MIAMI – More than a third of all Google Android applications contain some form of malware, according to tests conducted by BT. A security expert for the U.K. telecom service provider said it expects to test apps for other mobile operating systems and find similar results.
“We analyzed more than 1,000 Android applications and found a third compromised with some form of active or dormant malware,” said Jill Knesek, head of the global security practice at BT. “Almost every device is compromised with some kind of malware, although often it’s not clear if that code is active or what it is doing,” she said in a panel discussion at the NetEvents Americas conference here.
Wayne Rash, a technology journalist moderating the panel, said he was reviewing a Samsung Galaxy S3 handset and found malware in an Android applications provided by Google. “This is a device considered by some people to be the best smartphone on the market right now,” Rash said.
“There’s plenty of anti-malware software available for Android and other mobile operating systems, but companies don’t often insist on using it,” Rash added.
Malicious code is just one example of the many security vulnerabilities in mobile systems. GPS devices can also be hacked, said Knesek.
“It’s going to take one young woman to be stalked, raped and killed before people realize the need security on GPS,” said Knesek a former cybersecurity expert for the U.S. FBI who worked on the Kevin Mitnick case.
Indeed, a U.S. researcher testified before Congress last week about the security holes in civilian GPS. At least a dozen presentations at this week’s Black Hat conference talked about vulnerabilities in mobile systems.
Even security technologies working their way out of the lab, such as biometrics, have their vulnerabilities. “I think hackers will steal biometrics with man in the middle hacks--handsets need to be encrypted end-to-end as the Backberry does,” she said.
The good news is thanks to the latest deep-packet inspection (DPI) chips, a new wave application-aware firewalls is emerging from companies including Cisco Systems, Juniper Networks and Palo Alto Networks. The chips can detect and block individual applications, said Jurrie van den Breekel, a director of marketing for test specialist Spirent Communications (Calabasas, Calif.).
“We see this as a very big market, and we get a lot of demand for testing the technologies,: said van den Breekel, speaking on the panel. “You will be able to select what kind of app you allow--you can block DropBox and Skype, for example, to prevent corporate data from winding up on those services.
One Latin America service provider already uses DPI to create separate mobile data packages for email and social networking apps such as Facebook and Twitter, said van den Breekel.
“Service providers will have the option to allow access to only certain apps—they will offer one thing and block the rest,” he said. “We are just at the very start of this trend,” he added.
Android users beware, more than 50 mobile apps in the official Android Market have been discovered containing malware that could have compromised sensitive and personal data. While Google has already yanked the apps from the Market, this first big infection highlights the inherent vulnerability of Android's openness to developers. Check here for more info http://drawsomethingcheat.eu
Now that they have used the dubious excuse of 9:11 to put GPS tracking of every citizen into your phones, they now want to use the dubious excuse of malware and other scare tactics to make everyone have privacy-invading DPI chips in every phone.
If they do much more to "protect us" then we will be so repressed and have so few rights that we won't have a life worth protecting.
All we need is good, strong, open-source encryption.
If mobile software has vulnerabilities then it should be open-sourced so the community can fix it.
I recently saw an article on Android Anti-Virus Software. It pointed out that EVERYTHING in an Android is sandboxed. Therefore an Anti-Virus program can't see the programs it is trying to detect, by definition. Malware can't see your information, unless you say it can. What is crazy to me is that there are so many apps out there that require every permission in the book. On the one hand, that should set anyone's suspicions off. On the other hand, users shouldn't be required to look at a laundry list of permissions to decide whether a specific app should have them. Most are unable, and many have both legitimate and illegitimate uses. So, a program that uses it legitimately could use it illegitimately as well.
The best answer, I am sorry to say, is to take all those permissions away. I can be identified by my GPS location alone (I spend time at home, right?) any app that can see both my GPS and the Internet could be a stalking tool. The only solution is for the apps to be code inspected by a third party certification agency. Then the distribution package gets compiled by the App Store from the inspected code. The developer pays for this and doesn't know who the inspector is, of course.
It may sound extreme, but it is the only solution that will allow full flexibility in the apps and block the potential abuses.
Every app submitted will be evaluated by some app reviewer. This is done against a long checklists, so if your app just shows some information with some random button it will definitely rejected. In terms of privacy, if the app access user location, the system will pop up notification to ask for permission. So the user is making a conscious choice whether to allow or not.
But all this is hidden from the average user.
People reading this should be a few notches up the fodd chain of software/hardware, but even we have difficulty understanding all this.How is your grandma supposed to figure it out?
It is irresponsible because it creates a scare where there should be education. Nothing Mrs. Knesek mentioned is actually "malware". The definition of malware is "software that does bad things". Not "software that does as it is told". Heck, BT themselves backpedaled on her comments. And if you think the FBI is credible on those things then ask yourself why they, themselves, are so widely hacked and "owned". BT HAS a financial interest in people being scared because THEY sell security practices.
Until someone gets hurt either financially or personally then the issue like they say " that dog won't hunt". I also was wondering what the effect on the performance of the android machines the "malware" software was causing and what was it doing? It was not clear to me from the article that they knew what all the rogue software was doing (if anything). It does not surprise me that there are those who will try to piggyback on software to get access to machines, what does surprise me is this is the first I have heard of it on Androids.
Join our online Radio Show on Friday 11th July starting at 2:00pm Eastern, when EETimes editor of all things fun and interesting, Max Maxfield, and embedded systems expert, Jack Ganssle, will debate as to just what is, and is not, and embedded system.