Android malware infestation
 

http://www.tgdaily.com/security-feat...+-+All+News%29

:eek:

Re: Android malware infestation
 

Wondering if this could happen to Maemo...

Re: Android malware infestation
 

I think we have warnings about similar concerns in the past, however with so few devices sold I wonder if it would be worth a developers time to place malware on a meamo app anyway.

Re: Android malware infestation
 

You can never defend against user stupidity, regardless of the OS. If Maemo (or MeeGo) were a big enough target, and your users dumb enough to be convinced to load software from some random, no-name website, then yes it could happen.

I'll take the risk and bank on educating users than going the Apple path of the walled garden where instead I am spied upon by companies ;)

Re: Android malware infestation
 

..... and this is why i prefer open source

i cant believe one of those apps got over 50,000 downloads before someone realized it was sketchy

Re: Android malware infestation
 

I can belive you make code review for every package you wanna install.

Re: Android malware infestation
 

there has been multiple times when people have literally opened their devices to possible malware. so only thing missing is motivation to add some malware to packages/images.

(leaked PR1.3 + multiple questions about packages installed from murky locations)

Re: Android malware infestation
 

;-)

At least some checks should be done.
There are several Antivirus tools for Linux like AVG,
Avast, F-Prot, Clamav, Avira AntiVir (I am not sure, if any of them were ported to Maemo 5).
There are also Web services were you can scan a file before putting it on the N900.
Scanning your N900 binaries in /usr/bin (and similar) from time to time may also tell you if you already got an infection.
Of course you'll never have a 100% security.
Of course the best security software is "Brain 4.0".


There were several threads for this topic:
http://talk.maemo.org/showthread.php?t=31373
http://www.forums.internettablettalk...ad.php?t=61583
and so on...

Re: Android malware infestation
 

I wonder if our repositories (devel extra, whatever) are frequently
scanned or whenever a new file is uploaded?

Re: Android malware infestation
 

My point was not that you would review every package's source before installing it, but that someone would. Looking at it from a Maemo perspective, I find it hard to imagine that such malware would last very long in our repositories before someone identified it as obvious crap. Granted Maemo has far less downloads than Android, but open source can only help in this scenario.

Re: Android malware infestation
 

Anyway we could run some scans of the N900?

Re: Android malware infestation
 

I question whether being open source is great protection against malware.

Have you gone through the source code of all the apps on your phone? I doubt 2% has been examined by anyone for malware.

It would not be difficult to obfuscate injurious functions even in source code, especially with the code bloat that present-day SDK's bring with them. Glazing over after following execution across numerous functions across even a few files, it would be easy to overlook a quick malicious act.

Some day, someone may trip across something, but odds are a bright programmer would be able to be long over the horizon by then.

Re: Android malware infestation
 

One has to be careful about what one installs, period. Before installing a program, on any OS, I have a look at who is the creator, what reputation does he/she/it have, etc. If it is a copylefted program then I am much more trusting and generally feel very safe installing it. If it is closed source, I am much more skeptical and careful.

Re: Android malware infestation
 

Like rm42 said, open source is certainly not a cure-all for preventing malicious software. But you can't deny that it helps.