There's a
lot of spooky android malware out there.
Android has a feature that allows one app to pull focus from another. So, if I make, say, a popular game application and include this focus call... it can jump into the foreground.
So say you play my awesome game, and decide that you need to check facebook or do some Amazon shopping. Well, luckily, my app calls itself to the foreground with a ripped off log in screen for those apps... now I've got your credentials.
I was at a talk the other day, and one of the researchers mentioned this. He said that when the warned google about this risk, google was like, 'oh, that's a feature, we can remove that.' </facepalm>
Sure there are legit apps that could use this, but so could malicious apps.
They also mentioned that there is an app that you can buy that is basically a rootkit of the device with botnet capabilities. So it can record your conversations and then be used for a ddos. OUCH!
All the more reason to be vigilant of what we install I'd say.
--
I really liked the author's disclaimer at the bottom. (My podcast app quit downloading over wifi.
)
And it was developed by a guy who works for the navy with surface warfare, yep. I'm thinking this has some cool cyberwarfare implications.