware.

they do still make phones that are just phones, ya know.. those fancy and expensive i-this and e-thats may look cool, but when your phone is working when everybody elses' is infected with something is way cooler.

Re:makes ya wonder (2)

idontgno (624372) | more than 3 years ago | (#36454434)

Well, you know, I don't especially need a phone. That's for talking to people, and what's the fun in that?

Now, getting into a Wikipedia edit war while driving down the road and eating a Sonic burger... That's fun!

Seriously, though. My HTC isn't a phone, it's a portable computer with telephony capability that I occasionally use.

In other words, you're talking about solving the wrong problem. You want phones that are immune to malware, and as you point out, they're still thick on the ground. I want an ultraportable computer that doesn't get hacked, trojaned, or otherwise attack me without provocation. That's a bit harder.

the real question is this (0)

Anonymous Coward | more than 3 years ago | (#36454168)

How will google solve this problem? Are they going to start evaluating and testing all apps before users can buy it? If the android app market is going to thrive in the long term, the issue has to be addressed. Google has to do a better job regardless of what other platforms do or don't do.

Here's a good one (0)

Anonymous Coward | more than 3 years ago | (#36454460)

I have a T-mobile MyTouch, and I can't access the page linked in the article,
twice it's just crashed my browser and taken me to the main screen.
It's the only link that has ever done it, me thinks it survival mode for
some application :)

A few quick tips to avoiding malware (1, Insightful)

sl4shd0rk (755837) | more than 3 years ago | (#36454848)

0) Do some research on your apps before installing
1) Stick to open source apps whenever possible
2) don't just click through like whack-a-mole when installing... read the perms!

Take the same precautions on your Android phone.

The Android Market (2)

JohnG (93975) | more than 3 years ago | (#36454928)

The Android Market in general is pretty broken because of the lack of even a rudimentary review process. The other day I was looking at the new releases in the Sports Games category and there were about 5 or 6 pirated ebooks of Harry Potter, the Twilight Series and several others. Needles to say, this is not only illegal, it's in the wrong category. This has been a problem in the market since its inception and Google still has yet to do anything about it. If they are unwilling to have someone at least look over the titles and categories that an app is placed in before allowing it on the market, in order to cut back on massive copyright and trademark violations and make browsing the store by category possible, why do we think they'll take any preemptive strike against malware? Google doesn't even give Android developers a convenient way to contact them. It seems to me that they wanted the Android Market to be a set it and forget it kinda thing. Will the negatively publicity form the malware for them to change that stance? I doubt it.

Re:The Android Market (2)

WhitetailKitten (866108) | more than 3 years ago | (#36455754)

I've noticed that from the beginning. All the apps offering (IP-infringing) ringtones and soundboards, pretty much from day one, never mind pirated ebooks and so on. I think Google's strategy is kind of the Youtube/safe harbour policy: Let people decide what they want to see, take things down on complaints.

I'm not saying this is the smartest idea, because I tend to be quite wary about any app that has permissions I can't immediately determine (why does a calculator need full network access? Okay, perhaps ads, but I don't know that), but that appears to be their strategy.

Re:The Android Market (0)

Anonymous Coward | more than 3 years ago | (#36456054)

because I tend to be quite wary about any app that has permissions I can't immediately determine (why does a calculator need full network access? Okay, perhaps ads, but I don't know that)

That, in and of itself, is a good reason to run something like Droidwall. I blacklist ALL apps by default, and only turn on connectivity for an app if actually needs it to perform its function.

there is a hellacious amount of ignorance here (0)

Anonymous Coward | more than 3 years ago | (#36454932)

Understand this: Allowing untrusted or unsigned code to be sideloaded and executed
is the exact same thing as gaining physical access
is the exact same thing as gaining root
is the exact same thing as being hacked
is the exact same thing as being profitable to someone malicious

Did we learn nothing from the desktop era at all? Do you understand that allowing "a separate store" on a device BY DEFINITION means allowing untrusted code a runtime, which thoroughly guarantees that it can eventually break through to a higher privilege level and do whatever it wants on the entire device?

Even having a 100%-signed and verified environment like iOS doesn't protect you completely, since malicious input can still sail in over HTTP, kick Safari's teeth in, and start working its way down the stack. But while Apple gets to focus on that, the rest of the industry is... god, I don't even know the metaphor... Google is inviting sketchy friends to come party with each user and giving them VIP passes.

We all know that once you're infected, the only way to be sure that you're not rootkitted is to reinstall everything from scratch, right? Right? So what's the process to do that on a phone that might not even have a host PC to install from?

The security stakes are much higher on a smartphone, and yet this industry won't stop screaming bloody murder until shoddy VLC builds can be one-click installed from Hungarian FTP servers. Jesus. Sometimes I think we deserve this future we're building.

Re:there is a hellacious amount of ignorance here (1)

Linux Ate My Dog! (224079) | more than 3 years ago | (#36455070)

Mod parent up. Software people need to understand this: users cannot be asked to do "deep reasearch" and "understand permissions", they do not have the time, and they paid good money for their device that should simply work.

And we can say they are "noobs" or "stoopid" all we want, and do not deserve nice things, but the reality is that examining permissions is right now really user-unfriendly, and actually not possible: I can easily make a program that requires map access and being able to send a data message for the fun little location game I am selling, and there is no way even the smartest permissions-examiner now knows I have made a remotely-activated stalking device.

Users will vote with their wallets to get phones where they can simply get their stuff done and get some fun out of them without having the feeling every step could be quicksand. So as phone ecosystem manufacturer you have the choice of don't let crap happen on the phone, or watch your consumer pay your competitor for a phone where crap can't happen. And to make crap not happen, you will have to only allow safe programs on the phone. And as parent shows, this means a closed store.

Re:there is a hellacious amount of ignorance here (2)

WhitetailKitten (866108) | more than 3 years ago | (#36456002)

Not that a closed store stops crap from happening [slashdot.org] , mind you. Lessens, perhaps, but not stops.

Maybe Google could require an ESRB -style disclosure on what permissions are needed for what (I say ESRB because game developers are required to submit a listing of content that may be offensive/suggestive/etc. with their application for a rating), with real penalties for screwing around. The disclosure could go with the app in the market, putting it up front in a more obvious way that, hey, this Angry Birds level unlocker app requires the ability to make phone calls for ____ reason. Yes, the malware developer could make up reasons and, if they're in, say, China, probably get away without a lawsuit or anything, it should be a red flag to even the least-savvy user. It'd help if it had a timer that prevented you from just rubber-stamping the install buttons without looking in the way that Firefox/etc. have for extension installs.

Behavioral firewall (0)

Anonymous Coward | more than 3 years ago | (#36455634)

What we need is a firewall that keeps track of all of the communication by application and uploads stats into a server which aggregates/processes the data and looks for unusual activity.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>