Banking apps on Android phones most at risk of virus: Kaspersky

Arthur

Honorary Master
Joined
Aug 7, 2003
Messages
25,733
Like with Windows on the desktop, there are probably tens of thousands of technically savvy people working round the clock to find and use every possible hole, vulnerability and weakness in Android. And they will not stop while Android remains widely used.

The problem, ultimately, is not the technology but human greed that trumps respect for the property and rights of others.

And though it is prudent to take technical precautions (such as decent firewalls, anti-virus software, two-factor authentication, long obscure passwords, etc) this problem cannot be solved by technology, only somewhat mitigated. There is no technical solution to the problem of bad people, nor can there be.

Perhaps the best protection for now is the same as that enjoyed by Linux and OSX on the desktop: security by obscurity.
 

ngwe23

Executive Member
Joined
May 12, 2011
Messages
5,237
Like with Windows on the desktop, there are probably tens of thousands of technically savvy people working round the clock to find and use every possible hole, vulnerability and weakness in Android. And they will not stop while Android remains widely used.

The problem, ultimately, is not the technology but human greed that trumps respect for the property and rights of others.

And though it is prudent to take technical precautions (such as decent firewalls, anti-virus software, two-factor authentication, long obscure passwords, etc) this problem cannot be solved by technology, only somewhat mitigated. There is no technical solution to the problem of bad people, nor can there be.

Perhaps the best protection for now is the same as that enjoyed by Linux and OSX on the desktop: security by obscurity.

How does using Linux or OSX makes one less susceptible to social engineering hacks
 

Arthur

Honorary Master
Joined
Aug 7, 2003
Messages
25,733
How does using Linux or OSX makes one less susceptible to social engineering hacks
It doesn't. But then social engineering hacks are not exploits of the operating system or applications - hence the use of social.
 

ngwe23

Executive Member
Joined
May 12, 2011
Messages
5,237
It doesn't. But then social engineering hacks are not exploits of the operating system or applications - hence the use of social.

You are equally more vulnerable to social engineering hacks on all platforms, so this statement makes no sense because it asserts that you are somehow more obscure if you use Linux or OSX :confused:

Perhaps the best protection for now is the same as that enjoyed by Linux and OSX on the desktop: security by obscurity.
 

Arthur

Honorary Master
Joined
Aug 7, 2003
Messages
25,733
You are equally more vulnerable to social engineering hacks on all platforms, so this statement makes no sense because it asserts that you are somehow more obscure if you use Linux or OSX :confused:
Exactly my point. I think you're answering the wrong guy.
 

Fingolfin

Senior Member
Joined
Oct 15, 2012
Messages
999
The Second Operating System hidden in every phone:
http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone

"Every smartphone or other device with mobile communications capability (e.g. 3G or LTE) actually runs not one, but two operating systems. Aside from the operating system that we as end-users see (Android, iOS, PalmOS), it also runs a small operating system that manages everything related to radio"

"This operating system is stored in firmware, and runs on the baseband processor. As far as I know, this baseband RTOS is always entirely proprietary. For instance, the RTOS inside Qualcomm baseband processors is called AMSS, built upon their own proprietary REX kernel, and is made up of 69 concurrent tasks, handling everything from USB to GPS"

"The problem here is clear: these baseband processors and the proprietary, closed software they run are poorly understood, as there's no proper peer review. This is actually kind of weird, considering just how important these little bits of software are to the functioning of a modern communication device. You may think these baseband RTOS' are safe and secure, but that's not exactly the case. You may have the most secure mobile operating system in the world, but you're still running a second operating system that is poorly understood, poorly documented, proprietary, and all you have to go on are Qualcomm's Infineon's, and others' blue eyes"

"With this in mind, security researcher Ralf-Philipp Weinmann of the University of Luxembourg set out to reverse engineer the baseband processor software of both Qualcomm and Infineon, and he easily spotted loads and loads of bugs, scattered all over the place, each and every one of which could lead to exploits - crashing the device, and even allowing the attacker to remotely execute code. Remember: all over the air. One of the exploits he found required nothing more but a 73 byte message to get remote code execution. Over the air. "

"You can do some crazy things with these exploits. For instance, you can turn on auto-answer, using the Hayes command set. This is a command language for modems designed in 1981, and it still works on modern baseband processors found in smartphones today (!). The auto-answer can be made silent and invisible, too. "
 
Top