http://blog.thedaily.com/post/13161548514/malware-developers-are-now-exclusively-targeting

woodsmoke

Great. After all these years of not worrying about crap like that [on my computers], now I have to worry about my phone? :o

BTW, the first line of the actual article pissed me off:


Android and iOS fanboys may bicker endlessly over which operating mobile system is better

>:( I love bickering about how my Android phone is better than any other OS.

It's very contentious. Have a look at http://www.theregister.co.uk/2011/11/21/mobile_security_dust_up/

Thanks for the link, arochester. Interesting read.

Why would anyone with any common sense trust the opinion of someone who stands to make a profit off that opinion?

It the same reason life insurance salesmen think single people with no kids need life insurance.

Of course, the loose definition of a trojan would cover many apps already available ::)

Sorry, but if I get a request to install something on my phone that I didn't download myself - I'll just say "no"

http://blog.thedaily.com/post/13161548514/malware-developers-are-now-exclusively-targeting


Hell, looks like we fraidycats should just all buy Windows Phones...they don't even show up in the list, so they must be the safest phone available, riiiiiiiiight? :P (There probably haven't been enough Windows Phones sold to even be part of the "other" category.)



>:( I love bickering about how my Android phone is better than any other OS.


DYK, is there anything you don't emjoy intentionally agitating people about? ;D



Why would anyone with any common sense trust the opinion of someone who stands to make a profit off that opinion?


I have lately begun paying less attention to security news published by security product vendors.

I have lately begun paying less attention to security news published by security product vendors.


"We's want's to welcome youz to the 'hood. Youz gonna wants da "insurance" wez provide so youz business is protected. Get it?"

My gf has anti-virus on her Android phone, I think AVG. I'm glad she does.

@Telengard

If she ever finds a virus do let us know.

Hell, looks like we fraidycats should just all buy Windows Phones...they don't even show up in the list, so they must be the safest phone available, riiiiiiiiight? :P (There probably haven't been enough Windows Phones sold to even be part of the "other" category.)

Exactly!




>:( I love bickering about how my Android phone is better than any other OS.


DYK, is there anything you don't emjoy intentionally agitating people about? ;D

Hold on while I try to think of something...

That graph which highlights the OP's link is highy misleading.
http://27.media.tumblr.com/tumblr_lv2jp0gdXK1qf5y35o1_500.jpg

It fails to take into account the market share of the OSs involved. You'll notice that Symbian accounts for 65-75% of the circle (adding both Symbian's together), Android about 15-20%. When you look at Google Trends for the last 30 days:
http://www.google.com/trends?q=symbian%2C+nokia+lumia%2C+nokia+n8%2C+iph one+4s%2C+Android&ctab=0&geo=all&date=mtd&sort=4
shows, normalized on Android:
nokia lumia 0.03
nokia n8 0.04
symbian 0.05
iphone 4s 0.28
android 1.00

shows that Symbian is trending at 1/20th that of Android, yet has 3 to 4 times the malware. It also shows that Nokia's Lumina and N8 are NOT developing any market buzz, which explains why WinP7 isn't on that graph, or is buried in "other". According to Rolfe Winkler of the WSJ, "That’s bad news for Nokia, which has seen its share of the worldwide smartphone market collapse from 33% to 14% over the past year according to Strategy Analytics. Dumping its own mobile operating system in favor of Windows Phone is CEO Stephen Elop’s Hail Mary heave to recapture momentum."

Microsoft's market share remains flat at 2% and, surprisingly, so has Apple's iPhone at 28%, according to analyst house Nielsen (http://paidcontent.org/article/419-nielsen-android-grew-its-smartphone-marketshare-iphone-stayed-flat/) . More than half of the smartphones sold worldwide in the third quarter of this year were powered by Google's Android software, according to Gartner (http://www.physorg.com/news/2011-11-android-smartphone-gartner.html).


A total of 60.5 million Android-powered smartphones were sold in the third quarter, giving the operating system a 52.5-percent market share, up from 25.3 percent in the same quarter a year ago.

Nokia sold 19.5 million smartphones using its Symbian operating system in the third quarter but its share of the smartphone market fall to 16.9 percent from 36.3 percent a year ago.

Apple sold 17.3 million iPhones powered by iOS software during the quarter. Apple's market share slipped to 15.0 percent from 16.6 percent a year ago.


But, I agree with Chris DeBona, who said (https://plus.google.com/u/0/114765095157367281222/posts/ZqPvFwdDLPv#114765095157367281222/posts/ZqPvFwdDLPv): "... neither smartphones based on Google's Android nor Apple's iOS need anti-virus protection. Anyone telling you different is a snake-oil salesman ...."

He adds: "Many anti-virus firms have branched out into offering security software for Android, including commercial products from Kaspersky Lab, F-Secure and Symantec. Lookout Mobile and AVG's DroidSecurity offer basic protection software at no charge to consumers. Some security firms, Lookout and Intego, offer more basic security packages for iOS but without bundled anti-virus protection, which is not supported by iOS."

Between, say 2002 and 2006, Kaspersky Lab used to run annual "Linux has viruses and needs protection" ads in the prominent journals and webpages. I haven't seen those ads in a few years so I guess they were costing more money than sales brought in. Serves then right. The only security problems that Linux has are those created by users using poor or no passwords, and about the ONLY Linux boxes that are taken to the dark side are those on which hackers manually cracked into in order to make them command and control boxes for the numerous and large bot farms composed of Windows zombies. A statistic I've repeated before, but bears repeating, is that the largest Windows bot farm ever found contained 4,500,000+ Windows boxes, and the largest Linux bot farm ever found contained 700 Linux zombies. The Windows farm was created with a few emails in a few days using a zero day exploit. The Linux bot farm took a group of hackers more than 6 months to collect.

The Linux kernel is behind the Android phone.

But, don't feel bad for Microsoft. Their lawyers have intimidated more than half of the Android suppliers into paying a license fee on Android that is equal or greater than the license fee on WinP7, except that according to Barnes & Nobel, the license that MS wanted them to sign didn't allow them to upgrade their Nooks, thus making them obsolete within a year. Some estimate that MS has extorted more than $500M in Android license fees, which just about makes up for their WinP7 losses and costs. That gravy train may be coming to an end. B&N is fighting back and with some powerful prior art arguments against the "IP" patents MS tried to assert. When Google's purchase of Motorola is (if) approved they will be in direct confrontation against MS because MS sued Motorola over Android.

Once it goes through (Google's purchase of Moto), somebody grab the popcorn. This could get... interesting.

@Telengard

If she ever finds a virus do let us know.


I'd be happy to, supposing I actually remember. Let's hope that never happens though. She had a terrible run of malware on Windows before I finally got her converted to Mac (long story.)

Based on the little I've read, I get the idea that anyone can make anything they want into an Android app without any kind of review whatsoever. That kind of freedom sounds awesome, until you consider the huge incentive to root millions of phones for fun an profit. Given that most Android users aren't even aware they are running Linux, nor basic security practice, I'm not terribly confident in its security.

Refute me if you wish, but don't waste too much time; I won't be dissuaded from my paranoia.

>:( I love bickering about how my Android phone is better than any other OS.


DYK, is there anything you don't emjoy intentionally agitating people about? ;D

Hold on while I try to think of something...

Well, I gave it some thought--and came up empty! ;D

Well, I gave it some thought--and came up empty! ;D


This much is to be expected. :P

Well, I gave it some thought--and came up empty! ;D


This much is to be expected. :P


Yes, indeed. You know, I didn't earn my title of having bigger balls than most men by accident. :o

Great. After all these years of not worrying about crap like that [on my computers], now I have to worry about my phone? :o

BTW, the first line of the actual article pissed me off:


Android and iOS fanboys may bicker endlessly over which operating mobile system is better

>:( I love bickering about how my Android phone is better than any other OS.


Yeah, I am actually surprised. Applications run in a Dalvik VM (virtual machine)... I would have thought Google would have made this a bit more difficult to take advantage of. In all fairness though, the user DOES have to install applications (in most cases), so this issue exists for ALL operating systems --> error between keyboard and user.

But anyways, we'll see how the situation develops. I'm sure Google is doing something about it; hopefully it won't make the development environment overly restricted like Apple's.

Yeah, I am actually surprised. Applications run in a Dalvik VM (virtual machine)... I would have thought Google would have made this a bit more difficult to take advantage of. In all fairness though, the user DOES have to install applications (in most cases), so this issue exists for ALL operating systems --> error between keyboard and user.


Dalvik is designed to maximize shared memory and doesn't provide any kind of security boundary. Application permissions are based on PIDs and GIDs assigned when an application is installed. The kernel enforces these permissions; there's no mechanism to dynamically reassign them and Dalvik cannot offer runtime security checking.

More info for the curious (http://developer.android.com/guide/topics/security/security.html).