Discussion in 'all things UNIX' started by Ocky, Jul 8, 2012.
Clickjacking Rootkits for Android: the Next Big Threat?
To quote: The rootkit could be downloaded with an infected app and, once established, could manipulate the smartphone.
No. Because you would not install the infected app first. And this brings us back to square one - don't install crap.
And how do you know it's crap before installing.
On the google market aka play-store they do not display any crap/noncrap classifications.
And there's no such thing as download, virus scan, then install if clean.
Download is immediately followed by installation. A major flaw IMO.
1) Google Play Store is protected by Bouncer
2) Don't install apps with 1 or 2 stars and read user comments.
3) Question all permissions (does that game REALLY need SMS?)
4) Root your phone and use Droid wall (firewall - default deny apps from getting internet access) and LBE Privacy Guard or PDroid (Revoke permissions). (yes, it's for the advanced user but still).
For the most part common sense is all that's needed. Android (mobile) malware is extremely overblown the majority of it comes from thrid-party stores (not the play store). Most of the crap in the play store that is considered "malware" is just advertising garbage saying "you won an ipad".
That said the state of AV's is worse. I have tested every AV on the play store (from a reputable source i.e Avast!) and all of them miss known malware (spam apps)! The detection rate is bellow 50% accurate. You are honestly better off without it and using common sense.
That's crazy talk! We all know from the Windows world that AV software is a sure-fire way to have a 100% computer!
Comparing AVs on Windows to those on Android is ridiculous because the capabilities are completely different. On Android it's a futile attempt at blacklisting. On Windows you get heuristics and various other forms of analysis that yield far better rates of detection.
Good advice, only thing I could possibly add is:
5) Turn off auto-updates for less well known apps
Otherwise something harmless could slowly turn into something harmful, as was demonstrated earlier this year when researchers used incremental updates to get past Bouncer.
Separate names with a comma.