....They have created an app, it's in the market, and it's called the "FCC Mobile Broadband Test". The app "provides consumers with information about the quality and speed of their mobile data connection. Test the upload speed, download speed, and latency of your mobile broadband connection and share your results with a simple email export." It has access to:
Your location
Network communication
Phone calls
Yeeeeeeeeeeeeeah, no, don't think I'll be installing this one. Who knows what other surreptitious things this app does. Figured everyone else might like to know.
Doesn't speedtest do the same thing?
Sent from my Droid Incredible using XDA App
I'll pass on that one...but think there are many big brother apps out there
whats77inaname said:
....They have created an app, it's in the market, and it's called the "FCC Mobile Broadband Test". The app "provides consumers with information about the quality and speed of their mobile data connection. Test the upload speed, download speed, and latency of your mobile broadband connection and share your results with a simple email export." It has access to:
Your location
Network communication
Phone calls
Yeeeeeeeeeeeeeah, no, don't think I'll be installing this one. Who knows what other surreptitious things this app does. Figured everyone else might like to know.
Click to expand...
Click to collapse
I am fairly certain that every app installed on Android accesses the phone or network or both. It is most likely asking for your location for the exact same reason the website SpeedTest.net asks for it...even if you access it on your PC... and that is so it can measure your speed and latency from the server closest to your location. If you notice this app was not made the US Govt. it was made by someone named Ookla who also made an app called “Speedtest.net Speed Test”.
Let's not get paranoid without actually looking beneath the surface here. More than likely this was just someone trying to make an “official sounding” app. A government agency like the FCC would actually list itself as the publisher of something like this and not any specific individual, especially under the name of “Ookla”.
For example, how many official IRS publications have you ever seen that list an individual person as the author or publisher? Now how many are just listed as “IRS Publication _____”?
As for exporting the resluts, many "Speed Test" websites publish the results of each test and many offer statistical averages for each ISP, state or country. On the surface, this seems like the same thing "speed test" programs have been doing since the '90s.
The only thing that raises a red flag to me is this Ookla guy using the "FCC" name for his own app. That alone is the only thing that would make me think there is anything suspicious about this. Reason to be cautious? Sure. Government conspiracy? Certainly not.
If you are are going to be scared of every app that accesses your phone calls and data connection, I would recommend not downloading any apps at all. As I stated earlier, I am fairly certain they all do and if not all, then certainly a very large majority do.
MagickalShadow said:
I am fairly certain that every app installed on Android accesses the phone or network or both. It is most likely asking for your location for the exact same reason the website SpeedTest.net asks for it...even if you access it on your PC... and that is so it can measure your speed and latency from the server closest to your location. If you notice this app was not made the US Govt. it was made by someone named Ookla who also made an app called “Speedtest.net Speed Test”.
Let's not get paranoid without actually looking beneath the surface here. More than likely this was just someone trying to make an “official sounding” app. A government agency like the FCC would actually list itself as the publisher of something like this and not any specific individual, especially under the name of “Ookla”.
Click to expand...
Click to collapse
1) I surmise you didn't pay attention to the "Visit the developer's Webpage" section (http://www.broadband.gov/qualitytest/about) nor did you pay attention to the "Send mail to developer" link ([email protected]).
Last time I checked, the only entity that could register a .gov domain name would be, hmmmmmmmmmmmm, the govt?
2) So, for s&g's let's just jump over to http://www.broadband.gov/, and lo and behold, it's a site by the FCC.
3) Let's run a quick "who is" query...
"WHOIS information for broadband.gov :
[Querying whois.nic.gov]
[whois.nic.gov]
% DOTGOV WHOIS Server ready
Domain Name: broadband.gov
Status: Active
Please be advised that this whois server only contains information pertaining to the .GOV domain. For information for other domains please use the whois server at RS.INTERNIC.NET."
4) And finally, the privacy statement for the site:
"The FCC is collecting and storing street addresses, IP addresses, and broadband performance information through these speed tests. (The FCC is not collecting email addresses through these speed tests.) The street addresses will not be released, disclosed to the public, or shared with any outside entities, including Ookla and M-Lab, except in the limited circumstances described in the Consumer Broadband Test Privacy Statement. The FCC, Ookla, and M-Lab are collecting and storing broadband performance information and IP addresses, which Ookla and M-Lab may release to the public. The FCC will not make individual IP addresses available to the public except in the limited circumstances described in the Consumer Broadband Test Privacy Statement. For more information, see the complete Consumer Broadband Test Privacy Statement, the Ookla Privacy Policy , and the M-Lab Privacy Policy. The FCC is soliciting this information under authority of the Broadband Data Improvement Act of 2008, Pub. L. No. 110-385, Stat 4096 § 103(c)(1); American Reinvestment and Recovery Act of 2009 (ARRA), Pub. L. No. 111-5, 123 Stat 115 (2009); and Section 154(i) of the Communications Act of 1934, as amended."
So, to counter your false claims and your casually dismissive attitude, I would suggest you follow your own advice next time (and look beneath the surface) before you step into a glass house throwing rocks. I did my research before posting, did you?
And granted, this may be a totally benign app, but given the source and other things they have been known to do, do you *really* want to take that gamble?
whats77inaname said:
1) [/B]).
but given the source and other things they have been known to do, do you *really* want to take that gamble?
Click to expand...
Click to collapse
Who exactly are they and what have they done? Granted, I didn't read the website info, but as I pointed out, this is not really any different than any other app in the entire market.
Last time I checked, the FCC wasn't kicking in the front doors of peoples homes and anal probing them for information about their G-mail contact list. I have no clue who "Ookla" is so, I have no clue what they have been known to do. For that matter I have no clue what M-Lab has been known to do either. If you want to go down the whole Govt. conspiracy "oh no they are after me" road, then hey, knock yourself out. But if they really were after you, they probably wouldn’t take the gamble that you would download their app from Android market. They would probably just legislate it into law that every phone had to ship with it pre-installed.
Unless that would interfere with their plans for the UFO's, the next Sept 11th or the reincarnation of Elvis or whatever other paranoid crap everyone wants to blame a relatively incompetent government of flawlessly doing with the personal information of every citizen within its borders...
I think I am going to text message everyone in my contact and tell them to run a test with this app...then we can all panic that the FCC knows we own cell phones, how fast our internet connections are and where we live...as if they couldn't have figured all this out yesterday before any one of us installed the app...unless they are going to use this to spy on us...oh wait I remember everyone being paranoid about that after watching it happen to Will Smith in "Enemy of the State" back in the '90s...so that can't be it...
Oh well... if I never post on here again, that means they found out I download apps form the Android Market...and god help us all when they find out about everyone else...
Oh and by the way, "Ookla" isn't part of the government: http://www.ookla.com/about.php
MagickalShadow said:
Who exactly are they and what have they done? Granted, I didn't read the website info, but as I pointed out, this is not really any different than any other app in the entire market.
Last time I checked, the FCC wasn't kicking in the front doors of peoples homes and anal probing them for information about their G-mail contact list. I have no clue who "Ookla" is so, I have no clue what they have been known to do. For that matter I have no clue what M-Lab has been known to do either. If you want to go down the whole Govt. conspiracy "oh no they are after me" road, then hey, knock yourself out. But if they really were after you, they probably wouldn’t take the gamble that you would download their app from Android market. They would probably just legislate it into law that every phone had to ship with it pre-installed.
Unless that would interfere with their plans for the UFO's, the next Sept 11th or the reincarnation of Elvis or whatever other paranoid crap everyone wants to blame a relatively incompetent government of flawlessly doing with the personal information of every citizen within its borders...
I think I am going to text message everyone in my contact and tell them to run a test with this app...then we can all panic that the FCC knows we own cell phones, how fast our internet connections are and where we live...as if they couldn't have figured all this out yesterday before any one of us installed the app...unless they are going to use this to spy on us...oh wait I remember everyone being paranoid about that after watching it happen to Will Smith in "Enemy of the State" back in the '90s...so that can't be it...
Oh well... if I never post on here again, that means they found out I download apps form the Android Market...and god help us all when they find out about everyone else...
Oh and by the way, "Ookla" isn't part of the government: http://www.ookla.com/about.php
Click to expand...
Click to collapse
1) I tempered my post with "this could be benign".
2) No one is hollering conspiracy theorist except you, I'm simply providing the facts that this app exists, it will reside on your phone, and there is no real way of knowing what it does outside of what is stated.
3) Yeah, I read Ookla isn't part of the government, did I ever say they were? But at this point, that's just tit for tat. And if you don't know who "they" are (I think I've spelled that out) and what they've "done", about the only thing I can suggest is that you research your history.
I think I'm about with this post. Do want you want, dude.
whats77inaname said:
1) I tempered my post with "this could be benign".
2) No one is hollering conspiracy theorist except you, I'm simply providing the facts that this app exists, it will reside on your phone, and there is no real way of knowing what it does outside of what is stated.
3) Yeah, I read Ookla isn't part of the government, did I ever say they were? But at this point, that's just tit for tat. And if you don't know who "they" are (I think I've spelled that out) and what they've "done", about the only thing I can suggest is that you research your history.
I think I'm about with this post. Do want you want, dude.
Click to expand...
Click to collapse
Actually the whole tone of your post screams "conspiracy theory". Even your reply does when you state:
"there is no real way of knowing what it does outside of what is stated".
That is the very definition of "conspiracy theory" and really the same could be said for any app. Seriously, this is not the only app that gathers information or accesses the same things, it is just the only one you targeted in your post. You're just paranoid about this specific one because it supposedly has "government ties".
And no, you haven't spelled out who "they" are. That is why I asked. Apparently I am mistaken, so please...enlighten.
Telling me to research history is a cop out. I am guessing you have some evidence of something malicious going on or there would be no need for suspicion of the app outside of some paranoid idea you have. Besides I must be missing something if I don't see the danger in this app that you do, so why trust me to uncover anything on my own in my history research? No, I am sure that you actually have some real hard evidence here that you can bestow upon the masses at large to convince us all what evil lurks within the Android Market.
I mean you post this here about this single app based on not so unique characteristics and you're all like "FCC...GOVERNEMNT...HINT, HINT, HINT" (I am paraphrasing of course), yet fail to elaborate on why, then basically say “well, I am not saying there is anything wrong with it” (paraphrasing again). In your own exact words...Yeeeeeeeeeeeeeah....
So, which is it? Are you "warning" everyone that, except for the FCC name, this app is basicaly like every other app or is there something special that you are trying to hint about it that no one but you knows about? If so, then at least say what that is.
No worries though, I understand that even though someone is paranoid, that is not evidence that they aren't out to get us.
Just a heads up (though I'm sure most people here are smart enough to avoid it):
NotCompatible Android Trojan: What You Need to Know
Android smartphone users should be on the lookout for hacked websites that automatically download an app onto your phone in an attempt to trick you into installing malicious code. For what may be the first time ever, analysts at Lookout Mobile Security are warning of a so-called drive-by download attack specifically targeted at Android devices. The attack uses infected websites to try to install a Trojan horse called NotCompatible onto your phone. If installed, the Android malware could let hackers use the phone as an intermediary access point, or proxy, to break into private computer networks. There is also some speculation that NotCompatible could add your phone to a botnet.
However, while NotCompatible sounds scary, it is not a threat if you use common sense and never install anything on your phone that you don't trust or don't remember downloading. Here's what Android users need to know about NotCompatible.
How was NotCompatible discovered?
The Trojan first surfaced when a Reddit user named “georgiabiker” discovered NotCompatible by chance and brought the malware to the Reddit community's attention. Reddit is a social news site and message board.
Who's at Risk?
NotCompatible can only infect people who have enabled sideloading -- the ability to download apps from unofficial sources -- for their device, according to Lookout. Sideloading is enabled on your phone by going to Settings>Applications and then tapping the “Unknown Sources” check box.
Keep in mind that even if you have sideloading enabled, getting infected still requires explicit user action.
OK, So How Do I Get Infected?
Courtesy of Reddit user georgiabiker
Any Android user arriving at an infected site using the phone's browser will automatically download a file called “Update.apk.”
Courtesy of Reddit user georgiabiker
If you have sideloading enabled, a screen will pop-up asking you to install an update named com.Security.Update or something similar. Any user who then installs the application will get infected.
If you are not sideloading apps, you will not be able to install the Trojan, Lookout says.
What Does It Do to My Phone?
It's not immediately clear whether there's any long-term effect on your phone or your device's content, but so far Lookout says the only thing that will happen is your phone could be used as a proxy by a third-party.
How Widespread is the Trojan?
Lookout is not offering any specific numbers, but the company says it has found the malware on “numerous” websites embedded in an iframe -- a segment of a browser window that can display content from a third-party. Lookout expects NotCompatible's overall impact to be low.
Hacked sites unknowingly acting as a vehicle for NotCompatible appear to be typically low traffic websites for local businesses such as country clubs, computer repair, and pest exterminators.
What If I'm Infected?
Lookout has not provided any information on what users can do if they are infected with NotCompatible so it's not clear whether installing Lookout's antivirus software would remove the malicious software.
Even though this malware is specifically targeted for Android devices, as long as you remain attentive when authorizing new apps and watch out for unauthorized downloads, your device should be fine.
Click to expand...
Click to collapse
If you haven't seen it: http://www.scroogled.com/ (it's by Microsoft--their name is at the bottom): "When you buy an Android app from the Google app store, they give the app maker your full name, email address and the neighborhood where you live. This occurs without clear warning every single time you buy an app."
App developers: do you actually get the real names of everyone who downloaded your app? If so, that's not that private. I don't download these kinds of apps (haha), but does this mean that the developer of Korea Sexy Girl Puzzle could release a list of the real names of everyone who downloaded his/her app? And, what about locations? What is the purpose of knowing the zip code of who downloaded your app? This issue isn't that big (unless you live in a very unpopulated zip code), but I don't see the reasoning.
---
Preferably, if you're an app developer, I'm just curious what exactly you see. But, if you're a non-app-developer, if you have legitimate information, I'd be interested. And not that it matters, but I'm an Android guy. This post isn't some Microsoft fanboy trying to start a flame war. Just want to get some facts, as I'm a little hesitant to trust one company's claim about a competitor.
~Ibrahim~
P.S. The infographic they made: http://blogs.technet.com/resized-im...00-00-00-97-94/2318.scroogled_5F00_041713.jpg
sour grapes ? win 8 sales are not good so why not lets do some mud slinging on android. but I am not a developer and I am too eager to learn what a developer would have in reply.
OK, this "sharing" is the same sharing done by Amazon, Etsy, and "everyone else on the internet." Developers, like Amazon or Etsy peeps, agree not to share the data. The data is required for financial transactions, apparently. Source: http://techcrunch.com/2013/04/09/mi...ogle-developers-need-to-process-transactions/
Microsoft, apparently, responded with this:
"Google also claims that sharing this information is necessary to process your transaction and maintain your account — that is, to issue refunds, reversals and payment adjustments. But, similar stores — including the Windows Phone Store and Apple’s App store, don’t do this, because it isn’t necessary for an app maker to have your full name, email address and ZIP code to process the initial transaction, issue refunds or handle customer service issues. Google could easily provide more anonymous means to handle these transactions."
Source: http://blogs.technet.com/b/scroogle...on-t-get-scroogled-by-google-s-app-store.aspx
~Ibrahim~
I just finished reading an article in the July 8-14, of Bloomberg Businessweek, that discussed NSA programmers refining code, that Google has approved to include in Android. The end product is called, "Security Enhanced Android". The NSA code is supposed to isolate apps to prevent hackers and marketers from accessing personal data stored on a device. The code is already included in the OS for the Sony Xperia Z, HTC One, and the Samsung Galaxy S4. The NSA mods are available to be seen publicly at source.android.com, according to Google.
"...the features are not turned on by default, according to agency documentation, future versions will be."
Click to expand...
Click to collapse
I was just wondering if these NSA mods are part of custom Android ROMs?
dweezle said:
I just finished reading an article in the July 8-14, of Bloomberg Businessweek, that discussed NSA programmers refining code, that Google has approved to include in Android. The end product is called, "Security Enhanced Android". The NSA code is supposed to isolate apps to prevent hackers and marketers from accessing personal data stored on a device. The code is already included in the OS for the Sony Xperia Z, HTC One, and the Samsung Galaxy S4. The NSA mods are available to be seen publicly at source.android.com, according to Google. I was just wondering if these NSA mods are part of custom Android ROMs?
Click to expand...
Click to collapse
I hope they are not spying
If you are using a custom ROM then that means you have a recovery installed. It would be redundant to encrypt you ROM when anyone can get into your recovery and bootloader.
Does it really matter?
If they wanted to spy your Android, they would be able to do that.
I think they don't bother with normal people like us.