• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Researchers discover first malware to target Google's Android

The supreme irony is that 6 months from now, users with rooted phones and AOSP will yawn, because we'll have long since hacked the source to intercept and block outgoing SMS requests to shortcodes and non-American areacodes. Meanwhile, users obediently running official carrier-blessed ROMs will be screwed since carriers won't want to risk having twenty million customers decide to not send votes to American Idol because it would mean having to unblock shortcodes first in the settings menu...
 
Upvote 0
When you say doghouse, are you referring to a sandbox environment?

Actually more of a virtual wrapper around the app so that all ports in and out may be controlled or even simulated for study.

Just as a sandbox protects a repository and limits damage done to source by local tinkering, a doghouse protects an OS and limits the damage an app can do by nefarious outreach of network ports.

In some organizations the two terms have a certain interchangeability.
 
Upvote 0
I think he's referring more to the fact that the Android market is virtually unmonitored.

I took it at face value and that the meaning was simply that with open source there might be a higher potential for exploits to be found by direct examination of the infrastructure and privileged-action handling mechanisms.

This has been a well-known and long-term admonition against open source and proponents line up on both sides of the line in the sand to argue for and against its reasonableness and probability.

I didn't say it, but that's how I read it, and I defend that it's at least worthy to keep on the table until this OS matures further and all facts are known.

FWIW - I'm a huge proponent and supporter of FOSS and have been for nearly two decades.
 
Upvote 0
I took it at face value and that the meaning was simply that with open source there might be a higher potential for exploits to be found by direct examination of the infrastructure and privileged-action handling mechanisms.

This has been a well-known and long-term admonition against open source and proponents line up on both sides of the line in the sand to argue for and against its reasonableness and probability.

I didn't say it, but that's how I read it, and I defend that it's at least worthy to keep on the table until this OS matures further and all facts are known.

FWIW - I'm a huge proponent and supporter of FOSS and have been for nearly two decades.

This is what I meant. To me it's like you have the blueprints for the bank/mansion you want to break into. So they will just look for the doors in the source.
 
Upvote 0
This is what I meant. To me it's like you have the blueprints for the bank/mansion you want to break into. So they will just look for the doors in the source.

Russian (and now Chinese) hackers are known to be particularly clever.

However, in this case, I think the entire exploit was relying on user laissez-faire and was rather straightforward, from what little I've read.

Regardless of market vetting by any camp, over-trust by users will probably always be the most-used infection vector for any OS, in my opinion.

People often flame me for what I'm about to say, and that's a don't-care for me:

I note that the report on this exploit was given by a anti-virus/malware vendor.

I've noted over the years that the anti-virus/malware vendors seem particularly adept at fixing viruses almost as soon as they're released into the wild - and the more vendors for that sort of thing there are, the more viruses seem to crop up.

People tell me there's no one hiding under my bed and that I have cause and effect wrong.

And I just follow the money.

On this, I'm probably completely wrong. I often am.

In this case, the exploit did accompany a profit motive for the black hats.
 
Upvote 0

BEST TECH IN 2023

We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.

Smartphones