This is asymmetric warfare. Security folks need to protect against all including, Malware on Android. Whereas Malware writers can focus on one item and create a good piece of code.
Is it a losing battle?, not exactly. Most Malware want to steal our data so, as security folks if we can be realistic about what we need to protect, how much we need to protect and how we can layer the security. This should (hopefully) reduce the risks to acceptable level.
As far as consumers are concerned, I am not sure they we/care because, first we voluntarily allow Google to look into our emails then we voluntarily add all our life history in Facebook on a second-by-second basis.
DISCLAIMER:
"I am not GOD so, I admit that I could be wrong anywhere between 0 - 100%"
According to the article:-
The app would install with a low level of permissions and thus ‘pass under the radar’,
the Indiana Univesity researchers found that it was possible to install apps with either no Permisssions – which an app reveals to a user as it installs, such as ‘(Access to SD Card) – or a few, innnocuous ones, then add more sinister functions when the operating system is upgraded.
While the OS upgrade may well fix security loopoles, quietly upgrading the Permisssions of an unknown app may allow malware near-complete control of the device Any OS upgrade allows apps, “to automatically acquire significant capabilities without users’ consent once they upgrade to newer versions,” the researchers wrote.
The researchers warn that the flaw affects ALL Android users worldwide, regardless of the age of their handset.
The links below has more information:
No comments:
Post a Comment