Hi all,Thought I'd put my 2c (probably 10c with all I've written below) in here as this is actually a more complex area than a lot of people realise and there isn't necessarily a clear answer for everyone.
Most instances of Android malware have been on third party sites (if you download a not quite legitimate version of Angry Birds of a Chinese pirate web site then really you are asking for trouble!), however there have been instances of malware on the Android play store.
Generally instances of malware on the real play store have been uncovered relatively quickly. The key thing, as with most apps, is when you download anything, look for: - What permissions does it ask for? I can't stress this enough! There are too many "genuine" apps, which ask for way more invasive permissions than they actually need - just look at what access you are giving Firefox for instance, did you know that if it wanted, Firefox could record your phone calls, photograph your surroundings and note your exact location, and send it to anyone, anywhere on the internet, all without you knowing a thing about it? We *assume* it doesn't because Mozilla is a big company and there are millions of Firefox users, but what about the next app, and the next one... - How long has it been on the play store? If it's been on the play store more than a few weeks, there is a much higher chance that it would have been noticed if it was malicious. - How many downloads does it have? Again, the more downloads something has, the more likely it will have been picked up if it's acting suspiciously. - Does the description / what's new information explain all the permissions needed and functionality of the app?
The trick is, that you need to take this all into consideration even when an app that you have been using comes out with an update, as it's basically downloading a whole new app to replace the one you have been using. I get really mad when I see a "what's new" section which simply says "Bug fixes", and the app is suddenly asking for new permissions.
Finally, technically what you get on Android is malware rather than viruses (viruses replicate themselves into the executables of other programs, however the way Android is sandboxed, that can't happen unless your phone is rooted). Malware is just as bad as there have recently been instances of "ransomware" apps on Android (not on the play store yet) which can actually encrypt your phone and demand a payment to unencrypt it.
There has been a very similar thing going around the iPhone community recently. In that case it is possibly the result of people using the same password for their iCloud account which they had used for other services which had been hacked recently, which goes to show even more that keeping yourself self is no longer (if it ever was) about having an anti-virus or anti-malware app to catch anything nasty which might try to come in - far better to avoid encountering it in the first place.
Infected websites are one source of malware which can be hard to predict - obviously if you go to ww.download illegalsoftware.ru you are asking for trouble (no I didn't bother checking whether that domain even exists, I'd avoid the link just in case!) but you can't know whether someone has hacked the web page of your favourite news source or shoe shop - of course if the new york times gets hacked today, it will make the news, tomorrow, which won't help you if you visit the site while it's infected...
Finally one of the most successful things the bad guys do to get people infected is to try to convince you to download their malware your self - those emails from paypal which ask you to login to fix a security problem (yet redirect you to a site in Russia), the ads which tell you that you're the 1 millionth visitor, click here to collect your prize, or just click here for a free $500 supermarket voucher etc etc.
After all that, is it worth having an anti-malware app if you are diligent and careful about what you install, what links you click on and email attachments you open? It's not quite as clear cut as on say a PC. For one thing, any app running in the background uses some of those precious resources phones have so little of - particularly battery life, and to date malware infections on Android where users haven't done anything silly, have been extremely low. I like to think I am careful with what I install and where I go, however I do have security software on my phone. I will also quickly say, that it's never actually found anything malicious though it has warned me about several apps I've gone to install which it said have been reported as intrusive adware and it also reminds me if I side load something (which I've done a couple of times to beta test things for developers) and forget to turn "allow installing from unknown sources" off again.
Whether to use an anti-malware app is much like the debate about whether to use a memory manager / app killer app - there are very good and valid arguments on both sides, and neither side is clear enough ahead to make an absolute ruling one way of the other. If you do decide to use a security app, read the permissions, read the description, be aware of the risks you are trying to protect yourself against, read the features and decide whether the app will protect you in that way, and whether you need the features it offers.... and let us know if it is accessible!
Regards Quentin. On 31/05/2014 11:47 AM, Aaron Linson wrote:
I disagree if you don't go outside the play store your fine! Thanks, Aaron Linson blindpodcaster.com <http://blindpodcaster.com> Being Confident in Your Ability, not Your DisabilityOn May 30, 2014 8:39 PM, "norman's list account" <dmarc-noreply@xxxxxxxxxxxxx <mailto:dmarc-noreply@xxxxxxxxxxxxx>> wrote:hi. Antivirus is at least as important on android as the computer. I believe avg has an ap, not sure about mallware bytes. There are lots of good antivirus aps, i use one called trustgo. As for bar codes, i haven't used that feature much so can't comment. Norman. This is my list account. If you need to contact me pleas emailnorbking@xxxxxxxxx <mailto:norbking@xxxxxxxxx> Or call or text717-516-1135 <tel:717-516-1135> Norman. This is my list account. To reach me Please email:Norbking@xxxxxxxxx <mailto:Norbking@xxxxxxxxx> Or call or text:717-516-1135 <tel:717-516-1135> On 5/29/2014 11:25 PM, Troy Burnham wrote:Hi All, First of all, will I need to have some sort of virus or malware protection on my phone since I will be online with it, and if so can I use the same things I use on my computers which is malware bytes pro and AVG? I understand that there's at least one app that can be used as a bar code reader, but if I want to identify a product do I need to take a picture with the bar code facing the phone so the app can identify it or does it not matter as long as the product I'm identifying is in the picture? Thanks. Troy No virus found in this message. Checked by AVG - www.avg.com <http://www.avg.com> Version: 2014.0.4592 / Virus Database: 3955/7591 - Release Date: 05/30/14
--- This email is free from viruses and malware because avast! Antivirus protection is active. http://www.avast.com
