Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Prototype Clickjacking Rootkit Developed For Android

samzenpus posted more than 2 years ago | from the click-attack dept.

Android 51

ShipLives writes "Mobile security researchers have identified an aspect of Android 4.0.4 (Ice Cream Sandwich) and earlier models that clickjacking rootkits could exploit. As part of an effort to identify potential weaknesses in smartphone platforms, the team was able to develop a proof-of-concept prototype rootkit that attacks the Android framework, rather than the underlying operating system kernel."

cancel ×

51 comments

Sorry! There are no comments related to the filter you selected.

Windows 8 upgrade prices dropped by Microsoft (-1)

Anonymous Coward | more than 2 years ago | (#40522073)

If a user is running Windows XP, Windows Vista, or Windows 7, they’ll be able to upgrade their software with a simple download that’ll only cost them $39.99 USD

Re:Windows 8 upgrade prices dropped by Microsoft (1)

Anonymous Coward | more than 2 years ago | (#40522579)

That's awesome. Windows 8 is the best.. it's like GNOME 3 but from Microsoft.

Re:Windows 8 upgrade prices dropped by Microsoft (1)

iiiears (987462) | more than 2 years ago | (#40523571)

Agressive pricing frightens slashdotters newly accustomed to Linux's increased market share.

Like every other slashdotter I'll buy a copy for photoshop, mixcraft and games. (Windows is for ralaxation - lol)

And worse (0)

Billly Gates (198444) | more than 2 years ago | (#40522125)

All the regular apps including AV software are crippled in a garden so an infection like this can not be cleaned up easily.

I have a phone that is probably infected as my Galaxy 1 is slow and its browser crashes once a day. There is no way to fix it either as AV software just looks for bad apps and does not check system files or anything else.

Re:And worse (-1)

Anonymous Coward | more than 2 years ago | (#40522213)

it's pretty clear that the iOS security model has trumped the android security model. See the iOS white paper as well. Two questions: 1) when will google right the ship and fix these security holes? 2) Can they fix these security holes without changing the tenets that underpin android, such as anybody can post apps with no boundaries? 3) is it too late? there's already 100 million+ handsets in the wild.

Re:And worse (-1)

imamac (1083405) | more than 2 years ago | (#40522333)

There has to be a balance between free/open and secure. When it comes to phones, Apple almost nailed it right on. I think they could relax just a tad, but overall they got it right. I don't see Google getting it right any time soon.

Re:And worse (2)

bmo (77928) | more than 2 years ago | (#40522395)

>There has to be a balance between free/open and secure.
>implying that closed source is more secure
>implying

No.

>Apple almost nailed it right on

No, no they didn't. They are anti-FOSS. The only thing they got right was taking the software repository idea from the FOSS world and calling it a store. Where they failed is that they don't allow other stores/repositories in spite of the fact that the FOSS world has been living with multiple trusted repositories for many, many years now.

--
BMO

Re:And worse (1)

imamac (1083405) | more than 2 years ago | (#40522425)

I wasn't talking about source code.

Re:And worse (1)

MobileTatsu-NJG (946591) | more than 2 years ago | (#40522447)

Where they failed is that they don't allow other stores/repositories in spite of the fact that the FOSS world has been living with multiple trusted repositories for many, many years now.

Heh. It's just Android that hasn't.

Multiple trusted repositories (3, Informative)

tepples (727027) | more than 2 years ago | (#40522709)

Both Google Play Store and Amazon Appstore tend to be trusted by Android users, as do several lesser-known repositories. Do you plan to explain whether or not each deserves that trust and why?

Re:Multiple trusted repositories (1)

Anonymous Coward | more than 2 years ago | (#40522791)

Apps banned from Play for being mal-ware end up on other stores where they continue to enjoy life. Apple's approach has actually proven to be better.

Most Android malware is actually distributed ... (1)

Anonymous Coward | more than 2 years ago | (#40523809)

via Google's Play Store. This is a KNOWN FACT, not bs.

The official repository IS the problem main. Haven't heard about a single malware being distributed on the Amazon App Store.

Re:Multiple trusted repositories (1)

MobileTatsu-NJG (946591) | more than 2 years ago | (#40523977)

http://it.slashdot.org/story/11/06/15/183209/more-malware-infected-apps-found-in-android-market [slashdot.org]

I realize this is anecdotal, but every Android malware story I've seen also mentioned the Marketplace is where they get it. I doubt users 'trust' it so much as they hope there is safety in numbers.

Re:And worse (-1)

Anonymous Coward | more than 2 years ago | (#40522805)

They are anti-FOSS.

Good! That's about the only thing I do like about Apple. While Apple has a large presence in the gay community, they aren't above locking out a bigger group of cock-grabbing fags, FOSStards. Take your bullshit elsewhere, BMO.

Re:And worse (1)

alexgieg (948359) | more than 2 years ago | (#40525837)

No, no they didn't. They are anti-FOSS.

Not quite. What Apple really is against is "open hardware", or, more precisely, "open OS", at least when it comes to the one (hardware and OS) they themselves sell. As for individual pieces of software, they don't care whether it's FOSS or not. On the other hand, if your FOSS license of choice happens to prevent others from uploading it to their app store, see VLC for iOS, killed, if I remember correctly, by the VLC folks themselves, what guilt do they objectively have? When an open source project selects a license that forbids end-users of closed hardware from running said project's software, that's precisely one of the "features" the project aimed for, meaning it's working as intended.

(It could be argued that the project actually intends to encourage hardware makers to not close the hardware. But that's the positive side of things, the negative being that, if the hardware maker doesn't opt to open it, end users will suffer no matter what. You can't have one without the other, the alternative being to have neither.)

Re:And worse (1)

Goaway (82658) | more than 2 years ago | (#40526379)

No, no they didn't. They are anti-FOSS.

And they release so many large and widely used open source projects because... they hate it so much?

Re:And worse (0)

Anonymous Coward | more than 2 years ago | (#40522539)

"There has to be a balance between free/open and secure."

The balance I want is 100% free and open. Without being totally in control of my computer, I CANNOT know that it is secure.

And sorry, but I have a better track record than walled gardens. iOS's is pwned right out of the box - by Apple. It's unacceptable for anyone to pwn my systems, doesn't matter if it's Apple or a Russian crime syndicate. The fact remains that iOS is untrustworthy; since it's controlled by someone else, it follows that it cannot be trusted by ME.

Re:And worse (1)

the_B0fh (208483) | more than 2 years ago | (#40523799)

Exactly! I know I can trust you because you write everything from the bootloader and firmware upwards! After all, Google wouldn't be doing anything to invade your privacy, like the did with iPhone.

Re:And worse (0)

Anonymous Coward | more than 2 years ago | (#40522621)

There has to be a balance between free/open and secure. When it comes to phones, Apple almost nailed it right on. I think they could relax just a tad, but overall they got it right.

I don't know if you are trolling, but you are wrong.

The manufacturer should never have more capability to access a device than the end user. Apple utterly fails at that. Note that the video here is a rootkit, which means iOS and every other platform is just as vulnerable as Android.

Re:And worse (5, Informative)

Xenx (2211586) | more than 2 years ago | (#40522373)

It's not security model difference between iOS and Android, it's a design philosophy difference. Android isn't designed to keep you in the walled garden. As such, iOS will always be more secure. Giving users a choice invariably leads to some of them making the wrong choice. That isn't a fault of Android, it's a fault in the rest of society.

Re:And worse (1)

imamac (1083405) | more than 2 years ago | (#40522407)

[quote]It's not security model difference between iOS and Android[/quote] Seems to me that's exactly what it is. Part of it is design philosophy, too, of course.

Re:And worse (2)

Xenx (2211586) | more than 2 years ago | (#40522725)

My point is that it was a design choice to allow a freedom to install apps. It isn't a situation where you can compare security models and just say iOS is better. You can make arguments about which method is preferred, but not which is better.

Re:And worse (1)

imamac (1083405) | more than 2 years ago | (#40522785)

Okay, I'll buy that. A lot of this debate does come down to personal choice. I have much more confidence in Apple's walled garden (which is a massive garden, btw) as opposed to the chaos that seems to plague Android.

Re:And worse (1)

Xenx (2211586) | more than 2 years ago | (#40523123)

There isn't as much chaos on the Android side as people like to think, but it is there. Anyone that takes the time to actually learn and understand the devices they buy, is usually fine on Android. iPhones, however, require less effort for entry level use. This isn't meant as a slight, just an observation. I would much rather support people on an iPhone than an Android because they likely don't have a clue either way and iOS is iOS... I can walk through the settings in my sleep.

Re:And worse (2)

bmo (77928) | more than 2 years ago | (#40522445)

>That isn't a fault of Android, it's a fault in the rest of society.

This.

The rest of society wants its purple gorillas in spite of the fact that it's badware.

--
BMO

Re:And worse (0)

recoiledsnake (879048) | more than 2 years ago | (#40522599)

I love it how this fact only comes up when it's Slashdot's darling OS, but the same fact is projected as a failure of Microsoft when it comes to Windows malware in countless +5 insightful comments over the years. Hypocrisy to the core.

Re:And worse (1)

Xenx (2211586) | more than 2 years ago | (#40522687)

Some people might feel that way, I do not. I wouldn't take all blame away from MS for some of the things about their OS. But, the blame for installing crap software lies on the user.. regardless of the OS.

Re:And worse (1)

Billly Gates (198444) | more than 2 years ago | (#40522793)

I got his by 3 pieces of malware over the years. None of them were installed by choice but were drivebyes.

As a result I stopped using Firefox which does not have sandboxing, I switched to a decent AV package as I was one of those users who felt I didn't need AV as I never click on things and get infected so kept old AVG etc. I only have flash on Chrome which is sandboxed by default. I keep it UPDATED as no one updated flash prior to 2011. I manually disabled Java in all my browsers as I still use Eclipse etc. Created a seperate non admin account and have secure DNS now.

The average user does not go to these extremes to protect themselves and shouldn;t. My phone is not as flexible as a real PC is to lock down and have access to control by security software. It is not the users fault that they use XP which is horrible in terms of security and use flash 9 and adobe reader 7. This is a typical home PC BTW and non IT professionals have no idea these are holes and have no reason to leave XP.

Yes not using IE 6 is common sense today and statistics show they don't. That doesn't mean Firefox which is now much bigger and has no sandboxing is better.

Phones are worse as I can not update past Android 2.2 without rooting my phone. AT&T wants me to throw it away for another $450 phone and a 2 year contract to get the security fixes instead which is outrageous. Yes this is a problem and the platform sucks for AV software to find and remove these on the phone.

Re:And worse (1)

Xenx (2211586) | more than 2 years ago | (#40523201)

No OS is without fault, no program is without fault, and no user is without fault. You need to base your decisions upon what you feel you can handle with your level of competence. Use AV. Use a more secure browser. But, the biggest security hole in any system is the user. If you can't figure out that you shouldn't be installing every app you see, go with iOS. If you choose something else, accept that you open yourself to potential risk.

Does this excuse the manufacturer, or Google, from all responsibility... no. But, I do think they're doing a decent job of balancing the open nature with need for security. As for your issue with firmware updates, I don't disagree. But, Google has been working to improve that with the carriers and manufacturers.

Re:And worse (2)

bmo (77928) | more than 2 years ago | (#40522797)

>I love it how this fact only comes up when it's Slashdot's darling OS

That the there is a problem that sits in the chair that confuses the part in the seat with the part looking at the screen has been brought up time and again with other OSes. I have actually come out and said that encryption and all the security in the world doesn't effin' matter if you can get the user to trade the key for a candy bar, which has actually happened.

You just have selective hearing, which means you are an asshole.

--
BMO

Re:And worse (0)

recoiledsnake (879048) | more than 2 years ago | (#40523063)

It has been brought up yes, but if you've missed the overwhelming support and hundreds of posts on Slashdot for the notion that Windows is not as secure as Unix based OSes, then you're blind and have selective vision, which means you're a blind asshole.

Now that we know how malware-free a popular Unix based OS is, out comes blaming the user instead of the OS.

Re:And worse (3, Insightful)

Anonymous Coward | more than 2 years ago | (#40523165)

You seem to be suggesting that it's impossible for it to be simultaneously true that users are lax about security AND the OS is insecure. But why would there be any conflict between those two claims? It's perfectly possible that many Windows users have poor security practices and Windows itself is less secure than other OSes.

Re:And worse (1)

the_B0fh (208483) | more than 2 years ago | (#40523909)

wish I have modpoints. Don't understand why people don't understand this point.

Re:And worse (1)

ThatsMyNick (2004126) | more than 2 years ago | (#40523057)

It all makes sense, when you realize Slashdot is made of more than one person. There are people on slashdot who are not happy with malware on Windows and advocate more of a walled garden, and then there are people who believe in freedom to install malware if they wanted to. So you have more than one set of people, moderating at different points of time, carrying different opinions at different strengths. And thus you have, what you call, hypocrisy in slashdot, when all individuals are perfectly non-hypocritical.

Re:And worse (2)

Billly Gates (198444) | more than 2 years ago | (#40523365)

It all makes sense, when you realize Slashdot is made of more than one person. There are people on slashdot who are not happy with malware on Windows and advocate more of a walled garden, and then there are people who believe in freedom to install malware if they wanted to. So you have more than one set of people, moderating at different points of time, carrying different opinions at different strengths. And thus you have, what you call, hypocrisy in slashdot, when all individuals are perfectly non-hypocritical.

Yeah no kidding I was modded down to 0 because I said there is a problem with AV software not having the access in the walled garden to clean up a rootkit infection. Sigh moderators

There needs to be a balance though. Yes security is important but that does not mean banning all javascript except for the OS browser that came with it IE 10, Chrome, Safari, and no one else. Also at least with things like SecureBoot MS is nice enough to have an API for AV scanners to detect and remove rootkits.

I think AV software and alternative browsers should be installed. Walled Gardens are only effective if they block 100% of all exploits 100% of the time and protect the dumb user from themselves. Then it is hell as if one gets through the tools are all walled away from doing anything about it and detecting it. That is a bad design if you ask me.

Re:And worse (1)

Jello B. (950817) | more than 2 years ago | (#40522237)

It's not like malware exists just to make things run slower and crash. And most reasons software does that isn't because of malware.

Re:And worse (4, Informative)

bmo (77928) | more than 2 years ago | (#40522341)

>And most reasons software does that isn't because of malware.

The most significant symptom of malware infection to Joe User is "my computer is slow." Basically because once you have *one* malware infection, others soon follow, because you haven't kept up with updates, install software from random untrusted sites, or are the victim of a leveraged vulnerability or all three. All these bits of malware fight over the same resources and kill the device's usability.

I have personally seen machines with hundreds of infections. This is typical. The user will muddle along until a certain frustration level is met or the computer simply refuses to finish booting, because the virus load is too much for the poor machine to handle.

"My Computer is Slow" is likely a sign that your system has been compromised for quite a while and there is no malware removal tool that can fix it - a wipe and reinstall of the OS is in order.

--
BMO

Re:And worse (0)

Anonymous Coward | more than 2 years ago | (#40522285)

my Galaxy 1 is slow and its browser crashes once a day.

Sounds about normal to me. Mine has been the same way for a year...

Re:And worse (1)

djl4570 (801529) | more than 2 years ago | (#40522427)

Opera for Tablets works a lot better than the default browser on my Galaxy Tab 10.1. Now I need to learn how to diagnose malware.

Re:And worse (-1)

Anonymous Coward | more than 2 years ago | (#40522289)

Actually the worst part is, I can't just go get a cell-phone. I have to get a computer and call it a cell-phone :(
I don't have to worry about security with a landline or an old cellular phone that is just a phone.
We aren't going backwards, but we sure as hell ain't goin forwards either. We're off on some weird fascist tangent.

Dumbphone (1)

tepples (727027) | more than 2 years ago | (#40522729)

You could always buy a dumbphone from Virgin Mobile or your country's counterpart. Sure, those are technically also computers, but it takes a computer to modulate and demodulate voice signals on a digital network. Depending on how many calls you need to make away from home, and whether you have an unmetered land line available to make long calls, a dumbphone might cost you $7 per month or less, and unused minutes roll over as long as you keep paying the minimum every 90 days.

Re:And worse (1)

Xenx (2211586) | more than 2 years ago | (#40522749)

Feature phones are still widely available, everywhere I've seen. So, either you aren't looking.. or just want to bitch about a problem that doesn't exist yet.

Re:And worse (1)

PuZZleDucK (2478702) | more than 2 years ago | (#40523719)

Just as on a PC: The only way to guarantee an infection is gone (without hours of work) is a full OS install from scratch... Pull yourself out of the kiddy pool, root your device and flash a brand new rom that will probably run _faster_ than the original phone. You could then also run a good firewall if you wanted :]

uhmm.... (1)

Anonymous Coward | more than 2 years ago | (#40522127)

Thanks?

Who Are These People? (-1)

sycodon (149926) | more than 2 years ago | (#40523111)

Really...do they have a company? Do we know their names? Do they take appropriate measures to prevent code from "getting into the wild". So they report their findings appropriately?

If the answer is no to all of the above, then they are not "researchers" and they are instead low rent punks hacking into the OS for purposes of compromising them and eventually making money.

And if they are not researches, then someone put a gun in their mouths and feed them a bullet.

Re:Who Are These People? (1)

ThatsMyNick (2004126) | more than 2 years ago | (#40523443)

You only had to look at the link to know this very much legitimate research.
 
  Even if it was not, for Gods sake dont try to redefine the word. I hope some journalist does not pick this up and start using it as definition of 'researchers'. Just call them researchers, and you can use an adjective to describe them as what ever kind of researchers you think they are.

So only install from trusted sources? (0)

Anonymous Coward | more than 2 years ago | (#40522195)

And use SEandroid hardened with guardian? Anything more?

Double standards (0)

Anonymous Coward | more than 2 years ago | (#40522325)

Gee, with all the problems Android is having do you think Slashdot will stop trying to pile on Windows Phone and stop claiming that Windows gets viruses because it is a terrible OS? ...Or do you think they'll ignore anything that clashes with their preconceived notions that anything from MS sucks and that Android must be good because Google makes it and it's open source?

This is a tough one.

Re:Double standards (1)

Exrio (2646817) | more than 2 years ago | (#40522723)

I do think proprietary software sucks just because it's proprietary. I've never claimed it to have anything to do with security, I'm sure the Linux desktop will get malware too if it ever has it's year, just as OS X has now. Anything with a large enough (end-)user base and no totalitarian walled garden will - making security-wise perfect code is really hard and comes with tradeoffs many aren't willing to make especially in consumer software. I still wouldn't touch a totalitarian walled garden OS with a 6.096m long pole. Security becomes useless when it reaches the point where it prevents you from doing with your device what you wanted to do with it in the first place.

www.airmaxskobillige.com,billige nike free sko (-1)

Anonymous Coward | more than 2 years ago | (#40523807)

http://www.airmaxskobillige.com/supra-sko-c-859.html
http://www.airmaxskobillige.com/supra-sko-c-859.html
billige nike free sko
nike free run 3.0 nettbutikk
forskjell nike free 3.0 5.0
nike free run nettbutikk
nike free 3.0 pink
nike barnesko
nike air max salg
billige nike shox nz
sko for kvinner
nike free run nettbutikk
nike free 3.0 pink
nike barnesko
billige nike free fit 2
nike sko
bilige air max p? nett
nike sko billige

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?