Android Mew-ware, I choose you: Code nasty poses as Pokemon GO Mind those downloads from non-official app stores: Android malware has been spotted posing as knockoff copies of the popular Pokemon GO game. According to a report from security biz Proofpoint, repackaged versions of the game have been found carrying a software nasty that grants remote-control access of infected devices to …
This claim makes no sense.
The game will need WiFi access to find out where pokemon are based on what the servers tell them. If theres no mobile signal a WiFi connection will be used. Also in the future there will be the ability to trade pokemon over bluetooth, so that's that explained.
As for webtracking thats probably because you can sign into the game with your trainer club login.
This to me at the moment smacks of some paid for fear mongering. The reason being with games like ingress there was a mass of people using mods and hacks to cheat at the game and rig the GPS settings making it possible to travel the world to hack towers without leaving your living room.
This game will be a big money maker once all the paid features are added. They will lose out if the games are hacked. (lucky patcher anyone?)
So, sorry i'm personally just not buying it. Even pc-advisor, macworld and numerous other sites are linking to reputable apk repositories for those of us that just can't wait. I've downloaded an APK and I can guarantee it's safe.
"The problem is the permission issue they say is an indicator that the APK is infected doesn't add up. Because all of those permissions are actually needed by the game."
So, this game's behaviors by default too closely resemble an attack vector? Okay, I know those permissions are really really needed to prevent cheating, but to make it fair, must you do a trust-fall in their general direction?
I would tend to agree. There is no APK that I can find online that does not request bluetooth permissions, and big sites are linking to APKMirror - which is offering an APK that requests bluetooth permissions.
eg
http://www.cnet.com/uk/how-to/how-to-get-the-pokemon-go-android-apk-right-now/
or
http://www.techradar.com/how-to/gaming/how-to-download-and-play-pokemon-go-right-now-1324484
Yep especially if its Pokemon GO. Just read a story about someone (who I assume legally purchased Pokemon) playing the game and was directed down to a stream (to get some water Pokemon or whatever) in the real world where she found a dead human body. Didn't say if the Pokemon was super imposed on top of it like I guess the game does.
The problem most users have is determining which unofficial app stores are safe and which are dangerous. In fact, in many cases it not obvious to IT pros, we just might be a little more suspicious of all unofficial stores.
I remember one column on security on http://www.dedoimedo.com/ which noted the biggest security problem user habits not the OS. One is constantly hunting down the latest release from unofficial sources, visiting dodgy sites, etc. will over time have more problems with any OS. Problems will occur sooner with some OSes than others.
Apparently the game has already been sending players into interesting places to collect things - http://www.standard.co.uk/news/uk/pok-mon-go-players-lured-into-sex-shop-a3294426.html
...or maybe *that* version already exists, and this is it. "Pog Mo Thoin Go", anyone?
Yes you clearly are luddites so you're comments that you are superior due to your failure to adopt new tech make you look Amish at best and plain stupid at worst.
I wish these people who just post to say we should have stopped the Internet in 1996 would die already. No one cares how clever you are, i can talk to my 1000 Facebook friends about how irrelevant your opinion is. The world moves on. Get over it.
why -- because when you track down some dodgy apk file on some porn site that your browser warns you about, you wouldn't be able to resist trying install it, and resist clicking through several screens of actions required and warnings? You need your phone to simply not be able to give you that choice?
Thank you for at least getting that out of the way in the first sentence - not that I was expecting this wasn't the case. Unless its a drive-by pwning or some big deal with the play store itself, is it about time that we can just skip this sort of useless "information" altogether? Come on guys, stoop a bit higher than the other sites.
Ok, so let me see if I understand this right they don't want to release the game in other regions because the servers can't cope with demand yet they have already mapped them out and made them available using GPS. Surely if they didn't want it in other regions they would just not let it work in those regions?
Any publicity is good publicity.
And it's making matters worse. If the unofficial APK was no good because there was no data outside the officially released regions, people wouldn't be using it. That would alleviate these worries of malware and reduce the strain on their servers.
Don't get me wrong, I play it here in the UK so I'm glad it works but nearly every pokestop and gym I've been to (these are the location points based on landmarks and public buildings) there have been several other players, even in my quiet little village. There must be tens of thousands of people playing it here in the UK alone. Given that it requires constant connection to the servers and uses GPS locations it would be trivial to disable it in unreleased regions.
It's almost as if they don't want to do that.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
