2 in 3 Android anti-malware scanners not up to the job

Re: a little more believable

You are right to be sceptical of puff pieces from companies that sell actual AV products. I'm a little puzzled, however, that you lose that scepticism when confronted by a puff piece from a company that makes its money merely from "IT security research" rather than a particular AV product.

On the other hand, none of these devices actually seem to have a security model for third-party code (*), so it wouldn't be surprising if *most* devices were not infected. Perhaps the 10.8 million figure refers merely to those for which we actually know the nature of the infection.

(* Google appear to have lifted "as-is" the old ActiveX security model of asking the end-user if the software is safe, as if an end-user is in any way qualified or sufficiently informed to make that decision. Perhaps Google think ActiveX was such a long time ago that reality has changed.)

Nah, Norton was already in the "not up to job" category!

Are you new to Android? Pretty much every app asks for permissions that it doesn't appear to need. I've had an android phone for about a year and I've installed about 3 apps, and all of them asked for more permissions than seemed necessary.

The answer is only "common sense" if you don't want to install any apps.

Re: You don't need a malware scanner

Huh? Well, what about overlays and underlays? You click on "NO"/"GET ME OUTTA HERE", and you still click on yes, because the cursor was shifted, or shits so fast your eyes cannot detect the click-jacking or other subterfuge...

Time for Google to become draconian like Apple... not to eradicate but to COMPLICATE the lives or livelihood of crackers, thieves, or ANYone (spouses, cops, agents, too), etc.

Re: Fandroid radar kaput?

Ah wait - its not broken. Just picked up a massive cluster of them waiting to hijack the pending iPad 3 article comments...

Re: why not 100%

What about behavior heuristics? Devise rules, let the user tick mark them, and when an app attempts to violate it, collect forensics, send to fair trade bureaus, cops, and legislators, and have them hunt down the violators and VIOLATE their asses. Sometimes, it seems a good time to use state-sanctioned murder to rectify some of these problems. Problem is, law sometimes is toothless and cowardly when the real repercussion is that the violators go after legislators with a vengeance, leaving the sheep ever savaged/fleeced.

What I want to know is why the f*cking "DRM Protected Content Storage" has a PID and is using 22M-28M on my EVO.I don't cARE that it is sleeping or has a load of 0%.

I want removed from my phone:

nascar -- not interested, don't want to SEE the damned icon nor PID thread

amazon -- not interested; if I want to purchase, it will be rare...

nfl -- not interested, don't want to SEE the damned icon nor PID thread

blockbuster -- not interested, don't want to SEE the damned icon nor PID thread

nova -- not interested, don't want to SEE the damned icon nor PID thread

sprint football live -- not interested, don't want to SEE the damned icon nor PID thread

stocks -- not interested, don't want to SEE the damned icon nor PID thread

Re: I have never, on any platform,

You are wise to post anonymously. Up there, I also posted something mildly critical of antimalware software and am getting downvoted for it. I wonder why?

Re: I have never, on any platform,

You're probably getting downvotes from people who have used antimalware which did not result in an unacceptable drop in performance. I've never noticed a drop in performance except for when using Norton. I use Lookout on android, but you'd never know it just from looking at the speed of the device.

Re: Speaking as an iOS user...

So install Avast, and tick the box in the settings to also auto update the program itself, (the definitions will already be set to auto update).

After that point, if a new version of the app comes out, it will download and update in the background, and pops a little window up to let you know the program has been updated and here are the new features (if any), and if it needs to re-boot to finish, it asks if you want to do it now or later (and doesn't keep bugging you if you decline).

The only extra user input required after installation and initial registration is to re-reqister each 12 months. A pop up asks if you want to switch to the pro (paid for version) or continue with the free version. Click the Free button and it re-registers for another 12 months.

You're recommending the wrong thing.

>"With recommendations for AV software, I attempt to (metaphorically, of course) engrave upon their brains "UPDATE YOUR AV SOFTWARE" but do they do it?"

You should instead be recommending that they take great care it's set to auto-update when they install it. (And any time you're passing their PC and have a few moments to spare, you should sneakily check the options and make sure it's turned on.)

Computers automate things so that end-users don't have to remember to do them regularly. It's one of their strengths, you know. If you're telling them to manually update their AV, you're not giving them the right idea about what computers are for and how to get the most out of them at all.

keeping the system up-to-date

Ted, advise your users to install Ubuntu (or Mint, or similar) and tell them just to remember to press the red "security update" icon when it shows up as well as to install apps from the canonical repos only (i.e. using synaptic).

Otherwise, when dealing with Windows and AV you have to put up with "false positive" and "false negative" even when the said AV is fully up-to-date.

Re: How did this happen?!

It's possible that they bought into the Linux has no viruses/malware, therefore Linux is invulnerable to viruses/malware hype. You'd be amazed how fantastically intelligent engineers and scientists can get caught up in thought processes which they subconsciously want to be true. This is especially evident when they don't have too much expertise in the areas which they get into. A Windows developer would be painfully aware that you always run AV, no so with a long time Linux dev.

Still, I didn't think I'd see the day, but Google have proved that there is an active virus/malware market for Linux, if the userbase is there to make an attack worth while.

Re: How did this happen?!

Google didn't screw up. If an app has access to your contacts and to the internet then it can upload your contacts to the internet. Is that malware? Who knows, but if the user grants an app the permissions it needs to do those things then they must trust the app to behave nicely. Is it Google screwing up when a user doesn't bother to check the permissions or if the developer cons them? Google would be screwing up if it did not implement a permissions system, but it did. How it gets (mis)used is not down to them.