You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Security
- Thread starter easy24q
- Start date
Sexy Male Stripper L
New member
Interesting news on the front page of that site - thanks for sharing. Wish they had an RSS feed of it though.
babycheeks(=
New member
Oh come on. this is definitely spam.
I pondered that, and it sort of is... but it's "relevant spam". The site does provide interesting security information, even if it has an ulterior motive of driving the sale of their security software. They have free versions of their apps on their site, and a paid fully featured version of one of their apps. The free apps are useful.
vincent_scott36
New member
Which app did you think was useful?
Shadow of my soul.
New member
The free version of their antivirus software prevents installation of a whole load of known malicious android apps, can filter/block spam SMS messages by content or number, prevent the SMS exploit that can disable your SIM card (this was patched in Android 1.6, but many people are still on 1.5). I don't know of anything else like that on the Market.
Their CheckMate app rates applications by their security level, as opposed to user opinion on the Market. Some people might find that information useful.
I didn't look at the AntiVirus Pro.
Their FindR app, while paid, also looks useful as it allows you to remote wipe your phone if it's stolen. I don't know of a free app that can do this. Other than that it offers features covered by other free apps on the Market (such as locating your phone via GPS).
I'm not saying the post isn't a blatant attempt to get more people buying their paid apps. Such posts are usually spam. However, this one at least contains interesting, useful, and relevant information on their front page. At least the apps are actually for Android (many spam posts are for iPhone apps), and at least they offer free apps which have some use.
Their CheckMate app rates applications by their security level, as opposed to user opinion on the Market. Some people might find that information useful.
I didn't look at the AntiVirus Pro.
Their FindR app, while paid, also looks useful as it allows you to remote wipe your phone if it's stolen. I don't know of a free app that can do this. Other than that it offers features covered by other free apps on the Market (such as locating your phone via GPS).
I'm not saying the post isn't a blatant attempt to get more people buying their paid apps. Such posts are usually spam. However, this one at least contains interesting, useful, and relevant information on their front page. At least the apps are actually for Android (many spam posts are for iPhone apps), and at least they offer free apps which have some use.
FeeSoSpaucked
New member
Ah, thanks for the explanation.
Still.... mind elaborating on the SMS exploit? I've heard of the iPhone one but I'm pretty sure the mobile carriers filter for it. I Googled a bit but didnt find much useful info.
Also, Wavesecure can do what FindR does, though everyone is entitled to their own opinion on that one so I dont begrudge them that app.
The thing that really makes me scratch my head though: why would anyone trust a security company that resorts to spamming? I'm having a hard time believing that these apps do much at all, but hard to say I guess. Though you certainly seem to know what your talking about, but they look extremely shady...
If you look at their "in the news" page too, it's all press releases and nothing where they are actually in the news.
You know, when I wrote that guide on Android safety and spoke of how the community is the best antivirus app anyone can have, the truth is, the community is only as good as the opinions they can express. They need to be allowed to freely express opinions on this kind of spam and that has to include very negative opinions to work.
If the mods of these message boards are more interested in making sure everyone is polite, then I'd imagine you will see more and more posts like this. And I guess I'm not sure the value in being polite to a spam bot just because it got the topic of conversation correct.
Anyways, sorry for the meta tangent, appreciate the response
Still.... mind elaborating on the SMS exploit? I've heard of the iPhone one but I'm pretty sure the mobile carriers filter for it. I Googled a bit but didnt find much useful info.
Also, Wavesecure can do what FindR does, though everyone is entitled to their own opinion on that one so I dont begrudge them that app.
The thing that really makes me scratch my head though: why would anyone trust a security company that resorts to spamming? I'm having a hard time believing that these apps do much at all, but hard to say I guess. Though you certainly seem to know what your talking about, but they look extremely shady...
If you look at their "in the news" page too, it's all press releases and nothing where they are actually in the news.
You know, when I wrote that guide on Android safety and spoke of how the community is the best antivirus app anyone can have, the truth is, the community is only as good as the opinions they can express. They need to be allowed to freely express opinions on this kind of spam and that has to include very negative opinions to work.
If the mods of these message boards are more interested in making sure everyone is polite, then I'd imagine you will see more and more posts like this. And I guess I'm not sure the value in being polite to a spam bot just because it got the topic of conversation correct.
Anyways, sorry for the meta tangent, appreciate the response
green planet
New member
I quite agree - spamming an advert on a forum does not sit well with with me either. It stinks of desperation. People who run spam bots or post spam generally go hand in hand with the people who run malicious websites, phishing scams, etc. These are the very type people they're supposedly trying to protect us from with their security applications. As such, I'm also suspicious, and I certainly don't endorse or promote any of their products. Nor do I agree with advertising applications through spamming like this - we have an apps forum specifically for developers to promote their applications. We also have an apps directory, and application support forums for developers to help their users.
However, I did find the stuff on the page they linked interesting. I've worked in the area of internet security for several years, so it caught my attention and seems genuine.
If you want to know how the SMS vulnerability was found (it affects iPhone, Android, and WinMo if I remember correctly), you can read the research paper on it here: http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf
In short though, the researchers added an injector layer above the bottom of the telephony stack which allowed them to intercept and inject information between the modem and multiplexor. Thus they could send/receive anything between the two a bit like a man-in-the-middle attack, and simulating the sending/receiving of SMS messages without actually sending any (and costing them money). Once you have that in place you can send random data, millions of times a second, and see what happens. Eventually unexpected data like that causes something abnormal to happen. You can then study this.
Have a look at section 6.2 in that PDF I linked... it says:
I don't even know if it's fixed on the iPhone... According to one website which mentions this exploit, "Apple did not respond to a request to confirm reports that it is working on a fix for the iPhone vulnerabilities. Google confirmed that the Android issue has been patched.".
I know that this was patched in Android 1.6, but I don't know which release/patch of it (the UK, for example, got 1.6 then a security patch later).
However, I did find the stuff on the page they linked interesting. I've worked in the area of internet security for several years, so it caught my attention and seems genuine.
If you want to know how the SMS vulnerability was found (it affects iPhone, Android, and WinMo if I remember correctly), you can read the research paper on it here: http://www.blackhat.com/presentations/bh-usa-09/MILLER/BHUSA09-Miller-FuzzingPhone-PAPER.pdf
In short though, the researchers added an injector layer above the bottom of the telephony stack which allowed them to intercept and inject information between the modem and multiplexor. Thus they could send/receive anything between the two a bit like a man-in-the-middle attack, and simulating the sending/receiving of SMS messages without actually sending any (and costing them money). Once you have that in place you can send random data, millions of times a second, and see what happens. Eventually unexpected data like that causes something abnormal to happen. You can then study this.
Have a look at section 6.2 in that PDF I linked... it says:
I don't even know if it's fixed on the iPhone... According to one website which mentions this exploit, "Apple did not respond to a request to confirm reports that it is working on a fix for the iPhone vulnerabilities. Google confirmed that the Android issue has been patched.".
I know that this was patched in Android 1.6, but I don't know which release/patch of it (the UK, for example, got 1.6 then a security patch later).
lilmissinsanity
New member
So what do you guys think is it just a bunch of advert info or any usable stuff?
Please don't think I posted this as Spam, I'm just try to find some good sites on android security.
Please don't think I posted this as Spam, I'm just try to find some good sites on android security.
Dashkhuu K
New member
I think the information on the page you linked is very good.
Unfortunately, as this was your first post, and as it was a link to a website offering commercial products, it also really looked like spam to us. Most "spam bots" make an account, and post a link to a page, and you never see them again.
Unfortunately, as this was your first post, and as it was a link to a website offering commercial products, it also really looked like spam to us. Most "spam bots" make an account, and post a link to a page, and you never see them again.
koolkid1095
New member
Yes don't Looks to Bad and have some Information
ROBYN MARIE
New member
I'll delete that. You know if you want to report spam there's a button for it at the top right of everyone's posts (looks like a red triangle with a ! in it).
I really apologize if it appeared that way and I understand completely what you mean. I should have thought before I posted and ask if you knew of any good sites instead of posting the link. The gaming forums I'm on have the same rules and issues with spammers.
Again thanks for helping me determine if the info was valid and if you have any good sites on Android security please feel free to pm me.
Again thanks for helping me determine if the info was valid and if you have any good sites on Android security please feel free to pm me.
Honestly I still think that site was mostly junk, but if you really want to learn about security I think forums like these are good places to learn. Why not post a new thread with specific questions? There are lots of nice and smart people in these forums (as evidenced by extorian's great explanation of the SMS exploit).
Anyways, welcome to AC, sorry for confusing you with a bot
Anyways, welcome to AC, sorry for confusing you with a bot