Go Back   Android Forums > Android Discussion > Android Applications
Android Applications All the information you could ever want about Android Applications. Learn about apps and get help with them... all here! New apps can be found and announced in the Applications Announcements forum linked below.

Get excited for the Samsung Galaxy S5! Find everything you need and discuss it in our Galaxy S5 Forum!

test: Reply
 
LinkBack Thread Tools
Old February 9th, 2010, 08:11 AM   #1 (permalink)
New Member
Thread Author (OP)
 
Join Date: Jan 2010
Posts: 8
 
Device(s): DROID!
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default Security Aspect.

Can anybody shed some light on the security aspect of Android?

What security mechanisms are used lets say in "Bank of America", "MyVerizon", and "WordPress" apps ?

Do I even have to worry about security, because I am not exactly sure if these apps are built by the companies themselves?

Anybody using such applications on their "androids"?

(there is always an option by visiting the website directly, but the problem of zooming on every screen gets annoying when there is no multi-touch capability).

Hoping to hear from you!

Anybody knows the time-line for Droid for the recent multi-touch update?

caiel is offline  
Reply With Quote
sponsored links
Old February 9th, 2010, 12:21 PM   #2 (permalink)
Junior Member
 
Join Date: Nov 2009
Posts: 16
 
Device(s):
Carrier: Not Provided

Thanks: 2
Thanked 0 Times in 0 Posts
Default Security of Personal Data?

I've started to load apps on my Droid as the needs become apparent.

Each one issues dire warnings upon installations that they have access to everything short of one's DNA. Contact, location, presumable messages etc etc.

What is th erealistic risk that something bad will com of it? Are there many instances of apps that burrow in and do nothing but betray or rob you?
RI_TDI is offline  
Reply With Quote
Old February 9th, 2010, 02:11 PM   #3 (permalink)
New Member
Thread Author (OP)
 
Join Date: Jan 2010
Posts: 8
 
Device(s): DROID!
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by RI_TDI View Post
I've started to load apps on my Droid as the needs become apparent.

Each one issues dire warnings upon installations that they have access to everything short of one's DNA. Contact, location, presumable messages etc etc.

What is th erealistic risk that something bad will com of it? Are there many instances of apps that burrow in and do nothing but betray or rob you?
Thanks for the reply!

The concern comes from using Banking apps, and such sensitive information (login ID/pwd).

How different is android surfing compared to any WiFi surfing?

Where do you draw the line?

For instance, I don't use sensitive info on any WiFi

Bottom line: am little hazy/confused on the security of cell phones (DROID), any loose ends I have to really worry about ? "hacks/eaves dropping" to worry about..

Bear with my basic questions
caiel is offline  
Reply With Quote
Old February 9th, 2010, 02:24 PM   #4 (permalink)
Junior Member
 
Join Date: Nov 2009
Posts: 16
 
Device(s):
Carrier: Not Provided

Thanks: 2
Thanked 0 Times in 0 Posts
Default

I'm asking if anyone sees additional risk. Android phones concertrate more of your personal data into a smaller package in an OS that I don't know much about other than it does the user-visible stuff better than Windows Mobile. just beiong able to know your location could for instance tell someone when to break into your house.
RI_TDI is offline  
Reply With Quote
Old February 9th, 2010, 02:30 PM   #5 (permalink)
New Member
Thread Author (OP)
 
Join Date: Jan 2010
Posts: 8
 
Device(s): DROID!
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by RI_TDI View Post
I'm asking if anyone sees additional risk. Android phones concertrate more of your personal data into a smaller package in an OS that I don't know much about other than it does the user-visible stuff better than Windows Mobile. just beiong able to know your location could for instance tell someone when to break into your house.
If your house is locked and the lock is dependable, you don't even have to worry...

I am talking about the bank accounts, social security number, etc on those lines...

In short.., "Identity thefts"...
caiel is offline  
Reply With Quote
Old February 9th, 2010, 02:32 PM   #6 (permalink)
Member
 
Join Date: Dec 2009
Posts: 204
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 1 Time in 1 Post
Default

Personally.....I'd wouldn't use an app for banking.....I'd just navigate to their sites using a browser.

Just recently there was a case of exactly what you describe....a developer had written a whole bunch of banking apps designed to steal information.

The flip side of the whole open source thing is that there is nobody policing the app store........until something bad happens....
You have to decide if its worth it to you to be one of the people who's information gets compromised BEFORE Google removes the offending app/bans the developer


If you do decide to use an app....NEVER use an app that's not directly created by the bank/institution themselves.....
Look through the permissions of the app. I would respectfully disagree that they are all standard operating warnings and not to be heeded.

They are not all that hard to decipher....why would a file manager need internet or gps access for eg?

NOTHING is safe from someone who really really wants it......You don't want to make their job easier if they are not specifically targeting you, by being careless.

Personally I would think that Wifi/3G surfing that is encrypted is accepted as safe....even though the 3G encryption was cracked by researchers in less than 2 hours a few weeks back.

You just decide what your acceptable level of risk is... For me....I feel that it is unacceptable for me to use a banking app that is NOT written by the bank itself....But I would use banking information over 3G/encrypted Wifi.
magnus is offline  
Reply With Quote
Old February 9th, 2010, 02:38 PM   #7 (permalink)
Junior Member
 
Join Date: Nov 2009
Posts: 16
 
Device(s):
Carrier: Not Provided

Thanks: 2
Thanked 0 Times in 0 Posts
Default

I am asking about the porosity of Android security, not a hypothetical house.

The purpose of the example was to say there is additional information of value on your phone when compared to surfong from your PC.

The apps say they access to a lot of data - is there history of any using it for no good?
RI_TDI is offline  
Reply With Quote
Old February 9th, 2010, 02:40 PM   #8 (permalink)
Member
 
Join Date: Dec 2009
Posts: 204
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 1 Time in 1 Post
Default

Yes there is one instance on abuse recorded so far.

Google Pulls Fraudulant Banking Apps From Market | DroidTalk
magnus is offline  
Reply With Quote
Old February 9th, 2010, 02:44 PM   #9 (permalink)
Junior Member
 
Join Date: Nov 2009
Posts: 16
 
Device(s):
Carrier: Not Provided

Thanks: 2
Thanked 0 Times in 0 Posts
Default

Thx magnus. Only one instance is pretty good.

Is the SSL on the browser as good as PC browsers?
RI_TDI is offline  
Reply With Quote
Old February 9th, 2010, 02:47 PM   #10 (permalink)
New Member
Thread Author (OP)
 
Join Date: Jan 2010
Posts: 8
 
Device(s): DROID!
Carrier: Not Provided

Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by magnus View Post
Personally I would think that Wifi/3G surfing that is encrypted is accepted as safe....even though the 3G encryption was cracked by researchers in less than 2 hours a few weeks back.

You just decide what your acceptable level of risk is... For me....I feel that it is unacceptable for me to use a banking app that is NOT written by the bank itself....But I would use banking information over 3G/encrypted Wifi.
Pardon me, but you just contradicted yourself from above!
IMHO, there has to be a third party certifying institute, which can certify the security of any such apps...

For instance "Verisign Certification", etc...

But again...
Quote:
Originally Posted by magnus View Post
Personally I would think that Wifi/3G surfing that is encrypted is accepted as safe....even though the 3G encryption was cracked by researchers in less than 2 hours a few weeks back.
caiel is offline  
Reply With Quote
sponsored links
Old February 9th, 2010, 03:19 PM   #11 (permalink)
Member
 
Join Date: Dec 2009
Posts: 204
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by caiel View Post
Pardon me, but you just contradicted yourself from above!
IMHO, there has to be a third party certifying institute, which can certify the security of any such apps...

For instance "Verisign Certification", etc...

But again...
That's true......Verisign is a good idea....

When you said I contradicted myself.....were you talking about the fact that I would consider using 3G even though it was cracked....

If so...yeah I agree :-) ....But I didn't link to the article. It was cracked by a researcher to show out-dated the encryption systems for 3G networks are. It showed how easy it would be for somebody who really wanted to access ANYTHING over 3G communications to do so provided they had the right know how.
Just because something is possible, does not make it just as probable. It is not a common place thing......AFAIK. I'll take my chances

But hey....like I said.....it depends on your acceptable level of risk. Yes, 3G encryption has been cracked. Yes, Banks get robbed......but that doesn't stop you from using one.

Just be wise and know your risks. Beyond that....the circumstances are out of your control really....if someone is determined enough. No point in living in fear......but be wise.
:-)
magnus is offline  
Last edited by magnus; February 9th, 2010 at 03:22 PM.
Reply With Quote
Reply


Go Back   Android Forums > Android Discussion > Android Applications
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 05:54 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.