Discussion in 'mobile device security' started by Minimalist, Sep 10, 2018.
aw so honorable Apple. Batten down the hatches and keep the Keep Out policy rolling. Security-Privacy Matters
Now if only Google could kick out all the "anti"viruses from Play Store, giving people a false sense of security.
Amen to that, Android doesnt need antivirus, they wont help anyway ...
I don't fully agree about not having a 2nd opinion of apps downloaded from app stores. The google play store has had some dodgy apps which Google removed once discovered. If a dodgy app uses up mobile data or calls premium rate numbers then Google removing the app afterwards is to late. Google are not going to refund the loss. Prevention is always better than cure. Apple or google doing the scanning for their own app stores is a mono culture so if someone finds a way past the scanning process then you do not have a second line of defense.
Why do we need an app for that though? Can't Kaspersky or whatever just report the shady apps to Google and have them taken down?
I think you are missing the point. By having an app running in the background it can detect an app doing something it shouldn't be before it steals data or money. A criminal could be making millions before google take the app down.
Would you rather someone break in to your house steal your possessions and then the police look for the criminal or would you rather something to prevent or deter them?
There is security and there is privacy.
Let's have a look at the Mac App Store. This article from the Malwarebytes Labs may be interesting:
"Mac App Store apps are stealing user data"
Unfortunately, this sort of misses the point as well. An anti-virus app running in the background would very likely need elevated rights in order to detect what other apps are doing. The whole point is that Apple wants all applications sandboxed, so there is very little chance of any app being able to do something it shouldn't outside of the sandbox or to any other app or any other app's data. If you allow AV apps with all sorts of elevated rights, you have now just opened up a hole in the sandbox schema... and malware vendors would just call their program an AV app in the hope that it flies under Apple's reviewing radar. Which is sort of what happened in Mac App Store...
I think it's a bit of a mistake to conflate the Mac App Store (MAS) with the iOS App Store. Both are run by Apple, sure, but Apple has been under far more pressure from developers of macOS apps to broaden sandbox rights. So that developers can access the file system in order to implement things like duplicate file finders, old & large file finders / disk mapping apps, batch file renaming apps... and, yes, adware and malware scanners. MAS apps do have sandboxing, but the developers get around it by asking the end-user to click a permissions button granting the application permission to scan the files or folders selected. If the app says it is an adware scanner and it asks the user to grant permission to the root directory, or to even just the user's home directory... most people are going to click OK in order to get the scan going. I think the MAS situation sort of bolster's the argument Apple is trying to make on the iOS App Store in terms of not allowing "sandbox rights' creep" even for arguably benign or beneficial purposes.
you both can't be more wrong...
As Sheldon Cooper said: "More wrong? Wrong is an absolute state and not subject to gradation."
Androids and Macs are similar in that they have a low percentage (yes, I know how popular Android is on Phones...) of a user base that Blackhats can actually exploit. That is the only reason there isn't a bunch of malware for these systems- it's just not worth it.
But don't be deceived: As soon as either Mac, Android, Chrome, etc will commonly be used in the Enterprise space there will appear just oodles and oodles of malware (and I won't even mention the plethora of Info Stealers currently in existence that Google Play lets slide...).
Problem is that the antivirus for Android really can't do anything. They can only scan the apps themselves, not what they are actually doing to your phone.
Even so, AV for Android is useless simply because 0-days are so rare compared to Windows.
Please explain to me what the use of an antivirus that can't scan processes truly is, hmm? All it can do is scan the installed apps and kindly inform you of any bad apps it finds. Sandboxing on Android is real, which is great for security but bad for the ad campaigns run by Kaspersky.
How to remove a virus from an iPhone or iPad
Separate names with a comma.