Do you have adblock enabled?
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Japan Times)   According to Symantec, Android app that masquerades as power-saving software in fact exports your entire contact list to dating website. Fortunately, in Japan that means only your virtual girlfriends will get resulting spam   (japantimes.co.jp) divider line 23
    More: Scary, Symantec, Android Phone, contact list, dating sites  
•       •       •

2801 clicks; posted to Geek » on 26 Jul 2012 at 12:23 PM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



23 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2012-07-26 12:27:53 PM  
My Android has a way to store friends and contacts? This could come in handy if I ever make a friend.

*sobs quietly*
 
2012-07-26 12:30:25 PM  
When was the last time Symantec was right about anything?

/Probably true, but still. Fark Symantec. All hail MSE
 
2012-07-26 12:48:03 PM  
Read those permissions people
 
2012-07-26 12:49:47 PM  
Smartphone users first receive an email message featuring the application. Once it is downloaded, a message pops up saying the application is not compatible with the smartphone in use. Below the surface, however, the application has extracted all the names, phone numbers and email addresses on a user's address book, according to Symantec.

Downloaded from where? Since this is Android we're talking about it could be from anywhere, correct?
 
2012-07-26 01:07:47 PM  

theurge14: Downloaded from where? Since this is Android we're talking about it could be from anywhere, correct?


Yeah this is akin to someone clicking on a PLEASE CONFIRM YOUR USER ID AND PASSWORD from HBSC Bank.
 
2012-07-26 01:08:35 PM  
I sure wish I wasn't in this walled garden so I could perpetually uninstall the malware du jour.
 
2012-07-26 01:16:27 PM  

Edward Rooney Dean of Students: When was the last time Symantec was right about anything?

/Probably true, but still. Fark Symantec. All hail MSE


And this concludes all necessary reviews of Symantec.

Seriously, they should have press releases for each time their software actually finds, stops and removes a threat.
 
2012-07-26 01:17:11 PM  

H31N0US: theurge14: Downloaded from where? Since this is Android we're talking about it could be from anywhere, correct?

Yeah this is akin to someone clicking on a PLEASE CONFIRM YOUR USER ID AND PASSWORD from HBSC Bank.


And then telling their phone "it's OK to download and install apps from places other than the Market".
 
2012-07-26 01:26:58 PM  
Huh. This app said it would tell me the weather. Instead, it emptied out my bank account. Must be some sort of virus. Better call Symantec; drink my own piss.
 
2012-07-26 02:30:39 PM  

Surool: I sure wish I wasn't in this walled garden so I could perpetually uninstall the malware du jour.


If you realize you aren't ready for the big bad world and you still need your training wheels then at least you recognize that. If you're careless enough to install any app out there from any source and not read the permissions it asks then by all means stay in your walled garden.

"If you can't take a little bloody nose, maybe you ought to go back home and crawl under your bed. It's not safe out here. It's wondrous, with treasures to satiate desires both subtle and gross. But it's not for the timid. "
 
2012-07-26 02:54:41 PM  

maxximillian: Surool: I sure wish I wasn't in this walled garden so I could perpetually uninstall the malware du jour.

If you realize you aren't ready for the big bad world and you still need your training wheels then at least you recognize that. If you're careless enough to install any app out there from any source and not read the permissions it asks then by all means stay in your walled garden.


Yes, it's the user's fault for downloading an app that says it does one thing but actually does something else completely related. Perhaps if there some sort of a system of review for such apps that could help.
 
2012-07-26 03:57:45 PM  

theurge14: maxximillian: Surool: I sure wish I wasn't in this walled garden so I could perpetually uninstall the malware du jour.

If you realize you aren't ready for the big bad world and you still need your training wheels then at least you recognize that. If you're careless enough to install any app out there from any source and not read the permissions it asks then by all means stay in your walled garden.

Yes, it's the user's fault for downloading an app that says it does one thing but actually does something else completely related. Perhaps if there some sort of a system of review for such apps that could help.


First the article doesn't say if it was on the official android market. If you're getting it from some random place online you had better be careful and secondly when the app installs the Android OS will tell you what access rights the app is requesting. If a power saver app is requesting access to your contacts maybe that should give you pause to ask "why would it need that, i'm not going to install it"

But you're right Apple never had a problem with apps stelaing contact data
nope
 
2012-07-26 04:13:19 PM  
The point isn't letting apps access your contact data or not, the point is downloading an app that describes itself as doing one thing and actually doing something else. I believe subby used the word masquerades.
 
2012-07-26 04:30:58 PM  
OMG, everyone panic!
This has never happened before on any computing platform ever!
I have to go throw my demon infested phone away to prevent the spread of evil!
 
2012-07-26 04:58:45 PM  

theurge14: Yes, it's the user's fault for downloading an app that says it does one thing but actually does something else completely related.


Yes.

If you install an app that is supposed to help battery life and, as you install it, you are warned that it a) Needs access to contacts and b) needs access to the internet and you still say "Go ahead and install" then you are an idiot.
 
2012-07-26 05:14:30 PM  
sphotos-a.xx.fbcdn.net

/fyi

Farking Canuck: If you install an app that is supposed to help battery life and, as you install it, you are warned that it a) Needs access to contacts and b) needs access to the internet and you still say "Go ahead and install"

that you downloaded off the internet then you are an idiot.

/basically
 
2012-07-26 06:17:57 PM  
This only affects japanese speakers AFAIK.

watashi wa kinbaku suki...
 
2012-07-26 11:40:53 PM  

Edward Rooney Dean of Students: When was the last time Symantec was right about anything?

/Probably true, but still. Fark Symantec. All hail MSE


I stopped reading as soon as Symantec was mentioned. Yeah, just cleaned a whole load of trojans off an MSE protected computer.

*not sure if serious.jpg*
 
2012-07-27 12:34:48 AM  

theurge14: The point isn't letting apps access your contact data or not, the point is downloading an app that describes itself as doing one thing and actually doing something else. I believe subby used the word masquerades.


Why that sounds downright fraudulent.
 
2012-07-27 12:51:41 AM  

Herr Flick's Revenge: This has never happened before on any computing platform ever!


Well, it has happened on every computing platform ever (except BeOS, nobody used that shiat).

The disappointing part is that Android is a new platform and could have been designed to prevent this kind of thing from happening, but if Symantec is to believed, it was not.
 
2012-07-27 03:31:42 AM  

poot_rootbeer: Herr Flick's Revenge: This has never happened before on any computing platform ever!

Well, it has happened on every computing platform ever (except BeOS, nobody used that shiat).

The disappointing part is that Android is a new platform and could have been designed to prevent this kind of thing from happening, but if Symantec is to believed, it was not.


It's Linux on ARM.
It's not that new.
 
2012-07-27 07:23:12 AM  
24.media.tumblr.com
 
2012-07-27 06:48:45 PM  

poot_rootbeer: Herr Flick's Revenge: This has never happened before on any computing platform ever!

Well, it has happened on every computing platform ever (except BeOS, nobody used that shiat).

The disappointing part is that Android is a new platform and could have been designed to prevent this kind of thing from happening, but if Symantec is to believed, it was not.


Android is horrible for data security - you can't even search apps by permissions, and you have to agree to every permission they want or you can't install it. Many of the permissions are horribly pervasive, such as "Read/Write to SD Card" not only lets some app save your preferences, but read/overwrite any other data that happens to be on the SD Card, regardless of file ownership.


Additionally, a clean app could be on sale in the store and have a great rating, only to have the original developer get bought out by a fly-by-night data mining company that tosses in a data-rape patch "for security updates and bonus levels" when the application is supposedly vetted.

As far as platforms go, it's more like an all you can eat user-data buffet than anything else.

Most apps aren't malicious, but that's because they don't want to be - not because there's any shred of security
 
Displayed 23 of 23 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »
Advertisement
On Twitter






In Other Media


  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report