Developed by the News of the World perhaps?
Criminals have increased the functionality of Android Trojans with a new strain that is capable of recording, and not just logging, conversations on compromised smartphones. Previous mobile malware strains for Google's mobile platform had the ability to log the duration and numbers of incoming and outgoing calls. The new …
"Victims would need to agree to install the application, agreeing to grant it permissions including record audio, read the state of a phone and prevent it from sleeping."
... so not so much a trojan, as an app? Bit like saying its a secret spy that you have to invite in, make comfy on the settee and make a cup of tea for!!
OK your post may have a point for all those geeks reading the register, they probably know what they are doing and won't allow access. But how about the guy down the street who can just about use his android phone, how about the older lady who's going through a divorce and doesn't have time to read the small print? Fortunately there are 2 other very good OS choices left. Google must do something or will go down as quickly as it came up.
Shazam also requires these permissions. Is records music and identifies the tune. It might do other things, but we can never really be sure.
If you want an app which records both sides of a conversation then you need to root the device. The permission granted here will only record what was said into the microphone. This isn't much protection though, and none at all if you're on speakerphone.
Anyway, Google should introduce a new permission:
"Allow application to access the audio record path *when a call is not being made*"
Sure there is a risk installing any app. Trust is a consideration and I 'trust' Shazam not to record and use the data without some direct interaction on my part with the app itself.
There is of course the possibility that the source has been compromised and the legitimate app from reputable companies carries something that wasn't intended.
This can be applied to any software. It is a matter of estimating the risk.
The trolls are up early today.
>>> I can't decide... Clearly you would have to be an idiot to click the permission that allows phone calls to be recorded. Only Apple owners need protecting from themselves.
If you actually concentrate while reading the article, instead of concentrating on how to turn an Android security report into a troll against Apple and their customers, you'd have read the important bit:
>>> record audio
i.e. not calls. Who needs protecting again?
Google needs to sort out the permissions for Android, making them more fine-grained and, where possible, using listeners or having apps interact with services on the phone instead of having access to hardware. I'm not an Android developer so I might be mistaken about the setup but from looking at the details of the permissions for apps in the Android Market I believe they make users grant unnecessary control when apps need a small amount of permissions for valid reasons.
There are also apps which require permissions which don't seem to be valid at all, which cautious users ought to avoid if they want to be trojan-free. But when examples of this include the latest Facebook app, which asks for permission to read, send and delete SMS messages (without mentioning any SMS-related functionality on its Market page) it looks like people are being conditioned to grant whatever permissions an app requests. Facebook is probably just trying to find out more about our "social graph" without letting us know and doesn't intend to delete our messages, but needing permission to delete SMS in order to read SMS is something which Google needs to fix.
Facebook requires the following:
SEND SMS MESSAGES
Allows application to send SMS messages. Malicious applications may cost you money by sending messages without your confirmation.
Allows application to receive and process SMS messages. Malicious applications may monitor your messages or delete them without showing them to you.
READ SMS OR MMS
Allows application to read SMS messages stored on your device or SIM card. Malicious applications may read your confidential messages.
EDIT SMS OR MMS
Allows application to write to SMS messages stored on your device or SIM card. Malicious applications may delete your messages.
While you can argue about the exact nature of each controlled action (and I'm sure your analysis is correct) having even more settings will ensure that the normal "scroll the the end of the gobbledygook, press OK" is more likely to be the default action.
Fundamentally, these user-controlled permissions things are just about moving responsibility for OS malware vulnerabilities to the user. It is no better than UAC in that regard.
A more sensible method perhaps would be to have the OS query the user (in a nice, non-techy way) when the app tries to do something. Then the user would have a better idea if bad stuff was happening. e.g., if you saw "app wants to send an SMS to 0909 999555" in the middle of a game, even an ordinary person might have reason to ponder. You'd have the usual 3 options - "Allow" "Allow always" and "Deny", where the latter action of course should fool the app into thinking that it worked.
Just adding that to the permissions system would be enough, so at install time you could select which of the permissions to actually grant, and which you'd like to have the OS provide 'fake' access to - for instance, allow it to get a location fix, but it's always the north pole. Or allow send sms, but the sent sms's just appear in a folder that would allow the user to vet them before possible allowing them to be sent.
The android app store just lists all the permissions an app wants, you either install and grant all permissions or don't install. On another os for phones/tablets I'm using you can install an app and it will ask at run time if you want to let it do stuff. This is a much better system as it puts the user in control and makes it clear when the permission is being used.
The design of the Android system puts the author of the software in control and forces the user to either grant every privilege asked for or not use the software at all.
"Quite - I've been looking for one for a while and can't find a decent (free) one."
Thought about paying for an app? No? You mean you expect someone to write something for free for you? Oh advertising, that you can then block (the big advantage we keep hearing of android..) A study I read from some app devs I read recently said that the ad revenue from Android compared to an actual sale revenue on iOS was about 10% for similar exposure. Cant find the link atm .
Support your devs before they become disillusioned.
So you'll be looking for the one that's stuffed with adverts, where the developer has little motivation to update or add new features. It might be "free" (as in beer) to download - but with all the apps I use regularly, I'll happily pay £2-3 to get rid of adverts - and this gives the developer the incentive to bring out new versions. Rovio please take note!
This kind of deep integration is very fiddly and difficult to get reliable on the reference platform, let alone every other phone out there (and yes, that is a problem). The good SMS-to-email or SMS-to-desktop apps starting to appear definitely won't be free, and if you need it that badly, you should be happy to shell out...
This isnt a voice recording malware, the author of the blog has taken the info out of context. The app does records voice conversation because is a spyware program available in China that was being promoted by the developers of the app as a way to test if their loved ones are cheating on them etc. The thing that made it a Trojan, was that in addition to the base app, the developers snuck in a hidden section to send out a premium sms message. The primary intent of the creator of the app was to skim money from the premium sms, not to spy on people voice conversations not to mention it does not allow anyone outside the immediate phone user to access the files not to mention because of Android Fragmentation does not work.
This app was discovered by NetQun/Symantec over two weeks ago.
There is no excuse for Google to NOT provide us firewall tools that work in hardware and software. They could invite firestarter and firewall builder to develop tools for Android-based phones, and tell the phone resellers to suck it up.
We need firewalls that are easy. We need Intrusion Detection Systems that are more correct than riddled with false positives. We need an audit chain that allows us to out and punish ANY intruder, snoop, manipulator, or extractor of information from our phones or insertion of unsolicited content into our phones.
There is NO frackin' excuse to sell or taunt/tempt us with tantalizing phones and then leave us at the mercy of government and all manner of miscreants at the same time. So f*ckign WhAT there are laws to punish *caught* offenders. What the hell about prevention and proactivity? I installed HiSurfing, but so long as it requires rooting of the phone, it is next to useless except as a "feel-good" tool.
Google needs to learn that OMISSIONS can do h arm. Google needs to realize and act on the fact that not ALL tools of necessity should be left to 3rd party developers nor as an "option" which requires rooting the phone to the point of it not being able to accept honest, no-backdoor firmware and other security updates.
Surely even the dimmest Android user has downloaded an anti virus / spyware app? FFS there are enough of them about and most are even free.
Secondly I agree you'd have to be terminally dim to allow permissions without realising exactly what you've agreed to.
In any event I expect that the apple fanbois have classier spamware installed. Even so I still prefer the 'Dark Side' of Android.
"Secondly I agree you'd have to be terminally dim to allow permissions without realising exactly what you've agreed to."
Perhaps you've missed all those studies where people happily hand over login details for a bar of chocolate, etc. - Even if the installed asked permission for things like 'take all your money', you'd still find people who would click 'accept' just to get their fix of Angry Farmers or whatever.
What is needed is a system that breaks the current 'no permission - no play' access granting system.
Has El'Reg actually tested this?
That blog is lacking any solid information - the name of the trojan would be nice - and as another poster has mentioned most devices will only record the local microphone and not both sides of a conversation - something that wouldn't be testable in the emulator "test environment". I'm going to go ahead and guess that their 27s AMR is silent due to being recorded in the emulator.
That bait of a permission in the screen shot: 'Phone calls: Intercept outgoing calls..." really means "receive a message (an intent for developers) with the phone number being called and be able to terminate the call". It has nothing to do with intercepting the call audio. Android does not have a means to record call audio in the SDK, only the microphone.
Even with Market apps I'm getting very picky about what I will install. PermissionDog is an excellent tool for finding which of your apps has inappropriate privileges. I've removed several which had access to my address book. These included "The Weather Channel" and "QR Droid". Quite why these would need address book access is beyond me. I agree with previous posters (and as an active Android developer) that users should be able to selectively deny permissions on third party applications. Some third party ROMs now allow this. As a related point of interest, am I the only person to wonder why on earth TweetDeck has the ability to spoof my location?
Anyway there are three lessons to learn from this.
One: Users must be sensible about where they install applications from. Stick to the Android market and Amazon and your chances of being pwned are several orders of magnitude lower. Use something like PermissionDog to discover those applications that have seemingly inappropriate permissions, find alternatives and replace them.
Two: Android developers need to change their approach to application development. Develop your core application with the minimum of privileges required. If you want to integrate direct address book access, make that a separately downloadable free add-on - if it isn't a core feature and makes sense to do so. That way, users get the choice of whether to grant the privilege and use the feature, and your core software will probably get more downloads as a result.
Three: Google needs to enhance the security model so that users can choose how an application runs. I would suggest three preconfigured states - "quarantined" in which the application can't access any information stored on the phone other than its own, and can't do anything that would cost the user money - regardless of the permissions it actually requests; "with permission" in which the user gets to selectively grant access to such features when the software requests them and "full access" which is what we have now. We could also have individually crafted recommended settings for individual applications, as defined by the App Store police (or Amazon).
Overall as an Android developer I would also like to see Google create a store-within-a-store that is more heavily curated and policed, in the spirit of the Apple app store (from the security and quality point of view), and I would happily pay a reasonable yearly sum of money for my apps to be more heavily curated and inspected, and to appear in that inner store.
I can kind of understand if malware like this was targetted to handsets of high profile people but if it's something sent out through the Android Market or similar app store, surely the author would soon get overwhelmed with thousands of inanely boring conversation captures? They would have to wade though many 'I'll be late for dinner' or 'Can you believe what she was wearing' snippets before they get to something usable and juicy! Best of luck to them...
Biting the hand that feeds IT © 1998–2021