Google pulls 56 malicious apps from Android Marketplace
original source: http://blog.mylookout.com/2011/03/s...-found-in-official-android-market-droiddream/
List of malicious Android App that steals your information and download additional craps to your phone
Full list Developed by “Myournet”:
Falling Down
Super Guitar Solo
Super History Eraser
Photo Editor
Super Ringtone Maker
Super Sex Positions
Hot Sexy Videos
Chess
下坠滚球_Falldown
Hilton Sex Sound
Screaming Sexy Japanese Girls
Falling Ball Dodge
Scientific Calculator
Dice Roller
躲避弹球
Advanced Currency Converter
App Uninstaller
几何战机_PewPew
Funny Paint
Spider Man
蜘蛛侠
Full list Developed by “Kingmall2010″:
Bowling Time
Advanced Barcode Scanner
Supre Bluetooth Transfer
Task Killer Pro
Music Box
Sexy Girls: Japanese
Sexy Legs
Advanced File Manager
Magic Strobe Light
致命绝色美腿
墨水坦克Panzer Panic
裸奔先生Mr. Runner
软件强力卸载
Advanced App to SD
Super Stopwatch & Timer
Advanced Compass Leveler
Best password safe
掷骰子
多彩绘画
Full list Developed by “we20090202″:
Finger Race
Piano
Bubble Shoot
Advanced Sound Manager
Magic Hypnotic Spiral
Funny Face
Color Blindness Test
Tie a Tie
Quick Notes
Basketball Shot Now
Quick Delete Contacts
Omok Five in a Row
Super Sexy Ringtones
大家来找茬
桌上曲棍球
投篮高手
Personal warning I'll also include AppsPlanet into those list if I were you.
Some of them seem like the standard spammy, suspicious apps that I naturally avoid, but some of them actually look like popular apps - i.e. the advanced stuff, app uninstaller. Fortunately I don't have any of those stuff on my phone though. And if I'm putting something up from non- android market like over here on XDA perhaps, that I'm suspicious of I tend to scan it first (both on my PC and then on my mobile as well). And even on market I prefer to download apps that have many downloads and comments. Can't be too careful.
What's that pewpew thing? Not the same as this:https://market.android.com/details?id=com.jyaif.pewpew&feature=search_result is it?
syrenz said:
What's that pewpew thing? Not the same as this:https://market.android.com/details?id=com.jyaif.pewpew&feature=search_result is it?
Click to expand...
Click to collapse
yes, it's that one, but seems like there was a fake copy of it floating in market
i was afraid too when i saw it, as i did install the legit one, but wasn't sure about the developers name
Yeah, that's the only thing that I installed so I was worried for a moment there.
The original source is reddit.
http://www.reddit.com/r/Android/comments/fvepu/someone_just_ripped_off_21_popular_free_apps_from/
The whole market is just plain broken and it's a nightmare. It's embarrassing that the author of one of the apps has been complaining through every means possible to google for over a week to get pirated copies of his software taken down (he didn't realize they were injected with malignant code though). So, finally someone notices the developer name looks fishy for one of these apps and is curious to take a look inside the files and sees rageagainstthecage, pokes further, is horrified consults others and posts to reddit. Android Police picks it up and the story starts to spread and then finally google pays attention.
Google really needs to respond. The market.android.com website is so freaking buggy. Imagine if someone figures out how to use web install to push infected crap onto peoples phones. It almost makes you pray to Motorola to also signature check /system. Almost.
What's the deal with raceagainstthecage? Isn't that what we used to root XT720?
syrenz said:
What's the deal with raceagainstthecage? Isn't that what we used to root XT720?
Click to expand...
Click to collapse
Indeed. We use rageagainstthecage to install superuser and then we use superuser instead of rageagainstthecage to get root afterwards. Superuser is designed to be well behaved and everything else is built to cooperate and behave with superuser. The trojaned apps use rageagainstthecage to basically do whatever they want. It doesn't use superuser, so you don't see any notifications.
that's for all the info Mioze7Ae
that's very insightful
As far as I see I did not install one of these apps- but I would like to know anyway what should be done if one did install a malicious app- just remove it? Or better reflash the rom?
Theres already a thread for a patch here at xda:
http://forum.xda-developers.com/showthread.php?t=977154
And somebody developed an apk to search for an infection and to create a so-called stop file to prevent infections in future.
DroidDreamKiller
Is this really checked thoroughly?
'Cause I know at least Finger Race isn't malware at all.
Vistaus said:
Is this really checked thoroughly?
'Cause I know at least Finger Race isn't malware at all.
Click to expand...
Click to collapse
I think clone apps were showing up. You really have to pay attention to the developer
Sent from my XT720 using XDA Premium App
exactly many legit apps and games
were cloned, then injected with Trojan, and then release back to android market.
it confuses the hell out of people
ronnbon said:
As far as I see I did not install one of these apps- but I would like to know anyway what should be done if one did install a malicious app- just remove it? Or better reflash the rom?
Theres already a thread for a patch here at xda:
http://forum.xda-developers.com/showthread.php?t=977154
And somebody developed an apk to search for an infection and to create a so-called stop file to prevent infections in future.
DroidDreamKiller
Click to expand...
Click to collapse
Apparently droiddream creates a /system/bin/profile as part of it's install process (doesn't exist otherwise). Creating that file tricks the current version of "droiddream" into thinking it's already been installed. The apps have been pulled from the market, so you won't be able to install it anyway without sideloading and you should always be cautious about that. I don't think /system/bin/profile trick will do much if anything to prevent the next version of this attack. Working around /system/bin/profile existing is trivial.
What would be better is some way to prevent rageagainstthecage. Once we've got root and superuser, we don't need rageagainstthecage anymore. Finding a new kernel exploit would be a slightly bigger hurdle for the bad guys. Too bad we can't patch our kernels. Thanks, moto for protecting the end users. /s
Then why didn't I have problems with Finger Race? Please explain.
And if it really was malware, then I should've already had problems when I first started to using it on Symbian and Nokia would've removed it from the Ovi Store by now.
But still, even with the Android-version, I don't have any problems with it. So please explain.
because the version that you have is probably the legit one, and not the imitation
the imitation is identical in every way, except that it has additional malware added in
also the stuff that it does to your phone, is in the background, you will never know about it, just like a windows malware, once on, it takes a lot of work, or a full wipe to remove
Just so everyone's aware, they found about 50 more apps with malware. http://blog.mylookout.com/2011/05/s...ew-malware-from-the-developers-of-droiddream/
Well, I've been saying since it started that google should fix the rage exploit, and that we should even be hoping/asking for it. I usually got flamed as a moron by noobs saying I clearly didn't even know what rage was for, haha. Of course I was using a device that didn't have a locked bootloader at the time, so root kernels were an option. Still root can be obtained from flashing the non-kernel part of the ROM too. These exploits are a mixed blessing. They ARE a major security hole on Google's part.
Anyway.. when I have to go through 15 apps to find one good one that works on my phone, sometimes I wish I had an iphone and less free stuff. Guess I better delete that super sex positions app now
Related
http://www.engadget.com/2010/07/28/new-licensing-service-replacing-existing-copy-protection-metho/
Looks like pretty soon the days of people copy and pasting apk's all over the place are coming to an end.
I hope this doesn't make theming harder.. We'll see.
From reading that article,
Seems like airplane mode or a firewall would crush all the hopes and dreams of google and app devs.
It seems that every time we open an app it needs to verify that it's been paid for by contacting a "licensing" server and retrieving a response.
I feel like that could slow down launch times, and being unable to use an app when offline would be like UBISOFT hell all over again.
I really hope google puts a lot of thought into this..
I wonder if this if already being done? Every time I try to play that golf game on my EVO on an airplane while the radios are off I get a FC when it starts. As soon as I an on the ground and turn the radios on the game works fine.
Sent from my PC36100 using XDA App
what if you are in an area with no signal or on a plane or something? you cant open any apps???
This is already in place in a number of apps, one is IP Cam Viewer.
I paid the money for it. I transferred all my files to my wife's Evo 4G, and thought "hell I'll see if it works..." Well it didn't. When I try to open the app, it tells me that I have to purchase it from the marketplace.
I'm all for buying apps when they're good, and I understand single user licensing. Guess I was just hoping I wouldn't have to spend double the money for all the apps I use.
simplyphp said:
This is already in place in a number of apps, one is IP Cam Viewer.
I paid the money for it. I transferred all my files to my wife's Evo 4G, and thought "hell I'll see if it works..." Well it didn't. When I try to open the app, it tells me that I have to purchase it from the marketplace.
I'm all for buying apps when they're good, and I understand single user licensing. Guess I was just hoping I wouldn't have to spend double the money for all the apps I use.
Click to expand...
Click to collapse
I've heard of couples sharing the same email as apps get replicated on the two phone
I can confirm that they don't get replicated..
I have two evo's right now under the same email and they're definitely not replicating crap.
cahiatt said:
I wonder if this if already being done? Every time I try to play that golf game on my EVO on an airplane while the radios are off I get a FC when it starts. As soon as I an on the ground and turn the radios on the game works fine.
Sent from my PC36100 using XDA App
Click to expand...
Click to collapse
Now that's a problem I understand about paying for apps but not working when I'm in a place with no signal. I see a law suit brewing up. I paid for the app I should be able to use the app whenever I want to. Class action law suit coming real soon.
Sent from my PC36100 using Tapatalk
Crap....
"A limitation of copy protection is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, a copy-protected application cannot be downloaded from Market to a device that provides root access"
...Seriously???
EDIT - the above quote was misrepresented in the place I copied from...research shows it to be misleading. the actual bit of Google's text is posted over on page to of this thread. disregard my indignation in this post...
This is discouraging, because a lot of people like to try the full before they buy it expecting more than what full has to offer, only to be disappointed later.
willwgp said:
This is discouraging, because a lot of people like to try the full before they buy it expecting more than what full has to offer, only to be disappointed later.
Click to expand...
Click to collapse
You do get a 24 hour refund option when you buy from the market so I'm not worried about trying before you buy. I do worry about not being able to play something when I'm in the bathroom at work because I don't get a signal there.
well how many ppl do actually piracy apps??? oh my bad forgot that this is Android, for a second i though it was apple!!
Just to clarify a couple of things:
There are 2 ways to use the Licensing - one is Strict - you CAN NOT USE THE APP WITHOUT ACCESS TO MARKETPLACE. Personally, screw that.
Option 2, however, is a non-strict policy. Server managed, where the license is 'cached' to storage. You also can programmatically set how long your app can be used without any license check.
That'd be the way i go
josue85 said:
You do get a 24 hour refund option when you buy from the market so I'm not worried about trying before you buy. I do worry about not being able to play something when I'm in the bathroom at work because I don't get a signal there.
Click to expand...
Click to collapse
That'll be up to the developer. I like this approach, as I'd be happy to do say... a 5-7 day turn around on the license check. After 7 days with no data signal, seriously, where the hell are you? LOL
Besides, if you've used a paid app for 7 days, and by that time can't decide if you need it or not - wow.
And of course, as soon as you got signal again, the license check would go through and you can use the app again, no problem.
I'm sure there will be UbiSoft and EA style implementations though - way too damn draconian for my tastes. I don't care to know every single second that someone's using my app. I would just like to know that they haven't 'copied that floppy' as it were LOL
I have no doubts this will be defeated in time, though. All it would really take is mimicking the server license response, which can be extracted from the locally cached license of an actual paid product.
People that pirate software are going to do it, regardless. Don't make the honest people pay the price of draconian DRM.
The best approach I can make as a developer, is give my customers the features they want, in a stable, good performing package, and discourage 'casual' piracy. Beyond that, it's out of the developer's control, and honestly, any more than that usually just pisses off the customer and annoys the pirates for about a day and a half.
Ok...had to read the SDK paperwork as I really wanted to know this...my previous post was incorrect and here is the update...
From Google:
Android Market Licensing is a flexible, secure mechanism for controlling access to your applications. It effectively replaces the copy-protection mechanism offered on Android Market and gives you wider distribution potential for your applications.
A limitation of the legacy copy-protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, an application using the copy-protection mechanism cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.
With Android Market licensing, you can move to a license-based model in which access is not bound to the characteristics of the host device, but to your publisher account on Android Market and the licensing policy that you define. Your application can be installed and controlled on any compatible device on any storage, including SD card.
Click to expand...
Click to collapse
Also...there are options for the Devs to allow for apps to be used a chosen number of times before they need to check in for licenses. Strict has to check in every time....other option allows dev to choose based on times used or time since last check in.
SO...all in all I am much less worried about this now.
topdnbass said:
I can confirm that they don't get replicated..
I have two evo's right now under the same email and they're definitely not replicating crap.
Click to expand...
Click to collapse
With licensing the dev can choose whether an app can be accessed from different phones. It is an option...
(greeked...multiple times)
Question: Does that mean we won't be able to open, modify, and resign apks? Like...to change the appearance (make a widget clear, etc).
More like bad news for paying consumers. That's who always pays for everything. Those of us who actually buy the products.
I plan on speaking with my wallet. I wont buy any app that requires I have an internet connection.
A limitation of the legacy copy-protection mechanism on Android Market is that applications using it can be installed only on compatible devices that provide a secure internal storage environment. For example, an application using the copy-protection mechanism cannot be downloaded from Market to a device that provides root access, and the application cannot be installed to a device's SD card.
Click to expand...
Click to collapse
Wait so according to google us rooted folk couldn't download copy-protected apps before now?
Urrr, i think im missing something
This is actually a nice implementation for both the software developer and the user. Most will implement this where it only has to check-in every week or two. So the odds of getting caught in a spot where there is no connection is low.
At the end of the day, it is a pretty straightforward way to handle copy protection that really shouldn't inconvenience anyone.
Also it will bring more developers to the platform if they know they don't have to worry as much about piracy.
Piracy will still run rampant. People will find ways to circumvent this, that's just how it is. At least it will curb some piracy since copying and pasting an apk file wasn't much of a deterrent.
There is a rogue application in the Android Market, from the Android Central post:
Lookout says that one or more of these apps are stealing your data and sending it to an unknown person or persons in China. Yup, innocent looking wallpaper apps. According to Lookout, the app(s) in question are collecting:
* browsing history
* text messages
* your SIM card data
* subscriber ID
* voicemail password
Click to expand...
Click to collapse
Follow the link provided for full information and remember, keep an eye on the permissions screen whenever you install an application!
Reporting a maliciois app in Android Market
RE: Homerun 3D and Slice It
I searched for a proper place to ask this, and describe what I found, and found this thread. I am aware Google has a malicious app reporting process, but I was wondering if any of the great minds here know of a more efficient means to get an app scrutinized by the Market powers-that-be.
The App is a duo, really, that I know of so far. I did not go too far with my investigations once I determined this is a Chinese company (remember the lcd picture frame Trojan?) and once I saw what I did.
I downloaded "Homerun 3D" for my EVO 4G (cyanogen mod), a kick ass batting game to which I quickly was addicted. However, as is common with many apps, during transitions (ad breaks) it would overlay a large ad for various other apps, but the most heavily pushed app (by an estimated 9:1 ratio relative to other apps) was "Slice It", offering extra bonuses in the Homerun 3D game if you DL'd it. I dl'd it and installed it, but once I opened it, superuser notified me it was attempting root access. Of course, this is a HUGE deal, in fact I'd say (and request feedback from those in the know) that proves it is a malicious app, given that no where did it mention that it needed or would use root access. I can't fathom this being an 'honest' developer's mistake.
So I denied it root access and it launched anyway. Hm. In other words, an ingenious method to check for unlocked doors without having to set up a complex ruse of creating an app that notifies it will need to have root access to work. Just write a kick ass fun and addictive 'innocent' app, heavily push and offer incentives to dl and install a so-so app that checks for an exploits unprotected root access, and wah-la, due to the intensely developed dun and addictive nature of the 'innocent' app, you have a much wider distribution of your Trojan that ostensibly gets more chances of hitting an unlocked door. By adding the extra layer of an 'innocent' app, that high-end intensely developed app continues to be listed on the market and continues to push the simple trojan app and so only the trojan app gets removed once discovered. All that the devs need to do then is quickly hammer out another trojan simple app, and update the high-end app to push the new low-end app, instead of developing a whole different kick ass app each time they're discovered.
It's the equivalent of a legit door-to-door cable tv salesmen heavily referencing an unscrupulous installer who is known to sneak around the your house looking for unlocked drawers, cabinets, etc. The fact that the legit cable salesman heavily references him makes that cable salesman very suspicious.
So, while I suspected the Homerun 3D app was complicite given the heavy pushing of the 'Slice It' root checking app, I kept poking around. I looked at the "credits" and while seemingly not hiding the fact they all had Asian sounding names, the use of the middle name nick (as in Jung "Madman" Li) seemed overdone, as if they used corny English nicks, almost too corny to be real, to appear disarming.
But the final straw was when I looked at one of the standard banner ads that run along the bottom of the screen during gameplay. It was a generic Best Buy (low res graphics at that) ad for a $349 laptop. I clicked it and it took me to an ad proxy URL which reported it could not resolve the URL. But get this...the URL of the ad proxy showing in my browser window was:
fraud.mojility.com.
Hm. Not sure why mojility would redirect a banner add to land on a URL with "fraud" in its address, and yet not explain why, but all my circumstantial evidence put together (as if Slice It's secret root checking is not enough in and of itself) warrants a report, I think.
1. Homerun 3D app heavily pushes obvious Trojan app.
2. Homerun 3D app contains at least one banner that directs to a fraud URL.
3. Homerun 3D app credits seem concocted.
4. Slice it app SECRETLY checks for root access, works anyway when denied.
So, thoughts about my tentative conclusion? And if it's agreed, anyone know a more efficient means to alert of a potential malicious app than the Android process?
I'm in contact with someone at Google about this, ohiojoe.
according to a post in a german forum the su request is caused by moblix ad sdk. Imho that doesn't make it any better but the contrary.
I reported them to Google. For me Com2us is dead, will ignore all their games from now on.
Damn, that's scary, thanks for the heads up!
There was some game I installed that was made by some Chinese company. Shortly after people on my gmail contacts started getting spam from me.
I logged into gmail and had a red bar that said my account was being frequently accessed from china.
I quickly changed the password and uninstalled the app.
Stonent said:
There was some game I installed that was made by some Chinese company...
Click to expand...
Click to collapse
Remember the name?
Sent from my Evo using mikfroyo 4.5
Yea, Android is so vulnerable, they should implement into the OS a tool that manages what parmissions a user allows or denies from an app. Like in the old times with Sony Ericsson Walkman phones.
Here in android you install and app, and everything it comes with it...
There an app called Permission WatchDog it's useful it identifies the permissions of apps, but just that.
I haven't been hacked on sending SMS spam, but I have received some spam, only in SMS thought. And just that thanks God.
Mostly after I had installed an app of galleries of pictures...
And what's obiously suspecious, are those.
And those that shows you a picture after you finish a call...-.- WHAT THA FCK!! How ridiculous!
Why tha #$%& would you ever install such crap app?
I ve never installed those, except the galleries ones (asian girls gotta say), but for some reason they're not working for me anymore, I wonder why?..
Neighter I install those crappy ass games, only Raging Thunder and such, which are worth of being developed for a "smart phone"....
Sent from my T-Mobile myTouch 3G Slide using XDA App
Damn,better install an antivirus...
thx for the heads up
Thank for the heads up!!!!
ohiojoe said:
RE: Homerun 3D and Slice It
I searched for a proper place to ask this, and describe what I found, and found this thread. I am aware Google has a malicious app reporting process, but I was wondering if any of the great minds here know of a more efficient means to get an app scrutinized by the Market powers-that-be.
The App is a duo, really, that I know of so far. I did not go too far with my investigations once I determined this is a Chinese company (remember the lcd picture frame Trojan?) and once I saw what I did.
I downloaded "Homerun 3D" for my EVO 4G (cyanogen mod), a kick ass batting game to which I quickly was addicted. However, as is common with many apps, during transitions (ad breaks) it would overlay a large ad for various other apps, but the most heavily pushed app (by an estimated 9:1 ratio relative to other apps) was "Slice It", offering extra bonuses in the Homerun 3D game if you DL'd it. I dl'd it and installed it, but once I opened it, superuser notified me it was attempting root access. Of course, this is a HUGE deal, in fact I'd say (and request feedback from those in the know) that proves it is a malicious app, given that no where did it mention that it needed or would use root access. I can't fathom this being an 'honest' developer's mistake.
So I denied it root access and it launched anyway. Hm. In other words, an ingenious method to check for unlocked doors without having to set up a complex ruse of creating an app that notifies it will need to have root access to work. Just write a kick ass fun and addictive 'innocent' app, heavily push and offer incentives to dl and install a so-so app that checks for an exploits unprotected root access, and wah-la, due to the intensely developed dun and addictive nature of the 'innocent' app, you have a much wider distribution of your Trojan that ostensibly gets more chances of hitting an unlocked door. By adding the extra layer of an 'innocent' app, that high-end intensely developed app continues to be listed on the market and continues to push the simple trojan app and so only the trojan app gets removed once discovered. All that the devs need to do then is quickly hammer out another trojan simple app, and update the high-end app to push the new low-end app, instead of developing a whole different kick ass app each time they're discovered.
It's the equivalent of a legit door-to-door cable tv salesmen heavily referencing an unscrupulous installer who is known to sneak around the your house looking for unlocked drawers, cabinets, etc. The fact that the legit cable salesman heavily references him makes that cable salesman very suspicious.
So, while I suspected the Homerun 3D app was complicite given the heavy pushing of the 'Slice It' root checking app, I kept poking around. I looked at the "credits" and while seemingly not hiding the fact they all had Asian sounding names, the use of the middle name nick (as in Jung "Madman" Li) seemed overdone, as if they used corny English nicks, almost too corny to be real, to appear disarming.
But the final straw was when I looked at one of the standard banner ads that run along the bottom of the screen during gameplay. It was a generic Best Buy (low res graphics at that) ad for a $349 laptop. I clicked it and it took me to an ad proxy URL which reported it could not resolve the URL. But get this...the URL of the ad proxy showing in my browser window was:
fraud.mojility.com.
Hm. Not sure why mojility would redirect a banner add to land on a URL with "fraud" in its address, and yet not explain why, but all my circumstantial evidence put together (as if Slice It's secret root checking is not enough in and of itself) warrants a report, I think.
1. Homerun 3D app heavily pushes obvious Trojan app.
2. Homerun 3D app contains at least one banner that directs to a fraud URL.
3. Homerun 3D app credits seem concocted.
4. Slice it app SECRETLY checks for root access, works anyway when denied.
So, thoughts about my tentative conclusion? And if it's agreed, anyone know a more efficient means to alert of a potential malicious app than the Android process?
Click to expand...
Click to collapse
Hmm. SliceIt does request root. That must be a new thing because it's never done it in the past. Its permissions don't look like anything serious, though.
stupid asians always wanna give us some viruses
Thanks for the look out, bro. What's the point of third party sabotage anywhays, haha
Sent from my HTC Desire Z / T-Mobile G2 (HTC Vision)
If u remove the app does it get rid of it all together r is it to late?
Sent from my SGH-T959 using XDA App
jstevenson1017 said:
If u remove the app does it get rid of it all together r is it to late?
Sent from my SGH-T959 using XDA App
Click to expand...
Click to collapse
In my case, I had removed the app already, I received like 2 or 3 sms spam messages but it later stopped.
Sent from my T-Mobile myTouch 3G Slide using XDA App
I better watch myself.
I'm the OP. Sorry just now getting back this. As I said before, I did not grant Slice It the access it wanted, and it launched anyway (meaning, it didn't need it....just 'wanted' it) but did NOT have any access to my root, so I had no issues.
However, Googling it I saw at least one nit wit (read: a text book example of why not just ANYone should root their phones) report that he gave the Slice It app Su access and was posting that he dint see why it needed it. So, Slice It apparently targets unprotected root phones and nit wit owners of Su protected root phones.
Sent from a corrective lens wearing eskimo translating Turkish smoke signals viewed over a streaming webcam at 640x480 resolution via a U.S. Robotics 14.4 Hayes compatible modem.
Ran accross this article just now, relized you all had to read this. It appears HTC ****** up hard.
http://www.androidpolice.com/2011/1...e-numbers-gps-sms-emails-addresses-much-more/
Scary stuff.
I'm so damn tired of all companies taking the liberty to just monitor our lifes just how they like, no matter if its google, microsoft, facebook, apple or HTC. What anoyys even more is how we passivly is forced into accepting it, and just shrudd our shoulders about it. Reading this, I wish I was smart enough to strike back somehow.
The article says "Some Sensations" I'd like to know what that means
Good find.
Pikabat said:
The article says "Some Sensations" I'd like to know what that means
Click to expand...
Click to collapse
Try running the app...
errr ok this is scary though. i wanna ask what's htcLaputa.apk is?
Sent from my HTC Sensation XE with Beats Audio using xda premium
The offending app is HtcLogger.apk and I've only seen it in the newer ROMs - I automatically removed it before this story broke as it didn't sound useful. End of the day you just have to be careful when you install new apps (e.g. direct from trusted sources)
I really wouldn't worry too much about it, typical media hype
EddyOS said:
The offending app is HtcLogger.apk and I've only seen it in the newer ROMs - I automatically removed it before this story broke as it didn't sound useful. End of the day you just have to be careful when you install new apps (e.g. direct from trusted sources)
I really wouldn't worry too much about it, typical media hype
Click to expand...
Click to collapse
This is the example of how we/some of us just go used to this kind of things and started to accept things we never would have a few years back.
How exactly do you determine whats a trusted source? Obviously weve already had a bunch of malwares entering the market.
I use apps only from the company in question. 'Facebook for Android' from Facebook, 'Twitter' from Twitter, etc...only use about 20 apps all in anyway so I don't think I'm at risk
I'm not saying what's been found out isn't bad - it is - I just don't really care. People are far too paranoid these days
EddyOS said:
I use apps only from the company in question. 'Facebook for Android' from Facebook, 'Twitter' from Twitter, etc...only use about 20 apps all in anyway so I don't think I'm at risk
I'm not saying what's been found out isn't bad - it is - I just don't really care. People are far too paranoid these days
Click to expand...
Click to collapse
Im not using so much apps either, on the other hand I want to be able to try some "fun" app from androidmarket without fearing theft og my personal information.
Its not about paranoia to me, I couldnt care less about wheter or not some random dude can read my sms. But Im rather angry about the companies doing just as they like, mainly to direct commercials and ads conected to your personality. Did you know facebook, after their latest update, now saves a certain cookie after your logout and sends all urls you visit with your browser back to their server..?
Well, now Im going offtopic in my own thread.
Id like to see HTC comment on this atleast.
Again, if Facebook care if I open a YouTube video every now and then then that's up to them - I'm not interesting!!
Would be nice to see what HTC say but I'm not going to hold my breath!
Im starting to loose faith in htc
Sent from my HTC Sensation 4G using xda premium
I tried to run the app, seems like my Sensation is not affected (Dutch one, that is)
so, in order to gain any kind of advantage, those apps need to know this vulnerability exists, am i right? just deleted that apk file, along with some other ones.
As the Android Police blog appears to have melted, here's Aunty's take on it
http://www.bbc.co.uk/news/technology-15149588
Oh noes naughty people can access:
The list of user accounts, including email addresses (but apparently not usernames or passwords)
A log of recent GPS locations (so you can be stalked!!!!)
Phone numbers taken from recent call logs (so people you call can be stalked!!!)
SMS data, including recent numbers and encoded messages (meh if they want to read "Park 123 543" be my guest)
HTC's response:
"HTC takes our customers' security very seriously, and we are working to investigate this claim as quickly as possible," the company said in a statement.
"We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."
EddyOS said:
The offending app is HtcLogger.apk and I've only seen it in the newer ROMs - I automatically removed it before this story broke as it didn't sound useful. End of the day you just have to be careful when you install new apps (e.g. direct from trusted sources)
I really wouldn't worry too much about it, typical media hype
Click to expand...
Click to collapse
Is there a way to tell if the offending app (Htclogger.apk) is on your phone without rooting?
jggonzalez said:
Is there a way to tell if the offending app (Htclogger.apk) is on your phone without rooting?
Click to expand...
Click to collapse
Remember it appears you are absolutely fine unless you install an app which is written to access the log files.
As Androidpolice says, the info could be used to clone your device, not only read some of your contacts. Now of course, you are fine as long as you do not install any malicious app, but I would even feel uncomfortable knowing that HTC can read ANY activity from my device at ANY point in time WITHOUT asking for my permission (or even after I denied that permission as shown in the video). The VNC thingie would also bug me cuz it is an app without any apparent use for the user and it does not serve a specific purpose - its just there until "someone" needs it. Now of course HTC wants to improve on user feedback and pulling it is much more convenient than asking for it, but if they want my opinion and see what I'm using they should at least ask me for it. That said, let's hope HTC addresses this problem in the very near future and does clarify why those apps are there and what purpose they serve. I will run the test app again after the next OTA for sure.
kwiggington said:
Im starting to loose faith in htc
Sent from my HTC Sensation 4G using xda premium
Click to expand...
Click to collapse
I don't think HTC is the problem.
I believe the problem is Google.
Ever go to the Google Android market place and see what they want to run in the background before they let you in?
I don't go near the place.
majesensei said:
As Androidpolice says, the info could be used to clone your device, not only read some of your contacts. Now of course, you are fine as long as you do not install any malicious app, but I would even feel uncomfortable knowing that HTC can read ANY activity from my device at ANY point in time WITHOUT asking for my permission (or even after I denied that permission as shown in the video).
Click to expand...
Click to collapse
You're misssing the point.
The phone has this feature so that should you enable "Tell HTC" it can then send the info to HTC, if you don't enable that it just sits on your phone as a system log.
xaccers said:
You're misssing the point.
The phone has this feature so that should you enable "Tell HTC" it can then send the info to HTC, if you don't enable that it just sits on your phone as a system log.
Click to expand...
Click to collapse
True, and I agree that this is not a scary thing for itself. I am not a fan of conspiracy theories, but think about a combination of things: The log is created and sits there. There is a VNC client embedded deeply in your system by your manufacturer for no reason, which gives access to your device from a remote location. I am from Germany and used to a debate about data preservation (which is illegal, in Germany), but there are other countries that have a much broader "grey-zone" for these kind of things. I wonder where those Sensations with the HtcLogger.apk are ([email protected]?). We are all running the same Android build (as long as we don't root our phones), some are affected, others aren't. I just find it weird, and I doubt that some rogue dev at HTC programmed these apk's just for the fun of it.
I'm still newer to Android and today realized the permissions that apps request. Before I was quick to just accept & go. I was about to install an app that is requesting a LOT of permissions. Phone calls, hardware controls (pics/vids at any time), and network communication (SMS I believe). My questions are simple.
1. Do certain custom mods, like Synergy? Do some mods already implement certain things into itself to disable some of these features? I understand this is a mod-by-mod basis if so. Does Synergy do anything to disable this crap, anybody know?
2. How worried do I have to be about this? Will the app literally take pics and send them out without my knowledge? Or is it only the pics I take it can send out? How does this work?
3. Which of the permissions that apps request do I really need to keep an eye on and watch out for? AKA, what could take info/pics that I dont want it to?
4. Is Anti-Virus software REALLY necessary since I'm all rooted and such? I read articles saying it's useful and others saying it doesn't even provide much protection, and the chance to get something is quite rare if you only use google play/android market?
Thanks in advance for any and all help. I ditched Apple and AT&T for this thing, and with it being rooted, I am unbelievably happy I made the switch to both VZW and the S3! AWESOME phone, screen size, and customization!
Edit: Posted wrong forum....Shoulda been Q&A forum. Devs plz move.
1. Not sure. I haven't played with synergy.
2. What kind of app is it? This is huge into what kkind of permissions it needs. If its a live wallpaper app it shouldn't be asking to be able to read your contacts or send SMS. You just gotta think what does this app do and why does it need this permission. A launcher app like Apex or Nova needs A LOT of permissions. To be able to make calls and send SMS and work the camera as a launcher can do all of those. Does a game need the ability to do that though? No. It may ask to read your contacts so it can share crap with your friends though. It can be hard when you look at permission apps ask for to decide it its legit or not. If you can't decide just don't download.
I try to only download hugely popular apps that I know aren't malware. If its got over 100k downloads chances are it is a safe app.
Permissions are tricky and until you realize all an app can do you wont understand why it wants to do some things. It took me a good year of downloading apps and reading about things toto get a great grip on permissions.
The biggest thing is common sense. What does the app do and why should it need this permission. An SMS app needs permission to the camera and to send SMS that cost money and read your phone book and such. But if I download a live wallpaper or a weather widget...why would they need such abilities. That should raise a HUGE red flag. Anytime you see "can send SMS that may cost you money" in permissions try to figure out why it needs that. Cause the last thing you want is to DL it and tomorrow have $600 in txt fees.
I don't believe in anti virus on my phone. Yeah you can get em and some love em. But really. If you just use common sense and don't download suspicious things you shouldn't need one. I refer back to only download trusted apps. If it has less the 1k downloads. Be wary. It may be a new app that a dev just launched. Or it could be a reason for the lack of downloads. Look at reviews ALWAYS. Yes many are from morons. But some are helpful. Also if you want a popular game go straight to the devs for it in the market. Many times bogus apps are posted that spoof popular apps like angry birds. Download the one with millions of downloads. Not the one with a thousand.
The more you use your device the more you'll understand. I download plenty of apps from XDA with very few downloads in the market and have been safe. But this comes from knowing and trusting a developer. That's why these forums rock. You can get in on an app in its infancy and help test it and make it grow.
--Sent from GlaDos baked potato
Google is eventually going to have to step in and put a stop to this, but more and more apps are requesting permissions that they have no business requesting. It is unfortunate, especially when the intrusive app is one you would like to have.
I choose to completely disregard any app that asks for permissions it is obvious it doesn't need. The exception being internet access for ads, as incorporating ads into an app can be a legitimate way for an app developer to generate revenue. (And the unsightly ads can be removed with an ad blocker like AdAway, so it's kind of a win-win).
However, if there is an app that you just "need" to download or would just like better control of your phone, you could download an app called "Permissions Denied." This app let's you decide what permissions are granted to each app.
i use LBE Privacy Guard to help manage my permissions. You can mark certain apps as trusted and deny specific permissions for other apps. Also lets you know when a specific app is trying to access certain functions. Only had it for a couple days but liking it so far.
i used to run an anti-virus, AVG to be specific, but after a while just decided to get smarter about what i install and have been going without one.
Has anyone tried MOD EDIT - removed They claim to have an excellent anti malware function but I'm wondering if anyone who's used them before can confirm this. I'm also wondering if the app itself is safe. Please share all your experiences here.
The app is safe as far as i know, but i personally didnt think it was designed very well
Sent from my GT-I9300 using XDA Premium 4 mobile app
bump
It reminds me of a Playstore on steroids.
The only thing I don't like is how big the program becomes and some of the permissions, but that's what "app ops" is for.
To see if it will be "safe" , run it in a sandbox - Bluestacks-PC, or similar. Run a system monitor, with malware checker. This is a good way to pretest suspicious apks.
I have used Aptiode and it works fine, I use the playstore.
Just stay away from that damn Mobogenie Market - that's like one big monster malware virus!!
delivered to you piping hot and fresh through quantum physics and pony express
I have used it and i have also my own market.
nl-apps.aptoide.com
12,000+ installs
Sent From A Samsung Galaxy S2 With AOSB Project ROM .
bump
HasH_BrowN said:
It reminds me of a Playstore on steroids.
The only thing I don't like is how big the program becomes and some of the permissions, but that's what "app ops" is for.
To see if it will be "safe" , run it in a sandbox - Bluestacks-PC, or similar. Run a system monitor, with malware checker. This is a good way to pretest suspicious apks.
I have used Aptiode and it works fine, I use the playstore.
Just stay away from that damn Mobogenie Market - that's like one big monster malware virus!!
delivered to you piping hot and fresh through quantum physics and pony express
Click to expand...
Click to collapse
How big exactly can it become? Is Mobogenie downloaded without your permission?
What it does is "collect" extra resources. When I installed it, it increased in size 3 different times without me downloading anything. I didn't run any tests on it to see what and when things were added, but just a heads up.
Yes the MOBOGENIE does get downloaded w/o permission, but not installed. Usually happens on, I think, the dev host website. It also does a redirect on that page as well, something like oneclickad..... I just close down the window and delete the file. I just wish there was a way to prevent the unauthorized download, its just irritating.
delivered to you piping hot and fresh through quantum physics and pony express
HasH_BrowN said:
What it does is "collect" extra resources. When I installed it, it increased in size 3 different times without me downloading anything. I didn't run any tests on it to see what and when things were added, but just a heads up.
Yes the MOBOGENIE does get downloaded w/o permission, but not installed. Usually happens on, I think, the dev host website. It also does a redirect on that page as well, something like oneclickad..... I just close down the window and delete the file. I just wish there was a way to prevent the unauthorized download, its just irritating.
delivered to you piping hot and fresh through quantum physics and pony express
Click to expand...
Click to collapse
Thanks, Dev-Host is a load of crap in my opinion. When does it bring you to Dev-Host?
Just got Aptoide, it looks very nice and seems safe because CM Security has scanned it. Have not encountered any dev host thingies yet. Do a lot of apps restrict to US only?
Loool ! CM Security is only scanning their blacklist of apps they don't like as company @TimeAndroid
Sent From A Samsung Galaxy S2 With Fusion ROM
DanielBink said:
Loool ! CM Security is only scanning their blacklist of apps they don't like as company @TimeAndroid
Sent From A Samsung Galaxy S2 With Fusion ROM
Click to expand...
Click to collapse
I don't understand, can you please explain more?
TimeAndroid said:
I don't understand, can you please explain more?
Click to expand...
Click to collapse
In other words, the results are biased. They can't be fully trusted, bad results might be good and vice versa.
I don't hold in high regard much of what those types of apps say anyway.
delivered to you piping hot and fresh through quantum physics and pony express
HasH_BrowN said:
In other words, the results are biased. They can't be fully trusted, bad results might be good and vice versa.
I don't hold in high regard much of what those types of apps say anyway.
delivered to you piping hot and fresh through quantum physics and pony express
Click to expand...
Click to collapse
So your saying CM Security is untrustworthy? What antivirus app do you recommend?
@TimeAndroid i can see your are not an experienced anti virus user.
All the anti virus apps on Android are fake or crap.
TimeAndroid said:
So your saying CM Security is untrustworthy? What antivirus app do you recommend?
Click to expand...
Click to collapse
@TimeAndroid like Daniel said they are all a bunch of hoey (crap), they don't really exist. I don't use any type of detection app at all.
I use Bluestacks for PC(android emulator), to check compatibility or for an alpha/beta apk release, other than that I use nothing.
@DanielBink its not that he's inexperienced about this, its that the PC world has rubbed so hard on us Android users that many are convinced that the apps we install have virus, Trojans, malware, and keystroke loggers already. I know a few "developers" that feel that all of those things "are waiting around the corner" for them.
@TimeAndroid hope that helps. I'll keep checking your thread and answer any questions that I can. Also I can point you in right direction to a PC emulator.
delivered to you piping hot and fresh through quantum physics and pony express
+1 @HasH_BrowN
Edit* Android emulator for PC.
delivered to you piping hot and fresh through quantum physics and pony express
TimeAndroid said:
Has anyone tried Aptoide? They claim to have an excellent anti malware function here but I'm wondering if anyone who's used Aptoide before can confirm this. I'm also wondering if the app itself is safe. Please share all your experiences here.
Click to expand...
Click to collapse
I think aptoide is not good ... It does not have some good apps.. And for most apps it does not have latest versions updated ...... Best market is Google play. .... And I download some apps from 9apps.com... I can find newer version of some apps that are still have older version on play store....
Sent from my GT-S7582 using XDA Premium 4 mobile app
I Use Aptiode!! Its Good... Stay Away From MOBoGinie