Security research labels more than 290,000 Google Play Android apps as 'high-risk'
Source: Network World US
Security vendor Bit9 categorized these Android apps as "questionable" or "suspicious" because they could gain access to personal information to collect GPS data, phone calls or phone numbers and much more after the user granted "permission" to the app. "You have to say 'yes' to the application or it won't run," pointed out Harry Sverdlove, Bit9 CTO.
Games, entertainment and wallpaper apps especially seem to want to grab data, even though the their functions would seem to have little direct use for it.
Bit9 notes this doesn't mean these apps are malware per se, but they could do damage if compromised because the user has granted so much permission.
Read more: http://www.pcadvisor.co.uk/news/mobile-phone/3408388/security-research-labels-more-than-290000-google-play-android-apps-as-high-risk/
That almost half of the apps available for Android.
SheilaT
(23,156 posts)I don't have a smart phone. Is there a chance I'm doing something right?
Added on edit: I am extremely wary of using a phone to pay for things at a check-out stand. I keep on thinking that it's not really as secure as I'm assured it is. What if one of those apps is designed to go straight to your checking account, or wherever you get the money from to pay for stuff with the smart phone, and then simply empties out your account?
sir pball
(4,742 posts)It's not an "app" per se, it's just using a chip in your phone to replicate the chip in a tap-to-pay debit card or keyfob. The only actual access to your money is via the POS terminal in the store; if it would clean out your account using GWallet, it would also do it by swiping your card.
SheilaT
(23,156 posts)cash.
They seem to think that by carrying twenty bucks or so in cash leaves one walking around below a giant neon sign that says "I have cash on me! Rob me!"
Personally, I prefer to pay for day-to-day purchases in cash, rather than trust a chip in my phone. Who is to say the chip in my phone, or the POS terminal at the store can't be hacked in some way?
dixiegrrrrl
(60,010 posts)We have had town wide loss of computer power twice in the last few years
( road crew managed to cut the only 'puter line that town has, apparently)
and without cash, no groceries.
One of the cuts came on a Friday, which is payday for folks here. So of course no line repairs till at least Monday.
Lots of folks realized getting gas was a problem, too.
SheilaT
(23,156 posts)In 1982 I was getting gas at a station in Minneapolis, where I then lived. I was always in the habit of simply putting a fixed dollar amount in the car, probably about $10.00 at that time. I finished pumping my gas and went in to pay, with cash, as I always do. They then had a power interruption and it was going to be a bit before anyone could use a credit card. I was able to give my cash and walk out ahead of anyone else.
Cash. It's so versatile. And welcome everywhere.
sir pball
(4,742 posts)I try to always have at least some cash on me. I should probably use it exclusively if for no other reason than it's a lot harder to overspend; you're much more conscientious of handing over real money as opposed to swiping a card.
Just saying that pay-by-phone really isn't any less secure than a tap-to-pay card or even a regular card. Cracks of NFC systems (any tap-to-pay systems) have been demoed but are pretty impractical; it's much easier to break the terminal. Had it happen to me just a few months ago actually, Rite Aid's systems were compromised so the bank issued new cards to everybody who had shopped there recently.
Xithras
(16,191 posts)It's really simple. When you install an app on Android, the Play installer will tell you what the application gets access to. You have to APPROVE that access. If you download a wallpaper app that requests control of your entire phone, and you give it that access, then who is really at fault? It only takes a couple of braincells to figure it out. In fact, Androids app security model is pretty much identical to the security model Apple recently added in iOS 6. Android has always forced the app to ask permissions to anything, but iOS versions prior to 6 only required permissions for geolocation data...it was open season on everything else on the phone. I remind you of the Path debacle earlier this year in which an iPhone app was caught copying and uploading entire contact lists off of iOS devices. THAT'S a high risk app, and it's a scenario that has never even been possible on Android. Apple closed that security hole in iOS 6 by adopting the Android "ask for anything" model.
And the article itself says that they're moving onto Apple apps next. Permission trolling is just as pervasive on Apple devices as it is on Android devices, and Apple ignores it just as much as Google does. App writers can ASK for anything. If the user grants the app permission, that's the users problem.
rablrouzer
(66 posts)From the linkbait site:
* 42% access GPS location data, and these include wallpapers, games and utilities
There are many Android applications that use your GPS location data to provide local weather, and more. If you don't want applications using your GPS location, turn off GPS on your phone, or don't install weather, time, coupons, friend search, WiFi finders, games, or wallpapers.
* 31% access phone calls or phone numbers
It is phone for gawd's sake. There are lots of apps you may want to install to improve on the standard Google Apps. Turn on Facebook and surrender any illusion of privacy.
But more important, would you want an App (like a game) to keep your phone from ringing? Apps need to "know" the phone state, if for no other reason than to get out of the way when it rings.
* 26% access personal data, such as contacts and email
Can I just say "duh" here? Install a game to play over the internet with your friends, and it will access your contacts. Install a camera app or photo editor that "shares" photos, and it will access your contacts to share the picture.
* 9% use permissions that can cost the user money
Using your basic phone to make a call, sending an SMS, sending a text message, COST MONEY!
Buying a new "level" in a game CAN cost money. Subscribing to a music service like Spotify or Pandora CAN cost money.
CONCLUSION. This piece is pure propaganda. What is says applies equally to Android, iOS, Windows Phone, and Blackberry.
If you're careless enough to download wallpapers for hot Russian babes (or hunky Firemen), you may be pwned. Be careful. But don't let crud like the link here send you fleeing to an iPhone. You're no safer there. And if you think you have any privacy from Auntie Apple and her iAds, you ain't read her terms of service.
.99center
(1,237 posts)+1
tkmorris
(11,138 posts)Welcome to DU.
qanda
(10,422 posts)LOL Honestly, if you don't want to give someone permission then don't install the app-- you do have options.
SoapBox
(18,791 posts)I've never trusted the "Droid" from day one.
.99center
(1,237 posts)that you dig up a misleading article about Apples competitors every time there's bad news for Apple? Adware on phones (including iphones) isn't LBN IMO.