

Android Malware Increased 3,325 Percent in Seven Months - techinsidr
http://www.securityweek.com/android-malware-increased-3325-percent-seven-months-says-juniper-networks

======
JeffreyLi
I thought Androids ability to show you everything an app will have access to
would prevent most of this stuff, apparently not. Some people just really want
Lady Gaga wallpapers enough to give away control of their phone.

~~~
nextparadigms
Google is certainly not helping there, giving descriptions to permissions that
are way more vague than they should be.

What exactly does "Full Internet access" mean? How about "Access to contact
list"? - and so on. In reality they are not as dangerous as they seem. I don't
think that even means it gives access to the contact list the way iOS does it.
I think it just means the app can fetch those contacts in a widget, or a SMS
app, or something, but definitely not sending it to their servers.

Still, I wish they were more clear about this, because either it makes you not
want to install the app at all, even though it's safe, or you start ignoring
all these permissions, and install all apps without even looking at them,
because you don't understand them anyway.

~~~
darrenkopp
It's funny, because they are quite clear. Click on the "Permissions" tab and
you can read through the permissions the app requires and what those
permissions entail.

<https://market.android.com/details?id=com.twitter.android>

~~~
habith
I've noticed that after the 3.3.4 market update I cannot view the permissions
of installed applications. I used to be able to go to an installed app, Menu -
Settings - Security, and view its permissions, that's all gone now.

Also, the permissions do not appear on the app's installation page, they
appear on the confirmation page before installing (after clicking
download/buy), that's not very good UI.

Before the 3.3.4 update, the permissions on my phone were just the titles with
no description (Full internet access, Read phone state and identity, etc.), so
Kudos to them for adding descriptions.

However, I was shocked after the update when I learned what "Read phone state
and identity" really means, here's the description: "Allows the application to
access the phone features of the device. An application with this permission
can determine the phone number and serial number of this phone, whether a call
is active, the number that call is connected to and the like."

That seems pretty invasive for what I _assumed_ was a GUID or a token of some
sort to authenticate purchases or keep track on installations. I wonder what
"the like" means in that description.

------
calciphus
So this is counting number of "malicious" programs, not infection rate. Sounds
to me like Google is probably getting better at pulling these things out, so
they get resubmitted. Before, you could create an app and leave it in the
store. With the Bouncer in place, you have to resubmit every few hours.

Seems more like linkbait than good science. Show us number of
infections/downloads, not submissions that go nowhere.

------
mbarr
"... application stores are fast becoming the prime delivery mechanism for
infected applications..."

I completely disagree with that statement. People downloading pirated or fake
APKs from the web is the prime delivery mechanism for infected applications.

~~~
mc32
Juniper Networks seems to agree to some extent on that claim:

<http://www.juniper.net/us/en/security/>

They cite lax submission process, lack of code signing, and review process.

Sure it's a bit-self serving, but I don't imagine they're that far off in
their assessment.

