Samker's Computer Forum - SCforum.info

Software & Hardware Mix: => Linux / Unix / Android => Android => Topic started by: Samker on 22. December 2013., 20:08:56

Title: Only Google have possibility to automatically protect Android phones ?!
Post by: Samker on 22. December 2013., 20:08:56
(http://1.bp.blogspot.com/-k9trjMap47s/Un49mcXPMOI/AAAAAAAAAYc/PV9_7qxV5mc/s1600/android-security-google-bouncer.jpg)

Android users expecting Windows levels of performance from Android-specific antivirus packages are likely to be disappointed because only Google can automatically delete dodgy apps on Android devices, say malware experts.

Anti-malware bods agree that antivirus programs on Android can’t remove viruses automatically, meaning that the process needs to be carried out manually by the user in each and every case.

"Android antimalware applications can block URLs, scan downloads and identify malware that the user may have installed, but they cannot remove malicious applications that are installed by the user," explained Simon Edwards, technical director at Dennis Technology Labs, an experienced antivirus tester and chairman of the Anti-Malware Testing Standards Organization.

"They have to alert the user and hope that the user is able to uninstall them manually, using the usual Android uninstall routine."

Andreas Marx, chief exec of AV-Test, confirmed Edwards' prognosis that Android security applications could only warn about maliciously installed apps, rather than shunting them into quarantine (the norm for equivalent Windows security software).

"The mobile security apps are all running in a sandbox, just like any other app," Marx told El Reg. "Therefore, they are not able to remove malicious apps at their own."

Chocolate factory controls Google malware 'kill switch'

This existing but under-reported behaviour is not inherent to the architecture of Android smartphones and tablets.

Edwards told El Reg: "There actually is a way to remove malware from infected devices automatically. Google has a kill switch that can do it. But only Google has that power currently."

Marx confirmed: "Only Google has the power to use it [the 'kill switch'], as far as we know, but in past they only focused on disabling malicious apps which made it into the Google Play store. It looks like that they don't really care about any third party marketplaces, but leave this field to the AV [antivirus] companies."

We invited Google to explain the design rationale for this treatment of malicious apps on Android devices but are yet to hear back from them.

Security apps on rooted devices might be able to get around these restrictions. However Marx reckons the security drawbacks outweigh this modest advantage.

"If you have a rooted device, some anti-malware apps offer additional features, but rooted devices usually have other kind of security issues, therefore we wouldn't recommend this step," he explained.

Marx reckoned the warning feature of Android anti-malware scanners meets the practical needs of consumers and enterprise users.

"Besides this, the majority of security apps offer to run an on-demand scan from time to time to check for other potential harmful stuff on your device. The security app can warn you, so you can uninstall the potential malicious app later," Marx said, adding that "however, the on-installation check is the most important anti-malware feature."

Scores on the doors

The effectiveness of on-demand and on-access detection of malware by Android antivirus scanners were the main two areas covered by in tests by AV-Test, published last week.

AV-Test put 28 Android security apps through their paces, discovering improved results from previous comparable exercises. Only two products (Zoner Mobile Security and SPAMFighter VirusFighter Android) failed in AV-Test's latest real-world review against 2,124 malicious apps. All the paid-for products from mainstream vendors (Kaspersky, Trend. McAfee, Sophos, etc.) passed, as did freebie scanners from Avast and others.

The malware protection rate during tests run in November and December 2013 was in the range of 42.3 per cent to 100 per cent, with an average detection of 96.6 per cent (6 percentage points better than the testing house's last Android security software review, which was put together in October). Only a few programs created false positives on AV-Test's test systems during the latest review.

An overview of the results can be found here: http://www.av-test.org/en/tests/mobile-devices/android/nov-2013

The German testing house found that the main difference between free and paid-for Android security apps came from the features they offered rather than in detection of malign apps. Premium security features included functions such as anti-theft, backup and encryption.

The favourable results are welcome given that Android malware is becoming a growing nuisance. In total, AV-Test has already registered more than 1.5 million Android-related malware samples in 2013, and we have more than 1.8 million total in its database. During November 2013, for example, AV-Test was receiving about 6,000 additional unique samples per day.

(ElReg)
Title: Re: Only Google have possibility to automatically protect Android phones ?!
Post by: devnullius on 22. December 2013., 21:35:53
Android users expecting Windows levels of performance from Android-specific antivirus packages are likely to be disappointed because only Google can automatically delete dodgy apps on Android devices, say malware experts.
True! I was very disappointed! As noticed by me, it's only apk scanning. No hidden process detection, rootkit support, ... Nothing to make it "real" (http://scforum.info/index.php/topic,8519.0.html - pinned topic)

"They have to alert the user and hope that the user is able to uninstall them manually, using the usual Android uninstall routine."
I had different behaviour, but I was rooted... More power, more risk ;p But android without root... Seriously?? No thanks! Just amp them AVs ;p

This existing but under-reported behaviour is not inherent to the architecture of Android smartphones and tablets.
Of course not - it's Linux! It's a computer! A full OS! Grmbl.

"Only Google has the power to use it [the 'kill switch'], as far as we know, but in past they only focused on disabling malicious apps which made it into the Google Play store. It looks like that they don't really care about any third party marketplaces, but leave this field to the AV [antivirus] companies."
Another one for my "Why I start to hate Google article..."! (http://scforum.info/index.php/topic,8155.msg20776.html#msg20776 and further)

We invited Google to explain the design rationale for this treatment of malicious apps on Android devices but are yet to hear back from them.
Evil they becomming! EVIL! Nothing left from the noble and fair company they once were... And Facebook opened the gates to hell, influencing Google even further... :s

(http://fc07.deviantart.net/fs71/i/2010/255/1/3/joda__la_venganza_de_los_sith_by_anbupi2002-d2yluji.jpg)

Marx reckoned the warning feature of Android anti-malware scanners meets the practical needs of consumers and enterprise users.
Let me guess... The same fuckers that made Apple what it is today? ;p

"however, the on-installation check is the most important anti-malware feature."
... making it last in features even to MS DOS 4.11!

During November 2013, for example, AV-Test was receiving about 6,000 additional unique samples per day.
... making it pretty sure that, in a few years, we will start to learn about large botnets mining Litecoins on Droid phones for years, undetected.

You read it first here @ scforum!

; -) karma!!!

Devvie


~~~ notemail@facebook.com ~~~

Conare nullius momenti videri fortasse missilibus careant
——
All spelling mistakes are my own and may only be distributed under the GNU General Public License! – (© 95-1 by Coredump; 2-013 by DevNullius)
Title: Re: Only Google have possibility to automatically protect Android phones ?!
Post by: Samker on 24. December 2013., 21:10:39
...

(http://fc07.deviantart.net/fs71/i/2010/255/1/3/joda__la_venganza_de_los_sith_by_anbupi2002-d2yluji.jpg)

...

During November 2013, for example, AV-Test was receiving about 6,000 additional unique samples per day.
... making it pretty sure that, in a few years, we will start to learn about large botnets mining Litecoins on Droid phones for years, undetected.

You read it first here @ scforum!

...

Do you want to we call you Joda or Nostradamus

;D


By the way, I share your opinion about new & more threats for Android.  :thumbsup:
Title: Re: Only Google have possibility to automatically protect Android phones ?!
Post by: devnullius on 24. December 2013., 21:37:02
Jonastra of course!

Duh  8)

devnullius
Title: Re: Only Google have possibility to automatically protect Android phones ?!
Post by: Lutpop on 17. February 2017., 16:48:53
Thanks
Title: Re: Only Google have possibility to automatically protect Android phones ?!
Post by: mmgpotax on 08. June 2017., 15:53:02
Google, has ability to do anything ... especially at the level of iOS Android. Currently, archives. In mobile phones, little more than the contact agenda we stored, but smartphones do keep important personal information about their users. From photographs to documents, and all this happening through banking data among another wide variety of 'sensitive data' that we should protect in a good way. And in addition to applying an unlock pattern or PIN code, it is also interesting to protect our folders with a password to give greater security.
The first thing is to apply security to the unlock screen, something we can do from Settings> Security on any Android device. And to add a password to any of the folders stored in the smartphone, then we will have to download an application like FileLocker. Once downloaded and installed on the device, it will run as a file browser and allow us to select which folders and files we want to protect with password.

With this application, we will simply have to select the documents or folders that we want to protect with password and, obviously, configure one that serves later to access all its contents. In this way, all contents will remain visible, but can only be accessed if we have the corresponding password. On the other hand, the application also gives us the ability to disable this password at any time, or change it to a new one for one or more files.
Title: Re: add a password to any of the folders stored in the smartphone
Post by: Samker on 17. June 2017., 09:51:14
---

From photographs to documents, and all this happening through banking data among another wide variety of 'sensitive data' that we should protect in a good way.

---
And to add a password to any of the folders stored in the smartphone, then we will have to download an application like FileLocker. Once downloaded and installed on the device, it will run as a file browser and allow us to select which folders and files we want to protect with password.

---

Very good tip and advice. :thumbsup:

FYI, I'm using "AppLock" for my Samsung: https://play.google.com/store/apps/details?id=com.domobile.applock&hl=en

Title: Re: Only Google have possibility to automatically protect Android phones ?!
Post by: kammz7 on 27. June 2017., 07:14:26
Anyone else can write more responses here?