01-01-2011, 09:45 PM
|
#1 |
|
Retired & reading more!
  
Posts: 2,764
Karma: 1884247
Join Date: Sep 2006
Location: North Alabama, USA
Device: Kindle 1, iPad Air 2, iPhone 6S+, Kobo Aura One
|
Android malware reported on ZDNET
If you have rooted your NC you should take a look at the article on ZDNET entitled Android malware in the wild.
Looks like it probably won't affect most us us right now but wanted y'all to be aware. |
|
|
|
01-01-2011, 10:08 PM
|
#2 |
|
Enjoying the show....
Posts: 14,270
Karma: 10462843
Join Date: Jun 2008
Location: Arizona
Device: A K1, Kindle Paperwhite, an Ipod, IPad2, Iphone, an Ipad Mini & macAir
|
Hi Slayda! How have you been?
Long time no see! Thanks for the post. If I had anything "android" I'd be concerned... 
|
|
|
|
| Advert | |
|
|
|
01-01-2011, 10:18 PM
|
#3 |
|
Retired & reading more!
Posts: 2,764
Karma: 1884247
Join Date: Sep 2006
Location: North Alabama, USA
Device: Kindle 1, iPad Air 2, iPhone 6S+, Kobo Aura One
|
Hey, DG - missed you. Been reading & hurting. Weather's got my arthritis flared up. How are you & DH?
|
|
|
|
|
01-01-2011, 10:23 PM
|
#4 |
|
Shepherd
Posts: 313
Karma: 663
Join Date: Dec 2010
Device: Nook Color, LG Optimus V
|
Is there any seriously critical info stored on the device? I just reviewed the procedure for purchasing books at B&N using the NC, as well as purchasing apps in the Market, and from what I can tell, all credit card info is stored offsite (at the respective vendor).
|
|
|
|
|
01-01-2011, 10:42 PM
|
#5 |
|
Addict
Posts: 283
Karma: 2002
Join Date: Nov 2007
Device: Kindle3, Kindle2, Nook, NookColor
|
I gave this advice in the suggested app thread, but will repeat it here:
The official marketplace is really best. And you should always read comments before dowloading any app from there to make sure it isn't a rogue app. The iTunes app marketplace has a high degree of oversight from Apple, while the official Android marketplace has very little oversight. However, bad apps will eventually be removed when noticed by enough market users. If the app has a very low star rating, you probably don't want it (it is buggy, doesn't do what it claims, or is malicious). A good rule of thumb is to only use apps from the official market (don't install apk's directly) and only download if it has at least several hundred ratings and an average of 4 stars or more. Let other people guinea pig the newer apps if you are unsure.Please be careful out there, you could install an app that phishes for your passwords or that sends out spam from your device when you are connected to wifi. Check the ratings, read the comments, and, for the most part, stick to apps offered in the official market. If the app isn't offered in the market you should find out why and be satisfied with the answer (reasonable reasons (IMHO): it is opensource and there isn't a dev responsible who wants to send it through the market, it's a beta version offered by a dev with a good track record of other quality market apps, or a free trial version is there but the dev doesn't like the market terms for the pay version and reliable people vouch for the app). Here's some additional advice on choosing and installing apps on your device: Never enter a password into an app unless the app is from the company/website you have the password with. E.g. never enter your google/gmail password into an app unless it is published by google. The Android marketplace lists the developer for each app. Most quality web services (like google) have a way for you to authenticate external programs without giving your password. For Google, you only want to use apps that use Google's OAUTH service. I'll give an example: Memento -- a decent database application that allows you to sync your data with Google Docs/Picasaweb. When this app first came out, the developer had set it up so if you wanted to sync with Google Docs you had to enter your google password into it. This is not good. You don't know how the app is written -- it could send the password back to the developer. No way was I using this feature. I and others requested that the developer use Google's OAUTH method. It has since been implemented. Now to sync with Google Docs you tap a button in the app which launches a web browser to www.google.com where you tell google that the app is OK. The app never gets your password but you have the ability to have that app sync with your account -- and you can withdraw that ability at any time, through Google (*) If an app requires you to enter a password to a site not directly associated with the developer of that app, uninstall the app. Even if the app is strongly vouched for by other users, I still don't consider this safe. I never used the Memento syncing feature until OAUTH was implemented (the program is useful without the syncing feature). * To view and change apps/websites that you allowed OAUTH access to, visit your Google account settings: https://www.google.com/accounts/ManageAccount and click "Change authorized websites". Last edited by zartemis; 01-01-2011 at 10:48 PM. |
|
|
|
| Advert | |
|
|
|
01-02-2011, 12:34 AM
|
#6 |
|
Shepherd
Posts: 313
Karma: 663
Join Date: Dec 2010
Device: Nook Color, LG Optimus V
|
Thank you, Zartemiz, as always, good info.
|
|
|
|
|
01-02-2011, 09:05 PM
|
#7 |
|
Tech in training......
Posts: 5
Karma: 10
Join Date: Dec 2010
Location: NYC
Device: Nook Color
|
@Zartemkis, well said.......
|
|
|
|
 |
«
Previous Thread
|
Next Thread
»
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Replacement PP with pre-installed malware | bbqncigars | Astak EZReader | 4 | 06-03-2010 07:12 PM |
| Classic New ZDnet review | gigercounter | Barnes & Noble NOOK | 0 | 12-10-2009 02:02 AM |
| Cory Doctorow threatened by malware developer | MrSaint | Lounge | 4 | 01-31-2006 02:37 PM |
| Time of evil: a brief history of mobile malware | Colin Dunstan | Lounge | 0 | 01-14-2005 08:41 AM |
All times are GMT -4. The time now is 09:13 AM.