T-Mobile Bringing Anti-Malware Pre-Installed to Android Devices

T-Mobile Bringing Anti-Malware Pre-Installed to Android Devices

Oct 25, 2012

Well, here’s some bloatware that might actually come in handy: according to Mashable, T-Mobile is partnering with ssecrity firm Lookout to load some anti-malware software on T-Moblie phones with with the LG Optimus L9 and Samsung Galaxy Tab 2 10.1 when they’re released.

Now, why would a carrier want to load anti-malware software? Well, it likely would help them out with technical support, as if people download a bad app, then they’ll likely complain to the carrier, presuming it was their fault. Such is the nature of technical suppor.t Plus, phones that don’t wind up messing up? Means that people may be more likely to buy their next phone from T-Mobile. It’s potentially a winning combination from T-Mobile, and may actually be a useful piece of pre-installed software for a change. After all, there are so many iffy permissions that it can be hard to tell what’s actually legitimate and what’s selling my contact information to every sketchy data mining firm under the sun.

Anti Spy Mobile Pro Finds Malware and Apps With Suspicious Permissions

Anti Spy Mobile Pro Finds Malware and Apps With Suspicious Permissions

Aug 22, 2012

Anti Spy Mobile Pro is an app with a simple purpose – to help solve these confusion that is malware. After all, with apps requesting all kinds of permissions, how is it possible to tell what might be sketchy and what isn’t? That’s where Anti Spy Mobile Pro comes in. The app does a scan of apps that are currently installed on the device, and then alerts the user as to what is active malware, and what just has suspicious permissions. For suspicious apps, the particular permissions that could be troubling, such as SMS reception and call recording, are listed. Why does that first-person shooter want to read my SMS messages, anyway? Good luck, it’s installed on a tablet, but still! AntiSpyMobile offers a button to uninstall the app, or to mark it as safe. After all, one would expect a call recorder app to record calls, or for an SMS replacement app to read SMS messages. Regular scans can be done and the user alerted as to any suspicious permissions that pop up. Anti Spy Mobile Pro is available from Google Play.

Security Researcher Discovers Ways That Android Apps Can Maliciously Share Data Without Permissions

Security Researcher Discovers Ways That Android Apps Can Maliciously Share Data Without Permissions

Apr 13, 2012

Ever think that a way to detect if certain Android apps are malware because of suspicious permissions they request access to? Well, apparently that’s not even a reliable indicator at this point, because Paul Brodeur of Leviathan Security has put together a sample app that shows just what trouble an app can cause even without having any permission access at all. It’s possible for any app to have read-only access to the SD card and all the photos, backups, and even sometimes OpenVPN certificates as Brodeur discovered. Second, it’s possible for any app to find out what apps are currently installed on each device and “This feature could be used to find apps with weak-permission vulnerabilities, such as those that were reported in Skype last year.” Third, it’s possible for apps to read GSM and SIM vendor IDs, kernel version, and Android ID.

In order to share this information, apps can use the URI ACTION_VIEW to send this data by opening a web browser by sending it through a URI. These vulnerabilities exist in both Gingerbread and Ice Cream Sandwich. Since updating Android is so difficult for Google, these security vulnerabilities may not be patched for many users for a while – and it may be difficult to tell if an app is taking advantage of them.

Google Reveals Their “Bouncer” For Preventing Malware on the Android Market

Google has announced some new security measures to help improve the integrity of software on the Android Market, and to prevent the spread of malicious software. This service called Bouncer is now running on Google servers, scanning for malware being uploaded to the Android Market. It does this by scanning for currently-existing malware, spyware, trojans in apps being uploaded. Google claims that all apps uploaded to the Market are run on their cloud infrastructure in order to simulate what the app will do on an Android device in order to try and determine any negative effects an app will have.

While it would have difficulty detecting new forms of malware being created, Google claims a degree of success with Bouncer: malware has decreased on the Android Market by 40%. This is cheekily included next to a mention that providers of anti-malware software are claiming that the amount of malware on the Market is increasing. This appears to be true based on Google’s claim though – as they claim a 40% decrease in “potentially-malicious downloads from Android Market” while device activations increased 250% year-over-year. So, more malware may be making its way to the Market, but Google is decreasing the rate of malware on the store.

Naturally, this is something that iOS proponents will harp on Android as being something where the malware rate on the App Store is nearly zero. This is a trade-off on Android: apps have more power and permissions in exchange for some decreased security conditions. It’s part of Android, and as Google claims – apps have to list their permissions on the Market, third-party software must be prompted to install on a device before having negative effects, there is a degree of sandboxing on the device, and Google can kill malware on users’ devices remotely. This is superior to most any desktop platform experience, still, and at least Google is trying to take steps to show that the Market is not just the Wild West that some would make it out to be.

Google Reveals “Bouncer” Service for Removing Malware on the Android Market

Google Reveals “Bouncer” Service for Removing Malware on the Android Market

Feb 3, 2012

Google has announced some new security measures to help improve the integrity of software on the Android Market, and to prevent the spread of malicious software. This service called Bouncer is now running on Google servers, scanning for malware being uploaded to the Android Market. It does this by scanning for currently-existing malware, spyware, trojans in apps being uploaded. Google claims that all apps uploaded to the Market are run on their cloud infrastructure in order to simulate what the app will do on an Android device in order to try and determine any negative effects an app will have.

While it would have difficulty detecting new forms of malware being created, Google claims a degree of success with Bouncer: malware has decreased on the Android Market by 40%. This is cheekily included next to a mention that providers of anti-malware software are claiming that the amount of malware on the Market is increasing. This appears to be true based on Google’s claim though – as they claim a 40% decrease in “potentially-malicious downloads from Android Market” while device activations increased 250% year-over-year. So, more malware may be making its way to the Market, but Google is decreasing the rate of malware on the store.

Naturally, this is something that iOS proponents will harp on Android as being something where the malware rate on the App Store is nearly zero. This is a trade-off on Android: apps have more power and permissions in exchange for some decreased security conditions. It’s part of Android, and as Google claims – apps have to list their permissions on the Market, third-party software must be prompted to install on a device before having negative effects, there is a degree of sandboxing on the device, and Google can kill malware on users’ devices remotely. This is superior to most any desktop platform experience, still, and at least Google is trying to take steps to show that the Market is not just the Wild West that some would make it out to be.