nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Adware API sends smartmobe data home to Chinese company

Malicious software removal

If Google Play Store can nag me every week to update Twitter yet again, it should be able to warn me when an app I have installed has been removed from for breaking their T & C.

10
0

Re: Malicious software removal

Or better. Block it from working the next time you access it with a warning and explanation on how to remove the offending app.

4
0
Anonymous Coward

Re: Malicious software removal

I was just going to ask how Android handles apps that are already installed on phones that google has removed from their App Store for being 'dangerous'. I take it from your answer that it does nothing. To be honest, I don't know if iOS is any better in this regard.

1
0

Re: Malicious software removal

The play store has the ability to remotely delete applications if I do not remember incorrectly. It is a weapon they rarely brandish though.

3
0

Re: Malicious software removal

Indeed they can remotely remove apps. I think they have only done it twice before, don't now if they have done it this time because the article doesn't say either way.

1
0

Re: Malicious software removal

Or even better, remove the app completely and leave only a placeholder that pops up a message saying it was removed for malware.

1
0
Silver badge
Big Brother

"make sure it's not snoopware"

And here's me thinking that ALL adware is snoopware...

11
0
Silver badge
FAIL

So let me get this straight...

This malware payload can be dlownloaded, installed and executed without any kind of administrator/root access - the only things blocking it is a setting in a database and the end user being smart enough to not just say "ok" to all the permissions the app asks for?

Good grief, if this were Windows XP instead of Android and an EULA instead of permissions, I'd swear we were back in the early 2000s again...

Then again, Google have built their entire business on slurping as much data about everything as possible - I guess if they tried to stop anyone else doing it, they could be seen as a monopoly... oh, wait...

11
1
Anonymous Coward

Re: So let me get this straight...

Mobile phone users need the minimum barriers possible between downloading an app and being able to 'express themselves' on social media.

3
0
Anonymous Coward

Re: So let me get this straight...

There are at least 3 protection mechanisms in force here, 3 more than Windows XP.

1/ Runtime permissions

2/ Malicious apps scanning on your phone

3/ Malicious app scanning on the store

Also, if you are stupid enough for an app to request access to your call history you should be sure you trust an app with your call history. Would you give your house keys to someone you didn't know?

1
1
Anonymous Coward

Re: So let me get this straight...

This is doing nothing that the user didn't permit.

It can download and execute a module, but only within it's own security model, and it can only access call history, camera, audio etc, if the user has granted access for it to.

So what exactly is wrong with this app? Essentially nothing, it's doing things you granted it to do.

What is actually happening here, is The Register are giving free advertising to Lookout. The real agenda is here on a single line on their "article".

"All Lookout customers are protected from this threat."

Yep, scareware is alive and well. I suggest Lookout are as scummy as the writers of these apps, for cashing in on gullible people.

1
2
Silver badge

Google Mobile Services

Quietly downloading new hidden components and sending back personal data? If there's one thing that Google hates, it's somebody else doing the creepy things that Google does.

6
0

First, Eliminate Apk's with Advertising SDKs

If you want an indepth look at all the ad-ons, like advertising SDK's, developer tools, and every single permission an Apk has, then this Android app can help. Besides scanning every apk.downloaded, or updated, on the device in real time, it gives definitions for just about everything an app has in it. The pop-up notice let's you examine the app before opening it.

https://play.google.com/store/apps/details?id=com.denper.addonsdetector

1
1
Anonymous Coward

Re: First, Eliminate Apk's with Advertising SDKs

No offence as you may be just plugging a legit tool independently. But access to this info needs to be built-in. Its all about Mushrooming mobile-users (feeding them shit and keeping them in the dark). App developers / Storefront giants maintain an illusion of gatekeeping (nothing to see here). Meanwhile every week the Reg has a warning about an app on an store that's toxic and should never have gotten on there. And now that's its loaded-on user's devices, there's still no actionable guaranteed way to remove it, notify the user and refund them either!

0
0
Silver badge

Re: First, Eliminate Apk's with Advertising SDKs

That was a needlessly harsh downvote. That could be a useful app for many people, and it wasn't as if he posted a link to some random site.

As for the ad-sdk's, i was fed up with some of the things one in particular was up to, and after investigating, decided to disabled every ad-sdk that did more than was reasonable.

All but 2 have been disabled. Seriously, someone needs to come out with an "ethical" ad company/sdk and shout this fact from the rooftops. (yes, i know what I'm saying!)

Most of the ad companies seem to be evil arseholes doing dodgy stuff (and I say that not as a quip against ad companies generally, but by looking at the sort of shit they get up to)

A very popular metric they seem to feel justified to have is the device unique id. And if that is blocked? They take your MAC address. Evil bastards.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing