Database Info

Is google stealing things off my phone?

Last night browsing the market, after having my phone reset for constant rebooting, I downloaded an app called "adult videos." I woke this morning to find the app wiped from my phone and from the market. Now, the problem lies not in the fact that this app is missing from my life, but in the question is google sneaking around in the middle of the night tampering with people's phones? I read that article about google remotely removing apps from phones strictly on a necessity based need. It kind of makes me wonder how selective they will be when determining what is necessary.

Google has the ability to do this and have flexed their muscles with that feature too recently,cant post links but google: "google remove android application". It uses google talk to send these removal requests. In normal conditions google will only delete apps that were malicious. (spyware/damaging/ddos/fraud/etc)
Most smartphone/ebook platforms have remote kill switches now. The more worrying part is that they also have the ability to install apps onto remote phones.

Google does this with android too? This is one of the reasons I dont like apple. This sounds like rediculous invasion of privacy. How does this work exactly?
Read the link.. disturbing both the install assett and the remove asset options. Plus the fact that Android maintains a constant data connection. Is there anyway to kill this constant connection? do you get charged for it? and can you disable the install and remove assett options?

It's Google, they live and survive off your information!
They went round WiFi snooping when they did Streetview, so God knows what they do with your mobile phone...

hungry81 said:
Google does this with android too? This is one of the reasons I dont like apple. This sounds like rediculous invasion of privacy. How does this work exactly?
Read the link.. disturbing both the install assett and the remove asset options. Plus the fact that Android maintains a constant data connection. Is there anyway to kill this constant connection? do you get charged for it? and can you disable the install and remove assett options?
Click to expand...
Click to collapse
This connection is maintained by using google talk. So as long as you are online on google talk you have a hotline to the kill switch. After these security concerns I bet some chefs are working on ROM with the kill switch disabled. But nearly all smartphones have kill switches nowadays, companies like Google, Apple and Microsoft don't want to be seen as unable to get rid of a malicious app which would impact on their reputation.
Edit: Thinking about it, if you have extreme worries about this, install some kind of firewall (like iptables (requires rooting)) and block mtalk.google.com.

The best part about these google phones is the ability to make them your own. I am currently waiting for cyanogen's mod 6 which I am pretty sure won't constantly chat with google, but I think that the fact should be recognized of who the major players are in the cell phone game. Remember that 'incident' google had with china, and how the NSA and google became friends after that. Hmm... The largest data analyzer teaming up with the largest data collector, google also reports higher sales every quarter now as well, that is alot of direct connections with alot of people. I'm not sayin' anything...I'm just sayin'.

El_Zilcho said:
Edit: Thinking about it, if you have extreme worries about this, install some kind of firewall (like iptables (requires rooting)) and block mtalk.google.com.
Click to expand...
Click to collapse
Ummm..... no.

r3s-rt said:
Ummm..... no.
Click to expand...
Click to collapse
Umm why not? Its a Linux system below the dalvik vm. There are people who got iptables running on their system and when done correctly iptables. Be aware when I talk about this, I am talking tin foil hat style here.
What if someone modifies AOSP code to just remove the INSTALL_ASSET and REMOVE_ASSET portions of the code?

Google, don't go Apple way!
http://threatpost.com/en_us/blogs/android-also-gives-google-remote-app-installation-power-062510
Old news, but they've made me "a little bit" angry Is there any way to remove all that crapware?

hmmmmm well figuring they just got in trouble for stealing multiple GB of data from private routers I'd say its a sure bet. Also I recently took a federal job and low and behold they already had my gmail account on file even though I have never given it out and only use it for family and friends, but the feds sure had it.

Severe security flaw in HTC-sense, sensation affected.!!!

Ran accross this article just now, relized you all had to read this. It appears HTC ****** up hard.
http://www.androidpolice.com/2011/1...e-numbers-gps-sms-emails-addresses-much-more/
Scary stuff.
I'm so damn tired of all companies taking the liberty to just monitor our lifes just how they like, no matter if its google, microsoft, facebook, apple or HTC. What anoyys even more is how we passivly is forced into accepting it, and just shrudd our shoulders about it. Reading this, I wish I was smart enough to strike back somehow.

The article says "Some Sensations" I'd like to know what that means

Good find.

Pikabat said:
The article says "Some Sensations" I'd like to know what that means
Click to expand...
Click to collapse
Try running the app...

errr ok this is scary though. i wanna ask what's htcLaputa.apk is?
Sent from my HTC Sensation XE with Beats Audio using xda premium

The offending app is HtcLogger.apk and I've only seen it in the newer ROMs - I automatically removed it before this story broke as it didn't sound useful. End of the day you just have to be careful when you install new apps (e.g. direct from trusted sources)
I really wouldn't worry too much about it, typical media hype

EddyOS said:
The offending app is HtcLogger.apk and I've only seen it in the newer ROMs - I automatically removed it before this story broke as it didn't sound useful. End of the day you just have to be careful when you install new apps (e.g. direct from trusted sources)
I really wouldn't worry too much about it, typical media hype
Click to expand...
Click to collapse
This is the example of how we/some of us just go used to this kind of things and started to accept things we never would have a few years back.
How exactly do you determine whats a trusted source? Obviously weve already had a bunch of malwares entering the market.

I use apps only from the company in question. 'Facebook for Android' from Facebook, 'Twitter' from Twitter, etc...only use about 20 apps all in anyway so I don't think I'm at risk
I'm not saying what's been found out isn't bad - it is - I just don't really care. People are far too paranoid these days

EddyOS said:
I use apps only from the company in question. 'Facebook for Android' from Facebook, 'Twitter' from Twitter, etc...only use about 20 apps all in anyway so I don't think I'm at risk
I'm not saying what's been found out isn't bad - it is - I just don't really care. People are far too paranoid these days
Click to expand...
Click to collapse
Im not using so much apps either, on the other hand I want to be able to try some "fun" app from androidmarket without fearing theft og my personal information.
Its not about paranoia to me, I couldnt care less about wheter or not some random dude can read my sms. But Im rather angry about the companies doing just as they like, mainly to direct commercials and ads conected to your personality. Did you know facebook, after their latest update, now saves a certain cookie after your logout and sends all urls you visit with your browser back to their server..?
Well, now Im going offtopic in my own thread.
Id like to see HTC comment on this atleast.

Again, if Facebook care if I open a YouTube video every now and then then that's up to them - I'm not interesting!!
Would be nice to see what HTC say but I'm not going to hold my breath!

Im starting to loose faith in htc
Sent from my HTC Sensation 4G using xda premium

I tried to run the app, seems like my Sensation is not affected (Dutch one, that is)

so, in order to gain any kind of advantage, those apps need to know this vulnerability exists, am i right? just deleted that apk file, along with some other ones.

As the Android Police blog appears to have melted, here's Aunty's take on it
http://www.bbc.co.uk/news/technology-15149588
Oh noes naughty people can access:
The list of user accounts, including email addresses (but apparently not usernames or passwords)
A log of recent GPS locations (so you can be stalked!!!!)
Phone numbers taken from recent call logs (so people you call can be stalked!!!)
SMS data, including recent numbers and encoded messages (meh if they want to read "Park 123 543" be my guest)
HTC's response:
"HTC takes our customers' security very seriously, and we are working to investigate this claim as quickly as possible," the company said in a statement.
"We will provide an update as soon as we're able to determine the accuracy of the claim and what steps, if any, need to be taken."

EddyOS said:
The offending app is HtcLogger.apk and I've only seen it in the newer ROMs - I automatically removed it before this story broke as it didn't sound useful. End of the day you just have to be careful when you install new apps (e.g. direct from trusted sources)
I really wouldn't worry too much about it, typical media hype
Click to expand...
Click to collapse
Is there a way to tell if the offending app (Htclogger.apk) is on your phone without rooting?

jggonzalez said:
Is there a way to tell if the offending app (Htclogger.apk) is on your phone without rooting?
Click to expand...
Click to collapse
Remember it appears you are absolutely fine unless you install an app which is written to access the log files.

As Androidpolice says, the info could be used to clone your device, not only read some of your contacts. Now of course, you are fine as long as you do not install any malicious app, but I would even feel uncomfortable knowing that HTC can read ANY activity from my device at ANY point in time WITHOUT asking for my permission (or even after I denied that permission as shown in the video). The VNC thingie would also bug me cuz it is an app without any apparent use for the user and it does not serve a specific purpose - its just there until "someone" needs it. Now of course HTC wants to improve on user feedback and pulling it is much more convenient than asking for it, but if they want my opinion and see what I'm using they should at least ask me for it. That said, let's hope HTC addresses this problem in the very near future and does clarify why those apps are there and what purpose they serve. I will run the test app again after the next OTA for sure.

kwiggington said:
Im starting to loose faith in htc
Sent from my HTC Sensation 4G using xda premium
Click to expand...
Click to collapse
I don't think HTC is the problem.
I believe the problem is Google.
Ever go to the Google Android market place and see what they want to run in the background before they let you in?
I don't go near the place.

majesensei said:
As Androidpolice says, the info could be used to clone your device, not only read some of your contacts. Now of course, you are fine as long as you do not install any malicious app, but I would even feel uncomfortable knowing that HTC can read ANY activity from my device at ANY point in time WITHOUT asking for my permission (or even after I denied that permission as shown in the video).
Click to expand...
Click to collapse
You're misssing the point.
The phone has this feature so that should you enable "Tell HTC" it can then send the info to HTC, if you don't enable that it just sits on your phone as a system log.

xaccers said:
You're misssing the point.
The phone has this feature so that should you enable "Tell HTC" it can then send the info to HTC, if you don't enable that it just sits on your phone as a system log.
Click to expand...
Click to collapse
True, and I agree that this is not a scary thing for itself. I am not a fan of conspiracy theories, but think about a combination of things: The log is created and sits there. There is a VNC client embedded deeply in your system by your manufacturer for no reason, which gives access to your device from a remote location. I am from Germany and used to a debate about data preservation (which is illegal, in Germany), but there are other countries that have a much broader "grey-zone" for these kind of things. I wonder where those Sensations with the HtcLogger.apk are ([email protected]?). We are all running the same Android build (as long as we don't root our phones), some are affected, others aren't. I just find it weird, and I doubt that some rogue dev at HTC programmed these apk's just for the fun of it.

Beware Firefox Aurora: check the permissions

Firefox Aurora, which will be Firefox 12, has a whole bunch of new permissions. Do you want your browser to take pictures, discover known accounts, administer accounts, etc.? Me, I just want it to render HTML while leaking as little info as possible. So, if you're concerned about privacy and security, heads-up.
This is too bad, because other than the spyware permissions, it's a big improvement over previous non-ndk Fennec, meaning actually usable.

i noticed the camera ..ect prior to installing went and checked official and beta its the same thing
not new
and the whole account ect. this has to do with new firefox sync app that comes with Aurora
so you can set up an account to sync your desktop browser to your phone

cashmundy said:
Firefox Aurora, which will be Firefox 12, has a whole bunch of new permissions. Do you want your browser to take pictures, discover known accounts, administer accounts, etc.? Me, I just want it to render HTML while leaking as little info as possible. So, if you're concerned about privacy and security, heads-up.
This is too bad, because other than the spyware permissions, it's a big improvement over previous non-ndk Fennec, meaning actually usable.
Click to expand...
Click to collapse
There are no "spyware permissions".
Permissions are just FYI, they're not telling you that an app is a spyware or not. I know sometimes it's hard to figure out why an app includes certain permissions, as a developer i can tell you that most of the times i have to add a permission in order to include code which is so poorly related to the scary permission's description.
Atm I'm having trouble with a user's review, it argued my app was malware just because new permissions were added.
In my opinion firefox products are safe and i'm using Aurora at the moment.
With this i'm not saying "go and install all the worst stuff you can find", paying attention to privacy and security is obviously a good thing... unless it turns into "android-specific-permissions-fobia", sure, because the other systems (PC, Mac, Linux, iOs, whatever) don't have user permissions so you just install a new app and stay happy.

There are a lot of apps that will request things like "read phone state and identity" that have no plausible reason for doing so except tracking/spying. Many run fine with it disabled.
I don't want to keep my bookmarks in the cloud, so the Aurora perms are just a privacy/security risk for me. Note that if a browser process is hijacked by malware, the malware will presumably inherit the permissions, making the trustworthiness of Mozilla moot.
If Aurora only needed the permissions when attempting to set up sync,
that would be tolerable for me, but it crashes on startup without them.

i set up one time sync to transfer bookmarks
then went to sync under the setting witch brings me to my OS account/sync menu
and disabled from attempting sync it still working fine for me
you can also delete the sync account also and still works fine
sync is not integrated into the browser for some reason maybe because it still alpha
but its integrated into official and beta browser and don't have these permission you're worrying over nothing

Actually Aurora got Sync back a few nightlies ago: now you have an icon in Programs and it's in Settings - Account too. Sync is the main reason I use FF on Android, it's brilliant!

I'm sure a lot of people are not concerned with security, data-harvesting, etc. I am, and some other folks must be also or CM wouldn't have added permissions management. A lot of things work fine with half their permissions disabled (Firefox being one). Others don't. Audible, for example, just won't run without "read phone state." I guess Amazon really wants that IMEI #.
Maybe they will patch Aurora so it will run without accounts access unless you try to set up sync.
Google's whole business model is based on data-harvesting. The ICS stock Music Player won't even work at all until you sign in.
Not everyone wants to be monetized in exchange for convenience.

Mozilla is trustworthy enough, they are a non-profit open source company that has been around for years, I'm sure they have a legit reason for the permissions.

Solution = who uses firwdox anyway?.. Boat browser!
Sent from your bedroom with my GT-I9100

Boat is what I mostly use. It wants a lot of permissions but runs just fine with them disabled. I was using Aurora as much as possible until I discovered the permissions.
Boat also stores bookmarks locally, and can save/restore from sdcard, just what I want. No shipping them off to Google or wherever they go for me, thanks.

Why would anyone use Firefox anyways?
It's slower than the default browser and it STILL doesn't support FLASH!

Odd how suddenly permissions became an issue when android decided to tell you what permissions are requested, yet before when you had your nokia/htc/motorola running other OS's, you would install any crap and not worry about it. What is the developer gonna do? Hack naked pics of your gf from your phone? Phone your friends and prank them? Show your mom you browsing dodgy pornsites from her pretty new android phone? Seriously now, everyone is making such a huge fuss about this its bordering on conspiracy paranoia

I put this posting up as a heads-up for my fellow paranoids, people who actually think about who might get their credit/phone/ssn/email etc., not for the benefit or convenience of app writers. It's like the whining from Swype about how they really needed accurate imeis or whatever so they could count unique installs. And dear Google wants everything they can get, now in one convenient location, so and only so they can serve you the right ads, and you can trust that they will never decide to more directly realize the huge shareholder value locked up there, and that they will never be cracked.
Privacy and security are like a gun: you don't need them until you *really* need them.

cashmundy said:
I put this posting up as a heads-up for my fellow paranoids, people who actually think about who might get their credit/phone/ssn/email etc., not for the benefit or convenience of app writers. It's like the whining from Swype about how they really needed accurate imeis or whatever so they could count unique installs. And dear Google wants everything they can get, now in one convenient location, so and only so they can serve you the right ads, and you can trust that they will never decide to more directly realize the huge shareholder value locked up there, and that they will never be cracked.
Privacy and security are like a gun: you don't need them until you *really* need them.
Click to expand...
Click to collapse
I understand your point of view, what i can't understand is why some people scream "beware spyware!" while they actually have no proofs at all.
permission + permission = spyware, it's a weird math which tends to damage developers and the whole android's world.

cashmundy said:
I put this posting up as a heads-up for my fellow paranoids, people who actually think about who might get their credit/phone/ssn/email etc., not for the benefit or convenience of app writers. It's like the whining from Swype about how they really needed accurate imeis or whatever so they could count unique installs. And dear Google wants everything they can get, now in one convenient location, so and only so they can serve you the right ads, and you can trust that they will never decide to more directly realize the huge shareholder value locked up there, and that they will never be cracked.
Privacy and security are like a gun: you don't need them until you *really* need them.
Click to expand...
Click to collapse
Scared your mom/wife/girlfriend sees an add for fleshlight while playing angry birds? Seriously this is a joke, 99% of developers dont give a rats ass about your bank account, email, pvt sexts. All we want is to deliver an application that would benefit the the community, and warnings like these would be the reason ppl move to other platforms because it spreads the idea that Android is an unsecure platform. So what if it logs which sites you visit? Firefox is one of the software applications that brought OSS software into the mainstream. It has been long established as more secure than IE. If it wasnt for software like this, we would not have had an open platform for our devices, making them much more affordable

Magnumutz said:
Why would anyone use Firefox anyways?
It's slower than the default browser and it STILL doesn't support FLASH!
Click to expand...
Click to collapse
+1 both Firefox and this Aurora are horrible browsers. Firefox team needs to get their **** together. Opera is just SO MUCH better. fast, easy, pretty much all options, hardware acc., flash, , and not once it slowed down or crashed on me.

firefox is supporting HTML5 (without h.264 because of licence) and flash is just added, it's still buggy because of AURORA. Aurora is very buggy as you noticed, lets think why? Oh, yes, it's just an alpha relase not even beta. I'm usin firefox beta in my mba 11" and old school 19" pc and both uses sync (which is amazing) I'm also giving feedback all the time with reports, logs and surveys. In mobile I was using dolphin but I can see posibilities.
Firefox is coming with steady steps. Everyone knows ff, and also chrome. Chrome just relased v.17 for pcs and macs. but still no mobile (except ICS beta) (also chrome is a google product and gathers your datas so many times more than firefox) I want to say people could remember time gaps between 3.5 and 3.6 and 4.0 of firefox and you see, now they are relasing new versions on few months which is very good (because now you don't need to wait new features for 5 months or you don't need to install minefield etc.)
About permissions, yes new permissions could be dangerous but hey, these permissions for give you something new like sync, flash plugin or new features. Mozilla is trustworhty and helpful. They are bringing Free Internet Space for years and you can't say they are spying us. there is versions for qr droid, with/without some permissions, maybe firefox can do samething for paranoids.
Also yes I'm supporting and defending firefox but no, I'm not a fanboy, at least I'm still using dolphin for manything and also safari.

Magnumutz said:
Why would anyone use Firefox anyways?
It's slower than the default browser and it STILL doesn't support FLASH!
Click to expand...
Click to collapse
The alpha supports flash and is huge improvement over official and beta that is currently on market
Sent from my Nexus S using xda premium

I use "spyware permissions" in a pretty loose sense of "permissions which are not clearly essential to the core functionality of the app". I agree that Mozilla is trustworthy, moreso because you can read the source. But the browser is the most internet-facing and thus most dangerous app, most likely to be cracked, most likely to have access to lots of personal info, so needs to receive the closest privacy /security scrutiny.
Unlike the Facebook crowd, I look at my info as my property, and ask not why I should not share my info with the world at large, but why should I, what benefit do I receive in exchange for giving away what someone else can monetize (the whole Facebook/Google business model) and which may do me real harm if for example app writers Ivan Ivanovich and his friend Bala Babangida turn out to be not such nice guys, and use my info to send me spam texts or clean out my bank account.
Case in point: Google+ app just added "record audio", but the app doesn't have any audio capability, you can't record and post a sound. I remembered that some years back Google wanted to be able to record audio on laptops, "purely for analytical purposes". That didn't fly back then. I uninstalled Google+.

cashmundy said:
I use "spyware permissions" in a pretty loose sense of "permissions which are not clearly essential to the core functionality of the app". I agree that Mozilla is trustworthy, moreso because you can read the source. But the browser is the most internet-facing and thus most dangerous app, most likely to be cracked, most likely to have access to lots of personal info, so needs to receive the closest privacy /security scrutiny.
Unlike the Facebook crowd, I look at my info as my property, and ask not why I should not share my info with the world at large, but why should I, what benefit do I receive in exchange for giving away what someone else can monetize (the whole Facebook/Google business model) and which may do me real harm if for example app writers Ivan Ivanovich and his friend Bala Babangida turn out to be not such nice guys, and use my info to send me spam texts or clean out my bank account.
Case in point: Google+ app just added "record audio", but the app doesn't have any audio capability, you can't record and post a sound. I remembered that some years back Google wanted to be able to record audio on laptops, "purely for analytical purposes". That didn't fly back then. I uninstalled Google+.
Click to expand...
Click to collapse
Best you can do is contact the developers and ask them about the permissions included. If Ivan Ivanovich & Bala Babangida say their notepad is not able to work without your bank account then ok, let's warn all the other people.
Probably you won't have any reply from google but most of the developers (or app writers, as you prefer) are just glad to answer via email since they're not allowed to reply in the android market.
Instead, the actual scenario is more and more devs who get their clean apps targeted as malware and users who get paranoid by reading too many reckless comments.
In general, devs are not wolfs and users are not sheeps... otherwise there were no open sources (eg Mozilla), no android, no xda-developers!

[TIP] Does Android Really Need Antivirus ?

Does Android Really Need AntiVirus??
What good does it do?
Basically, we all know that these apps protect our phone from being infected with malicious files that we download everyday. Files from untrusted sites of course. It helps clean the phone if ever it gets infected. Question is, Is this true?
NOTE: All other sites except the playstore are classified as untrusted sites
Since Android is made out of the linux platform, it really is hard to penetrate. Studies show that linux systems are almost impenetrable to viruses or malicious files than most phones that are not based on these system. In fact based on experience, I have never heard of an Android phone being "infected" that seriously. Well, who knows.
Another factor is that, antivirus apps consume more battery life. It consumes 50% of battery life while on stand-by mode. It also makes the phone lag a bit since it is running even if you can't see it. It also lags start-up time since it takes a while to load.
Whether you decide to install or not, i'ts better safe than never... right?
I Am not in the favor of these apps. Moreover I dont use Them

Okay... So, what makes you an authority on antivirus on Android? What inside knowledge do you have that makes your opinion an actual valid one, especially when considering all the hundreds of reports of 1000's of malware apps running rampant on our "impenetrable" OS?

Like you've mentioned they are draining some serious batterylife in standby-mode but some like avast can be configured to not run till you start them. A few antivurs apps are coming with widgets, I'd highly recommend not using them because they are really slowing down the tablet and consume a huge amount of battery.
I practise the same approach with my PC, if you know what you are doing and how to do it a firewall + antivirus program may not be need but safe is safe. Android is a very open plattform so having a tool to keep the apps "honest" is not a bad thing in my opinion.

FloatingFatMan said:
Okay... So, what makes you an authority on antivirus on Android? What inside knowledge do you have that makes your opinion an actual valid one, especially when considering all the hundreds of reports of 1000's of malware apps running rampant on our "impenetrable" OS?
Click to expand...
Click to collapse
Most of the antivirus are fake i dont knnow why they make them. Since Android is based on Linux, and Linux needs Super user Permissions to do most of the things especially when you want to harm the device ( viruses) you need to modify system (root) programs and bins/libs/modules which can only be done if you have the root permission. If you have ever used the Linux OS (like Ubuntu) you have to ask roots first before installing any s/w
eg:
Code:
sudo apt-get install
here, sudo is literally this
Code:
superuser-do

You're ignoring all the malware type apps that don't need root. All they need is novice users who aren't paying attention to the permissions list and go and install apps that aren't quite what they're pretending to be. THAT is the primary cause of infection on Android, and it IS an existing problem.

FloatingFatMan said:
You're ignoring all the malware type apps that don't need root. All they need is novice users who aren't paying attention to the permissions list and go and install apps that aren't quite what they're pretending to be. THAT is the primary cause of infection on Android, and it IS an existing problem.
Click to expand...
Click to collapse
Time For some Source CODE !!
Can You get me an example of this ?? I will bring you the code asap

Why would I need to do that? Are you denying that there aren't 1000's of rogue apps out there, masquerading as legit apps, that are stuffed to the gills with malicious code?
Have you been living under a rock for the past few years? Are you still under that rock? I suggest moving out, perhaps into a cave with a view.

Calm Down Dude
Nachiket.Namjoshi said:
Does Android Really Need AntiVirus??
Whether you decide to install or not, i'ts better safe than never... right?
I Am not in the favor of these apps. Moreover I dont use Them
Click to expand...
Click to collapse
Here You go !
FloatingFatMan said:
Why would I need to do that? Are you denying that there aren't 1000's of rogue apps out there, masquerading as legit apps, that are stuffed to the gills with malicious code?
Have you been living under a rock for the past few years? Are you still under that rock? I suggest moving out, perhaps into a cave with a view.
Click to expand...
Click to collapse

Nachiket.Namjoshi said:
Here You go !
Click to expand...
Click to collapse
You forget that most phone users are novices, and don't have a damned clue what they're doing when installing apps. I'm a professional developer by trade (not on Android), and if there's one thing I know very well, users do not read popup dialogs, ever. They just click the button to make it go away so they can get on with what they're doing.
You cannot use people on XDA as an example of what users are like. Most of us here actually have some tech savvy and know what we're doing, but we're less than 1% of the userbase.
Which makes antivirus apps, resource hogs that they are, pretty critical for the average user; to protect them from their own stupidity. Advising people NOT to use them is rather irresponsible of you, especially as you are NOT a security expert.

FloatingFatMan said:
You forget that most phone users are novices, and don't have a damned clue what they're doing when installing apps. I'm a professional developer by trade (not on Android), and if there's one thing I know very well, users do not read popup dialogs, ever. They just click the button to make it go away so they can get on with what they're doing.
You cannot use people on XDA as an example of what users are like. Most of us here actually have some tech savvy and know what we're doing, but we're less than 1% of the userbase.
Which makes antivirus apps, resource hogs that they are, pretty critical for the average user; to protect them from their own stupidity. Advising people NOT to use them is rather irresponsible of you, especially as you are NOT a security expert.
Click to expand...
Click to collapse
Exactly. That is why I'm posting this here instead of a blog!! :')
Chillax buddy. Btw pdroid is better than antivirus apps bröder. I too am an app dev!
Sent from my GT-S5360 using xda app-developers app

I agree sir. this is true that some apps do such notorious things. but as a member of xda I am very care full about the permissions.

SHORTER
shorter: all files from internet cannot normaly harm your phone but if you download apk and instal it you can have problems (depends on app permisions) BUT it cannot totaly destroy your phone without SU permision (superuser)
normal files like mp3 mp4 cannot do anything
SORRY FOR MY ENGLISH and hit thanks if helped

FloatingFatMan said:
Why would I need to do that? Are you denying that there aren't 1000's of rogue apps out there, masquerading as legit apps, that are stuffed to the gills with malicious code?
Have you been living under a rock for the past few years? Are you still under that rock? I suggest moving out, perhaps into a cave with a view.
Click to expand...
Click to collapse
This is exactly what happens. This thread is really pointless. I can copy your whole data while you are busy making threads like these or block access to any of your apps while I'm running. Antivirus is not just something which protects you against so called viruses but also malicious apps.

I agree, though AV's like avast and dr.web which are considered "light" still consumes a lot from my phone. I have observed that lately even though I have deep sleep app on my phone , I whitelisted the AV's it tooks at around 30-50% of my battery. I don't want to automatically kill the AV because it will become useless if it doesn't run on background. so I decided to just uninstall it and get my apk downloads from PC so that avast and malwarebytes on pc will be the ones that will scan my apks.

How do we make Android more secure both Devs and Users?

How do we make Android more secure both Devs and Users?
I love android and rooting/customizing but at the end of the day I feel exploits/virus are becoming to common these days. I see videos on YouTube of people taking control over users phones without the user knowing its happening which is very scary. Same thing with keylogs being sent over to shady people without your knowledge. The list goes on but the question remains. How can we Devs/Users make android more secure?

You can Use Apps Like CMSecurty Or Avast

You can try anything you want really but keep in mind. Your security is only as good as the hacker trying to get passed it. If they want it bad enough they will get it and there really isnt anything anyone can do about it except going off the grid.

Properly speaking, there is no secure system in the world, so do the android system. So it is necessary to install antivirus program and never open or download anything from iffy Websites.
The Android is relatively safe.

Lol the scary part is people actually fall for apps like cm, avast, etc.. They all gimmicks man they don't actually do anything and by the time it is detected it's too late.. It's already in. A Linux system like Android isn't really susceptible to viruses like a normal PC would be and the most you can do is maybe stops some malware spamming ads and collecting statistics. Like @zelendel said if someone wants in there's no stopping them and Android itself has built in protection no antivirus gimmick app can come close to especially with Google servers scanning apps also.. You are the weakest link in your security so common sense is a better antivirus. I still can't find one proven case of an Android having a real virus and YouTube videos are always fakes
Sent from my VS986 using Tapatalk