So I saw this news story posted and I couldn't really help myself....

http://qz.com/131436/contrary-to-wha...le-to-malware/

How could it be impenetrable to Malware? According to the definition of Malware on Wikipedia;

"Malware includes computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, rogue security software and other malicious programs; the majority of active malware threats are usually worms or trojans rather than viruses."

Considering almost all applications have some sort of advertisement in them, and that due to this they require a network connection, even if the application itself doesn't require it, I would mark that as malware.

Granted, I understand that even the N9 has such applications, and while I agree that developers of applications deserve to get paid, if they so desire to (I know a lot, especially in this community do it for fun, notoriety, out of sheer awesomeness, etc.), users of the applications don't generally deserve to get bombarded by advertisements. Look at Emumaster, you can get it for free, or you can buy it, both versions are the exact same, you just help further development by buying it. Or even get the man a beer!

In light of this discussion, it's always bothered me that the AP Mobile application that came with the N900 and N9 have advertisements embedded in them. I've tried getting rid of them with the hosts file, but no such luck. Is there a better alternative, or a way to get rid of these? I stopped watching TV 'cause I'm tired of advertisements filling up everything I do. If I want products, I'll shop for products.

slaapliedje

Calling build-in ads adware is wordplay. It's a feature of the system - and many of us here would probably agree that to some extent it is an unethical feature, but that's a separate issue. And you could even probably argue that it's wordplay in the correct direction (i.e. that malware should include the built-in platform-integrated ads), but that's also besides the point, because the article in question clearly operates under a different meaning of 'malware' in its context.

Anyway, that said, it's besides the point. There's still malware, even besides the forced ads, that can happen, just as on any system. What I found most annoying is that Android (and its userbase) continues to act as if the app-permissions system is somehow a layer of security. Sure, in a way it is, in a way that having the option between not mountain climbing and mountain climbing in extreme conditions with no extra gear can be considered a layer of safety. Like half the apps that have ever seemed remotely useful on Android request like half of the permissions available in my experience. At least Blackberry, to their credit, had the good sense for a long time now to make every app permission for every app independently toggled on/off by the user. As is, on Android, it's an all or nothing approach to permissions, which means most people are going to accept everything and anything because that's what you have to acquiesce to get anything...

I bring this up largely because it's quite likely that the 'statistics' or whatever quoted by the cited Google person is, to be frank, quite possibly dismissing all cases of software that misuses the permissions it is granted as not being malware, the same way it doesn't occur to them to define the force ads as malware. So for all we know, hundreds of apps that yank your contact info and send it off to a home server somewhere, for example, don't count as malware because they mention they need the access-contacts and network permissions. *Shrug*

And that's exactly it! The permissions issues is similar to someone who just downloads something in Linux, it doesn't work, so they just blindly do 'chmod -R 777 *' works now, doesn't it? And yes, I work with programmers that do that ALL the time!

Or in windows land, the equivalent of right clicking and selecting 'run as administrator' on everything.

Android is all about 'accepted malware' (built in ads) and 'unaccepted malware' (crap downloaded from some Russian site that has god knows what in it).

On a side note, I had an argument with a co-worker today about making sure you download things (in this case it was firefox) from their official site, and not any old link that pops up on Google. He said, and I quote (well from memory) "If mozilla-firefox.ez-download.com is the top link, then I doubt there are any issues with it." He was saying after a client had downloaded it that he had to tell her to uncheck the toolbars and such that the installer wanted to install... I had kind of freaked out because I was pretty sure Mozilla hadn't sunk that low to bundle crapware with their installer. Sure enough after I had him test it in his Windows 7 VM (we're the Linux administrators, yet he's really... odd) there was no crapware during the installation.

Then he went on to say that he's sure of himself that there were no viruses in that download for the client... Then I had to tell him of articles I've seen where indeed there had been software out there that had been changed in such a way. He had asked me where I go to download putty. "Official site, of course. I don't go anywhere else unless I have to!"

Ugh... sorry, had to vent. If even someone who is supposed to be a Linux administrator has to have it explained to him that you only get things from official sources, how bad is it in the Android world where someone just looks up 'fart app' on google.com and finds some Chinese place that says "Free Fart Apps!" and figures it's all good?

slaapliedje